On Sat, Dec 31, 2016 at 09:27:36PM +0000, Mike Jones wrote: > The specification Using RSA Algorithms with COSE > Messages<https://tools.ietf.org/html/draft-jones-cose-rsa-01> defines > encodings for using RSA algorithms with CBOR Object Signing and Encryption > (COSE)<https://tools.ietf.org/html/draft-ietf-cose-msg-24> messages. This > supports use cases for the FIDO Alliance and others that need this > functionality. Security Area Director Kathleen Moriarty has agreed to AD > sponsorship of this specification. This specification incorporates text from > draft-ietf-cose-msg-05 - the last COSE specification version before the RSA > algorithms were removed. > > The specification is available at: > > * https://tools.ietf.org/html/draft-jones-cose-rsa-01 > > An HTML-formatted version is also available at: > > * http://self-issued.info/docs/draft-jones-cose-rsa-01.html > > Review feedback is welcomed!
Just as a note, I impilemented the key storage format (for a test of one feature[1] in TLS lib I'm working on). Supported fields: 1 (value must be 3), 2 (ignored), 3 (-37, -38 and -39 only if present), 4 (must cotain 1 if present), -1 to -8 (all required), all others trigger an error (and also unexpected types for known fields).. ~450 lines of Rust code[2], including CBOR/key parsing, public key export and lowering signing requests to Ring (a BoringSSL fork with Rust API). [1] Extensible support for keypair formats. [2] The binary (.so) size is quite big (~1.4MB) due to static linkage of Rust standard library and RSA signing code from Ring. -Ilari _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
