From 8f5374ca1b25c412b3c157f0a199e55ecde8be7e Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Sun, 27 Feb 2011 09:22:15 +0100 Subject: Specify the dh-ietf1024-sha256-aes128-cbc-pkcs7 algorithm suite. This uses HKDF-SHA256 to digest the DH key into something usable by AES. The previous algorithm suite that this replaces just truncated the DH key which is cryptographically broken. --- secret-service/specification.xml | 57 +++++++++++++++++++++++++++++++++++++--- 1 file changed, 54 insertions(+), 3 deletions(-) (limited to 'secret-service') diff --git a/secret-service/specification.xml b/secret-service/specification.xml index 9a9c81b..a6a1b76 100644 --- a/secret-service/specification.xml +++ b/secret-service/specification.xml @@ -308,7 +308,7 @@
- Algorithm: dh-ietf1024-aes128-cbc-pkcs7 + Algorithm: dh-ietf1024-sha256-aes128-cbc-pkcs7 @@ -321,13 +321,22 @@ Secret parameter - dh-ietf1024-aes128-cbc-pkcs7 + dh-ietf1024-sha256-aes128-cbc-pkcs7 Client DH pub key as an array of bytes Service DH pub key as an array of bytes 16 byte AES initialization vector + DH key agreement rfc2631 is used to create a secret key + using 1024 bit parameters of the standard IETF 'Second Oakley Group' + rfc2409. The secret key is then digested into a 128-bit key + appropriate for AES. This is done using HKDF rfc5869 with NULL + salt and empty info, using the SHA-2 256 hash algorithm + fips-180-3.2008. The secrets are encrypted using AES + fips-197.2001 in cipher block chaining mode with pkcs7 style + padding rfc2315. + The public keys are transferred as an array of bytes representing an unsigned integer of arbitrary size, most-significant byte first (e.g., the integer 32768 is represented as the 2-byte string 0x80 0x00) @@ -459,7 +468,7 @@ D-Bus API Reference - + Object Paths The various DBus object paths used with the Secret Service API are designed to be human @@ -502,4 +511,46 @@ + + + References + + + rfc2315 + IETF RFC 2315: + PKCS #7: Cryptographic Message Syntax Version 1.5 + + + + rfc2409 + IETF RFC 2409: + The Internet Key Exchange (IKE) + + + + rfc2631 + IETF RFC 2631: + Diffie-Hellman Key Agreement Method + + + + rfc5869 + IETF RFC 5869: + HMAC-based Extract-and-Expand Key Derivation Function (HKDF) + + + + fips-180-3.2008 + NIST FIPS PUB 180-3: + Secure Hash Standard (SHS), October 2008 + + + + fips-197.2001 + NIST FIPS PUB 197: + Advanced Encryption Standard (AES), November 2001 + + + + -- cgit v1.2.3-70-g09d2