Open andrewwhitehead opened 3 years ago
andrewwhitehead
commented
3 years ago Actually, it looks like my issue was due to base64URL-encoding the ciphertext and tag together instead of separately. The tag matches, but the value listed in the example does need to be base64URL-encoded first.
baha-ai
commented
3 years ago @andrewwhitehead, I finished creating a Go test using our implementation of 1PU to decrypt Appendix B example.
The test is here.
You have to make sure to use the tag, ciphertext and protected headers as is in the final JWE.
The tag and ciphertext shown in section B.8 match the values in the final JWE.
The only discrepancy I would say is in section B.4 where the protected headers value shown is the ASCII value of the JSON representation, not the base64URL encoding which is found in the final JWE representation. In the end, content in the final JWE is what matters.
See copied message here which is what I use in my test code to be deserialized and decrypted.
Hiya, I'm trying to update my ECDH-1PU implementation from draft 3 to draft 4. I've added the A128CBC-HS256 and A256CBC-HS512 encryption methods, along with test cases based on the vectors in RFC7518. So far I haven't been able to reproduce the example in appendix B – the ciphertext matches but not the authentication tag.
The draft states that the AAD is ASCII(BASE64URL(UTF8(JWE Protected Header))), but the value provided is not base64-encoded. I have not been able to reproduce the authentication tag with the base64URL (unpadded) value either.
Incidentally, I noticed that the section header refers to "A256CBC-HS256" instead of A256CBC-HS512.