Hi Sergey, This question might be more appropriate for the JOSE WG [0] list (which I've cc'd) as JWE is being developed there.
Some of the algorithms, RSAES OAEP being one of them, are probabilistic encryption schemes which incorporate some element of randomness to yield a different output even when encrypting the same content multiple times. So the behavior you are observing is to be expected. That means that exactly reproducing the various steps of the examples in the specs will not be possible in some cases. I was recently discussing this off list with Matt Miller, the author of the JOSE Cookbook [1], and my suggestion was to have the cookbook just make note of which examples, or which parts of which examples, can't be easily reproduced due to non-deterministic algorithms. I think that your question here suggests that that idea might well provide utility to users/readers of that document. Hope that helps, Brian [0] http://tools.ietf.org/wg/jose/ [1] http://tools.ietf.org/html/draft-ietf-jose-cookbook-02 On Fri, May 2, 2014 at 10:32 AM, Sergey Beryozkin <sberyoz...@gmail.com>wrote: > Hi, > > I'm starting experimenting with JWE, and the 1st thing I wanted to do was > to quickly test the example at [1]. > > Sorry if it is something that is very obvious and off-topic, but I can't > seem to validate the encryption of the content encryption key: I keep > getting a different output every time the test code runs. > > The code is the one that I wrote by 'scraping' the code from all over the > Web but also I see Jose.4.j [3] produces a different output too. > Is it due to the given key properties specified in [1] or it is actually > indeed expected that production at [2] is reproducible ? > > Cheers, Sergey > > [1] http://tools.ietf.org/html/draft-ietf-jose-json-web- > encryption-26#appendix-A.1 > [2] http://tools.ietf.org/html/draft-ietf-jose-json-web- > encryption-26#appendix-A.1.3 > [3] https://bitbucket.org/b_c/jose4j/wiki/Home > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > -- [image: Ping Identity logo] <https://www.pingidentity.com/> Brian Campbell [Enter Title] @ bcampb...@pingidentity.com [image: phone] +1 720.317.2061 Connect with us… [image: twitter logo] <https://twitter.com/pingidentity> [image: youtube logo] <https://www.youtube.com/user/PingIdentityTV> [image: LinkedIn logo] <https://www.linkedin.com/company/21870> [image: Facebook logo] <https://www.facebook.com/pingidentitypage> [image: Google+ logo]<https://plus.google.com/u/0/114266977739397708540> [image: slideshare logo] <http://www.slideshare.net/PingIdentity> [image: flipboard logo] <http://flip.it/vjBF7> [image: rss feed icon]<https://www.pingidentity.com/blogs/> [image: Register for Cloud Identity Summit 2014 | Modern Identity Revolution | 19–23 July, 2014 | Monterey, CA]<https://www.cloudidentitysummit.com/>
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth