Re: Encryption simplification

> That said, doesn't have Crypto-Key a similar problem (in that you might 
> not now what applied encryption content codings it applies to)?

| keyid:
|     The “keyid” parameter corresponds to the “keyid” parameter in the content 
|     coding.
| aes128gcm:
|     The “aes128gcm” parameter contains the base64url-encoded octets [RFC7515] of 
|     the input keying material for the “aes128gcm” content coding.

So there is keyid and it is also on

| +-----------+--------+-----------+------------+
| | salt (16) | rs (4) | idlen (1) | id (idlen) |
| +-----------+--------+-----------+------------+

I guess that this "id" is keyid:

| keyid:
|     The “keyid” parameter can be used to identify the keying material that is 
|     used. When the Crypto-Key header field is used, the “keyid” identifies a 
|     matching value in that field. The “keyid” parameter MUST be used if keying 
|     material included in an Crypto-Key header field is needed to derive the 
|     content encryption key. The “keyid” parameter can also be used to identify 
|     keys in an application-specific fashion.


| rs:
|     The “rs” or record size parameter contains an unsigned 32-bit integer in 
|    network byte order that describes the record size in octets. Note that it is 
|    therefore impossible to exceed the 2^36-1 limit on plaintext input to 
|    AEAD_AES_128_GCM. Values smaller than 3 are invalid.

Is that 2^36-1 same than  2^36-31  here:

|   There are limits to the data that AEAD_AES_128_GCM can encipher. The maximum 
|   record size is 2^36-31 [RFC5116].

/ Kari Hurtta

Received on Sunday, 30 October 2016 18:26:38 UTC