[Standards] Encrypted Jingle File Transfer

Remko Tronçon remko at el-tramo.be
Sun Jun 4 13:31:33 UTC 2017


Hi Vanitasvitae!

I wonder if it would make sense to use something like xmlenc to have a
'generic' way to encrypt (parts of) stanzas. This way, you can decouple the
encryption key info etc. from the things you want to encrypt, and you can
choose to encrypt entire elements, or just parts of elements.

For example, if you want to encrypt the entire <file> metadata:

<iq>
  <encrypted xmlns='urn:xmpp:omemo:0'>
    <header sid='27183'>
      <key rid='31415'>BASE64ENCODED...</key>
      <key rid='12321'>BASE64ENCODED...</key>
      ...
    </header>
  </encrypted>
  <jingle xmlns='urn:xmpp:jingle:1'
       action='session-initiate'
       initiator='romeo at montague.example/dr4hcr0st3lup4c'
       sid='851ba2'>
  <content creator='initiator' name='a-file-offer' senders='initiator'>
    <description xmlns='urn:xmpp:jingle:apps:encrypted:file-transfer:0'>
      <!-- Encrypt entire file Element (#Element) -->
      <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="
http://www.w3.org/2001/04/xmlenc#Element">
        <EncryptionMethod Algorithm="
http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
        <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
          <KeyName>omemo</KeyName>
        </KeyInfo>
        <CipherData>

<CipherValue>/7VSyS4tbcfsq7JYhZRgQE8bNkiyUJKi68FdmdoA2PIRjGumbfI35X2om/4mbfHteCAEBATpsr/l/HvQf7GERGtvmuupNFh7reGeSWl8wajwwYyfQi9BM6MfjZKi8D9Q94FhWz2p0LMVEjduI9svzKOf/uLI3JolK39nH70ezvyYebybpasDxC51SypmVU1p</CipherValue>
        </CipherData>
      </EncryptedData>
    </description>
  </content>
  </jingle>
</iq>

Or, if you just want to encrypt only parts of the <file> (e.g. not the hash)

<iq>
  <encrypted xmlns='urn:xmpp:omemo:0'>
    <header sid='27183'>
      <key rid='31415'>BASE64ENCODED...</key>
      <key rid='12321'>BASE64ENCODED...</key>
      ...
    </header>
  </encrypted>
  <jingle xmlns='urn:xmpp:jingle:1'
       action='session-initiate'
       initiator='romeo at montague.example/dr4hcr0st3lup4c'
       sid='851ba2'>
  <content creator='initiator' name='a-file-offer' senders='initiator'>
    <description xmlns='urn:xmpp:jingle:apps:encrypted:file-transfer:0'>
      <file>
        <hash xmlns='urn:xmpp:hashes:2'
algo='sha-1'>w0mcJylzCn+AfvuGdqkty2+KP48=</hash>

        <!-- Encrypt only part of file content (#Content) -->
        <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="
http://www.w3.org/2001/04/xmlenc#Content">
          <EncryptionMethod Algorithm="
http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
          <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
            <KeyName>omemo</KeyName>
          </KeyInfo>
          <CipherData>

<CipherValue>/7VSyS4tbcfsq7JYhZRgQE8bNkiyUJKi68FdmdoA2PIRjGumbfI35X2om/4mbfHteCAEBATpsr/l/HvQf7GERGtvmuupNFh7reGeSWl8wajwwYyfQi9BM6MfjZKi8D9Q94FhWz2p0LMVEjduI9svzKOf/uLI3JolK39nH70ezvyYebybpasDxC51SypmVU1p</CipherValue>
          </CipherData>
        </EncryptedData>
      </file>
    </description>
  </content>
  </jingle>
</iq>

KeyInfo could be used to distinguish where the key material is coming from
for encryption (e.g. OMEMO element at the top of the IQ).

I'm not saying xmlenc is very elegant, and it's very broad, but it has the
advantage that you may get an implementation for free in your language? It
might need some restricting of possible algorithms/keys/... for clients
that need to implement this themselves if they don't have xmlenc available.

Remko
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20170604/b175f0c2/attachment-0001.html>


More information about the Standards mailing list