A big thank you Derek, for your observation of the non validating signature!
The source of the bug was as mundane as a copy-paste error between draft versions quite a while back, that obviously had gone unnoticed until now. A correct signature for the current sample native C509 certificate is: R = 4EFCEE214E2F3EB94BBDAE43C1948D144140233FC52FAC37428ED4BD8A050C5D S = F980DF51B71C70D32B3E92D56A6C7AB0D2671B2B865A35B2E2CA421D44C5C93F <=> 0, h'01f50d', "RFC test CA", 1577836800, 1612224000, h'0123456789AB', 1, h'02B1216AB96E5B3B3340F5BDF02E693F16213A04525ED44450 B1019C2DFD3838AB', 1, 0, h'4EFCEE214E2F3EB94BBDAE43C1948D144140233FC52FAC3742 8ED4BD8A050C5DF980DF51B71C70D32B3E92D56A6C7AB0D267 1B2B865A35B2E2CA421D44C5C93F' I apologize to you and anyone who spent time on this, updates with corrections will soon be on their way. And should you find anything else that seems strange we are very interested to know. Best Regards Joel Höglund On Mon, 25 Apr 2022 at 14:38, Derek Atkins <[email protected]> wrote: > Hi All, > > I am working on an implementation of C509 based on > draft-ietf-cose-cbor-encoded-cert-03 and I wanted to report the issues > I've found. > > First, there is a bug in the draft. In Figure 7, C509 Attributes in > section 11.2, there are two entries with tag 21, the Inc. Country and the > Domain Component. I suspect DC should be '22'? > > The second issue I'm having is that the certificate example in Appendix > A.1.2 does not validate using the keys in Appendix A.1.3. I have > verified that the isserPublicKey is valid, and it's exactly what I create > when making the public key from the issuerPrivateKey. However, when I > attempt to validate the A.1.2 certificate using the issuerPublicKey the > signature is not valid. > > I am computing the SHA256 hash of the TBSCertificate sequence as > b5bca215e1d1478d2fe7728a54089f2032a4a1a245fafb5bd21d9eeb9d076aed -- > however I have no way to validate if this is correct. > > Has anyone written a C509 parser and successfully validated this > certificate? If so, could you report what hash value you get from the > TBSCertificate sequence? > > Thanks, > > -derek > > PS: I reported this directly to the authors last week, but figured I would > reach out to a wider audience for validation of my issue(s). > > -- > Derek Atkins 617-623-3745 > [email protected] www.ihtfp.com > Computer and Internet Security Consultant > > _______________________________________________ > COSE mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/cose >
_______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
