Examples of Protecting Content using JavaScript Object Signing and Encryption (JOSE)
draft-ietf-jose-cookbook-00
The information below is for an old version of the document.
Document | Type |
This is an older version of an Internet-Draft that was ultimately published as RFC 7520.
|
|
---|---|---|---|
Author | Matthew A. Miller | ||
Last updated | 2013-12-05 | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Formats | |||
Reviews | |||
Additional resources | Mailing list discussion | ||
Stream | WG state | WG Document | |
Document shepherd | (None) | ||
IESG | IESG state | Became RFC 7520 (Informational) | |
Consensus boilerplate | Unknown | ||
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
draft-ietf-jose-cookbook-00
quot;-fcIsKguXqJTTsWdHbJ4iRY_xARz9O_JdAxVEJnrxo7sJRbkwH mwlMi4AxCVzG_I", "y": "JcuN_3pD0dbTjry07BoFoJ-_W-SumUHH9XIAvXkKeFkJV4s5GM CwXwxtgkNeZ32T" } } Figure 178: Recipient #2 JWE Header JSON The following is the assembled second recipient JSON: { "encrypted_key": "Dd1kQYNhhSIlKEAyE9UYhjtUBGahteiYVnRUg_tWf8S9VJZKL_8YOw", "header": { "alg": "ECDH-ES+A256KW", "kid": "peregrin.took@tuckborough.example", "epk": { "kty": "EC", "crv": "P-384", "x": "-fcIsKguXqJTTsWdHbJ4iRY_xARz9O_JdAxVEJnrxo7sJRbk wHmwlMi4AxCVzG_I", "y": "JcuN_3pD0dbTjry07BoFoJ-_W-SumUHH9XIAvXkKeFkJV4s5 GMCwXwxtgkNeZ32T" } } } Figure 179: Recipient #2 JSON 4.13.5. Encrypting the Key to the Third Recipient Miller Expires June 7, 2014 [Page 76] Internet-Draft JOSE Cookbook December 2013 The following are generated before encrypting the CEK for the third recipient: o Initialization vector/nonce for key wrapping; this example uses the initialization vector/nonce from {{jwe-multi-kwiv_3} kZtitxRDXfzCS6ZK Figure 180 Performing the "A256GCMKW" key encryption operation over the CEK (Figure 171) with the following: o AES symmetric key (Figure 113; and o Initialization vector/nonce ((Figure 180 produces the following: o Encrypted key from Figure 181. o Key wrap authentication tag from Figure 182 iiVL4XCDCnsWCSZCTysGxl41vdnJqIThbumNa9wSQBo Figure 181: Recipient #3 Encrypted Key, base64url-encoded DOVpODvbotRWOHEqTRcXkg Figure 182: Recipient #3 Encrypted Key, base64url-encoded The following are generated after encrypting the CEK for the third recipient: o Recipient JWE header; this example uses the header from Figure 183. { "alg": "A256GCMKW", "kid": "18ec08e1-bfa9-4d95-b205-2b4dd1d4321d", "tag": "DOVpODvbotRWOHEqTRcXkg", "iv": "kZtitxRDXfzCS6ZK" } Figure 183: Recipient #3 JWE Header JSON The following is the assembled third recipient JSON: Miller Expires June 7, 2014 [Page 77] Internet-Draft JOSE Cookbook December 2013 { "encrypted_key": "DOVpODvbotRWOHEqTRcXkg", "header": { "alg": "A256GCMKW", "kid": "18ec08e1-bfa9-4d95-b205-2b4dd1d4321d", "tag": "DOVpODvbotRWOHEqTRcXkg", "iv": "kZtitxRDXfzCS6ZK" } Figure 