Skip to content

Commit

Permalink
Script updating gh-pages from e51f9b7. [ci skip]
Browse files Browse the repository at this point in the history
  • Loading branch information
ID Bot committed Apr 4, 2024
1 parent 2df3b5e commit b2b87f3
Show file tree
Hide file tree
Showing 3 changed files with 48 additions and 47 deletions.
22 changes: 11 additions & 11 deletions draft-ietf-sframe-enc.html
Original file line number Diff line number Diff line change
Expand Up @@ -1980,7 +1980,7 @@ <h4 id="name-key-derivation">
<p id="section-4.4.2-1">SFrame encryption and decryption use a key and salt derived from the <code>base_key</code>
associated to a KID. Given a <code>base_key</code> value, the key and salt are derived
using HKDF <span>[<a href="#RFC5869" class="cite xref">RFC5869</a>]</span> as follows:<a href="#section-4.4.2-1" class="pilcrow"></a></p>
<div class="alignLeft art-text artwork" id="section-4.4.2-2">
<div class="lang-pseudocode sourcecode" id="section-4.4.2-2">
<pre>
def derive_key_salt(KID, base_key):
sframe_secret = HKDF-Extract("", base_key)
Expand Down Expand Up @@ -2023,7 +2023,7 @@ <h4 id="name-encryption">
<p id="section-4.4.3-2">The encryptor forms an SFrame header using the CTR, and KID values provided.
The encoded header is provided as AAD to the AEAD encryption operation, together
with application-provided metadata about the encrypted media (see <a href="#metadata" class="auto internal xref">Section 9.4</a>).<a href="#section-4.4.3-2" class="pilcrow"></a></p>
<div class="alignLeft art-text artwork" id="section-4.4.3-3">
<div class="lang-pseudocode sourcecode" id="section-4.4.3-3">
<pre>
def encrypt(CTR, KID, metadata, plaintext):
sframe_key, sframe_salt = key_store[KID]
Expand Down Expand Up @@ -2135,7 +2135,7 @@ <h4 id="name-decryption">
<p id="section-4.4.4-2">The KID field in the SFrame header is used to find the right key and salt for
the encrypted frame, and the CTR field is used to construct the nonce. The SFrame
decryption procedure is as follows:<a href="#section-4.4.4-2" class="pilcrow"></a></p>
<div class="alignLeft art-text artwork" id="section-4.4.4-3">
<div class="lang-pseudocode sourcecode" id="section-4.4.4-3">
<pre>
def decrypt(metadata, sframe_ciphertext):
KID, CTR, header, ciphertext = parse_ciphertext(sframe_ciphertext)
Expand Down Expand Up @@ -2343,7 +2343,7 @@ <h4 id="name-aes-ctr-with-sha2">
represents the output size of the hash function (as in <a href="#iana-cipher-suites" class="auto internal xref">Table 2</a>).
The encryption subkey comprises the first <code>Nka</code> bytes and the authentication
subkey comprises the remaining <code>Nh</code> bytes.<a href="#section-4.5.1-2" class="pilcrow"></a></p>
<div class="alignLeft art-text artwork" id="section-4.5.1-3">
<div class="lang-pseudocode sourcecode" id="section-4.5.1-3">
<pre>
def derive_subkeys(sframe_key):
enc_key = sframe_key[..Nka]
Expand All @@ -2354,7 +2354,7 @@ <h4 id="name-aes-ctr-with-sha2">
<p id="section-4.5.1-4">The AEAD encryption and decryption functions are then composed of individual
calls to the CTR encrypt function and HMAC. The resulting MAC value is truncated
to a number of bytes <code>Nt</code> fixed by the cipher suite.<a href="#section-4.5.1-4" class="pilcrow"></a></p>
<div class="alignLeft art-text artwork" id="section-4.5.1-5">
<div class="lang-pseudocode sourcecode" id="section-4.5.1-5">
<pre>
def truncate(tag, n):
# Take the first `n` bytes of `tag`
Expand Down Expand Up @@ -3032,7 +3032,7 @@ <h2 id="name-application-responsibilitie">
(e.g., codecs) are typically handled in media applications, in the sense that
they are set up in some signaling protocol, and then not described in the media.
Applications might find it useful to extend the protocols used for negotiating
other media parameters (e.g., SDP <span>[<a href="#RFC4566" class="cite xref">RFC4566</a>]</span>) to also negotiate parameters for
other media parameters (e.g., SDP <span>[<a href="#RFC8866" class="cite xref">RFC8866</a>]</span>) to also negotiate parameters for
SFrame.<a href="#section-9-3" class="pilcrow"></a></p>
<div id="header-value-uniqueness">
<section id="section-9.1">
Expand Down Expand Up @@ -3175,10 +3175,6 @@ <h3 id="name-informative-references">
<dd>
