selfissued
commented
6 years ago I believe that this was addressed by PR #65 .
Closed selfissued closed 6 years ago
selfissued
commented
6 years ago I believe that this was addressed by PR #65 .
From: Giridhar Mandyam [mailto:mandyam@qti.qualcomm.com] Sent: Friday, October 6, 2017 4:51 PM To: Mike Jones Michael.Jones@microsoft.com Subject: Verification of Example A.2.3 in Version 8 of CWT Spec
Hi Mike, Here is another hand verification. There was an ordering error in the CBOR. You can fix it by rearranging the diagnostic notation.
-Giri Mandyam
Example:
{ / d / -4: h'6c1382765aec5358f117733d281c1c7bdc39884d04a45a1e 6c67c858bc206c19', / y / -3: h'60f7f1a780d8a783bfb7a2dd6b2796e8128dbbcef9d3d168 db9529971a36e7b9', / x / -2: h'143329cce7868e416927599cf65a34f3ce2ffda55a7eca69 ed8919a394d42f0f', / crv / -1: 1 / P-256 /, / kty / 1: 2 / EC2 /, / alg / 3: -7 / ECDSA 256 / }
Resultant CBOR:
a622582060f7f1a780d8a783bfb7a2dd6b2796e8128dbbcef9d3d168db952997 1a36e7b92358206c1382765aec5358f117733d281c1c7bdc39884d04a45a1e6c 67c858bc206c1903260102215820143329cce7868e416927599cf65a34f3ce2f fda55a7eca69ed8919a394d42f0f2001
Verification
a6 – CBOR map of 6 entries
1st problem follows: d label precedes y in the diagnostic notation. However in the CBOR example the y label comes first. So will continue checking from here assuming that the y label comes first.
22 – integer -3 to correspond to ‘y’. 5820 – byte string with 32 bytes following 60f7f1a780d8a783bfb7a2dd6b2796e8128dbbcef9d3d168db9529971a36e7b9 – 256-bit y-coordinate
23 – integer -4 to correspond to ‘d’. 5820 – byte string with 32 bytes following 6c1382765aec5358f117733d281c1c7bdc39884d04a45a1e6c67c858bc206c19 – 256-bit private key
2nd problem follows: ‘alg’ label comes out of order as well
03 – integer 3 to correspond to ‘alg’ 26 – integer -7 to correspond to ECDSA/SHA-256
3rd problem follows: ‘kty’ comes out of order 01 – integer 1 to correspond to ‘kty’ 02 – integer 2 to correspond to Elliptic Curve family of keys
21 – integer -2 to correspond to ‘x’ 5820 – byte string with 32 bytes following 143329cce7868e416927599cf65a34f3ce2f fda55a7eca69ed8919a394d42f0f – 256-bit x-coordinate
20 – integer -1 to correspond to ‘crv’ 01 – NIST P-256 curve