Examples of Protecting Content using JavaScript Object Signing and Encryption (JOSE)
draft-ietf-jose-cookbook-00
The information below is for an old version of the document.
| Document | Type |
This is an older version of an Internet-Draft that was ultimately published as RFC 7520.
|
|
|---|---|---|---|
| Author | Matthew A. Miller | ||
| Last updated | 2013-12-05 | ||
| RFC stream | Internet Engineering Task Force (IETF) | ||
| Formats | |||
| Reviews | |||
| Additional resources | Mailing list discussion | ||
| Stream | WG state | WG Document | |
| Document shepherd | (None) | ||
| IESG | IESG state | Became RFC 7520 (Informational) | |
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
draft-ietf-jose-cookbook-00
quot;-fcIsKguXqJTTsWdHbJ4iRY_xARz9O_JdAxVEJnrxo7sJRbkwH
mwlMi4AxCVzG_I",
"y": "JcuN_3pD0dbTjry07BoFoJ-_W-SumUHH9XIAvXkKeFkJV4s5GM
CwXwxtgkNeZ32T"
}
}
Figure 178: Recipient #2 JWE Header JSON
The following is the assembled second recipient JSON:
{
"encrypted_key":
"Dd1kQYNhhSIlKEAyE9UYhjtUBGahteiYVnRUg_tWf8S9VJZKL_8YOw",
"header": {
"alg": "ECDH-ES+A256KW",
"kid": "peregrin.took@tuckborough.example",
"epk": {
"kty": "EC",
"crv": "P-384",
"x": "-fcIsKguXqJTTsWdHbJ4iRY_xARz9O_JdAxVEJnrxo7sJRbk
wHmwlMi4AxCVzG_I",
"y": "JcuN_3pD0dbTjry07BoFoJ-_W-SumUHH9XIAvXkKeFkJV4s5
GMCwXwxtgkNeZ32T"
}
}
}
Figure 179: Recipient #2 JSON
4.13.5. Encrypting the Key to the Third Recipient
Miller Expires June 7, 2014 [Page 76]
Internet-Draft JOSE Cookbook December 2013
The following are generated before encrypting the CEK for the third
recipient:
o Initialization vector/nonce for key wrapping; this example uses
the initialization vector/nonce from {{jwe-multi-kwiv_3}
kZtitxRDXfzCS6ZK
Figure 180
Performing the "A256GCMKW" key encryption operation over the CEK
(Figure 171) with the following:
o AES symmetric key (Figure 113; and
o Initialization vector/nonce ((Figure 180
produces the following:
o Encrypted key from Figure 181.
o Key wrap authentication tag from Figure 182
iiVL4XCDCnsWCSZCTysGxl41vdnJqIThbumNa9wSQBo
Figure 181: Recipient #3 Encrypted Key, base64url-encoded
DOVpODvbotRWOHEqTRcXkg
Figure 182: Recipient #3 Encrypted Key, base64url-encoded
The following are generated after encrypting the CEK for the third
recipient:
o Recipient JWE header; this example uses the header from Figure
183.
{
"alg": "A256GCMKW",
"kid": "18ec08e1-bfa9-4d95-b205-2b4dd1d4321d",
"tag": "DOVpODvbotRWOHEqTRcXkg",
"iv": "kZtitxRDXfzCS6ZK"
}
Figure 183: Recipient #3 JWE Header JSON
The following is the assembled third recipient JSON:
Miller Expires June 7, 2014 [Page 77]
Internet-Draft JOSE Cookbook December 2013
{
"encrypted_key":
"DOVpODvbotRWOHEqTRcXkg",
"header": {
"alg": "A256GCMKW",
"kid": "18ec08e1-bfa9-4d95-b205-2b4dd1d4321d",
"tag": "DOVpODvbotRWOHEqTRcXkg",
"iv": "kZtitxRDXfzCS6ZK"
}
Figure 184: Recipient #3 JSON
4.13.6. Encrypting the Content
The following are generated before encrypting the content:
o Protected JWE Header; this example uses the header from Figure
185, encoded to [RFC4648] base64url as Figure 186.
