cose

package
v0.10.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 29, 2022 License: Apache-2.0 Imports: 5 Imported by: 0

README

COSE Type Data Documentation

This document provides a definition for each field that is not otherwise described in the cose schema. This document also notes any additional information about the values associated with each field such as the format in which the data is stored and any necessary transformations.

AAD Additional Authenticated Data.

If the COSE envelope is signed using AAD, the same data must be provided during upload, otherwise the signature verification will fail. This data is not stored in Rekor.

How do you identify an object as an cose object?

The "Body" field will include an "coseObj" field.

Recognized content types

  • in-toto statements are recognized and parsed. The found subject hashes are indexed so they can be searched for.

What data about the envelope is stored in Rekor

Only the hash of the payload, the hash of the COSE envelope and the public key is stored.

If Rekor is configured to use attestation storage, the entire envelope is also stored. If attestation storage is enabled, the COSE envelope is stored as an attestation, which means that during retrieval of the record, the complete envelope is returned in the attestation field, not within the body.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL