Sorry if my words are confusing. By AAD, I meant Additional Authenticated Data, which is defined as the BASE64 encoding of the JWE Protected Header.
The error does not propagate to anywhere else. I’ve confirmed that the AEAD calculation later does used the BASE64 encoded string. Thanks, Weijun > On Apr 1, 2022, at 21:23, Carsten Bormann <[email protected]> wrote: > On 2. Apr 2022, at 00:51, Chris Smiley <[email protected]> wrote: >> >>> The array in the original text is the content of JWE Protected Header. The >>> corrected text shows the content of the AAD parameter. > > I don’t understand this note, but what I see is that the original example is > missing out on the base64url step (starts with 123 34, which are the decimal > ASCII codes for {“, i.e., the raw JSON), while the supplied corrected example > does perform it (starts with 101 121, which is ey — the first characters of > the base64-url string that can also be seen at the end of C.2). > > I haven’t checked whether this error propagates further down. > > Grüße, Carsten _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
