On 2022-03-04, at 07:54, Anders Rundgren <[email protected]> wrote:
>
> - Collect key and algorithm data from the authorization signature object.
> - Save and Remove FIDO "authenticatorData" and FIDO "signature" from the CBOR
> container.
This is what we called the “transform” in the beloved XMLDSig.
The complexities of this step can be the basis of interesting vulnerabilities
(or interoperability failures).
> - Set "authorizationData" = re-serialized CBOR container.
(Using deterministic serialization.
Fortunately, that works much better in CBOR than in other serialization
formats.)
> - Verify signature using ("authenticatorData" || sha256(authorizationData) as
> signed data.
Now you have verified a signature as applied to the transformed data.
COSE differs in design by signing the actual data as interchanged.
(This is not as expensive to do in CBOR as in serialization formats that cannot
efficiently encode byte strings, i.e., binary data.)
Grüße, Carsten
_______________________________________________
COSE mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cose
