зеркало из https://github.com/microsoft/CCF.git
31 строка
1.3 KiB
Plaintext
31 строка
1.3 KiB
Plaintext
ccf-cose-root-signature-tagged = #6.18(ccf-cose-root-signature)
|
|
|
|
ccf-cose-root-signature = [
|
|
phdr : bstr .cbor protected-headers, ; bstr-wrapped protected headers
|
|
uhdr : unprotected-headers, ; unwrappeed (plain map) unprotected headers
|
|
payload : nil, ; signed Merkle tree root hash, *detached* payload
|
|
signature : bstr ; COSE-signature
|
|
]
|
|
|
|
unprotected-headers = {
|
|
; empty map instead of 'nil'. QCBOR library verifier doesn't support 'nil'.
|
|
}
|
|
|
|
protected-headers = {
|
|
&(alg: 1) => int, ; signing algoritm ID, as per RFC8152
|
|
&(kid: 4) => bstr, ; signing key hash
|
|
&(cwt: 15) => cwt-map, ; CWT claims, as per RFC8392
|
|
&(vds: 395) => int, ; verifiable data structure, as per COSE Receipts (draft) RFC (https://datatracker.ietf.org/doc/draft-ietf-cose-merkle-tree-proofs/)
|
|
"ccf.v1" => ccf-map ; a set of CCF-specific parameters
|
|
}
|
|
|
|
cwt-map = {
|
|
&(iss: 1) => tstr, ; "issuer", string
|
|
&(sub: 2) => tstr, ; "subject", string
|
|
&(iat: 6) => int ; "issued at", number of seconds since the epoch
|
|
}
|
|
|
|
ccf-map = {
|
|
&(last-signed-txid: "txid") => tstr ; last committed transaction ID this COSE-signature signs
|
|
}
|