< draft-hallambaker-mesh-dare-00.txt   draft-hallambaker-mesh-dare-01.txt >
Network Working Group P. Hallam-Baker Network Working Group P. Hallam-Baker
Internet-Draft February 25, 2019 Internet-Draft April 4, 2019
Intended status: Informational Intended status: Informational
Expires: August 29, 2019 Expires: October 6, 2019
Mathematical Mesh Part III : Data At Rest Encryption (DARE) Mathematical Mesh Part III : Data At Rest Encryption (DARE)
draft-hallambaker-mesh-dare-00 draft-hallambaker-mesh-dare-01
Abstract Abstract
This document describes the Data At Rest Encryption (DARE) Message This document describes the Data At Rest Encryption (DARE) Message
and Container syntax. and Container syntax.
The DARE Message syntax is used to digitally sign, digest, The DARE Message syntax is used to digitally sign, digest,
authenticate, or encrypt arbitrary message content. authenticate, or encrypt arbitrary message content.
The DARE Container syntax describes an append-only sequence of data The DARE Container syntax describes an append-only sequence of data
skipping to change at page 1, line 42 skipping to change at page 1, line 42
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 29, 2019. This Internet-Draft will expire on October 6, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 39 skipping to change at page 3, line 39
6.3.2. Structure: IndexPosition . . . . . . . . . . . . . . 30 6.3.2. Structure: IndexPosition . . . . . . . . . . . . . . 30
6.3.3. Structure: KeyValue . . . . . . . . . . . . . . . . . 31 6.3.3. Structure: KeyValue . . . . . . . . . . . . . . . . . 31
6.3.4. Structure: IndexMeta . . . . . . . . . . . . . . . . 31 6.3.4. Structure: IndexMeta . . . . . . . . . . . . . . . . 31
7. Security Considerations . . . . . . . . . . . . . . . . . . . 31 7. Security Considerations . . . . . . . . . . . . . . . . . . . 31
7.1. Encryption/Signature nesting . . . . . . . . . . . . . . 31 7.1. Encryption/Signature nesting . . . . . . . . . . . . . . 31
7.2. Side channel . . . . . . . . . . . . . . . . . . . . . . 31 7.2. Side channel . . . . . . . . . . . . . . . . . . . . . . 31
7.3. Salt reuse . . . . . . . . . . . . . . . . . . . . . . . 31 7.3. Salt reuse . . . . . . . . . . . . . . . . . . . . . . . 31
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 31 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 31
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 31 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 31
10. Appendix A: DARE Message Examples and Test Vectors . . . . . 31 10. Appendix A: DARE Message Examples and Test Vectors . . . . . 31
11. Test Examples . . . . . . . . . . . . . . . . . . . . . . . . 31 11. Test Examples . . . . . . . . . . . . . . . . . . . . . . . . 32
11.1. Plaintext Message . . . . . . . . . . . . . . . . . . . 32 11.1. Plaintext Message . . . . . . . . . . . . . . . . . . . 32
11.2. Plaintext Message with EDS . . . . . . . . . . . . . . . 32 11.2. Plaintext Message with EDS . . . . . . . . . . . . . . . 32
11.3. Encrypted Message . . . . . . . . . . . . . . . . . . . 33 11.3. Encrypted Message . . . . . . . . . . . . . . . . . . . 33
11.4. Signed Message . . . . . . . . . . . . . . . . . . . . . 34 11.4. Signed Message . . . . . . . . . . . . . . . . . . . . . 35
11.5. Signed and Encrypted Message . . . . . . . . . . . . . . 35 11.5. Signed and Encrypted Message . . . . . . . . . . . . . . 35
12. Appendix B: DARE Container Examples and Test Vectors . . . . 36 12. Appendix B: DARE Container Examples and Test Vectors . . . . 36
12.1. Simple container . . . . . . . . . . . . . . . . . . . . 36 12.1. Simple container . . . . . . . . . . . . . . . . . . . . 36
12.2. Payload and chain digests . . . . . . . . . . . . . . . 37 12.2. Payload and chain digests . . . . . . . . . . . . . . . 37
12.3. Merkle Tree . . . . . . . . . . . . . . . . . . . . . . 38 12.3. Merkle Tree . . . . . . . . . . . . . . . . . . . . . . 38
12.4. Signed container . . . . . . . . . . . . . . . . . . . . 40 12.4. Signed container . . . . . . . . . . . . . . . . . . . . 40
12.5. Encrypted container . . . . . . . . . . . . . . . . . . 41 12.5. Encrypted container . . . . . . . . . . . . . . . . . . 41
13. Appendix C: Previous Frame Function . . . . . . . . . . . . . 45 13. Appendix C: Previous Frame Function . . . . . . . . . . . . . 43
14. Appendix D: Outstanding Issues . . . . . . . . . . . . . . . 45 14. Appendix D: Outstanding Issues . . . . . . . . . . . . . . . 44
15. References . . . . . . . . . . . . . . . . . . . . . . . . . 45 15. References . . . . . . . . . . . . . . . . . . . . . . . . . 44
15.1. Normative References . . . . . . . . . . . . . . . . . . 45 15.1. Normative References . . . . . . . . . . . . . . . . . . 44
15.2. Informative References . . . . . . . . . . . . . . . . . 47 15.2. Informative References . . . . . . . . . . . . . . . . . 45
15.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 47 15.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 47 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 46
1. Introduction 1. Introduction
This document describes the Data At Rest Encryption (DARE) Message This document describes the Data At Rest Encryption (DARE) Message
and Container Syntax. The DARE Message syntax is used to digitally and Container Syntax. The DARE Message syntax is used to digitally
sign, digest, authenticate, or encrypt arbitrary message content. sign, digest, authenticate, or encrypt arbitrary message content.
The DARE Container syntax describes an append-only sequence of data The DARE Container syntax describes an append-only sequence of data
frames, each containing a DARE Message that supports efficient frames, each containing a DARE Message that supports efficient
incremental signature and encryption. incremental signature and encryption.
skipping to change at page 17, line 24 skipping to change at page 17, line 24
Encryption and integrity protections MAY be applied to any DARE Encryption and integrity protections MAY be applied to any DARE
Message Payload and Annotations. Message Payload and Annotations.
The following is an encrypted version of the message shown earlier. The following is an encrypted version of the message shown earlier.
The payload and annotations have both increased in size as a result The payload and annotations have both increased in size as a result
of the block cipher padding. The header now includes Recipients and of the block cipher padding. The header now includes Recipients and
Salt fields to enable the content to be decoded. Salt fields to enable the content to be decoded.
