Correction: I can get the DRV.3 interop test to work. It has the same lack of padding problem as DRV.1. -- James Manger From: Manger, James H Sent: Wednesday, 19 June 2013 6:03 PM To: 'public-xmlsec@w3.org' Cc: 'public-xmlsec-discuss@w3.org'; 'frederick.hirsch@nokia.com' Subject: ConcatKDF in xmlenc-core1: ambiguous concatenation ... On a related note, I think there is a mistake in the interop test DRV.1 for ConcatKDF at http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core1-interop/Overview.html. The plaintext is not padded before it is encrypted (or the plaintext is 312 bytes, not the stated 320 bytes). 320 bytes of plaintext -> 1 block for IV + 20 blocks of plaintext + 1 block padding -> 352 bytes of ciphertext -> 470 base64 chars However the <xenc:CipherValue> element has only 448 base64 chars. http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core1-interop/files/microsoft/dkey-example-ConcatKDF-crypto.xml I cannot get the interop test DRV.3 to work either. Is the shared secret key really supposed to be 2176 bits long? http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core1-interop/files/ibm/secret.concat.kdf -- James Manger (Telstra)
Received on Wednesday, 19 June 2013 08:07:56 UTC