On 2024-08-19 20:10, lgl island-resort.com wrote:
So, back in the day when a lot of signed content was text format, we needed
canonicalization to make sure the receiver could reconstruct exactly what was
sent after transformations in transit. We worried about line folding, line
ending, character sets and such. In the binary CBOR world, we don’t have to
worry about that at all. Yay! Transports that move CBOR around never do
anything to what they carry. If they did things to what they carry, they
probably wouldn’t work at all for CBOR.
Correct.
So deterministic encoding (formally known as canonical encoding) is not
required for signed payloads. COSE doesn’t require CDE or such for payloads.
Right, but COSE isn't very handy for signing CBOR data:
https://github.com/cyberphone/D-CBOR?tab=readme-ov-file#example
No CBOR signing format needs determinism or canonicalization for the payload.
This builds on the assumption that signature validators have direct access to
the CBOR binary. FWIW, my signature and encryption implementations do not
build on such assumptions. In fact, CBOR data items are self-encoding,
regardless if they were created programmatically or are the result of decoding:
https://github.com/cyberphone/android-cbor/blob/main/jlibcbor/src/main/java/org/webpki/cbor/CBORBigInt.java
Wolf's dCBOR tools build on the same idea but without using wrappers.
This arrangement makes transformations like required by enveloped signatures
extremely simple:
https://github.com/cyberphone/android-cbor/blob/main/jlibcbor/src/main/java/org/webpki/cbor/CBORValidator.java#L113
The use cases where CDE determinism is needed is when the signed data is *not*
transmitted, but instead independently constructed by the sender and receiver.
This is very rare.
Indeed.
Also, note that CDE has been around since RFC 8949 (and as canonical encoding
since RFC 7049). The new draft is just a clarification.
Yes, CDE brings a much needed clarification, particularly for numbers.
Anders
LL
On Aug 19, 2024, at 12:20 AM, Anders Rundgren <[email protected]>
wrote:
As you may know, the IETF is about to standardize Deterministically Encoded
CBOR:
https://datatracker.ietf.org/doc/draft-ietf-cbor-cde/
Although not a part of the plot, CBOR CDE enables signatures schemes which are
much simpler than COSE and preserves the original message structure. You can
try it on-line without any software installations:
https://test.webpki.org/csf-lab/home
The primary target is the EU Identity Wallet when used for payments, but it can of course
be used everywhere where "signed CBOR" is requested.
Anders
https://github.com/cyberphone/cbor-everywhere?tab=readme-ov-file#cryptographic-operations
_______________________________________________
COSE mailing list -- [email protected]
To unsubscribe send an email to [email protected]
_______________________________________________
COSE mailing list -- [email protected]
To unsubscribe send an email to [email protected]
