Typo :( "enveloped" it should be. /anders
-------- Forwarded Message -------- Subject: Signing top-level data in COSE? Date: Thu, 6 Mar 2025 17:13:55 +0100 From: Anders Rundgren <[email protected]> To: [email protected] <[email protected]> The following object represents a use-case that I believe will become quite important. The 1010 tag holds an application-specific URL identifying the type of the instance data. Obviously these parts must be kept together. When signed the signature MUST thus cover both arguments. 1010(["https://example.com/myobject";, { 1: "Hello signed world!", 2: [2.0, true] }]) Using Deterministically Encoded CBOR supporting enveloping signatures this becomes quite simple: 1010(["https://example.com/myobject";, { 1: "Hello signed world!", 2: [2.0, true], # signature container -1: { # COSE algorithm: Ed25510 1: -50, # COSE public key 4: { # kty: OKP 1: 1, # curve: Ed25519 -1: 6, # x -2: h'fe49acf5b92b6e923594f2e83368f680ac924be93cf533aecaf802e37757f8c9' }, # signature covering the ENTIRE object 6: h'27e6ae6fdc3b36813258c658c05645b4742eb76cf4a8d417b8c8c12c710b3d464642b379b8bc7595f391673f5c3c445cc4d033a368a1a20c1989ae9973490b0f' } }]) Q: How do you accomplish this in COSE? Anders _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
