mwiseman-byid
commented
4 months ago Updated .md and example csr.
Closed mwiseman-byid closed 4 months ago
mwiseman-byid
commented
4 months ago Updated .md and example csr.
ounsworth
commented
4 months ago Closes #128
ounsworth
commented
4 months ago Monty wants a second pair of eyes that this CSR looks to correctly implement the ASN.1 in the draft.
Here is an annotated decompile of the ASN.1:
Yup, looks goo to me
Attribute SEQUENCE @442+2770 (constructed): (2 elem) -- attr-evidence
type AttributeType OBJECT_IDENTIFIER @446+11: 1.2.840.113549.1.9.16.2.59
values SET @459+2753 (constructed): (1 elem)
AttributeValue [?] SEQUENCE @463+2749 (constructed): (1 elem) -- EvidenceBundles
SEQUENCE @467+2745 (constructed): (2 elem) -- EvidenceBundle
SEQUENCE @471+730 (constructed): (1 elem) -- EvidenceBundle.evidence ::= EvidenceStatements
SEQUENCE @475+726 (constructed): (3 elem) -- EvidenceStatement
OBJECT_IDENTIFIER @479+5: 2.23.133.20.1 -- EvidenceStatement.type
SEQUENCE @486+690 (constructed): (3 elem) -- EvidenceStatement.stmt
OCTET_STRING @490+145: (145 byte)|FF544..snip
OCTET_STRING @638+256: (256 byte)|38599C9..snip
OCTET_STRING @898+278: (278 byte)|0001..snip
UTF8String @1180+23: tpmverifier.example.com -- EvidenceStatement.hint
SEQUENCE @1205+2007 (constructed): (2 elem) -- EvidenceBundle.certs
SEQUENCE @1209+1120 (constructed): (3 elem)
SEQUENCE @1213+840 (constructed): (8 elem)
[0] @1217+3 (constructed): (1 elem)
INTEGER @1219+1: 2
INTEGER @1222+20: (158 bit)|226537393587166197990548330573891864754199365749
SEQUENCE @1244+13 (constructed): (2 elem)
OBJECT_IDENTIFIER @1246+9: 1.2.840.113549.1.1.11|sha256WithRSAEncryption|PKCS #1
.. snip the rest of the cert chain
This change is to tag -09. The only change is delete 964 and add new paragraph explaining why this OID is mentioned. This also updates the example csr.