W3C home > Mailing lists > Public > public-xmlsec-discuss@w3.org > June 2013

RE: ConcatKDF in xmlenc-core1: ambiguous concatenation

From: Manger, James H <James.H.Manger@team.telstra.com>
Date: Wed, 19 Jun 2013 18:07:20 +1000
To: "public-xmlsec@w3.org" <public-xmlsec@w3.org>
CC: "public-xmlsec-discuss@w3.org" <public-xmlsec-discuss@w3.org>, "frederick.hirsch@nokia.com" <frederick.hirsch@nokia.com>
Message-ID: <255B9BB34FB7D647A506DC292726F6E1151BA6AD77@WSMSG3153V.srv.dir.telstra.com>
Correction: I can get the DRV.3 interop test to work. It has the same lack of padding problem as DRV.1.

James Manger

From: Manger, James H
Sent: Wednesday, 19 June 2013 6:03 PM
To: 'public-xmlsec@w3.org'
Cc: 'public-xmlsec-discuss@w3.org'; 'frederick.hirsch@nokia.com'
Subject: ConcatKDF in xmlenc-core1: ambiguous concatenation


On a related note, I think there is a mistake in the interop test DRV.1 for ConcatKDF at http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core1-interop/Overview.html. The plaintext is not padded before it is encrypted (or the plaintext is 312 bytes, not the stated 320 bytes).
320 bytes of plaintext -> 1 block for IV + 20 blocks of plaintext + 1 block padding -> 352 bytes of ciphertext -> 470 base64 chars
However the <xenc:CipherValue> element has only 448 base64 chars.

I cannot get the interop test DRV.3 to work either. Is the shared secret key really supposed to be 2176 bits long?

James Manger (Telstra)
Received on Wednesday, 19 June 2013 08:07:56 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:42:38 UTC