[{ [{
"enc":"A256CBC", "enc":"A256CBC",
"Salt":"l7Bjy_Coev9KRuyWNCXtSQ", "Salt":"r1yXNHkhxZnQcAloDzscDg",
"cty":"application/example-mail", "cty":"application/example-mail",
"Annotations":["iAEBiCBmbTo0Y_C8B9eb1PXr_a-WEQok8bbDUsaiMPZMNcnJ "Annotations":["iAEBiCDY_GflmQT6FRGDzxUxAv0LrHRP_b7jvZvprQWwWPFk
Kw", TA",
"iAECiCAOBQoaB0LWg1HE1mY0Opu-GmohOzU5ljvX46f_A-CmCg", "iAECiCAsiGoiMi0xFnoZVsMUKyGgTX0E448MKqg36hZZxnyBYg",
"iAEDiDB0HJBmP45XDzL3ClFUtLfpkvrwunNQCHoUXG6oph5-ZFwYCI6fxwNU "iAEDiDDvGyqYBVJSa_d1c0v5Z4DN9wKWRmdnllyJJecdlsJ4szg95xtLrKoW
ie5xRdLaaFw" xgym6Ngqnqo"
], ],
"recipients":[{ "recipients":[{
"kid":"MAH7-QQI4-53WD-S32X-4SQW-TIAY-42LA", "kid":"MCNZ-6W5N-NWWW-FTHM-YSIM-P2JG-EBM7",
"epk":{ "epk":{
"PublicKeyECDH":{ "PublicKeyECDH":{
"crv":"Ed25519", "crv":"Ed25519",
"Public":"-6jMG5xqSL1kjle0k2xkHzF8nVfXFZcpGSIRF1DAKuc"}}, "Public":"7isN-IhDOvyIlTc8NvH7j3lTQ31z7POV12c2YwtyMPE"}},
"wmk":"dLS9PZNbyDfEZEDfesatSb2KvTO26YCOH-5uPRphA_M25huz0z2j "wmk":"DicCqnjnsm7tyTaoo7pyCFCU0zHQ_gOP5cW35nRtpjrm10GGlE64
-A"} rg"}
]}, ]},
"992eB-VqCRFQvg9qiPk_iLGG-zruhqWA1n1A1_BE1W7Hc6GdRr99uGFYrHc-J_4_ "Vq__pS87wSZnJOaKEDMVojU28yAhAzNv8ddLnjSlgoR1QhCW28NLV7_thL01UegX
m-lPXVMJkBhFEbmlSBtZDg" 2-ud1OwnCMdOXlxkrMrpxg"
] ]
3.4.1. Key Exchange 3.4.1. Key Exchange
The DARE key exchange is based on the JWE key exchange except that The DARE key exchange is based on the JWE key exchange except that
encryption modes are intentionally limited and the output of the key encryption modes are intentionally limited and the output of the key
exchange is the DARE Master Key rather than the Content Encryption exchange is the DARE Master Key rather than the Content Encryption
Key. Key.
A DARE Key Exchange MAY contain any number of Recipient entries, each A DARE Key Exchange MAY contain any number of Recipient entries, each
skipping to change at page 31, line 31 skipping to change at page 31, line 31
ContentType: String (Optional) Content type parameter ContentType: String (Optional) Content type parameter
Paths: String [0..Many] List of filename paths for the current Paths: String [0..Many] List of filename paths for the current
frame. frame.
Labels: String [0..Many] List of labels that are applied to the Labels: String [0..Many] List of labels that are applied to the
current frame. current frame.
7. Security Considerations 7. Security Considerations
This section describes security considerations arising from the use
of DaRE in general applications.
Additional security considerations for use of DaRE in Mesh services
and applications are described in the Mesh Security Considerations
guide [draft-hallambaker-mesh-security] .
7.1. Encryption/Signature nesting 7.1. Encryption/Signature nesting
7.2. Side channel 7.2. Side channel
7.3. Salt reuse 7.3. Salt reuse
8. IANA Considerations 8. IANA Considerations
9. Acknowledgements 9. Acknowledgements
skipping to change at page 31, line 42 skipping to change at page 32, line 4
7.2. Side channel 7.2. Side channel
7.3. Salt reuse 7.3. Salt reuse
8. IANA Considerations 8. IANA Considerations
9. Acknowledgements 9. Acknowledgements
10. Appendix A: DARE Message Examples and Test Vectors 10. Appendix A: DARE Message Examples and Test Vectors
11. Test Examples 11. Test Examples
In the following examples, Alice's encryption private key parameters In the following examples, Alice's encryption private key parameters
are: are:
{ {
"PrivateKeyECDH":{ "PrivateKeyECDH":{
"crv":"Ed25519", "crv":"Ed25519",
"Private":"wYvPNxiLPk4y8UHQdEZRXABHj-S4H0ouc2swMPMndlY"}} "Private":"eutl5W-yj45k4ME_mh2SbR3E5AN61tgDbfmF-dJmTVo"}}
Alice's signature private key parameters are: Alice's signature private key parameters are:
{ {
"PrivateKeyECDH":{ "PrivateKeyECDH":{
"crv":"Ed25519", "crv":"Ed25519",
"Private":"afuqx3CxGxZPvFBE12FBXbZWmBlC9TZldd2B6sC15_Y"}} "Private":"Bw6qDvg3D8IunEgMDBoDHFc1X-wnd577-PiXUR9RfFU"}}
The body of the test message is the UTF8 representation of the The body of the test message is the UTF8 representation of the
following string: following string:
"This is a test long enough to require multiple blocks" "This is a test long enough to require multiple blocks"
The EDS sequences, are the UTF8 representation of the following The EDS sequences, are the UTF8 representation of the following
strings: strings:
"Subject: Message metadata should be encrypted" "Subject: Message metadata should be encrypted"
skipping to change at page 33, line 9 skipping to change at page 33, line 19
"iAECiAoyMDE4LTAyLTAxiAA" "iAECiAoyMDE4LTAyLTAxiAA"
]}, ]},
"VGhpcyBpcyBhIHRlc3QgbG9uZyBlbm91Z2ggdG8gcmVxdWlyZSBtdWx0aXBsZS "VGhpcyBpcyBhIHRlc3QgbG9uZyBlbm91Z2ggdG8gcmVxdWlyZSBtdWx0aXBsZS
BibG9ja3M" BibG9ja3M"
]} ]}
11.3. Encrypted Message 11.3. Encrypted Message
