I have to squeeze only those fields into as few 385-bit pieces to
validate a TESLA Key Disclouser.
Ugh.
So "all" I need from the aircraft full certificate (ignore all those
policy OIDs and other odds and ends!) is:
* Validity dates
* issuerAltName (IAN) IPv6 (issuer's DET per rfc9374)
* subjectAltName (SAN) IPv6 (aircraft's DET per rfc9374)
* subjectAltName (SAN) IPv4 (aircraft's 24-bit number prefixed with
ZERO) - note I have not figured out any better/smaller OID (in
subject or SAN) for the 24-bit aircraft number. Using IPv4 is a
hack at best.
* Aircraft's EdDSA25519 public key
* CBOR sig of these by issuer's EdDSA25519 key
Note that the issuer DET's SuiteID provides the algorithm for the signature.
I am trying to use cbor.me to expand some test cbor c509 certs to get
sizes, but I am not good enough with cbor to figure this out. Plus that
sig would probably be a "regular" cbor object signature, not the c509 sig.
I am under a deadline with a bunch of other writing that this is just
one important part, so any help is greatly appreciated.
Each 385-bit message costs 120ms of channel capacity. The fewer the
better...
Bob
_______________________________________________
COSE mailing list -- [email protected]
To unsubscribe send an email to [email protected]