<span class="refAuthor">Baugher, M.</span>, <span class="refAuthor">McGrew, D.</span>, <span class="refAuthor">Naslund, M.</span>, <span class="refAuthor">Carrara, E.</span>, and <span class="refAuthor">K. Norrman</span>, <span class="refTitle">"The Secure Real-time Transport Protocol (SRTP)"</span>, <span class="seriesInfo">RFC 3711</span>, <span class="seriesInfo">DOI 10.17487/RFC3711</span>, <time datetime="2004-03" class="refDate">March 2004</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc3711">https://www.rfc-editor.org/rfc/rfc3711</a>&gt;</span>. </dd>
<dd class="break"></dd>
<dt id="RFC4566">[RFC4566]</dt>
<dd>
<span class="refAuthor">Handley, M.</span>, <span class="refAuthor">Jacobson, V.</span>, and <span class="refAuthor">C. Perkins</span>, <span class="refTitle">"SDP: Session Description Protocol"</span>, <span class="seriesInfo">RFC 4566</span>, <span class="seriesInfo">DOI 10.17487/RFC4566</span>, <time datetime="2006-07" class="refDate">July 2006</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc4566">https://www.rfc-editor.org/rfc/rfc4566</a>&gt;</span>. </dd>
<dd class="break"></dd>
<dt id="RFC6716">[RFC6716]</dt>
<dd>
<span class="refAuthor">Valin, JM.</span>, <span class="refAuthor">Vos, K.</span>, and <span class="refAuthor">T. Terriberry</span>, <span class="refTitle">"Definition of the Opus Audio Codec"</span>, <span class="seriesInfo">RFC 6716</span>, <span class="seriesInfo">DOI 10.17487/RFC6716</span>, <time datetime="2012-09" class="refDate">September 2012</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc6716">https://www.rfc-editor.org/rfc/rfc6716</a>&gt;</span>. </dd>
Expand All @@ -3195,6 +3191,10 @@ <h3 id="name-informative-references">
<dd>
<span class="refAuthor">Jennings, C.</span>, <span class="refAuthor">Jones, P.</span>, <span class="refAuthor">Barnes, R.</span>, and <span class="refAuthor">A.B. Roach</span>, <span class="refTitle">"Double Encryption Procedures for the Secure Real-Time Transport Protocol (SRTP)"</span>, <span class="seriesInfo">RFC 8723</span>, <span class="seriesInfo">DOI 10.17487/RFC8723</span>, <time datetime="2020-04" class="refDate">April 2020</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc8723">https://www.rfc-editor.org/rfc/rfc8723</a>&gt;</span>. </dd>
<dd class="break"></dd>
<dt id="RFC8866">[RFC8866]</dt>
<dd>
<span class="refAuthor">Begen, A.</span>, <span class="refAuthor">Kyzivat, P.</span>, <span class="refAuthor">Perkins, C.</span>, and <span class="refAuthor">M. Handley</span>, <span class="refTitle">"SDP: Session Description Protocol"</span>, <span class="seriesInfo">RFC 8866</span>, <span class="seriesInfo">DOI 10.17487/RFC8866</span>, <time datetime="2021-01" class="refDate">January 2021</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc8866">https://www.rfc-editor.org/rfc/rfc8866</a>&gt;</span>. </dd>
<dd class="break"></dd>
<dt id="RFC9420">[RFC9420]</dt>
<dd>
<span class="refAuthor">Barnes, R.</span>, <span class="refAuthor">Beurdouche, B.</span>, <span class="refAuthor">Robert, R.</span>, <span class="refAuthor">Millican, J.</span>, <span class="refAuthor">Omara, E.</span>, and <span class="refAuthor">K. Cohn-Gordon</span>, <span class="refTitle">"The Messaging Layer Security (MLS) Protocol"</span>, <span class="seriesInfo">RFC 9420</span>, <span class="seriesInfo">DOI 10.17487/RFC9420</span>, <time datetime="2023-07" class="refDate">July 2023</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc9420">https://www.rfc-editor.org/rfc/rfc9420</a>&gt;</span>. </dd>
Expand Down Expand Up @@ -3660,7 +3660,7 @@ <h3 id="name-sframe-over-rtp">
receivers will need to be configured to know which of the above schemes the
sender has applied to a given sequence of RTP packets. SFrame does not provide
a mechanism for distributing this configuration information. In applications
that use SDP for negotiating RTP media streams <span>[<a href="#RFC4566" class="cite xref">RFC4566</a>]</span>, an appropriate
that use SDP for negotiating RTP media streams <span>[<a href="#RFC8866" class="cite xref">RFC8866</a>]</span>, an appropriate
extension to SDP could provide this function.<a href="#appendix-C.5-3" class="pilcrow"></a></p>
<p id="appendix-C.5-4">Applying SFrame per-frame also requires that packetization and depacketization
be done in a generic manner that does not depend on the media content of the
Expand Down
37 changes: 19 additions & 18 deletions draft-ietf-sframe-enc.txt
Original file line number Diff line number Diff line change
Expand Up @@ -527,21 +527,21 @@ Alice | (per-frame) (per-packet) | | |
encryption operation, together with application-provided metadata
about the encrypted media (see Section 9.4).

