[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: decrypting kek messages

To: <gavin.ogorman2@xxxxxxxxxxx>, "Imc-Sfl" <imc-sfl@xxxxxxx>
Subject: RE: decrypting kek messages
From: "Colestock, Robert" <Robert.Colestock@xxxxxxxxxxxxxx>
Date: Wed, 2 Apr 2003 20:36:06 -0500
List-archive: <http://www.imc.org/imc-sfl/mail-archive/>
List-id: <imc-sfl.imc.org>
List-unsubscribe: <mailto:imc-sfl-request@imc.org?body=unsubscribe>
Sender: owner-imc-sfl@xxxxxxxxxxxx
Thread-index: AcL5bn6GDDGCO8AcS4Wt9Nj13c1WWwAEvHvA
Thread-topic: decrypting kek messages

Gavin:

Looks like you are very close!  Very good debugging!


This parameter field is expected to be filled by the CTIL on
EnvelopedData generation (in sm_encrypt.cpp):

          pTmpIV =
pInst->AccessTokenInterface()->SMTI_GenerateKeyWrapIV(lKekLength,
              &WrapAlg);

For example, the specification designates the following for 3DES (from
sm_free3.cpp):
      if (pWrapAlg)
      {
          pWrapAlg->algorithm = *pPreferredOID;
          pWrapAlg->parameters = new AsnAny;
          CSM_Buffer *pTmpBuf=CSM_Alg::GetNullParams();
          SM_ASSIGN_ANYBUF(pTmpBuf, pWrapAlg->parameters);
          delete pTmpBuf;
      }

This pWrapAlg, loaded by SMTI_GenerateKeyWrapIV(...), will be encoded as
the parameter in the RecipientInfo for KEK.  This will trigger the logic
you specify.  I re-checked the AES key wrap document (RFC3394), but
could find no reference as to what this value should be, so I would
suggest you emulate the logic above to be consistent for the time being.
It may be necessary for us to modify the SFL KEK processing to
accommodate the new AES parameter processing.  The sm_free3 CTIL
presently loads the information as above for AES key wrapping, so you
will be consistent.

Another example, for RC2 from RFC3217:

     id-alg-CMSRC2wrap OBJECT IDENTIFIER ::= { iso(1) member-body(2)
         us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 7 }

   The AlgorithmIdentifier parameter field MUST be RC2wrapParameter:

      RC2wrapParameter ::= RC2ParameterVersion

      RC2ParameterVersion ::= INTEGER

Bob Colestock

-----Original Message-----
From: Gavin O' Gorman [mailto:gavin.ogorman2@xxxxxxxxxxx]
Sent: Wednesday, April 02, 2003 6:10 PM
To: Imc-Sfl
Subject: decrypting kek messages



Well,
I've managed to get from creating KEK messages to decrypting them, so
progressing along  !

I've spent around an hour trying to figure this out. I'm implementing
AES
content encryption, using dummy keys and iv's. The EnvelopedData is
created
fine, all the correct calls in the CTIL appear to be made.
(SMTI_Encrypt(),
then SMTI_GenerateKeyWrap(), which currently just sets the encrypted
data to
the plaintext data. When I get content encryption working, I can sort
out
the encryption of the content key via IBE)

In decryption, everything appears to be working perfectly, until in the
method CSM_DataToDecrypt::TryThisInstance(), the code below is what I
believe is causing me trouble.

 pKeyAgreeAlg = new CSM_Alg(*pRI->AccesskeyEncryptionAlgorithm());
        // IN, specified encryption of key,
        //   used here in key generation, but alg not implemented.
  if (pKeyAgreeAlg->parameters)
  {
      m_pKeyWrapOID=new AsnOid (pKeyAgreeAlg->algorithm);
      pInst->SetPreferredCSInstAlgs(NULL, NULL, NULL, m_pKeyWrapOID);
      SME(pInst->AccessTokenInterface()->SMTI_ExtractKeyWrap(pMEK,
         &pRI->m_bufEMEK, NULL/*pRI->m_pbufParams*/,
         &pRI->m_pKEKDetails->m_UserEncryptionData,
         NULL));
  }     // END if pKeyAgreeAlg->parameters

Everything I want done is inside that if statement, however I can't
figure
out how to set the pKeyAgreeAlg->parameters to actually trigger the if
statement ?

Thanks,
Gav

Follow-Ups:
- RE: decrypting kek messages
  - From: Gavin O' Gorman

Prev by Date: decrypting kek messages
Next by Date: RE: decrypting kek messages
Previous by thread: creating kek messages
Next by thread: RE: decrypting kek messages
Index(es):
- Date
- Thread