Skip to content

Commit

Permalink
Script updating gh-pages from 97b3815. [ci skip]
Browse files Browse the repository at this point in the history
  • Loading branch information
ID Bot committed Nov 8, 2023
1 parent 727afe6 commit 86f161a
Show file tree
Hide file tree
Showing 2 changed files with 114 additions and 14 deletions.
80 changes: 69 additions & 11 deletions draft-steele-cose-hash-envelope.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1132,7 +1132,7 @@ <h2 id="name-copyright-notice">
<p id="section-toc.1-1.1.1"><a href="#section-1" class="auto internal xref">1</a>.  <a href="#name-introduction" class="internal xref">Introduction</a></p>
<ul class="compact toc ulBare ulEmpty">
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.1.2.1">
<p id="section-toc.1-1.1.2.1.1"><a href="#section-1.1" class="auto internal xref">1.1</a>.  <a href="#name-usage" class="internal xref">Usage</a></p>
<p id="section-toc.1-1.1.2.1.1"><a href="#section-1.1" class="auto internal xref">1.1</a>.  <a href="#name-signed-hashes" class="internal xref">Signed Hashes</a></p>
<ul class="compact toc ulBare ulEmpty">
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.1.2.1.2.1">
<p id="section-toc.1-1.1.2.1.2.1.1" class="keepWithNext"><a href="#section-1.1.1" class="auto internal xref">1.1.1</a>.  <a href="#name-protected-header" class="internal xref">Protected Header</a></p>
Expand All @@ -1144,6 +1144,9 @@ <h2 id="name-copyright-notice">
<p id="section-toc.1-1.1.2.1.2.3.1" class="keepWithNext"><a href="#section-1.1.3" class="auto internal xref">1.1.3</a>.  <a href="#name-detached-payload" class="internal xref">Detached Payload</a></p>
</li>
</ul>
</li>
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.1.2.2">
<p id="section-toc.1-1.1.2.2.1"><a href="#section-1.2" class="auto internal xref">1.2</a>.  <a href="#name-encrypted-hashes" class="internal xref">Encrypted Hashes</a></p>
</li>
</ul>
</li>
Expand All @@ -1163,6 +1166,11 @@ <h2 id="name-copyright-notice">
<ul class="compact toc ulBare ulEmpty">
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.1">
<p id="section-toc.1-1.4.2.1.1"><a href="#section-4.1" class="auto internal xref">4.1</a>.  <a href="#name-cose-header-algorithm-param" class="internal xref">COSE Header Algorithm Parameters</a></p>
<ul class="compact toc ulBare ulEmpty">
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.1.2.1">
<p id="section-toc.1-1.4.2.1.2.1.1"><a href="#section-4.1.1" class="auto internal xref">4.1.1</a>.  <a href="#name-named-information-hash-algo" class="internal xref">Named Information Hash Algorithm Registry</a></p>
</li>
</ul>
</li>
</ul>
</li>
Expand All @@ -1187,17 +1195,18 @@ <h2 id="name-introduction">
<p id="section-1-1">COSE defined detached payloads in rfc9052#section-2.
However, a detached payload cose sign 1 still requires the payload content to be availble in order to verify.<a href="#section-1-1" class="pilcrow"></a></p>
<p id="section-1-2">For large payloads this is a problem. This draft addresses this problem by describing a simply way to sign hashes of large payloads while maintaining information about their content type.<a href="#section-1-2" class="pilcrow"></a></p>
<div id="usage">
<div id="signed-hashes">
<section id="section-1.1">
<h3 id="name-usage">
<a href="#section-1.1" class="section-number selfRef">1.1. </a><a href="#name-usage" class="section-name selfRef">Usage</a>
<h3 id="name-signed-hashes">
<a href="#section-1.1" class="section-number selfRef">1.1. </a><a href="#name-signed-hashes" class="section-name selfRef">Signed Hashes</a>
</h3>
<div id="protected-header">
<section id="section-1.1.1">
<h4 id="name-protected-header">
<a href="#section-1.1.1" class="section-number selfRef">1.1.1. </a><a href="#name-protected-header" class="section-name selfRef">Protected Header</a>
</h4>
<div class="lang-cbor-diag sourcecode" id="section-1.1.1-1">
<p id="section-1.1.1-1">TBD 0 (typ), TBD 1 (payload has alg) and TBD 2 (payload content type) are <span class="bcp14">MUST</span> be present in the protected header and <span class="bcp14">MUST NOT</span> be present in the unprotected header.<a href="#section-1.1.1-1" class="pilcrow"></a></p>
<div class="lang-cbor-diag sourcecode" id="section-1.1.1-2">
<pre>
{
/ Algorithm /
Expand All @@ -1211,7 +1220,7 @@ <h4 id="name-protected-header">
/ cty of the preimage of the payload /
TBD 2: application/jwk+json
}
</pre><a href="#section-1.1.1-1" class="pilcrow"></a>
</pre><a href="#section-1.1.1-2" class="pilcrow"></a>
</div>
</section>
</div>
Expand All @@ -1220,7 +1229,8 @@ <h4 id="name-protected-header">
<h4 id="name-attached-payload">
<a href="#section-1.1.2" class="section-number selfRef">1.1.2. </a><a href="#name-attached-payload" class="section-name selfRef">Attached Payload</a>
</h4>
<div class="lang-cbor-diag sourcecode" id="section-1.1.2-1">
