RE: Add algorithm for AES Key Wrap ? from Mike Jones on 2013-07-10 (public-webcrypto@w3.org from July 2013)

From: Mike Jones <Michael.Jones@microsoft.com>
Date: Wed, 10 Jul 2013 00:01:12 +0000
To: Jim Schaad <ietf@augustcellars.com>, 'Richard Barnes' <rbarnes@bbn.com>
CC: 'Mark Watson' <watsonm@netflix.com>, "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Message-ID: <4E1F6AAD24975D4BA5B16804296739436B6AD079@TK5EX14MBXC283.redmond.corp.microsoft.>

I have .NET code that implements 3994 using the Rijndael class with key.Mode = CipherMode.ECB and key.Padding = PaddingMode.None.

				-- Mike

-----Original Message-----
From: Jim Schaad [mailto:ietf@augustcellars.com] 
Sent: Tuesday, July 09, 2013 4:56 PM
To: 'Richard Barnes'; Mike Jones
Cc: 'Mark Watson'; public-webcrypto@w3.org
Subject: RE: Add algorithm for AES Key Wrap ?

Because I needed it for doing JOSE testing, I just looked and I am unable to implement AES-KW in "user" code because there is no ECB version of AES exposed as part of the WinCrypt API.

I will also note that the 3994 and 5649 versions of the AES key wrap are very different in that one is not an extension of the other from a cryptographic point of view.  They are totally different cryptographic algorithms.  The version that most libraries have implemented is the 3994 version since that is what is used for CMS.

If we do the 5649 version then we probably need to specify both versions.

Jim

> -----Original Message-----
> From: Richard Barnes [mailto:rbarnes@bbn.com]
> Sent: Tuesday, July 09, 2013 10:17 AM
> To: Mike Jones
> Cc: Mark Watson; public-webcrypto@w3.org
> Subject: Re: Add algorithm for AES Key Wrap ?
> 
> +1 to 5649.  It's more general, and like 10 more lines of code.
> 
> 
> 
> On Jul 8, 2013, at 8:28 PM, Mike Jones <Michael.Jones@microsoft.com>
> wrote:
> 
> > JOSE needs 3994.  Please proceed to add that one.  I'm ambivalent 
> > about
> whether we need to add 5649 or not.
> >
> >                                                             -- Mike
> >
> > From: Mark Watson [mailto:watsonm@netflix.com]
> > Sent: Monday, July 08, 2013 3:44 PM
> > To: public-webcrypto@w3.org
> > Subject: Add algorithm for AES Key Wrap ?
> >
> > All,
> >
> > Now that we have wrap and unwrap operations defined, should we add 
> > an
> algorithm section for AES Key Wrap (RFC3394 and RFC5649) ?
> >
> > I'd be happy to draft the section if there is agreement.
> >
> > ...Mark
> >

Received on Wednesday, 10 July 2013 00:01:53 UTC