[jose] Using JWS in KeyGen2

[Anders Rundgren]

Since quite a bunch of people seems to believe that alternative signature 
schemes like JCS (JSON Cleartext Signature) and SM (Secure Messaging) are 
"fundamentally bad", I just wanted providing an example that _may_ explain a 
bit about the motivation at least.

1. Current KeyGen2 sample message using JCS:

{
  "@context": "http://xmlns.webpki.org/keygen2/beta/20131201";,
  "@qualifier": "ProvisioningInitializationResponse",
  "ServerSessionID": "142f1bdb286XVQnqmIRc1bSzm-QN-ZJk",
  "ClientSessionID": "39NMWamKtHumJFfdIGkDrLP-NMB-5Lwo",
  "ServerTime": "2013-12-14T16:33:30+01:00",
  "ClientTime": "2013-12-14T16:33:30+01:00",
  "SessionAttestation": 
"KMUpOesC8nDTLpu8PppsSGg1j....WiwvUcVpbNudbY14lLks8RQuwoiU",
  "ClientEphemeralKey":
    {
      "PublicKey":
        {
          "EC":
            {
              "NamedCurve": 
"http://xmlns.webpki.org/sks/algorithm#ec.nist.p256";,
              "X": "tQXczn7qxGgcLpOVBuw5i-tMHxbJTUF6k3RZGsjdauc",
              "Y": "jIlm8sXwknZeQQDTxkfwXKUdhubt6JcqQYA6S8Dm3AE"
            }
        }
    },
  "DeviceCertificate":
    {
      "X509CertificatePath": 
["MIIC2DCCAcCgAwIBAgIGARTWcc7VMCSq....awCV4OfAGXLIwJBCp85AN7KNdcJfL"]
    },
  "ServerCertificateFingerPrint": "HwKCofkqkTFXRmyyb_CnWhAcTbQF7w8rl1OqCwyM4TM",
  "Signature":
    {
      "Algorithm": "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256";,
      "KeyInfo":
        {
          "KeyID": "derived-session-key"
        },
      "SignatureValue": "nnzNSZUZw1qlGVydZZ3ssCVIZTznyHwDXlOpLMpI3Lo"
    }
}

Note that the entire message in signed including the signature parameters with 
the "SignatureValue" property as the only exception.


2. Using JWS where the entire message is signed:

{
  "payload": 
"eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzM...tcGxlLmNvbS9pc19yb290Ijp0cnVlfQ",
  "signatures":
    [{
       "protected": "eyJhbGciOiJFUzI1NiJ9",
       "header":
         {
           "kid": "e9bc097a-ce51-4036-9562-d2ade882db0d"
         },
       "signature": 
"DtEhU3ljbEg8L38VWAfUAqOyKAM6-Xx...lSApmWQxfKTUJqPP3-Kg6NU1Q"
     }]
}

That is, you would need a two-level parsing scheme to find out what the actual 
message type is.


3. Using JWS where the object type IDs are provided separately (presumably 
duplicated in the payload):

{
  "@context": "http://xmlns.webpki.org/keygen2/beta/20131201";,
  "@qualifier": "ProvisioningInitializationResponse",
  "payload": 
"eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzM...tcGxlLmNvbS9pc19yb290Ijp0cnVlfQ",
  "signatures":
    [{
       "protected": "eyJhbGciOiJFUzI1NiJ9",
       "header":
         {
           "kid": "e9bc097a-ce51-4036-9562-d2ade882db0d"
         },
       "signature": 
"DtEhU3ljbEg8L38VWAfUAqOyKAM6-Xx...lSApmWQxfKTUJqPP3-Kg6NU1Q"
     }]
}

I guess this one would be the most reasonable conversion, right?

Cheers
Anders

( 
https://openkeystore.googlecode.com/svn/resources/trunk/docs/keygen2.html#Sample.KeyCreationRequest
 )

_______________________________________________
jose mailing list
jose@ietf.org
https://www.ietf.org/mailman/listinfo/jose