The creator generates a master session key: The creator generates a master session key:
AB 5A 07 19 EC E4 56 4A 57 89 06 E8 D6 E6 F8 08 78 52 E2 3D 76 A6 54 63 3A B3 8A C9 76 C5 64 29
05 28 80 8F 9B 10 88 A8 CA A7 CB F5 FA 37 81 C5 54 56 8C A0 2B F3 40 6A 3B D3 F4 B3 B7 58 80 1F
For each recipient of the message: For each recipient of the message:
The creator generates an ephemeral key: The creator generates an ephemeral key:
{ {
"PrivateKeyECDH":{ "PrivateKeyECDH":{
"crv":"Ed25519", "crv":"Ed25519",
"Private":"NyutcLUma0D-0LJhnifp-VERQhFWAC1tVqGBeS2eE_g"}} "Private":"rDiO3m5PEKiuBDdYwvvHJJXqXTU6md8_FpR0HevDolQ"}}
The key agreement value is calculated: The key agreement value is calculated:
D3 E3 62 FB 2D 6F 09 0E 68 E4 6A E2 73 44 D5 31 38 95 F8 24 4B C0 71 F7 2C 80 2D 9C 27 E2 E0 81
77 43 98 F6 A1 57 96 8E 7F 63 74 BE 72 1D 83 2B 20 9B 40 03 3D 74 90 E3 60 6E E1 28 E3 B0 63 0E
The key agreement value is used as the input to a HKDF key derivation The key agreement value is used as the input to a HKDF key derivation
function with the info parameter master to create the key used to function with the info parameter master to create the key used to
wrap the master key: wrap the master key:
AE C6 64 CE 7F 54 E9 7F C7 B5 43 A4 77 12 6D B7 B1 AC 17 1F 82 51 52 E5 73 32 6E 2B C3 9F 82 3F
99 71 CE 20 99 67 2B D6 C0 21 91 AA F7 9B 65 0D CE 20 BF A5 19 02 DF EB D3 19 3D 6D 39 91 F3 E2
The wrapped master key is: The wrapped master key is:
74 AC E9 02 79 5C 41 CD 15 68 71 BF B8 DC E5 C6 02 FC 2C 53 E0 85 F1 40 20 98 11 1D 7F FC FE 63
E0 47 6C 66 AB 8C 19 79 16 C7 3A BA 6E 94 BA BB B1 26 D8 B4 91 51 7A 19 B8 4E 92 D7 FC A3 2A C1
4E 72 FE 61 CD AC 2C FE BA EE 2C 6C A2 22 B8 A6
This information is used to calculate the Recipient information shown This information is used to calculate the Recipient information shown
in the example below. in the example below.
To encrypt a message, we first generate a unique salt value: To encrypt a message, we first generate a unique salt value:
D7 CA AF C2 D7 54 E6 AB AE 77 AA D2 6B CA 5C 1B 34 2F 8F 81 84 94 86 A7 F3 8A 63 4D 95 FC 9F 65
The salt value and master key are used to generate the payload The salt value and master key are used to generate the payload
encryption key: encryption key:
C9 C7 62 F3 A7 80 E8 95 A3 34 A8 85 43 26 0C DE 8C 2F 2C B7 86 C4 1B 38 72 FF CF 2F 8C 4B 02 B3
A0 D5 AB 97 04 6E 45 29 63 6F FB 43 DE 7E 1C 1C 9B 68 81 95 C1 D8 04 CC C5 CA 9F EC 28 42 20 35
Since AES is a block cipher, we also require an initializarion Since AES is a block cipher, we also require an initializarion
vector: vector:
42 46 96 03 9C AB FC 0B BD 3F 33 A5 15 89 D6 E4 92 2B 73 F5 A9 C4 AD 7E 68 44 4F 51 AC 13 AD 79
The output sequence is the encrypted bytes: The output sequence is the encrypted bytes:
9B E5 6A 7A 2A D8 F7 D7 BF 26 73 A8 F0 D9 EF 70 7A F1 D3 73 BB 98 8E EA 54 F5 D6 6F 45 1F 45 F9
4C 63 A9 51 03 F2 89 DD E6 3C 8C 82 A9 83 04 75 DF AE C8 22 9F 24 01 24 52 C3 26 38 87 11 1A F1
E5 E6 08 41 37 CD 77 2D C8 A6 49 6A 3E 76 98 88 20 28 54 9E F4 50 C4 EC D9 11 C7 8C 5A 15 42 A4
31 38 1D B5 84 DB 6C 00 BA 58 7A F6 E4 F1 B8 EF 71 72 F4 C8 47 04 32 5D 9E F7 4F 65 A1 C6 DE A8
Since the message is not signed, there is no need for a trailer. The Since the message is not signed, there is no need for a trailer. The
completed message is: completed message is:
{ {
"DareMessage":[{ "DareMessage":[{
"enc":"A256CBC", "enc":"A256CBC",
"Salt":"18qvwtdU5quud6rSa8pcGw", "Salt":"NC-PgYSUhqfzimNNlfyfZQ",
"recipients":[{ "recipients":[{
"kid":"MAH7-QQI4-53WD-S32X-4SQW-TIAY-42LA", "kid":"MCNZ-6W5N-NWWW-FTHM-YSIM-P2JG-EBM7",
"epk":{ "epk":{
"PublicKeyECDH":{ "PublicKeyECDH":{
"crv":"Ed25519", "crv":"Ed25519",
"Public":"zfqzSaFFgPiFgwx1mZ0BkxIQOfIM0Q_9KO8JX3NqG3k"}}, "Public":"qiPa2xdwOl61qs5yUQooA5vHE4C6yA9BqGzSgdF36vI"}},
"wmk":"dKzpAnlcQc0VaHG_uNzlxuBHbGarjBl5Fsc6um6UurtOcv5hza "wmk":"AvwsU-CF8UAgmBEdf_z-Y7Em2LSRUXoZuE6S1_yjKsG67ixsoi
ws_g"} K4pg"}
]}, ]},
"m-VqeirY99e_JnOo8NnvcExjqVED8ond5jyMgqmDBHXl5ghBN813LcimSWo-dp "evHTc7uYjupU9dZvRR9F-d-uyCKfJAEkUsMmOIcRGvEgKFSe9FDE7NkRx4xaFU
iIMTgdtYTbbAC6WHr25PG47w" KkcXL0yEcEMl2e909locbeqA"
]} ]}
11.4. Signed Message 11.4. Signed Message
Signed messages specify the digest algorithm to be used in the header Signed messages specify the digest algorithm to be used in the header
and the signature value in the trailer. Note that the digest and the signature value in the trailer. Note that the digest
algorithm is not optional since it serves as notice that a decoder algorithm is not optional since it serves as notice that a decoder
should digest the payload value to enable signature verification. should digest the payload value to enable signature verification.