<p id="section-1.1.2-1">The payload <span class="bcp14">MAY</span> be attached.<a href="#section-1.1.2-1" class="pilcrow"></a></p>
<div class="lang-cbor-diag sourcecode" id="section-1.1.2-2">
<pre>
18( / COSE Sign 1 /
[
Expand All @@ -1230,7 +1240,7 @@ <h4 id="name-attached-payload">
h'15280897...93ef39e5' / Signature /
]
)
</pre><a href="#section-1.1.2-1" class="pilcrow"></a>
</pre><a href="#section-1.1.2-2" class="pilcrow"></a>
</div>
</section>
</div>
Expand All @@ -1239,7 +1249,8 @@ <h4 id="name-attached-payload">
<h4 id="name-detached-payload">
<a href="#section-1.1.3" class="section-number selfRef">1.1.3. </a><a href="#name-detached-payload" class="section-name selfRef">Detached Payload</a>
</h4>
<div class="lang-cbor-diag sourcecode" id="section-1.1.3-1">
<p id="section-1.1.3-1">The payload <span class="bcp14">MAY</span> be detached.<a href="#section-1.1.3-1" class="pilcrow"></a></p>
<div class="lang-cbor-diag sourcecode" id="section-1.1.3-2">
<pre>
18( / COSE Sign 1 /
[
Expand All @@ -1249,12 +1260,20 @@ <h4 id="name-detached-payload">
h'15280897...93ef39e5' / Signature /
]
)
</pre><a href="#section-1.1.3-1" class="pilcrow"></a>
</pre><a href="#section-1.1.3-2" class="pilcrow"></a>
</div>
</section>
</div>
</section>
</div>
<div id="encrypted-hashes">
<section id="section-1.2">
<h3 id="name-encrypted-hashes">
<a href="#section-1.2" class="section-number selfRef">1.2. </a><a href="#name-encrypted-hashes" class="section-name selfRef">Encrypted Hashes</a>
</h3>
<p id="section-1.2-1">Should we define this?<a href="#section-1.2-1" class="pilcrow"></a></p>
</section>
</div>
</section>
</div>
<div id="conventions-and-definitions">
Expand All @@ -1279,7 +1298,7 @@ <h2 id="name-security-considerations">
<h3 id="name-choice-of-hash-function">
<a href="#section-3.1" class="section-number selfRef">3.1. </a><a href="#name-choice-of-hash-function" class="section-name selfRef">Choice of Hash Function</a>
</h3>
<p id="section-3.1-1">Choose a good one.<a href="#section-3.1-1" class="pilcrow"></a></p>
<p id="section-3.1-1">It is <span class="bcp14">RECOMMENDED</span> to align the strength of the chosen hash function to the strength of the chosen signature algorithm.<a href="#section-3.1-1" class="pilcrow"></a></p>
</section>
</div>
</section>
Expand Down Expand Up @@ -1311,6 +1330,45 @@ <h3 id="name-cose-header-algorithm-param">
<p id="section-4.1-1.5.1">Description: Hash algorithm used to produce the payload.<a href="#section-4.1-1.5.1" class="pilcrow"></a></p>
</li>
</ul>
<div id="named-information-hash-algorithm-registry">
<section id="section-4.1.1">
<h4 id="name-named-information-hash-algo">
<a href="#section-4.1.1" class="section-number selfRef">4.1.1. </a><a href="#name-named-information-hash-algo" class="section-name selfRef">Named Information Hash Algorithm Registry</a>
</h4>
<ul class="normal">
<li class="normal" id="section-4.1.1-1.1">
<p id="section-4.1.1-1.1.1">Name: SHAKE256<a href="#section-4.1.1-1.1.1" class="pilcrow"></a></p>
</li>
<li class="normal" id="section-4.1.1-1.2">
<p id="section-4.1.1-1.2.1">Label: TBD_2<a href="#section-4.1.1-1.2.1" class="pilcrow"></a></p>
</li>
<li class="normal" id="section-4.1.1-1.3">
<p id="section-4.1.1-1.3.1">Value type: int<a href="#section-4.1.1-1.3.1" class="pilcrow"></a></p>
</li>
<li class="normal" id="section-4.1.1-1.4">
<p id="section-4.1.1-1.4.1">Value registry: https://www.iana.org/assignments/named-information/named-information.xhtml<a href="#section-4.1.1-1.4.1" class="pilcrow"></a></p>
</li>
<li class="normal" id="section-4.1.1-1.5">
<p id="section-4.1.1-1.5.1">Description: SHAKE256 a described in https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf<a href="#section-4.1.1-1.5.1" class="pilcrow"></a></p>
</li>
<li class="normal" id="section-4.1.1-1.6">
<p id="section-4.1.1-1.6.1">Name: ASCON128<a href="#section-4.1.1-1.6.1" class="pilcrow"></a></p>
</li>
<li class="normal" id="section-4.1.1-1.7">
<p id="section-4.1.1-1.7.1">Label: TBD_3<a href="#section-4.1.1-1.7.1" class="pilcrow"></a></p>
</li>
<li class="normal" id="section-4.1.1-1.8">
<p id="section-4.1.1-1.8.1">Value type: int<a href="#section-4.1.1-1.8.1" class="pilcrow"></a></p>
</li>
<li class="normal" id="section-4.1.1-1.9">
<p id="section-4.1.1-1.9.1">Value registry: https://www.iana.org/assignments/named-information/named-information.xhtml<a href="#section-4.1.1-1.9.1" class="pilcrow"></a></p>
</li>
<li class="normal" id="section-4.1.1-1.10">
<p id="section-4.1.1-1.10.1">Description: ASCON128 a described in https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/round-2/spec-doc-rnd2/ascon-spec-round2.pdf<a href="#section-4.1.1-1.10.1" class="pilcrow"></a></p>
</li>
</ul>
</section>
</div>
</section>
</div>
</section>
Expand Down
48 changes: 45 additions & 3 deletions draft-steele-cose-hash-envelope.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,15 +68,17 @@ Copyright Notice
Table of Contents

