What are your requirements? Are you trying to implement an embedded detached signature?
Is that why you require the map to be modified and then CDE applied? Why not just say: Detach the signatures, apply cde to the original map, sign the hash of the cde with cose sign1... Attach the signature. In this approach you also get a content identifier for the CBOR map, which you can use to build unique URIs. On Sat, Aug 24, 2024, 2:19 AM Anders Rundgren <[email protected]> wrote: > Assume you have a message like this, where a tag holding a URL acts as an > object type Id: > > 1010(["https://example.com/status";, { > / temperature / > 1: 2.56, > / weight / > 2: 505, > / timestamp / > 3: "2024-08-22T15:32:20Z" > }]) > > Using the CBOR Signature Format (CSF) you would get this: > > 1010(["https://example.com/status";, { > 1: 2.56, > 2: 505, > 3: "2024-08-22T15:32:20Z", > / Signature container / > -1: { > / Signature algorithm (COSE Ed25519) / > 1: -50, > / Ed25519 public key in COSE format / > 4: { > 1: 1, > -1: 6, > -2: > h'fe49acf5b92b6e923594f2e83368f680ac924be93cf533aecaf802e37757f8c9' > }, > / Signature value / > 6: > h'1f10bf2efcfddee741a6dea052ef49e6b67dd549d580be36e5a1d50dc3f9afd5fb92a28ce37dfc877111ff35fb2f4c1f21ff0b0b48bdc04276742e6af033330b' > } > }]) > > Compared to COSE you get the following advantages: > - The entire message is signed including the object type Id > - The message is kept in its original form > - Headers are in clear > - Extremely simple algorithm > > WDYT? > > Anders > https://datatracker.ietf.org/doc/draft-ietf-cbor-cde/ > > https://cyberphone.github.io/javaapi/org/webpki/cbor/doc-files/signatures.html > https://www.ietf.org/archive/id/draft-rundgren-cotx-04.html > > _______________________________________________ > COSE mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