{ {
"DareMessage":[{ "DareMessage":[{
"dig":"S512"}, "dig":"S512"},
"VGhpcyBpcyBhIHRlc3QgbG9uZyBlbm91Z2ggdG8gcmVxdWlyZSBtdWx0aXBsZS "VGhpcyBpcyBhIHRlc3QgbG9uZyBlbm91Z2ggdG8gcmVxdWlyZSBtdWx0aXBsZS
BibG9ja3M", BibG9ja3M",
{ {
"signatures":[{ "signatures":[{
"signature":"O0vj8U_uYZ1Ch3J2NbSpx1qIfpRrXfFqLmJs2TlEMIzi "signature":"6WT83zSqqsXlCg5qV2lcQKWvjaqfGn40iuMfCMJj3W3u
8n7j-qaFZ5uYEjiNd3PFVXiKWzb1AVYom-ejnQ9UAA"} p-suh93GUmnJRU3G4N7rrfdSszwqNF3QXGcB6TFyCQ"}
], ],
"PayloadDigest":"raim8SV5adPbWWn8FMM4mrRAQCO9A2jZ0NZAnFXWlG0x "PayloadDigest":"raim8SV5adPbWWn8FMM4mrRAQCO9A2jZ0NZAnFXWlG0x
F6sWGJbnKSdtIJMmMU_hjarlIPEoY3vy9UdVlH5KAg"} F6sWGJbnKSdtIJMmMU_hjarlIPEoY3vy9UdVlH5KAg"}
]} ]}
11.5. Signed and Encrypted Message 11.5. Signed and Encrypted Message
A signed and encrypted message is encrypted and then signed. The A signed and encrypted message is encrypted and then signed. The
signer proves knowledge of the payload plaintext by providing the signer proves knowledge of the payload plaintext by providing the
plaintext witness value. plaintext witness value.
{ {
"DareMessage":[{ "DareMessage":[{
"enc":"A256CBC", "enc":"A256CBC",
"dig":"S512", "dig":"S512",
"Salt":"2Tsh-k3YV510oXqzEbr66w", "Salt":"sBoqFymhJw40xB5g3ojv1g",
"recipients":[{ "recipients":[{
"kid":"MAH7-QQI4-53WD-S32X-4SQW-TIAY-42LA", "kid":"MCNZ-6W5N-NWWW-FTHM-YSIM-P2JG-EBM7",
"epk":{ "epk":{
"PublicKeyECDH":{ "PublicKeyECDH":{
"crv":"Ed25519", "crv":"Ed25519",
"Public":"RBLZdDmqPcfowl3LfW8dGICuuMQZjm4aqBDqBtlbbcs"}}, "Public":"S8VmzAf5zVrRwSYMicKHFKTycHdieNTMjmLNABO9vto"}},
"wmk":"NBdP-PrkLTc6jFtFiumRY0juzaOwgw3_OOVGhYgGQ00KJAvC8P "wmk":"pIfhfZ1wZhJ9ZvRnJQlFFDUHilpYyllfHhPzwQpO5Ttzkd4r5x
sGuw"} Q9yg"}
]}, ]},
"baRmxuK2ohiubNFniF3EzK4AxXECC95yL72dkPNQX7ONJUvKDSuPE77epzPWHx "eR6QEDzxlgive00ysoeXt9YhmfAYCCx7rYKNuuM3Tr7GR7NcqRvnzz_ZRlCPds
DtBWAg_hXObzt3c9mFe3YXyw", hdA9AgEIjveTLPjfPWqgMGXQ",
{ {
"signatures":[{ "signatures":[{
"signature":"u3rCsnF0FqerBp06Ge3qfXBMAqBb7FLEwGYcxqwtm-_8 "signature":"WdlXU4CZx5Lqg7BWwBdec_zrRyNj1ozh1s65akpo5QbZ
JN9hHsrY1dxcOHBOZOaaVAP_3rw0wE6QWIqY3_2zBw", cHQCMGCfMR3yqp-_GCfB4BIlNTp8Dy3AeftFVIrMBw",
"witness":"7QrVnDmsV_BNhdWLea1TJk4Fwsfl9TnXuS_OB_cVgdY"} "witness":"H4ZdcRAn3N5HptphfHgyGKi80qb6GqoIv0LFX5IMy-s"}
], ],
"PayloadDigest":"dVFiiXqdJvpqPWmKKKZXW6hEo7w0pJ6cmnbw4WcvBcps "PayloadDigest":"fT5sn-m-AzCCOYpqWf4oPZQJ2Sg6Tb_mHAT5SIMu1dqX
bU3O11JrNJCfaKj_Z-BXZkTrm79uGqyjCEzwm0bh2Q"} o0G4RWWavoc7gCWSunW9B4Gm9x1aVhclvQ82vMOhUg"}
]} ]}
12. Appendix B: DARE Container Examples and Test Vectors 12. Appendix B: DARE Container Examples and Test Vectors
The data payloads in all the following examples are identical, only The data payloads in all the following examples are identical, only
the authentication and/or encryption is different. the authentication and/or encryption is different.
o Frame 1..n consists of 300 bytes being the byte sequence 00, 01, o Frame 1..n consists of 300 bytes being the byte sequence 00, 01,
02, etc. repeating after 256 bytes. 02, etc. repeating after 256 bytes.
