digest format compatibility - relates to PR #56 #60
Comments
|
Maybe I'm not understanding correctly your point, but the intention with |
|
the goal is to enable a base verifier convention that recognizes how to compare the digest in reference with digest in evidence. If evidence uses the text option while reference uses the int option then verifier needs to know both in order to determine that the size of the digest value is correct. If this is tagged then the various permutations of the digest entry can be enumerated by different tags. Given TCG Edorsement spec uses hash-entry, this definition is an extension that implies a different matching convention that can be mismatched with what is in evidence. |
|
From #56:
The explanation above:
isn't the same as what is included by #56. The latter is better. But the rules for text-based algorithm identifiers (which are not used by coswid) and a free-form string that has no global meaning seems arbitrary. Rather, coswid expects the algorithm identifers (expressed as int) are agreed upon by the community of coswid implementers. But these are presumably different from https://www.iana.org/assignments/cose/cose.xhtml#algorithms identifiers. A tagged-digest would capture the existing coswid semantics (#6.)(hash-entry) vs. the COSE digest semantics (#6.)(digest). Both have the same form of [ int, bytes ] if you ignore the possibility of [ text, bytes] which doesn't seem to be useful in a COSE context - afaik. |
Fix #60 Signed-off-by: Thomas Fossati <thomas.fossati@arm.com>
PR #56 replaced
hash-entrywithdigestwhich added a text algorithm identifier. Hash entry used an integer algorithm identifier and has a dependency on coswid.The goal was to allow COSE digest algorithm types.
The digest type should support a tagged digest type so that the exact semantics of which algorithm namespace and digest format can be specified.
The text was updated successfully, but these errors were encountered: