Definition of external_aad as CBOR byte string

[rikard-sics]

I was working on creating JUnit tests for the external AAD (among other things) for the Java OSCORE implementation in Californium.

During this work I noticed the following. In section 5.4 the external_aad is defined as a CBOR byte string of the aad_array. external_aad = bstr .cbor aad_array

There are also examples provided: aad_array: 0x8501810a4100412540 (9 bytes) external_aad: 0x498501810a4100412540 (10 bytes) So the external_aad should be a byte string of the aad_array.

However in the test vectors the external_aad is never a CBOR byte string but rather seems to reflect the aad_array values.

For instance in section C.4: external_aad: 0x8501810a40411440 (8 bytes) There the external_aad is not a byte string but a CBOR array.

[jimsch]

I think we have all implemented this as juts being the aad_array. There is a bsetr wrapper added at the COSE level which is probably where that came from.

[rikard-sics]

I think we have all implemented this as juts being the aad_array.

Yes, indeed that is how it is implemented in the Java version also. The external_aad would be the aad_array like 0x8501810a4100412540. Then it is wrapped as a CBOR byte string when setting the external AAD in COSE.

So functionality-wise things should be fine. There is just an inconsistency in the draft text comparing the definition of the external_aad in section 5.4 with the examples in the test vectors.

[fpalombini]

That's right, thanks for pointing it out. Will fix in the test vector, do you have a preference: we fix the name (aad_array) or we fix the value (to bstr)? What is best for implementers?

[rikard-sics]

That's right, thanks for pointing it out. Will fix in the test vector, do you have a preference: we fix the name (aad_array) or we fix the value (to bstr)? What is best for implementers?

For me renaming it to aad_array would work. The actual bstr external_aad is not created manually inside my code but left up to COSE to create when adding parameters to the Encrypt0Message object. So in my code I deal with the aad_array (although now I am calling that external_aad).