Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for PASERK Type: local-pw #61

Open
daviddesmet opened this issue Apr 16, 2022 · 0 comments
Open

Add support for PASERK Type: local-pw #61

daviddesmet opened this issue Apr 16, 2022 · 0 comments
Assignees
@daviddesmet
Labels
enhancement New feature or request minor Requiring a minor version update according to semantic versioning pinned This issue will never be considered stale

Comments

@daviddesmet
Copy link
Owner

PASERK Type: local-pw

This PASERK is a key intended for local PASETOs, encrypted with a password.

Format

k[version].local-pw.[data]

Where [data] is the base64url-encoded payload, defined by each version.

ID Serialization

See lid.

Operations

See PBKW for the algorithm used.

PASERK Versions

Versions 1 and 3

Starting Byte Length Definition
0 32 PBKDF2-SHA384 Salt (salt)
32 4 Iteration count (i)
36 16 AES-CTR nonce (n)
52 32 Encrypted Data Key (edk)
84 48 Authentication tag (t)

Total decoded length: 132 bytes

The iteration count (i) MUST be encoded as a 32-bit unsigned
integer in big-endian byte order.

Versions 2 and 4

Starting Byte Length Definition
0 16 Argon2id Salt (salt)
16 8 Argon2id Memory Cost (mem)
24 4 Argon2id Time Cost (time)
28 4 Argon2id Parallelism (para)
32 24 XChaCha20 nonce (n)
56 32 Encrypted Data Key (edk)
88 32 Authentication tag (t)

Total decoded length: 120 bytes

The Argon2id parameters (mem, time, para) MUST be encoded as
unsigned integers in big-endian byte order. mem is 64-bit; the
other parameters are 32-bit.

Examples

k1.local-pw.TikhC_wHVYtg1T2enmE6eR2KW9KeW_GqtbSU3HQ5kxkAAAPoq1eXdbqYsbIvE7YBFYFlLLgm7RWC4Ks2jLiNDZObdusSFRP45aJ_7Jkt9tzspqRS95ZCLAID3IkSTEg2WpLk7jKJMmtg4V0EK3SkEYC5AJOnGd3VFMlWi0qXQk9ULIvv

k2.local-pw.w_h1_Ul9E041QJl8m9n7lAAAAAAEAAAAAAAAAgAAAAHslzni8NnrQ02dsjBknexAKjxpd-1BKxK-P1ZdSVJYiimOOAuaIu3jLyZSBDx1VNqzyH7MGaQe1YGqcEyT7GghPssmLA46BipTj3ji9xqRHO_7twcqCheD

k3.local-pw.L4xcw6PFvnL9pJAuhaieAT8_Ko4YlQpx70uYSAa6WakAAAPorOFKZxUYOusjRpqLe7GShAQ2z7v38wL9tUvOP2ffCVmhznjyitHhEGjd1FywEFzIHuBypneYqVSej5J2ZB-8uSahQ2MW1fK5cV1ZMz3myN0CTNk9uxXSJvccR64low9P

k4.local-pw._bru5tnkPSFXOtKhBTmW4gAAAAAEAAAAAAAAAgAAAAGKI3PyFS2vyQ9o5qowCR_GUXskLmdV1bjjc3vqnbwN7hVG1lAUCGjElTGIoH-K6lnkHnP4uaFBKWEtB3xFEGzAjzBSnl_JBmwLYK5jstjAV6LnJm_NOt0j
@daviddesmet daviddesmet added enhancement New feature or request minor Requiring a minor version update according to semantic versioning labels Apr 16, 2022
@daviddesmet daviddesmet self-assigned this Apr 16, 2022
@daviddesmet daviddesmet added the pinned This issue will never be considered stale label Apr 16, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@daviddesmet daviddesmet

Labels
enhancement New feature or request minor Requiring a minor version update according to semantic versioning pinned This issue will never be considered stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@daviddesmet