184: Recipient #3 JSON 4.13.6. Encrypting the Content The following are generated before encrypting the content: o Protected JWE Header; this example uses the header from Figure 185, encoded to [RFC4648] base64url as Figure 186. { "enc": "A128GCM" } Figure 185: Protected JWE Header JSON eyJlbmMiOiJBMTI4R0NNIn0 Figure 186: Protected JWE Header, base64url-encoded Performing the content encryption operation over the Plaintext (Figure 51) with the following: o CEK (Figure 171), o Initialization vector/nonce (Figure 172), and o Protected JWE header (Figure 186) as the authenticated data produces the following: o Ciphertext from Figure 187 o Authentication tag from Figure 188 aG6vvrUIPIE5AunujYfPvgO1ypah6leCfYeW721swK9Nr8ERrKJn-HFkEkcx2r HnLgp33hKX6jPBWlSwilwGl2e2xg3SxQiA9OYncXBkpUcUK4KoIg7qCvtTsVFp sVRJYTBDqpGuecYdYOeZPWUuB1vX4jrCFIpHh3BIraAE6iTxdmxhHP-OXGZQpU N4Y2qcromUQP2jSreVGp2Gn9b4bWELfLny4WqRVmB_bySnyUxdglzGAQEse7s_ Miller Expires June 7, 2014 [Page 78] Internet-Draft JOSE Cookbook December 2013 o1s_6i1fOZnB5WzcoNo2aTZIKWLjJ347XL95KcF9aYwMAZSi7N4n41Zs2Yaa8- u07LpV9fQ7ubDQj1fQ4clpxPv_IDbHJ3tgdlH2lWSHwZADwgpIOA Figure 187: Ciphertext, base64url-encoded ESZx8edqbU4osp8P8H0a5Q Figure 188: Authentication Tag, base64url-encoded The following is generated after encrypting the plaintext: o Unprotected JWE header parameters; this example uses the header from Figure 189. { "cty": "text/plain" } Figure 189: Unprotected JWE Header JSON 4.13.7. Output Results The following compose the resulting JWE object: o Recipient #1 JSON (Figure 175) o Recipient #2 JSON (Figure 179) o Recipient #3 JSON (Figure 184) o Initialization vector/nonce (Figure 172) o Ciphertext (Figure 187) o Authentication tag (Figure 188) The resulting JWE object using the JSON serialization: { "recipients": [ { "encrypted_key": "EBbDunXtz-j0Gn0q4c9vtueHlb0E-oBkSMno9PUg8eR7Y5T71aU9t 0JkvxtKiOxibNkeeUSYPLPGvxslWAYgmqYW--uP_R64hQFp2fcB5M nyQ69GBkMU6Poie-CtQ2y9Z3Mv9-NMbT7LO99A_2EUEXuxzGnHYSf tk7KKjyw38LBuvSOVdokkHWMP4pVLeUJB1ovbT4M1j3pxUzyM2426 sD6LfjorQhY8vsChyDaFST0Oe8uBvcRyA5mabEyRYlUet8PRH_CjI NMipv7LCDRsKVnr3oHwZEfCJFGNC-w_-Qn4xcmkmxyaz1-kZEpS_t Miller Expires June 7, 2014 [Page 79] Internet-Draft JOSE Cookbook December 2013 2kWJsFqx3mg7QAXJBxdGmy6A", "header": { "alg": "RSA1_5", "kid": "frodo.baggins@hobbiton.example" } }, { "encrypted_key": "Dd1kQYNhhSIlKEAyE9UYhjtUBGahteiYVnRUg_tWf8S9VJZKL_8YO w", "header": { "alg": "ECDH-ES+A256KW", "kid": "peregrin.took@tuckborough.example", "epk": { "kty": "EC", "crv": "P-384", "x": "-fcIsKguXqJTTsWdHbJ4iRY_xARz9O_JdAxVEJnrxo7sJRbkw HmwlMi4AxCVzG_I", "y": "JcuN_3pD0dbTjry07BoFoJ-_W-SumUHH9XIAvXkKeFkJV4s5G