View on GitHub

SecJSON

Additional security mechanism that use cryptographic methods to protect the payload of a JSON message

Download this project as a .zip file Download this project as a tar.gz file

Welcome to GitHub Pages.

This automatic page generator is the easiest way to create beautiful pages for all of your projects. Author your page content here using GitHub Flavored Markdown, select a template crafted by a designer, and publish. After your page is generated, you can check out the new gh-pages branch locally. If you’re using GitHub for Mac or GitHub for Windows, simply sync your repository and you’ll see the new branch.

Designer Templates

We’ve crafted some handsome templates for you to use. Go ahead and click 'Continue to layouts' to browse through them. You can easily go back to edit your page before publishing. After publishing your page, you can revisit the page generator and switch to another theme. Your Page content will be preserved.

Creating pages manually

If you prefer to not use the automatic generator, push a branch named gh-pages to your repository to create a page manually. In addition to supporting regular HTML content, GitHub Pages support Jekyll, a simple, blog aware static site generator. Jekyll makes it easy to create site-wide headers and footers without having to copy them across every page. It also offers intelligent blog support and other advanced templating features.

Algorithms

This section discusses algorithms used with the SecJSON specification. Entries contain the identifier to be used as the value of the Algorithm attribute of the EncryptionMethod element or other element representing the role of the algorithm, a reference to the formal specification, definitions for the representation of keys and the results of cryptographic operations where applicable, and general applicability comments.

Key Transport

RSA Version 1.5

Identifier:: http://tiagomistral.github.io/SecJSON#rsa-1_5 (REQUIRED)

The RSAES-PKCS1-v1_5 algorithm, specified in RFC 2437 [PKCS1], takes no explicit parameters. An example of an RSA Version 1.5 EncryptionMethod element is:

"EncryptedMethod": {
  "Algorithm": "http://tiagomistral.github.io/SecJSON#rsa-1_5"
}

The CipherValue for such an encrypted key is the base64 [MIME] encoding of the octet string computed as per RFC 2437 [PKCS1, section 7.2.1: Encryption operation]. As specified in the EME-PKCS1-v1_5 function RFC 2437 [PKCS1, section 9.1.2.1], the value input to the key transport function is as follows:

   CRYPT ( PAD ( KEY ))

where the padding is of the following special form:

   02 | PS* | 00 | key

where "|" is concatenation, "02" and "00" are fixed octets of the corresponding hexadecimal value, PS is a string of strong pseudo-random octets [RANDOM] at least eight octets long, containing no zero octets, and long enough that the value of the quantity being CRYPTed is one octet shorter than the RSA modulus, and "key" is the key being transported. The key is 192 bits for TRIPLEDES and 128, 192, or 256 bits for AES. Support of this key transport algorithm for transporting 192 bit keys is MANDATORY to implement. Support of this algorithm for transporting other keys is OPTIONAL. RSA-OAEP is RECOMMENDED for the transport of AES keys.

The resulting base64 [MIME] string is the value of the child text node of the CipherData element, e.g.

"CipherData": {
    "CipherValue": "Ad/F7DvLVc0NwmI7kS3JvMJE0Qh1Jf452hoe1FXVghjRimy7HcDjpZurM9+JSxlqSE0kY98xuqudosgXABdqDYz4NPqRXEsUVclx0JItyB/Jv7/qgHSG/hCh9cyZkf0yhpfbugiHLDvPhHLjCB/dUXoYEETHMWQ0mXbJGG3zyIJwm3rRbmmrWanitejs30oNxb0R3X5Ao5aOZFHZ/prw+6Ant7eFsdWhKpqMx8mCSXlQwMZqdkdi6GHVCKSRnFY9EaU3PIsWUM7s8+wc2d2xxxavnailwQmpA0Gdg4hUDiNkIgpPxzWWZQ7y0ogWiHDSJcsd1N9hq0bb2VrjXcTZxQ=="
}

RSA-OAEP

Identifier:: http://tiagomistral.github.io/SecJSON#rsa-oaep-mgf1p (REQUIRED)

The RSAES-OAEP-ENCRYPT algorithm, as specified in RFC 2437 [PKCS1], takes three parameters. The two user specified parameters are a MANDATORY message digest function and an OPTIONAL encoding octet string OAEPparams. The message digest function is indicated by the Algorithm attribute of a child ds:DigestMethod element and the mask generation function, the third parameter, is always MGF1 with SHA1 (mgf1SHA1Identifier). Both the message digest and mask generation functions are used in the EME-OAEP-ENCODE operation as part of RSAES-OAEP-ENCRYPT. The encoding octet string is the base64 decoding of the content of an optional OAEPparams child element . If no OAEPparams child is provided, a null string is used.

JSON Schema Definition:
 {
   "$schema":"http://json-schema.org/draft-04/schema#",
   "type":"object",
   "properties":{
      "EncryptionMethod":{
         "type":"string"
      }
   },
   "required":[
      "EncryptionMethod"
   ]
}

An example of an RSA-OAEP element is:

  <EncryptionMethod
     Algorithm="http://tiagomistral.github.io/SecJSON#rsa-oaep-mgf1p">
    <OAEPparams> 9lWu3Q== </OAEPparams>
    <ds:DigestMethod
        Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <EncryptionMethod>

The CipherValue for an RSA-OAEP encrypted key is the base64 [MIME] encoding of the octet string computed as per RFC 2437 [PKCS1, section 7.1.1: Encryption operation]. As described in the EME-OAEP-ENCODE function RFC 2437 [PKCS1, section 9.1.1.1], the value input to the key transport function is calculated using the message digest function and string specified in the DigestMethod and OAEPparams elements and using the mask generator function MGF1 (with SHA1) specified in RFC 2437. The desired output length for EME-OAEP-ENCODE is one byte shorter than the RSA modulus.

The transported key size is 192 bits for TRIPLEDES and 128, 192, or 256 bits for AES. Implementations MUST implement RSA-OAEP for the transport of 128 and 256 bit keys. They MAY implement RSA-OAEP for the transport of other keys.

Block Encryption Algorithms

Triple DES

Identifier:: http://tiagomistral.github.io/SecJSON#tripledes-cbc (REQUIRED)

ANSI X9.52 [TRIPLEDES] specifies three sequential FIPS 46-3 [DES] operations. The XML Encryption TRIPLEDES consists of a DES encrypt, a DES decrypt, and a DES encrypt used in the Cipher Block Chaining (CBC) mode with 192 bits of key and a 64 bit Initialization Vector (IV). Of the key bits, the first 64 are used in the first DES operation, the second 64 bits in the middle DES operation, and the third 64 bits in the last DES operation.

Note: Each of these 64 bits of key contain 56 effective bits and 8 parity bits. Thus there are only 168 operational bits out of the 192 being transported for a TRIPLEDES key. (Depending on the criterion used for analysis, the effective strength of the key may be thought to be 112 bits (due to meet in the middle attacks) or even less.)

The resulting cipher text is prefixed by the IV. If included in XML output, it is then base64 encoded. An example TRIPLEDES EncryptionMethod is as follows:

  <EncryptionMethod
   Algorithm="http://tiagomistral.github.io/SecJSON#tripledes-cbc"/>

AES

Identifier:: http://tiagomistral.github.io/SecJSON#aes128-cbc (REQUIRED); http://tiagomistral.github.io/SecJSON#aes192-cbc (OPTIONAL); http://tiagomistral.github.io/SecJSON#aes256-cbc (REQUIRED)

[AES] is used in the Cipher Block Chaining (CBC) mode with a 128 bit initialization vector (IV). The resulting cipher text is prefixed by the IV. If included in XML output, it is then base64 encoded. An example AES EncryptionMethod is as follows:

  <EncryptionMethod
   Algorithm="http://tiagomistral.github.io/SecJSON#aes128-cbc"/>

Message Digest

Message digest algorithms can be used in AgreementMethod as part of the key derivation, within RSA-OAEP encryption as a hash function, and in connection with the HMAC message authentication code method as described in [XML-DSIG].)

SHA1

Identifier:: http://tiagomistral.github.io/SecJSON#sha1 (REQUIRED)

The SHA-1 algorithm [SHA] takes no explicit parameters. An example of an SHA-1 DigestMethod element is:

{
  "DigestMethod": {
    "Algorithm" : "http://tiagomistral.github.io/SecJSON#sha1"
  }
}

A SHA-1 digest is a 160-bit string. The content of the DigestValue element shall be the base64 encoding of this bit string viewed as a 20-octet octet stream. For example, the DigestValue element for the message digest:

   A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D

from Appendix A of the SHA-1 standard would be:

   "DigestValue": "qZk+NkcGgWq6PiVxeFDCbJzQ2J0="

Authors and Contributors

You can @mention a GitHub username to generate a link to their profile. The resulting <a> element will link to the contributor’s GitHub Profile. For example: In 2007, Chris Wanstrath (@defunkt), PJ Hyett (@pjhyett), and Tom Preston-Werner (@mojombo) founded GitHub.

Support or Contact

Having trouble with Pages? Check out our documentation or contact support and we’ll help you sort it out.

References

PKCS1: RFC 2437: PKCS #1: RSA Cryptography Specifications Version 2.0. B. Kaliski and J. Staddon. Informational, October 1998.; http://www.ietf.org/rfc/rfc2437.txt
MIME: RFC 2045: Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies. N. Freed and N. Borenstein. Standards Track, November 1996.; http://www.ietf.org/rfc/rfc2045.txt
DES: NIST FIPS 46-3: Data Encryption Standard (DES). October 1999.; http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
TRIPLEDES: ANSI X9.52: Triple Data Encryption Algorithm Modes of Operation. 1998.
AES: NIST FIPS 197: Advanced Encryption Standard (AES). November 2001.; http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
XML-DSIG: XML-Signature Syntax and Processing. D. Eastlake, J. Reagle, and D. Solo. W3C Recommendation, February 2002.; http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/
SHA: Secure Hash Standard. NIST FIPS 180-1. (RFC 3174). April 1995.; http://www.itl.nist.gov/fipspubs/fip180-1.htm; Secure Hash Standard. NIST Draft FIPS 180-2. 2001. (Extended to include SHA-384, SHA-256, and SHA-512)