0008170: Unclear and/or misleading wording in the ECC Amendment - Need to describe the EccEncryptedSecret Signature for AEAD Ciphers

ID	Project	Category	View Status	Date Submitted	Last Update

0008170	10000-004: Services	Spec	public	2022-07-28 12:06	2023-06-19 15:47

Reporter	Bernd Edlinger	Assigned To	Randy Armstrong
Priority	normal	Severity	major	Reproducibility	always
Status	closed	Resolution	fixed
Fixed in Version	1.05.03 RC1

Summary	0008170: Unclear and/or misleading wording in the ECC Amendment - Need to describe the EccEncryptedSecret Signature for AEAD Ciphers
Description	I refer to this document: https://reference.opcfoundation.org/src/v104/Core/docs/Amendment4/readme.htm I think we should state that in the case of ChaCha20-Poly1305, there is a second signature, which is missing in the "Table 182 - EncryptedSecret Layout" This second signature could be omitted, making this a ChaCha20 cipher. Or it could just sign the actual Secret, as it is done in the .NET Standard Stack. Or it could be meant signing all of the EncryptedSecret's data from TypeId to Nonce as Additional Data. Or it could be meant to replace the Asymmetric signature altogether, which would probably make sense performance wise, but is likely not what the .NET Standard stack does (but would at also be in line with the RsaEncryptedSecret). Suggested fix: Change the spec?
Tags	No tags attached.

Commit Version
Fix Due Date

Randy Armstrong 2022-08-03 15:19 administrator ~0017220	Part 4 Table 190 – EccEncryptedSecret Layout Need text to explain that when using authenticated symmetric encryption (ChaCha20-Poly1305) includes a symmetric signature which is incorporated after the bytes of the secret+padding. (i.e. their should be another row after the padding for authenticated encryption signature). The text needs to state that only the secret+padding is included in the signature calculation (i.e. no additional data).

Randy Armstrong 2023-05-10 23:13 administrator ~0019310	Added text to table: When using AuthenticatedEncryption the Signature has 2 parts: the Signature produced when the secret is encrypted using the SymmetricEncryptionAlgorithm and the Signature calculated using the Certificate and the AsymmetricSignatureAlgorithm. Both Signatures are calculated from the start of the packet. The AsymmetricSignatureAlgorithm Signature includes the SymmetricEncryptionAlgorithm Signature. When using UnauthenticatedEncryption the Signature is only calculated using the Certificate and the AsymmetricSignatureAlgorithm.

Jim Luth 2023-06-19 15:47 administrator ~0019528	Agreed to changes in virtual F2F.

Date Modified	Username	Field	Change
2022-07-28 12:06	Bernd Edlinger	New Issue
2022-07-28 12:06	Bernd Edlinger	Status	new => assigned
2022-07-28 12:06	Bernd Edlinger	Assigned To	=> Randy Armstrong
2022-07-28 12:26	Randy Armstrong	Project	Specifications => 10000-006: Mappings
2022-07-28 12:30	Randy Armstrong	Status	assigned => new
2022-08-03 15:19	Randy Armstrong	Note Added: 0017220
2022-08-03 15:50	Randy Armstrong	Status	new => assigned
2023-05-10 23:13	Randy Armstrong	Status	assigned => resolved
2023-05-10 23:13	Randy Armstrong	Resolution	open => fixed
2023-05-10 23:13	Randy Armstrong	Fixed in Version	=> 1.05.03 RC1
2023-05-10 23:13	Randy Armstrong	Note Added: 0019310
2023-05-10 23:13	Randy Armstrong	Project	10000-006: Mappings => 10000-004: Services
2023-06-19 15:46	Jim Luth	Issue cloned: 0009013
2023-06-19 15:46	Jim Luth	Relationship added	related to 0009013
2023-06-19 15:47	Jim Luth	Status	resolved => closed
2023-06-19 15:47	Jim Luth	Note Added: 0019528