You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It's ambiguous in the docs that this library doesn't assist you with the generation of COSE signatures, some of the examples imply it might, but it became clear to me after testing that this doesn't seem to be supported?
It would be good to make this clearer, or add the functionality.
To assist any users who come by the Github and have the same issue, here is some sample code I wrote that can successfully generate the COSE signatures.
It's not production ready, but it does work, and proves the core concepts.
classExampleSignerattr_reader:algorithm,:sig_methoddefinitialize(algorithm,sig_method)@algorithm=COSE::Algorithm.find(algorithm)@sig_method=COSE.const_get(sig_method)enddefgenerate_keysigner.generate_signing_key.verify_key.serializeenddefsign(unsigned_payload)CBOR::Tagged.new(sig_method.tag,[CBOR.encode(protected_header),unprotected_header,unsigned_payload,signature(unsigned_payload)]).to_cborenddefverify(signed_payload,verify_key)signed_cwt=sig_method.deserialize(signed_payload)cose_key=COSE::Key::EC2.from_pkey(signer.class::VerifyKey.deserialize(verify_key).send(:__getobj__))signed_cwt.verify(cose_key)endprivatedefsigner@signer ||= algorithm.send(:signature_algorithm_class).new(**algorithm.send(:signature_algorithm_parameters))enddefprotected_header{COSE::SecurityMessage::Headers::HEADER_LABEL_ALG=>algorithm.id}enddefunprotected_header{}enddefexternal_aadnilenddefsig_structure(unsigned_payload)CBOR.encode([sig_method::CONTEXT,CBOR.encode(protected_header),external_aad || COSE::SecurityMessage::ZERO_LENGTH_BIN_STRING,unsigned_payload])enddefsignature(unsigned_payload)signer.sign(sig_structure(unsigned_payload))endendCWT_ISSUER=1CWT_EXPIRATION=4CWT_NOT_BEFORE=5CWT_ISSUED_AT=6# Example CWT payloadunsigned_payload={CWT_ISSUER=>'my_issuer',CWT_EXPIRATION=>1_735_689_599,CWT_NOT_BEFORE=>1_704_067_200,CWT_ISSUED_AT=>1_727_998_532}s=ExampleSigner.new('ES256','Sign1')public_key=s.generate_keysigned_payload=s.sign(unsigned_payload)ifs.verify(signed_payload,public_key)puts"Verified successfully!"elseputs"Verification failed!"end
The text was updated successfully, but these errors were encountered:
It's ambiguous in the docs that this library doesn't assist you with the generation of COSE signatures, some of the examples imply it might, but it became clear to me after testing that this doesn't seem to be supported?
It would be good to make this clearer, or add the functionality.
To assist any users who come by the Github and have the same issue, here is some sample code I wrote that can successfully generate the COSE signatures.
It's not production ready, but it does work, and proves the core concepts.
The text was updated successfully, but these errors were encountered: