AES with HMAC-SHA1?
289 views
Skip to first unread message
Peter
Mar 24, 2009, 3:04:12 PM3/24/09
to Keyczar Discuss
Hi
I surmise that an HMAC key is generated with the AES key and to
possibly ensure the data integrity and authenticity of the encrypted
message. From the documentation it looks like the signature is
included (as the last 20 bytes) in the result.
I was wondering what is signed (the IV + cipher text?) and how one can
use the resulting signature to in fact ensure data integrity and
authenticity? Trying to use the aes keys directory with the Verifier
understandably results in:
org.keyczar.exceptions.KeyczarException: Unacceptable purpose:
DECRYPT_AND_ENCRYPT
Thanks
Peter
I surmise that an HMAC key is generated with the AES key and to
possibly ensure the data integrity and authenticity of the encrypted
message. From the documentation it looks like the signature is
included (as the last 20 bytes) in the result.
I was wondering what is signed (the IV + cipher text?) and how one can
use the resulting signature to in fact ensure data integrity and
authenticity? Trying to use the aes keys directory with the Verifier
understandably results in:
org.keyczar.exceptions.KeyczarException: Unacceptable purpose:
DECRYPT_AND_ENCRYPT
Thanks
Peter
Steve Weis
Mar 24, 2009, 4:33:51 PM3/24/09
to keyczar...@googlegroups.com
To answer your question: Nothing. It's already verifying it for you.
The HMAC is included with the AES ciphertext and hidden from the developer. When you call crypter.decrypt(ciphertext), it will automatically check the HMAC automatically. You don't need to do a second verification operation nor need to instantiate a separate Verifier object.
Verifier objects are strictly for verifying stand-alone HMACs or public-key signatures. That's why it's throwing an exception -- it expects keys with purpose SIGN_AND_VERIFY or VERIFY.
The HMAC is included with the AES ciphertext and hidden from the developer. When you call crypter.decrypt(ciphertext), it will automatically check the HMAC automatically. You don't need to do a second verification operation nor need to instantiate a separate Verifier object.
Verifier objects are strictly for verifying stand-alone HMACs or public-key signatures. That's why it's throwing an exception -- it expects keys with purpose SIGN_AND_VERIFY or VERIFY.
Reply all
Reply to author
Forward
0 new messages