{
"enc": "A128GCM"
}
Figure 185: Protected JWE Header JSON
eyJlbmMiOiJBMTI4R0NNIn0
Figure 186: Protected JWE Header, base64url-encoded
Performing the content encryption operation over the Plaintext
(Figure 51) with the following:
o CEK (Figure 171),
o Initialization vector/nonce (Figure 172), and
o Protected JWE header (Figure 186) as the authenticated data
produces the following:
o Ciphertext from Figure 187
o Authentication tag from Figure 188
aG6vvrUIPIE5AunujYfPvgO1ypah6leCfYeW721swK9Nr8ERrKJn-HFkEkcx2r
HnLgp33hKX6jPBWlSwilwGl2e2xg3SxQiA9OYncXBkpUcUK4KoIg7qCvtTsVFp
sVRJYTBDqpGuecYdYOeZPWUuB1vX4jrCFIpHh3BIraAE6iTxdmxhHP-OXGZQpU
N4Y2qcromUQP2jSreVGp2Gn9b4bWELfLny4WqRVmB_bySnyUxdglzGAQEse7s_
Miller Expires June 7, 2014 [Page 78]
Internet-Draft JOSE Cookbook December 2013
o1s_6i1fOZnB5WzcoNo2aTZIKWLjJ347XL95KcF9aYwMAZSi7N4n41Zs2Yaa8-
u07LpV9fQ7ubDQj1fQ4clpxPv_IDbHJ3tgdlH2lWSHwZADwgpIOA
Figure 187: Ciphertext, base64url-encoded
ESZx8edqbU4osp8P8H0a5Q
Figure 188: Authentication Tag, base64url-encoded
The following is generated after encrypting the plaintext:
o Unprotected JWE header parameters; this example uses the header
from Figure 189.
{
"cty": "text/plain"
}
Figure 189: Unprotected JWE Header JSON
4.13.7. Output Results
The following compose the resulting JWE object:
o Recipient #1 JSON (Figure 175)
o Recipient #2 JSON (Figure 179)
o Recipient #3 JSON (Figure 184)
o Initialization vector/nonce (Figure 172)
o Ciphertext (Figure 187)
o Authentication tag (Figure 188)
The resulting JWE object using the JSON serialization:
{
"recipients": [
{
"encrypted_key":
"EBbDunXtz-j0Gn0q4c9vtueHlb0E-oBkSMno9PUg8eR7Y5T71aU9t
0JkvxtKiOxibNkeeUSYPLPGvxslWAYgmqYW--uP_R64hQFp2fcB5M
nyQ69GBkMU6Poie-CtQ2y9Z3Mv9-NMbT7LO99A_2EUEXuxzGnHYSf
tk7KKjyw38LBuvSOVdokkHWMP4pVLeUJB1ovbT4M1j3pxUzyM2426
sD6LfjorQhY8vsChyDaFST0Oe8uBvcRyA5mabEyRYlUet8PRH_CjI
NMipv7LCDRsKVnr3oHwZEfCJFGNC-w_-Qn4xcmkmxyaz1-kZEpS_t
Miller Expires June 7, 2014 [Page 79]
Internet-Draft JOSE Cookbook December 2013
2kWJsFqx3mg7QAXJBxdGmy6A",
"header": {
"alg": "RSA1_5",
"kid": "frodo.baggins@hobbiton.example"
}
},
{
"encrypted_key":
"Dd1kQYNhhSIlKEAyE9UYhjtUBGahteiYVnRUg_tWf8S9VJZKL_8YO
w",
"header": {
"alg": "ECDH-ES+A256KW",
"kid": "peregrin.took@tuckborough.example",
"epk": {
"kty": "EC",
"crv": "P-384",
"x":
"-fcIsKguXqJTTsWdHbJ4iRY_xARz9O_JdAxVEJnrxo7sJRbkw
HmwlMi4AxCVzG_I",
"y":
"JcuN_3pD0dbTjry07BoFoJ-_W-SumUHH9XIAvXkKeFkJV4s5G
MCwXwxtgkNeZ32T"
}
}
},
{
"encrypted_key":
"iiVL4XCDCnsWCSZCTysGxl41vdnJqIThbumNa9wSQBo",
"header": {
"alg": "A256GCMKW",
"kid": "18ec08e1-bfa9-4d95-b205-2b4dd1d4321d",
"tag": "DOVpODvbotRWOHEqTRcXkg",
"iv": "kZtitxRDXfzCS6ZK"
}
}
],
"protected": "eyJlbmMiOiJBMTI4R0NNIn0",
"unprotected": {
"cty": "text/plain"
},
"iv":
"nY-xFgdef1LrsU7u",
"ciphertext":
"aG6vvrUIPIE5AunujYfPvgO1ypah6leCfYeW721swK9Nr8ERrKJn-HFkE
kcx2rHnLgp33hKX6jPBWlSwilwGl2e2xg3SxQiA9OYncXBkpUcUK4KoIg
7qCvtTsVFpsVRJYTBDqpGuecYdYOeZPWUuB1vX4jrCFIpHh3BIraAE6iT
xdmxhHP-OXGZQpUN4Y2qcromUQP2jSreVGp2Gn9b4bWELfLny4WqRVmB_
bySnyUxdglzGAQEse7s_o1s_6i1fOZnB5WzcoNo2aTZIKWLjJ347XL95K
Miller Expires June 7, 2014 [Page 80]
Internet-Draft JOSE Cookbook December 2013
cF9aYwMAZSi7N4n41Zs2Yaa8-u07LpV9fQ7ubDQj1fQ4clpxPv_IDbHJ3
tgdlH2lWSHwZADwgpIOA",
"tag":
"ESZx8edqbU4osp8P8H0a5Q"
}
Figure 190: JSON Serialization
5. Security Considerations
This document introduces no new security considerations over those
stated in [I-D.ietf-jose-json-web-algorithms],
[I-D.ietf-jose-json-web-encryption], [I-D.ietf-jose-json-web-key],
and [I-D.ietf-jose-json-web-signature].
6. IANA Considerations
This document has no actions for IANA.
7. Informative References
[I-D.ietf-jcardcal-jcard]
Kewisch, P., "jCard: The JSON format for vCard", draft-
ietf-jcardcal-jcard-07 (work in progress), October 2013.
[I-D.ietf-jose-json-web-algorithms]
Jones, M., "JSON Web Algorithms (JWA)", draft-ietf-jose-
json-web-algorithms-18 (work in progress), November 2013.
[I-D.ietf-jose-json-web-encryption]
Jones, M., Rescorla, E., and J. Hildebrand, "JSON Web
Encryption (JWE)", draft-ietf-jose-json-web-encryption-18
(work in progress), November 2013.
[I-D.ietf-jose-json-web-key]
Jones, M., "JSON Web Key (JWK)", draft-ietf-jose-json-web-
key-18 (work in progress), November 2013.
[I-D.ietf-jose-json-web-signature]
Jones, M., Bradley, J., and N. Sakimura, "JSON Web
Signature (JWS)", draft-ietf-jose-json-web-signature-18
(work in progress), November 2013.
[RFC1951] Deutsch, P., "DEFLATE Compressed Data Format Specification
version 1.3", RFC 1951, May 1996.
[RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data
Encodings", RFC 4648, October 2006.
Miller Expires June 7, 2014 [Page 81]
Internet-Draft JOSE Cookbook December 2013
Appendix A. Acknowledgements
All of the examples herein use quotes and character names found in
the novels "The Hobbit"; "The Fellowship of the Ring"; "The Two
Towers"; and "Return of the King", written by J. R. R. Tolkien.
Thanks to Richard Barnes and Jim Schaad for providing for their input
on the outline for this document.
Author's Address
Matthew Miller
Cisco Systems, Inc.
1899 Wynkoop Street, Suite 600
Denver, CO 80202
USA
Phone: +1-303-308-3204
Email: mamille2@cisco.com
Miller Expires June 7, 2014 [Page 82]