def encrypt(CTR, KID, metadata, plaintext):
sframe_key, sframe_salt = key_store[KID]
def encrypt(CTR, KID, metadata, plaintext):
sframe_key, sframe_salt = key_store[KID]

# encode_big_endian(x, n) produces an n-byte string encoding the integer x in
# big-endian byte order.
ctr = encode_big_endian(CTR, AEAD.Nn)
nonce = xor(sframe_salt, CTR)
# encode_big_endian(x, n) produces an n-byte string encoding the integer x in
# big-endian byte order.
ctr = encode_big_endian(CTR, AEAD.Nn)
nonce = xor(sframe_salt, CTR)

# encode_sframe_header produces a byte string encoding the provided KID and
# CTR values into an SFrame Header.
header = encode_sframe_header(CTR, KID)
aad = header + metadata
# encode_sframe_header produces a byte string encoding the provided KID and
# CTR values into an SFrame Header.
header = encode_sframe_header(CTR, KID)
aad = header + metadata

ciphertext = AEAD.Encrypt(sframe_key, nonce, aad, plaintext)
return header + ciphertext
ciphertext = AEAD.Encrypt(sframe_key, nonce, aad, plaintext)
return header + ciphertext

For example, the metadata input to encryption allows for frame
metadata to be authenticated when SFrame is applied per-frame. After
Expand Down Expand Up @@ -1183,7 +1183,7 @@ def encrypt(CTR, KID, metadata, plaintext):
applications, in the sense that they are set up in some signaling
protocol, and then not described in the media. Applications might
find it useful to extend the protocols used for negotiating other
media parameters (e.g., SDP [RFC4566]) to also negotiate parameters
media parameters (e.g., SDP [RFC8866]) to also negotiate parameters
for SFrame.

9.1. Header Value Uniqueness
Expand Down Expand Up @@ -1328,10 +1328,6 @@ def encrypt(CTR, KID, metadata, plaintext):
RFC 3711, DOI 10.17487/RFC3711, March 2004,
<https://www.rfc-editor.org/rfc/rfc3711>.

