[COSE] Re: c509 example verification

Robert Moskowitz <rgm-sec@htt-consult.com> Mon, 29 July 2024 20:29 UTC

Return-Path: <rgm-sec@htt-consult.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE76AC14F748 for <cose@ietfa.amsl.com>; Mon, 29 Jul 2024 13:29:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.905
X-Spam-Level:
X-Spam-Status: No, score=-1.905 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1_ip-VGGz9P5 for <cose@ietfa.amsl.com>; Mon, 29 Jul 2024 13:29:13 -0700 (PDT)
Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C39D8C14F602 for <cose@ietf.org>; Mon, 29 Jul 2024 13:29:13 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 1C8E662925; Mon, 29 Jul 2024 16:28:21 -0400 (EDT)
X-Virus-Scanned: amavisd-new at htt-consult.com
Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id diB5WNyaoxeO; Mon, 29 Jul 2024 16:28:12 -0400 (EDT)
Received: from [192.168.160.29] (unknown [192.168.160.29]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id 21AA6628FE; Mon, 29 Jul 2024 16:28:12 -0400 (EDT)
Content-Type: multipart/alternative; boundary="------------dZh9BOgxNplzUaF1H3YZ9IFh"
Message-ID: <46457fca-64a3-40cb-8d33-cfb1fa8c31c0@htt-consult.com>
Date: Mon, 29 Jul 2024 16:28:58 -0400
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: "Sipos, Brian J." <Brian.Sipos@jhuapl.edu>, "cose@ietf.org" <cose@ietf.org>
References: <af3f955063764210bc35e5a3368fda1a@jhuapl.edu>
From: Robert Moskowitz <rgm-sec@htt-consult.com>
In-Reply-To: <af3f955063764210bc35e5a3368fda1a@jhuapl.edu>
Message-ID-Hash: H3UJPTJ4H5KPWPFHTGJXEEX27NDGZFQI
X-Message-ID-Hash: H3UJPTJ4H5KPWPFHTGJXEEX27NDGZFQI
X-MailFrom: rgm-sec@htt-consult.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-cose.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [COSE] Re: c509 example verification
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/cKnP8Ey7jroQO-5mMmQlcnPyHXA>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Owner: <mailto:cose-owner@ietf.org>
List-Post: <mailto:cose@ietf.org>
List-Subscribe: <mailto:cose-join@ietf.org>
List-Unsubscribe: <mailto:cose-leave@ietf.org>

I am trying cargo on Fedroa 38 and not getting it compiled.   I need so 
help.


On 7/29/24 16:19, Sipos, Brian J. wrote:
>
> All,
>
> I’m looking into creating some example c509 certificates which make 
> use of SAN Other Name and EKU code points allocated by the current 
> draft [1] for BP security. I think I have a properly encoded c509 
> structure using native signature, but don’t have a good way to verify 
> that correctness.
>
> I tried using the tool under “c509_demo_impl” of the c509 source repo 
> [2] but just get errors when attempting to use it in the read-C509 
> mode with “cargo r c …” and I’m not sure what I may be doing wrong 
> (it’s not clear if the input is supposed to be direct binary, which I 
> have tried, or some other form of text-encoding). Any help getting 
> this tool, or some other more appropriate tool, working would be 
> appreciated.
>
> Brian S.
>
> [1] 
> https://www.ietf.org/archive/id/draft-ietf-cose-cbor-encoded-cert-11.html
>
> [2] https://github.com/cose-wg/CBOR-certificates
>
>
> _______________________________________________
> COSE mailing list --cose@ietf.org
> To unsubscribe send an email tocose-leave@ietf.org