1. Introduction
1.1. Usage
1.1. Signed Hashes
1.1.1. Protected Header
1.1.2. Attached Payload
1.1.3. Detached Payload
1.2. Encrypted Hashes
2. Conventions and Definitions
3. Security Considerations
3.1. Choice of Hash Function
4. IANA Considerations
4.1. COSE Header Algorithm Parameters
4.1.1. Named Information Hash Algorithm Registry
5. Normative References
Acknowledgments
Author's Address
Expand All @@ -91,10 +93,14 @@ Table of Contents
problem by describing a simply way to sign hashes of large payloads
while maintaining information about their content type.

1.1. Usage
1.1. Signed Hashes

1.1.1. Protected Header

TBD 0 (typ), TBD 1 (payload has alg) and TBD 2 (payload content type)
are MUST be present in the protected header and MUST NOT be present
in the unprotected header.

{
/ Algorithm /
1: -35,
Expand All @@ -110,6 +116,8 @@ Table of Contents

1.1.2. Attached Payload

The payload MAY be attached.

18( / COSE Sign 1 /
[
h'a4013822...3a616263', / Protected /
Expand All @@ -121,6 +129,8 @@ Table of Contents

1.1.3. Detached Payload

The payload MAY be detached.

18( / COSE Sign 1 /
[
h'a4013822...3a616263', / Protected /
Expand All @@ -130,6 +140,10 @@ Table of Contents
]
)

1.2. Encrypted Hashes

Should we define this?

2. Conventions and Definitions

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
Expand All @@ -144,7 +158,8 @@ Table of Contents

3.1. Choice of Hash Function

Choose a good one.
It is RECOMMENDED to align the strength of the chosen hash function
to the strength of the chosen signature algorithm.

4. IANA Considerations

Expand All @@ -161,6 +176,33 @@ Table of Contents

* Description: Hash algorithm used to produce the payload.

4.1.1. Named Information Hash Algorithm Registry

* Name: SHAKE256

* Label: TBD_2

* Value type: int

* Value registry: https://www.iana.org/assignments/named-
information/named-information.xhtml

* Description: SHAKE256 a described in
https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf

* Name: ASCON128

* Label: TBD_3

* Value type: int

* Value registry: https://www.iana.org/assignments/named-
information/named-information.xhtml

* Description: ASCON128 a described in
https://csrc.nist.gov/CSRC/media/Projects/lightweight-
cryptography/documents/round-2/spec-doc-rnd2/ascon-spec-round2.pdf

5. Normative References

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Expand Down

0 comments on commit 86f161a

Please sign in to comment.