I have updated the appendix to draft-ietf-anima-constrained-voucher, which contains the COSE signed CBOR vouchers. I have included base64 of the binary, as well as CBOR diagnostic format. Please see: https://github.com/anima-wg/constrained-voucher/blob/master/constrained-voucher.txt#L2218
I am including the private (EC) keys in PKCS1 form ("BEGIN EC PRIVATE KEY"),
perhaps I should use PKCS8/RFC5208 format ("BEGIN PRIVATE KEY") instead?
Thomas, and Jim, would you take a crack at validating the voucher-request and
parboiled
(Registrar signed) voucher requests from these files? The raw binary files are
at:
https://github.com/anima-wg/constrained-voucher/tree/master/examples
along with the public keys. It's just COSE signatures.
In doing this, I've discovered a bug in my code, and I believe it needs to be
fixed. Specifically, it appears at line:
https://github.com/anima-wg/constrained-voucher/blob/master/constrained-voucher.txt#L2478
You'll notice:
"00-D0-E5-F2-00-02", 11: "rIe_64PzENXdd32FApWcMQ", 12: "MII
B5TCCAWugAwIBAgIBATAKBggqhkjOPQQDAjBzMRIwEAYKCZImiZPyLGQBGRY
that is, I've pinned the *base64* encoding of the registrar's DER encoded
certificate, rather than the DER encoding itself. This is clearly wrong, but
I do it consistently and tolerantly so I don't notice. I will be fixing
this. However, the signature on the resulting object should be correct, even
if the contents are semantically wrong.
--
Michael Richardson <[email protected]>, Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
