- changed milestone to Implementer's Draft
-
assigned issue to
SHA-256 to get AES KeyWrap key?
I know this is a PITA but the use of left truncated SHA-256 hash to get the symmetric encryption key isn't particularity cryptographically agile.
It is sufficient for what's currently defined (A128KW & A256KW) but the text below couldn't accommodate algorithms needing keys larger that 256bits and seems like it precludes anything but AES based key wrapping. I dunno, maybe that's okay. But I felt like I should raise it.
http://openid.net/specs/openid-connect-messages-1_0-16.html#enc "Symmetric Encryption The symmetric encryption key is derived from the client_secret value by using a left truncated SHA-256 hash of the bytes of the UTF-8 representation of the client_secret. The SHA-256 value MUST be left truncated to the appropriate bit length for the AES KeyWrap algorithm used, for instance, to 128 bits for A128KW. "
Comments (2)
-
-
- changed status to resolved
Fixed
#828- Stated that an extension would be needed if a key wrapping key of greater than 256 bits for symmetric encryption needs to be derived.→ <<cset 2abde7d52a0e>>
- Log in to comment
We will say that if a key wrap key greater than 256 bits is needed, a different method of generating the key from the Client ID would have to be defined.