MCwXwxtgkNeZ32T" } } }, { "encrypted_key": "iiVL4XCDCnsWCSZCTysGxl41vdnJqIThbumNa9wSQBo", "header": { "alg": "A256GCMKW", "kid": "18ec08e1-bfa9-4d95-b205-2b4dd1d4321d", "tag": "DOVpODvbotRWOHEqTRcXkg", "iv": "kZtitxRDXfzCS6ZK" } } ], "protected": "eyJlbmMiOiJBMTI4R0NNIn0", "unprotected": { "cty": "text/plain" }, "iv": "nY-xFgdef1LrsU7u", "ciphertext": "aG6vvrUIPIE5AunujYfPvgO1ypah6leCfYeW721swK9Nr8ERrKJn-HFkE kcx2rHnLgp33hKX6jPBWlSwilwGl2e2xg3SxQiA9OYncXBkpUcUK4KoIg 7qCvtTsVFpsVRJYTBDqpGuecYdYOeZPWUuB1vX4jrCFIpHh3BIraAE6iT xdmxhHP-OXGZQpUN4Y2qcromUQP2jSreVGp2Gn9b4bWELfLny4WqRVmB_ bySnyUxdglzGAQEse7s_o1s_6i1fOZnB5WzcoNo2aTZIKWLjJ347XL95K Miller Expires June 7, 2014 [Page 80] Internet-Draft JOSE Cookbook December 2013 cF9aYwMAZSi7N4n41Zs2Yaa8-u07LpV9fQ7ubDQj1fQ4clpxPv_IDbHJ3 tgdlH2lWSHwZADwgpIOA", "tag": "ESZx8edqbU4osp8P8H0a5Q" } Figure 190: JSON Serialization 5. Security Considerations This document introduces no new security considerations over those stated in [I-D.ietf-jose-json-web-algorithms], [I-D.ietf-jose-json-web-encryption], [I-D.ietf-jose-json-web-key], and [I-D.ietf-jose-json-web-signature]. 6. IANA Considerations This document has no actions for IANA. 7. Informative References [I-D.ietf-jcardcal-jcard] Kewisch, P., "jCard: The JSON format for vCard", draft- ietf-jcardcal-jcard-07 (work in progress), October 2013. [I-D.ietf-jose-json-web-algorithms] Jones, M., "JSON Web Algorithms (JWA)", draft-ietf-jose- json-web-algorithms-18 (work in progress), November 2013. [I-D.ietf-jose-json-web-encryption] Jones, M., Rescorla, E., and J. Hildebrand, "JSON Web Encryption (JWE)", draft-ietf-jose-json-web-encryption-18 (work in progress), November 2013. [I-D.ietf-jose-json-web-key] Jones, M., "JSON Web Key (JWK)", draft-ietf-jose-json-web- key-18 (work in progress), November 2013. [I-D.ietf-jose-json-web-signature] Jones, M., Bradley, J., and N. Sakimura, "JSON Web Signature (JWS)", draft-ietf-jose-json-web-signature-18 (work in progress), November 2013. [RFC1951] Deutsch, P., "DEFLATE Compressed Data Format Specification version 1.3", RFC 1951, May 1996. [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data Encodings", RFC 4648, October 2006. Miller Expires June 7, 2014 [Page 81] Internet-Draft JOSE Cookbook December 2013 Appendix A. Acknowledgements All of the examples herein use quotes and character names found in the novels "The Hobbit"; "The Fellowship of the Ring"; "The Two Towers"; and "Return of the King", written by J. R. R. Tolkien. Thanks to Richard Barnes and Jim Schaad for providing for their input on the outline for this document. Author's Address Matthew Miller Cisco Systems, Inc. 1899 Wynkoop Street, Suite 600 Denver, CO 80202 USA Phone: +1-303-308-3204 Email: mamille2@cisco.com Miller Expires June 7, 2014 [Page 82]