Hi Scott,
Thanks for pointing out the CarriedKeyName. Indeed much cleaner that
way. See below.
Kind Regards,
Frank.
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<encryption xmlns="urn:oasis:names:tc:opendocument:xmlns:container">
<xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";
Id="EK1" Recipient="CN=Test1">
<xenc:EncryptionMethod
Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep";>
<ds:DigestMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
<xenc11:MGF xmlns:xenc11="http://www.w3.org/2009/xmlenc11#";
Algorithm="http://www.w3.org/2009/xmlenc11#mgf1sha512"/>
</xenc:EncryptionMethod>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:X509Data>
<ds:X509Certificate>
...
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>...</xenc:CipherValue>
</xenc:CipherData>
<xenc:ReferenceList>
<xenc:DataReference URI="#ED1"/>
<xenc:DataReference URI="#ED2"/>
</xenc:ReferenceList>
<xenc:CarriedKeyName>K</xenc:CarriedKeyName>
</xenc:EncryptedKey>
<xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";
Id="EK2" Recipient="CN=Test2">
<xenc:EncryptionMethod
Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep";>
<ds:DigestMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
<xenc11:MGF xmlns:xenc11="http://www.w3.org/2009/xmlenc11#";
Algorithm="http://www.w3.org/2009/xmlenc11#mgf1sha512"/>
</xenc:EncryptionMethod>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:X509Data>
<ds:X509Certificate>
...
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>...</xenc:CipherValue>
</xenc:CipherData>
<xenc:ReferenceList>
<xenc:DataReference URI="#ED1"/>
<xenc:DataReference URI="#ED2"/>
</xenc:ReferenceList>
<xenc:CarriedKeyName>K</xenc:CarriedKeyName>
</xenc:EncryptedKey>
<xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";
Id="ED1">
<xenc:EncryptionMethod
Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:KeyName>K</ds:KeyName>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherReference URI="file1.txt"/>
</xenc:CipherData>
</xenc:EncryptedData>
<xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";
Id="ED2">
<xenc:EncryptionMethod
Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:KeyName>K</ds:KeyName>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherReference URI="file2.txt"/>
</xenc:CipherData>
</xenc:EncryptedData>
</encryption>
On 12/13/2014 09:52 PM, Cantor, Scott wrote:
On 12/13/14, 5:17 PM, "Frank Cornelis" <[email protected]> wrote:
I'm trying to construct a generic encryption format based on OCF:
http://www.idpf.org/epub/30/spec/epub30-ocf.html#sec-container-metainf-enc
ryption.xml
Besides the need to encrypt multiple files (within the ZIP), I also want
to express multiple recipients. Each recipient has its own X509
certificate.
Thus the same AES key is being encrypted towards multiple recipient
certificates.
It's not 100% clear how to express this from the XML Encryption
specification.
There are essentially many ways to do anything, and ultimately it depends
on what code people are writing. It's easy to construct scenarios that
you'll never get anybody to implement, and then there are better and worse
ways to do things that make it slightly more likely they'll get it right.
What I came up with so far is the structure as shown below.
Is this the correct way to express what I'm looking for?
Not ideally, no.
Not clear whether I should do this using multiple ds:RetrievalMethod
elements within the ds:KeyInfo.
No (and very few people implement RetrievalMethod or its 1.1 replacement).
The CarriedKeyName element is suggested to label EncryptedKeys and then a
KeyName is inclued in the EncryptedData to reference it.
The SAML standard after some errata includes examples that include
multicast.
https://www.oasis-open.org/committees/download.php/35711
See the section 8 examples.
-- Scott
