search

opentdf / platform

Persistent data centric security that extends owner control wherever data travels
BSD 3-Clause Clear License
18 stars 10 forks source link

NanoTDF ECC Binding config using wrong bits #1548

Closed dmihalcik-virtru closed 1 month ago

dmihalcik-virtru commented 1 month ago

The spec indicates the low bits [0,2] are used for the curve type enum, but the implementation uses bits [4,6].

  1. Verify that other implementations are using the correct bits. If they are all using bits [4,6], update spec. However, if any are using the correct bits, update the spec. I'm guessing we already have a few out there.
  2. To support compatibility in go, consider supporting either if nanotdf version is 12

Spec:

image

Implementation:

image
dmihalcik-virtru commented 1 month ago

It looks like go is the only one that does not follow the spec.

JavaScript write:

image

JavaScript read:

image

Java write:

image

Java read:

image

Python:

image
dmihalcik-virtru commented 1 month ago

For completeness, the opentdf/backend KAS implementation also uses the correct bits:

Image