iamgabrielsoft
commented
3 years ago You mean key, right?
Closed piotrblasiak closed 2 years ago
iamgabrielsoft
commented
3 years ago You mean key, right?
iamgabrielsoft
commented
3 years ago I would attend to this issue
Nxtmaster10
commented
2 years ago @iamgabrielsoft I have the same issue. I need to get the KID from the message before verifying it. Like at https://dencode.com/string/base45 the Base45/Zlib/COSE/CBOR feature. The goal is to scan the vaccination certificate of a person. I am currently using the code from https://github.com/ehn-dcc-development/ehn-sign-verify-javascript-trivial and have read through the sites provided here. Any suggestions?
iamgabrielsoft
commented
2 years ago I would look into this
iamgabrielsoft
commented
2 years ago That a good suggestion @Nxtmaster10
This has to be a good suggestion for a method that needs to be implemented 🤔
vitorpamplona
commented
2 years ago @Nxtmaster10 @piotrblasiak
You can use a CBOR lib to decode the payload first.
You can see here how we are using a CBOR decoder to get the KID tag. Just remember that, for the DCC, you want to check the protected and unprotected parts of the payload.
erdtman
commented
2 years ago for now I would +1 on the comment from @vitorpamplona, in some glorious future where I have more time to work on this I could add a two step verification process where you would first read the signed/mac:ed object to get kid and other stuff and then do the cryptographic verification.
I have multiple keys, and I need to know the kid I should use before verifying the signature. What is the best way to do that?