search

sdmp / sdmp.github.io

The main front-page and docs for the sdmp project.
https://sdmp.io
2 stars 2 forks source link

Better specs for signature object and algorithm in container #50

Open saibotsivad opened 8 years ago

saibotsivad commented 8 years ago

Currently the signature schema has the following layout:

{
    sdmp: {
        version: '0.13',
        schemas: [ 'signature' ]
    },
    signature: {
        identifier: 'hash of the payload',
        payload: 'payload',
        signatures: [{
            protected: 'see below',
            signature: 'signature'
        }]
    }
}

This was originally meant to mimic the JWS protected headers specs.

However, since the hashing method and algorithm are being specified in the specs, why not just make the signatures object like:

signatures: [{
    fingerprint: 'fingerprint of key signing',
    signature: 'signature'
}]

And make the signature algorithm like:

SIGN(HASH(key fingerprint + hash of the payload))

So that, for example, if we had:

Then we would put the two together:

GlvAreTo0lCSyum7Wzh8pzhxYOOu-gMIgO2N95AAwAGP6-nR8xCvWvIW0t9rF_ZZfpCY_fDV38JDFKaOU91A8Q7zK3dKa-p1AjDHyKolzWWVT0lMnyEMFCfNZct-FQE97KemrnYTRkvn5bjqgQiS400z4R1lP8mUvAaCduW4JBIw

And take the hash of that:

gUUMy0z1i8-2qyj4FsLZYMihQJAVWIR6-dnl3BwZSdbSCEwP_ynw_bVkiklLnVfydgB5R5jqPj-aaRSccbsS8w

And then sign that.

saibotsivad commented 8 years ago

Note that if we specify the hashing/signing algorithm in the container, e.g. alg: 'HS512' as it is currently in 0.12, then we will probably want to specify the hashing/signing/encryption algorithm in the other core containers.

I am leaning towards the proposed solution, which would essentially ditch trying to use the JWS specs. Currently we aren't using them for much else anyway, so it would clean things up a bit.

saibotsivad commented 8 years ago

In any case, the 0.12 specs do not make it clear at all what is being signed and how. This must be remedied.