Hi, I was looking at the spec, trying to find the best way to represent an
encrypted key with COSE. So, let's say I want to store or transmit a symmetric
key in a COSE_Key structure, but I want the key to be encrypted. In a way, I
want key wrapping without the payload.
I could always wrap my COSE_Key in a COSE_Encrypt or COSE_Encrypt0, but that
also encrypts the metadata, which makes it more inconvenient to scan a
collection of keys to find the correct one to use. Ideally, I'd like to wrap
just the Key Value ("k", with label -1) from the COSE_Key in a COSE_Encrypt0
in-place, but the spec doesn't seem to give room for that: "k: This contains
the value of the key."
Can I instead use a COSE_recipient or a COSE_Encrypt(0) structure in place of
the COSE_Key, and place the different COSE_Key parameters (except k) into the
protected header or unprotected header? How should I structure it if so?
What is the recommendation from the COSE WG? Did I miss something in the spec
about this?
Best Regards, Øyvind Rønningstad
_______________________________________________
COSE mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cose