[RFC4566] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session
Description Protocol", RFC 4566, DOI 10.17487/RFC4566,
July 2006, <https://www.rfc-editor.org/rfc/rfc4566>.

[RFC6716] Valin, JM., Vos, K., and T. Terriberry, "Definition of the
Opus Audio Codec", RFC 6716, DOI 10.17487/RFC6716,
September 2012, <https://www.rfc-editor.org/rfc/rfc6716>.
Expand All @@ -1352,6 +1348,11 @@ def encrypt(CTR, KID, metadata, plaintext):
DOI 10.17487/RFC8723, April 2020,
<https://www.rfc-editor.org/rfc/rfc8723>.

[RFC8866] Begen, A., Kyzivat, P., Perkins, C., and M. Handley, "SDP:
Session Description Protocol", RFC 8866,
DOI 10.17487/RFC8866, January 2021,
<https://www.rfc-editor.org/rfc/rfc8866>.

[RFC9420] Barnes, R., Beurdouche, B., Robert, R., Millican, J.,
Omara, E., and K. Cohn-Gordon, "The Messaging Layer
Security (MLS) Protocol", RFC 9420, DOI 10.17487/RFC9420,
Expand Down Expand Up @@ -1631,7 +1632,7 @@ C.5. SFrame over RTP
above schemes the sender has applied to a given sequence of RTP
packets. SFrame does not provide a mechanism for distributing this
configuration information. In applications that use SDP for
negotiating RTP media streams [RFC4566], an appropriate extension to
negotiating RTP media streams [RFC8866], an appropriate extension to
SDP could provide this function.

