On Fri, Jul 04, 2025 at 03:11:18PM +0200, Emil Lundberg wrote: > Hi! > > Section 2.2.1. JSON Web Key Representation > <https://www.ietf.org/archive/id/draft-ietf-cose-bls-key-representations-06.html#name-json-web-key-representation> > of > draft-ietf-cose-bls-key-representations-06 defines that the private key > shall be encoded in little-endian byte order (the subsequent section for > COSE_Key does too): > > The parameter "d" MUST be present for private key representations whose > > value MUST contain the little-endian representation of the private key > > base64url encoded without padding as defined in [RFC7515] Appendix C. This > > parameter MUST NOT be present for public keys. > > > Is this right?
No, that is not right. The "d" is always big-endian in EC/EC2. Then, that is not the only thing wrong with the key representation. While the rest in section 2.2.1 is fine for "G1" keys, it is not fine for "G2" keys, as those do not have valid coordinates in any prime or binary field. Then COSE key representation has further problem of base64url encoding x and y. -Ilari _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