skipping to change at page 36, line 37 skipping to change at page 37, line 20
f0 0f f0 0f
f1 01 2c f1 01 2c
40 01 f5 40 01 f5
Since there is no integrity check, there is no need for trailer Since there is no integrity check, there is no need for trailer
entries. The header values are: entries. The header values are:
Frame 0 Frame 0
{ {
"Index":0, "Index": 0,
"ContainerType":"List", "ContainerType": "List",
"ContentMeta":{}, "ContentMeta": {},
"DataEncoding":"JSON"} "DataEncoding": "JSON"}
[Empty trailer] [Empty trailer]
Frame 1 Frame 1
{ {
"Index":1} "Index": 1}
[Empty trailer] [Empty trailer]
12.2. Payload and chain digests 12.2. Payload and chain digests
The following example shows a chain container with a first frame and The following example shows a chain container with a first frame and
three data frames. The headers of these frames is the same as before three data frames. The headers of these frames is the same as before
but the frames now have trailers specifying the PayloadDigest and but the frames now have trailers specifying the PayloadDigest and
ChainDigest values: ChainDigest values:
Frame 0 Frame 0
{ {
"Index":0, "Index": 0,
"ContainerType":"Chain", "ContainerType": "Chain",
"ContentMeta":{}, "ContentMeta": {},
"DataEncoding":"JSON"} "DataEncoding": "JSON"}
[Empty trailer] [Empty trailer]
Frame 1 Frame 1
{ {
"Index":1} "Index": 1}
{ {
"PayloadDigest":"8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZDlZe "PayloadDigest": "8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZD
aWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw", lZeaWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw",
"ChainDigest":"T7S1FcrgY3AaWD4L-t5W1K-3XYkPTcOdGEGyjglTD6yMYVRVz9 "ChainDigest": "T7S1FcrgY3AaWD4L-t5W1K-3XYkPTcOdGEGyjglTD6yMYVR
tn_KQc6GdA-P4VSRigBygV65OEd2Vv3YDhww"} Vz9tn_KQc6GdA-P4VSRigBygV65OEd2Vv3YDhww"}
Frame 2 Frame 2
{ {
"Index":2} "Index": 2}
{ {
"PayloadDigest":"8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZDlZe "PayloadDigest": "8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZD
aWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw", lZeaWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw",
"ChainDigest":"T7S1FcrgY3AaWD4L-t5W1K-3XYkPTcOdGEGyjglTD6yMYVRVz9 "ChainDigest": "T7S1FcrgY3AaWD4L-t5W1K-3XYkPTcOdGEGyjglTD6yMYVR
tn_KQc6GdA-P4VSRigBygV65OEd2Vv3YDhww"} Vz9tn_KQc6GdA-P4VSRigBygV65OEd2Vv3YDhww"}
Frame 3 Frame 3
{ {
"Index":3} "Index": 3}
{ {
"PayloadDigest":"8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZDlZe "PayloadDigest": "8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZD
aWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw", lZeaWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw",
"ChainDigest":"T7S1FcrgY3AaWD4L-t5W1K-3XYkPTcOdGEGyjglTD6yMYVRVz9 "ChainDigest": "T7S1FcrgY3AaWD4L-t5W1K-3XYkPTcOdGEGyjglTD6yMYVR
tn_KQc6GdA-P4VSRigBygV65OEd2Vv3YDhww"} Vz9tn_KQc6GdA-P4VSRigBygV65OEd2Vv3YDhww"}
12.3. Merkle Tree 12.3. Merkle Tree
The following example shows a chain container with a first frame and The following example shows a chain container with a first frame and
six data frames. The trailers now contain the TreePosition and six data frames. The trailers now contain the TreePosition and
TreeDigest values: TreeDigest values:
Frame 0 Frame 0
{ {
"Index":0, "Index": 0,
"ContainerType":"Merkle", "ContainerType": "Merkle",
"ContentMeta":{}, "ContentMeta": {},
"DataEncoding":"JSON"} "DataEncoding": "JSON"}
[Empty trailer] [Empty trailer]
Frame 1 Frame 1
{ {
"Index":1, "Index": 1,
"TreePosition":0} "TreePosition": 0}
{ {
"PayloadDigest":"8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZDlZe "PayloadDigest": "8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZD
aWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw", lZeaWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw",
"TreeDigest":"T7S1FcrgY3AaWD4L-t5W1K-3XYkPTcOdGEGyjglTD6yMYVRVz9t "TreeDigest": "T7S1FcrgY3AaWD4L-t5W1K-3XYkPTcOdGEGyjglTD6yMYVRV
n_KQc6GdA-P4VSRigBygV65OEd2Vv3YDhww"} z9tn_KQc6GdA-P4VSRigBygV65OEd2Vv3YDhww"}
Frame 2 Frame 2
{ {
"Index":2, "Index": 2,
"TreePosition":319} "TreePosition": 325}
{ {
"PayloadDigest":"8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZDlZe "PayloadDigest": "8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZD
aWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw", lZeaWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw",
"TreeDigest":"7fHmkEIsPkN6sDYAOLvpIJn5Dg3PxDDAaq-ll2kh8722kokkFnZ "TreeDigest": "7fHmkEIsPkN6sDYAOLvpIJn5Dg3PxDDAaq-ll2kh8722kokk
QcYtjuVC71aHNXI18q-lPnfRkmwryG-bhqQ"} FnZQcYtjuVC71aHNXI18q-lPnfRkmwryG-bhqQ"}
Frame 3 Frame 3
{ {
"Index":3, "Index": 3,
"TreePosition":319} "TreePosition": 325}
{ {
"PayloadDigest":"8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZDlZe "PayloadDigest": "8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZD
aWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw", lZeaWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw",
"TreeDigest":"T7S1FcrgY3AaWD4L-t5W1K-3XYkPTcOdGEGyjglTD6yMYVRVz9t "TreeDigest": "T7S1FcrgY3AaWD4L-t5W1K-3XYkPTcOdGEGyjglTD6yMYVRV
n_KQc6GdA-P4VSRigBygV65OEd2Vv3YDhww"} z9tn_KQc6GdA-P4VSRigBygV65OEd2Vv3YDhww"}
Frame 4 Frame 4
{ {
"Index":4, "Index": 4,
"TreePosition":1451} "TreePosition": 1469}
{ {
"PayloadDigest":"8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZDlZe "PayloadDigest": "8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZD
aWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw", lZeaWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw",
"TreeDigest":"vJ6ngNATvZcXSMALi5IUqzl1GBxBnTNVcC87VL_BhMRCbAvKSj8 "TreeDigest": "vJ6ngNATvZcXSMALi5IUqzl1GBxBnTNVcC87VL_BhMRCbAvK
gs0VFgxxLkZ2myrtaDIwhHoswiTiBMLNWug"} Sj8gs0VFgxxLkZ2myrtaDIwhHoswiTiBMLNWug"}
Frame 5 Frame 5
{ {
"Index":5, "Index": 5,
"TreePosition":1451} "TreePosition": 1469}
{ {
"PayloadDigest":"8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZDlZe "PayloadDigest": "8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZD
aWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw", lZeaWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw",
"TreeDigest":"T7S1FcrgY3AaWD4L-t5W1K-3XYkPTcOdGEGyjglTD6yMYVRVz9t "TreeDigest": "T7S1FcrgY3AaWD4L-t5W1K-3XYkPTcOdGEGyjglTD6yMYVRV
n_KQc6GdA-P4VSRigBygV65OEd2Vv3YDhww"} z9tn_KQc6GdA-P4VSRigBygV65OEd2Vv3YDhww"}
Frame 6 Frame 6
{ {
"Index":6, "Index": 6,
"TreePosition":2586} "TreePosition": 2616}
{ {
"PayloadDigest":"8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZDlZe "PayloadDigest": "8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZD
aWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw", lZeaWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw",
"TreeDigest":"WgHlz3EHczVPqgtpc39Arv7CFIsCbFVsk8wg0j2qLlEfur9SZ0m "TreeDigest": "WgHlz3EHczVPqgtpc39Arv7CFIsCbFVsk8wg0j2qLlEfur9S
dr65Ka-HF0Qx8gg_DAoiJwUrwADDXyxVJOg"} Z0mdr65Ka-HF0Qx8gg_DAoiJwUrwADDXyxVJOg"}
12.4. Signed container 12.4. Signed container
The following example shows a tree container with a signature in the The following example shows a tree container with a signature in the
final record. The signing key parameters are: final record. The signing key parameters are:
{ {
"PrivateKeyRSA":{ "PrivateKeyECDH":{
"kid":"MCPPA-FZ42U-62G6A-4KQDY-2PGB3-275F2-A", "crv":"Ed25519",
"n":"6Mcc04EmN5ukjMOd9j7jpsSLbmQDBexDpAFRPmNxUHuzjlPnk8AZCxMYiH "Private":"Bw6qDvg3D8IunEgMDBoDHFc1X-wnd577-PiXUR9RfFU"}}
eXEgSeYMVeo2hLq46h6bJWOrqrKWDNfpKVnHKo6HPGZac3U6kJvteUreQ3X_p5Dzt
ABEWiD4A-JgsM_zUSWk_VZcWHln5yCW8qAJdvTWNFPmIXH3QayTDtWKPNho35x1VQ
Xk823CjjX-Uim0Ob9WWpEeobArZaEH50cdFF4kdAntzN4Kwq4YzR-Kn4AA4zuxGWD
ungSkGeCZ2htB47-GvZn2CYjG5JtaCAVlMJ1JsZFmrr4Kp6qJemZaDbpatHGSiCUy
Xz1xIk-Fm0sXeKQtUTx_ypXQ",
"e":"AQAB",
"d":"MShbXg8YEwY7ab6lzSrayI0ZJObZ_JY4cpoUnihB9c0pzhTKAtm-cChINg
mLTbLL_4OuyLNtx30HlGKk8yIYo1ReESzDi5ZrNSu96hm2BWTdOgAs1cwsJYivqBf
LHRvXbY6XkVEkHYEHryrM1gEw8Qci7fsb06QnTSB5rwLn_ywOi741BycfKRx0RyOc
c2RWwOVimVUDAmmOGn6Hu0Esq_IZvHml2_KmULjtyFZshK4cQFo6c7KdEqJP2SxXJ
inivqlSmyOQchUuFkF5D74XRzBULzyT-ZSSZgbWKK5VPmfATVUELVXkdox5rDAq1T
ets4yoNZm9jAYxaBnYFnnXwQ",
"p":"_jEQ0s0Al3E0VD0J2FwBoZVFsk82QiFBewL4aKgRdZWxKzucX-x8Sf_htE
t9sQJqrL8VcLAZAX3FypOn0PtJKaVm-yOZalK8xSM9DhK42QQ0fxll3J55p9sXAzR
0oS2vZvPOZRalAua4oVQMGmFfE-HLZqzlvgwIydqwZJghurM",
"q":"6m8MQrIuyN9FkfDYRsBKb5gM20MmgoWdMuzdrEFujFKz_Iu4Trhf5HEPdA
i2oBD2mWQMV0Jnz6RUM_c-QjgCzimDmju6mwMp0l3r7BT1KH-AnCdQL0tfOmqyB2P
NfRJVXeWFKGeoWrxEU6FqHKwuZ5fb-4Pxr4K8oowKowwCU68",
"dp":"8rYE-1N1uiUEs16o9Oc9Q31V1GFgTJqWfI-kg8HfEeiCB-bedJVJRBtI9
y-R75-AHjxCi5wJ9GuUnc6JUblu7Y4am7gtN-GSj6YLGVH1IHqsaaPlqFfFj-pZud
yvdGs77VDlBY8utmt5Zcnr2JCbCU_zOLHkmKfDCIKBJTxCEJM",
"dq":"ZWS8H8ijFXwDwfgyAn--cf-IZ_jmGgOiFtl9krgGESjf8bWYdGuoBcyki
2INYrOThIpSEBeHgLYpOQSRZ-CDzhkEc1ur_MlkeDjpBgWWdvqWbHNQafQmbsSg1T
NkN9kLFP5lFjGnDf9paeZhV59cvq9elKzfhjJ8Va1OGHDkPL8",
"qi":"aDVzJXJj_7Ra1C_9l18367qgpYv6GHMHPf0VSLdU-Pr_VZnLKv8-yZzzm
KzvqJrevHhwFdI3o5WgkPZpEn70yBHqEl3904_XVFwq2IJcELekfJuPT2FtqrCsvF
baNo5Dew26U4COOYm7i2ep0tAw1ACYvfoYJzz6HAJ4FNty5FI"}}
The container headers and trailers are: The container headers and trailers are:
Frame 0 Frame 0
{ {
"Index":0, "Index": 0,
"ContainerType":"Merkle", "ContainerType": "Merkle",
"ContentMeta":{}, "ContentMeta": {},
"DataEncoding":"JSON"} "DataEncoding": "JSON"}
[Empty trailer] [Empty trailer]
Frame 1
Frame 1
{ {
"Index":1, "Index": 1,
"TreePosition":0} "TreePosition": 0}
{ {
"PayloadDigest":"8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZDlZe "PayloadDigest": "8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZD
aWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw", lZeaWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw",
"TreeDigest":"T7S1FcrgY3AaWD4L-t5W1K-3XYkPTcOdGEGyjglTD6yMYVRVz9t "TreeDigest": "T7S1FcrgY3AaWD4L-t5W1K-3XYkPTcOdGEGyjglTD6yMYVRV
n_KQc6GdA-P4VSRigBygV65OEd2Vv3YDhww"} z9tn_KQc6GdA-P4VSRigBygV65OEd2Vv3YDhww"}
Frame 2 Frame 2
{ {
"dig":"S512", "Index": 2,
"Index":2, "TreePosition": 325}
"TreePosition":319}
{ {
"PayloadDigest":"8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZDlZe "PayloadDigest": "8dyi62d7MDJlsLm6_w4GEgKBjzXBRwppu6qbtmAl6UjZD
aWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw", lZeaWQlBsYhOu88-ekpNXpZ2iY96zTRI229zaJ5sw",
"TreeDigest":"7fHmkEIsPkN6sDYAOLvpIJn5Dg3PxDDAaq-ll2kh8722kokkFnZ "TreeDigest": "7fHmkEIsPkN6sDYAOLvpIJn5Dg3PxDDAaq-ll2kh8722kokk
QcYtjuVC71aHNXI18q-lPnfRkmwryG-bhqQ"} FnZQcYtjuVC71aHNXI18q-lPnfRkmwryG-bhqQ"}
12.5. Encrypted container 12.5. Encrypted container
The following example shows a container in which all the frame The following example shows a container in which all the frame
payloads are encrypted under the same master secret established in a payloads are encrypted under the same master secret established in a
key agreement specified in the first frame. key agreement specified in the first frame.