Applying SFrame per-frame also requires that packetization and
Expand Down
36 changes: 18 additions & 18 deletions index.html
Original file line number Diff line number Diff line change
Expand Up @@ -24,12 +24,12 @@ <h1>Editor's drafts for main branch of <a href="https://github.com/sframe-wg/sfr
<td></td>
</tr>
</table>
<h2>Preview for branch <a href="john">john</a></h2>
<table id="branch-john">
<h2>Preview for branch <a href="suresh">suresh</a></h2>
<table id="branch-suresh">
<tr>
<td><a href="john/draft-ietf-sframe-enc.html" class="html draft-ietf-sframe-enc" title="Secure Frame (SFrame) (HTML)">SFrame</a></td>
<td><a href="john/draft-ietf-sframe-enc.txt" class="txt draft-ietf-sframe-enc" title="Secure Frame (SFrame) (Text)">plain text</a></td>
<td><a href="https://author-tools.ietf.org/api/iddiff?url_1=https://sframe-wg.github.io/sframe/draft-ietf-sframe-enc.txt&amp;url_2=https://sframe-wg.github.io/sframe/john/draft-ietf-sframe-enc.txt" class="diff draft-ietf-sframe-enc">diff with main</a></td>
<td><a href="suresh/draft-ietf-sframe-enc.html" class="html draft-ietf-sframe-enc" title="Secure Frame (SFrame) (HTML)">SFrame</a></td>
<td><a href="suresh/draft-ietf-sframe-enc.txt" class="txt draft-ietf-sframe-enc" title="Secure Frame (SFrame) (Text)">plain text</a></td>
<td><a href="https://author-tools.ietf.org/api/iddiff?url_1=https://sframe-wg.github.io/sframe/draft-ietf-sframe-enc.txt&amp;url_2=https://sframe-wg.github.io/sframe/suresh/draft-ietf-sframe-enc.txt" class="diff draft-ietf-sframe-enc">diff with main</a></td>
</tr>
</table>
<h2>Preview for branch <a href="warren">warren</a></h2>
Expand All @@ -40,20 +40,12 @@ <h2>Preview for branch <a href="warren">warren</a></h2>
<td><a href="https://author-tools.ietf.org/api/iddiff?url_1=https://sframe-wg.github.io/sframe/draft-ietf-sframe-enc.txt&amp;url_2=https://sframe-wg.github.io/sframe/warren/draft-ietf-sframe-enc.txt" class="diff draft-ietf-sframe-enc">diff with main</a></td>
</tr>
</table>
<h2>Preview for branch <a href="roman">roman</a></h2>
<table id="branch-roman">
<tr>
<td><a href="roman/draft-ietf-sframe-enc.html" class="html draft-ietf-sframe-enc" title="Secure Frame (SFrame) (HTML)">SFrame</a></td>
<td><a href="roman/draft-ietf-sframe-enc.txt" class="txt draft-ietf-sframe-enc" title="Secure Frame (SFrame) (Text)">plain text</a></td>
<td><a href="https://author-tools.ietf.org/api/iddiff?url_1=https://sframe-wg.github.io/sframe/draft-ietf-sframe-enc.txt&amp;url_2=https://sframe-wg.github.io/sframe/roman/draft-ietf-sframe-enc.txt" class="diff draft-ietf-sframe-enc">diff with main</a></td>
</tr>
</table>
<h2>Preview for branch <a href="suresh">suresh</a></h2>
<table id="branch-suresh">
<h2>Preview for branch <a href="john">john</a></h2>
<table id="branch-john">
<tr>
<td><a href="suresh/draft-ietf-sframe-enc.html" class="html draft-ietf-sframe-enc" title="Secure Frame (SFrame) (HTML)">SFrame</a></td>
<td><a href="suresh/draft-ietf-sframe-enc.txt" class="txt draft-ietf-sframe-enc" title="Secure Frame (SFrame) (Text)">plain text</a></td>
<td><a href="https://author-tools.ietf.org/api/iddiff?url_1=https://sframe-wg.github.io/sframe/draft-ietf-sframe-enc.txt&amp;url_2=https://sframe-wg.github.io/sframe/suresh/draft-ietf-sframe-enc.txt" class="diff draft-ietf-sframe-enc">diff with main</a></td>
<td><a href="john/draft-ietf-sframe-enc.html" class="html draft-ietf-sframe-enc" title="Secure Frame (SFrame) (HTML)">SFrame</a></td>
<td><a href="john/draft-ietf-sframe-enc.txt" class="txt draft-ietf-sframe-enc" title="Secure Frame (SFrame) (Text)">plain text</a></td>
<td><a href="https://author-tools.ietf.org/api/iddiff?url_1=https://sframe-wg.github.io/sframe/draft-ietf-sframe-enc.txt&amp;url_2=https://sframe-wg.github.io/sframe/john/draft-ietf-sframe-enc.txt" class="diff draft-ietf-sframe-enc">diff with main</a></td>
</tr>
</table>
<h2>Preview for branch <a href="deb">deb</a></h2>
Expand All @@ -64,6 +56,14 @@ <h2>Preview for branch <a href="deb">deb</a></h2>
<td><a href="https://author-tools.ietf.org/api/iddiff?url_1=https://sframe-wg.github.io/sframe/draft-ietf-sframe-enc.txt&amp;url_2=https://sframe-wg.github.io/sframe/deb/draft-ietf-sframe-enc.txt" class="diff draft-ietf-sframe-enc">diff with main</a></td>
</tr>
</table>
<h2>Preview for branch <a href="roman">roman</a></h2>
<table id="branch-roman">
<tr>
<td><a href="roman/draft-ietf-sframe-enc.html" class="html draft-ietf-sframe-enc" title="Secure Frame (SFrame) (HTML)">SFrame</a></td>
<td><a href="roman/draft-ietf-sframe-enc.txt" class="txt draft-ietf-sframe-enc" title="Secure Frame (SFrame) (Text)">plain text</a></td>
<td><a href="https://author-tools.ietf.org/api/iddiff?url_1=https://sframe-wg.github.io/sframe/draft-ietf-sframe-enc.txt&amp;url_2=https://sframe-wg.github.io/sframe/roman/draft-ietf-sframe-enc.txt" class="diff draft-ietf-sframe-enc">diff with main</a></td>
</tr>
</table>
<script>
window.onload = function() {
var referrer_branch = 'main';
Expand Down

0 comments on commit b2b87f3

Please sign in to comment.