Frame 0 Frame 0
{
"enc":"A256CBC",
"Salt":"Fc_nf3yQEvdwSdd0UALUmA",
"recipients":[{
"kid":"MBQ6H-JWPME-H3HSZ-UVK52-NNFKJ-QQSCF-A",
"epk":{
"PublicKeyDH":{
"kid":"MB375-SC7O6-VVF4W-CLGHA-NBDO5-KFYQE-A",
"Domain":"YE6bnq1MlX5ojaJto6PLP_PEwA",
"Public":"kUDwY_s4cWGYuRChZuFwgMaYAm-SkTtnRsbIn8CQ8ES2_tX
6j_0pv8BhiWkOKltzLSP6TJK4zf0FIwhHY9OtPbyBHIIrXt7aDF610GojHZK_Jo56
Qr5hhmQoOEN7lEKOckWqP1kxyPrIZaaFqLKbQZlMsPNIlm1P7ZwXIvHDwevWSxxcD
drkutlq39TxSDKVcCkeraebAPnG5F8MUcNMKfGMgLKc9NIkoiHW5ne_FY-7xk2EyB
fXhjUu2zn-xQmvX19r_H_U8s5Vp2tjKjt1VyTFFVKOtKnJVbVlvpIiTD-xyE-l6vi
rMkEWS3_OfaxlxnFCAAnWXjF3YhFaR1NmNg"}},
"wmk":"JhHpmQTRzE0abJQMDrxeE00zJtizWM3uw8LsCJduDohSkejI3tD75g"}
],
"Index":0,
"ContainerType":"List",
"ContentMeta":{},
"DataEncoding":"JSON"}
[Empty trailer] {
"enc": "A256CBC",
"Salt": "Q_LKYdTGwOHRZNjw4PrUbg",
"recipients": [{
"kid": "MCNZ-6W5N-NWWW-FTHM-YSIM-P2JG-EBM7",
"epk": {
"PublicKeyECDH": {
"crv": "Ed25519",
"Public": "fuPEPja6OemH5ZZf_m5l83wMIEJQFWi_S71CF1yoE24"}},
"wmk": "3H77ypek_SUIs16CfApMCoBD4j8MD0LO3xOx5Njs6QVtV3qAlcygRg"}],
"Index": 0,
"ContainerType": "List",
"ContentMeta": {},
"DataEncoding": "JSON"}
Frame 1 [Empty trailer]
Frame 1
{ {
"enc":"A256CBC", "enc": "A256CBC",
"Salt":"Ai8LZZ-SBC0_01xoTOj_1Q", "Salt": "TjNsKUyuXpKTujdd7E30KQ",
"Index":1} "Index": 1}
[Empty trailer] [Empty trailer]
Frame 2 Frame 2
{ {
"enc":"A256CBC", "enc": "A256CBC",
"Salt":"KEojFF6aVeKvsjwoAPcMYQ", "Salt": "HpQHRfWJv8JEOXGPFY5ncw",
"Index":2} "Index": 2}
[Empty trailer] [Empty trailer]
Here are the container bytes. Note that the content is now encrypted Here are the container bytes. Note that the content is now encrypted
and has expanded by 25 bytes. These are the salt (16 bytes), the AES and has expanded by 25 bytes. These are the salt (16 bytes), the AES
padding (4 bytes) and the JSON-B framing (5 bytes). padding (4 bytes) and the JSON-B framing (5 bytes).
f5 03 3c f5 01 c0
f1 03 27 f1 01 ab
f0 10 f0 10
3c 03 f5 c0 01 f5
f5 01 7c f5 01 7c
f0 47 f0 47
f1 01 30 f1 01 30
7c 01 f5 7c 01 f5
f5 01 7c f5 01 7c
f0 47 f0 47
f1 01 30 f1 01 30
7c 01 f5 7c 01 f5
The following example shows a container in which all the frame The following example shows a container in which all the frame
payloads are encrypted under separate key agreements specified in the payloads are encrypted under separate key agreements specified in the
payload frames. payload frames.
Frame 0 Frame 0
{ {
"Index":0, "Index": 0,
"ContainerType":"List", "ContainerType": "List",
"ContentMeta":{}, "ContentMeta": {},
"DataEncoding":"JSON"} "DataEncoding": "JSON"}
[Empty trailer] [Empty trailer]
Frame 1 Frame 1
{
"enc":"A256CBC",
"Salt":"wBh8Sh9sxLCyCvVR77hQdA",
"recipients":[{
"kid":"MBQ6H-JWPME-H3HSZ-UVK52-NNFKJ-QQSCF-A",
"epk":{
"PublicKeyDH":{
"kid":"MB4NV-OI7U5-DVVA6-MRRED-TWWM5-QOXCH-A",
"Domain":"YE6bnq1MlX5ojaJto6PLP_PEwA",
"Public":"8qRDdAjDoInDBHu_wnKE97qEH5g7z-ckqS4IrVYhQqrMOY0
v-JBu-NuIWmaFGAWIWQyuPPfnBZ-mmbnd15r-OWor8UYoB8y4D11cTyU-tK2zxnmj
U2ptrsYESGEkQ36WZkiowA9pclwfZja13yzmP1TkGjTTa0VkIxZasAMs6dBNV-MVW
2t5_abxa2VP4UJ1msGpAWvGFpQAQ6fRXY9PGWHOb4Qx-TJl2CLbCdSy6tAQAoI92u
ngTjUjoAFKdUJ9qb17BMtE9h-j43HZCJY1aqKEEwL5ZLpjNGkeGpFYbNTZcCAcEpq
aP1wWc41WZmDYAnklm5KJtV-k_4o_s1lo4AA"}},
"wmk":"D21ATeW3LFDoVnndoHF5RauWOTFadma_v5RdkP4qW4i6hIs8ftQR4A"}
],
"Index":1}
[Empty trailer] {
"enc": "A256CBC",
"Salt": "grVcSJ0gnISD1d3cueTkIQ",
"recipients": [{
"kid": "MCNZ-6W5N-NWWW-FTHM-YSIM-P2JG-EBM7",
"epk": {
"PublicKeyECDH": {
"crv": "Ed25519",
"Public": "dKyTOgrG3IK5AxtLOsBVIq_ZqDKAIMI6ZpezK2JXlg4"}},
"wmk": "VRTC-LEJm5gDbsQZXxj4NVSnpEoVPjzBWUhcmyFdmDSzJEDMIIQWMQ"}],
"Index": 1}
[Empty trailer]
Frame 2 Frame 2
{ {
"enc":"A256CBC", "enc": "A256CBC",
"Salt":"u8cxDZjL9PsMpF39V-9xEA", "Salt": "YEgzV_m5hgA1EmK15PsTpQ",
"recipients":[{ "recipients": [{
"kid":"MBQ6H-JWPME-H3HSZ-UVK52-NNFKJ-QQSCF-A", "kid": "MCNZ-6W5N-NWWW-FTHM-YSIM-P2JG-EBM7",
"epk":{ "epk": {
"PublicKeyDH":{ "PublicKeyECDH": {
"kid":"MBMCE-OH2G3-7MAQK-LXRBT-EGP44-YBFQR-A", "crv": "Ed25519",
"Domain":"YE6bnq1MlX5ojaJto6PLP_PEwA", "Public": "QMkq7pio3N_PoM_DV60f_RPo3hx1wZ4jqrmS64en_nE"}},
"Public":"tXxkcN_tJLkR1mODljurZvu_B1VELqo4oGCjhFF76R_0VJm "wmk": "FIF2-JJMrPBgMP6Jeomdu_ldYv8FL5DEWq8TOJ_dPk9NIt7NxVLGRA"}],
MbSxnH9_wzv4-d7OHKPWzk6ewvgyzCKnMq7sGhY1wITMsdTpkSMPzCu6uzxOwQ1Nx "Index": 2}
mf8Vhel0UeIx6cvSWPRYfBbY33nAA2SV5UNM1Gab_NDT3odTz_3iMWrAv6MuVrYhQ
jb2KbpBESsZhibfuPWUPtZ8IM1SrTiwPHpio0QGzl2wCFPX2mUKK9_pyZshy4iQPQ
2yJqqpclbw3Ct4SfjmO7hlZCT8NJRMwO-w5fDUUWoZlIRLN0I81YEavZmj-Pmfgiv
mGSWxjUlT-MXUkKm6_B1jTHj_rtkPcdDZmQA"}},
"wmk":"cGRj2HVHBB0iGkXUgpQxf_DQpmMGmtgllUgvRjofH5dByhmJ-pnlIw"}
],
"Index":2}
[Empty trailer] [Empty trailer]
13. Appendix C: Previous Frame Function 13. Appendix C: Previous Frame Function
public long PreviousFrame (long Frame) { public long PreviousFrame (long Frame) {
long x2 = Frame + 1; long x2 = Frame + 1;
long d = 1; long d = 1;
while (x2 > 0) { while (x2 > 0) {
if ((x2 & 1) == 1) { if ((x2 & 1) == 1) {
return x2 == 1 ? (d / 2) - 1 : Frame - d; return x2 == 1 ? (d / 2) - 1 : Frame - d;
skipping to change at page 45, line 38 skipping to change at page 44, line 22
| X25519 | The examples currently use Edwards Curve25519 | | X25519 | The examples currently use Edwards Curve25519 |
| | for encryption. This should be Curve25519 | | | for encryption. This should be Curve25519 |
| Indexing | No examples are given of indexing a container | | Indexing | No examples are given of indexing a container |
| Archive | Should include a file archive example | | Archive | Should include a file archive example |
| File Path | Mention the file path security issue in the | | File Path | Mention the file path security issue in the |
| | security considerations | | | security considerations |
| Security | Write Security considerations | | Security | Write Security considerations |
| Considerations | | | Considerations | |
| AES-GCM | Switch to using AES GCM in the examples | | AES-GCM | Switch to using AES GCM in the examples |
| Witness | Complete handling of witness values. | | Witness | Complete handling of witness values. |
| Schema | Complete the schema documentation |
| Container Redo | Rework the container/header objects so that |
| | these are separate classes and Header is an |
| | entry in the Container header. |
+----------------+--------------------------------------------------+ +----------------+--------------------------------------------------+
Table 1 Table 1
15. References 15. References
15.1. Normative References 15.1. Normative References
[draft-hallambaker-jsonbcd] [draft-hallambaker-jsonbcd]
Hallam-Baker, P., "Binary Encodings for JavaScript Object Hallam-Baker, P., "Binary Encodings for JavaScript Object
Notation: JSON-B, JSON-C, JSON-D", draft-hallambaker- Notation: JSON-B, JSON-C, JSON-D", draft-hallambaker-
jsonbcd-13 (work in progress), July 2018. jsonbcd-13 (work in progress), July 2018.
[draft-hallambaker-mesh-security]
"[Reference Not Found!]".
[draft-hallambaker-mesh-udf] [draft-hallambaker-mesh-udf]
Hallam-Baker, P., "Mathematical Mesh Part II: Uniform Data Hallam-Baker, P., "Mathematical Mesh Part II: Uniform Data
Fingerprint.", draft-hallambaker-mesh-udf-01 (work in Fingerprint.", draft-hallambaker-mesh-udf-01 (work in
progress), February 2019. progress), February 2019.
[IANAJOSE] [IANAJOSE]
"[Reference Not Found!]". "[Reference Not Found!]".
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
 End of changes. 86 change blocks. 
257 lines changed or deleted 219 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/