Signed container, some kind of analogue to ASN.1-based CMS SignedData.
=> CMS
* Ability to embed the data in the signed container
* Ability to create detached signature
* Ability to use non-prehashed signature of the embedded data, potentially
gaining more security
* Prehashed format is streaming friendly
* You can use [cm/hashed/Merkle] hashing mode to parallelise calculations
* Ability to attach arbitrary additional data
* Ability to store multiple signatures
Stored in a file, it should begin with "cm/signed" [encoding/MAGIC],
unless it is a [cm/pub/]lic key.
schema-include av.tcl
schema-include fpr.tcl
signed {
{field . {map}}
{field load {with load}}
{field sigs {list} {of sig} >0 optional}
{field pubs {list} {of type map} >0 optional}
}
load {
{field . {map}}
{field t {str} >0}
{# field v is optional, arbitrary type}
}
sig {
{field . {map}}
{field tbs {with tbs}}
{field sign {with av}}
}
tbs {
{field . {map}}
{field sid {with fpr}}
{field nonce {bin} >0 optional} {# random bytes}
{field when {tai} utc prec=ms optional}
{# recipient's fingerprints}
{field encrypted-to {list} {of fpr} >0 optional}
}
av {
{field . {map}}
{field a {str} >0} {# algorithm identifier}
{field v {bin}}
}
fpr {{field . {bin} len=32}}
Signature is created by signing the:
[detached-data] || /load || /sig/./tbs
If no "/load/v" is provided, then the data is detached from the
"cm/signed" structure itself and is fed into hasher before that
structure. You can provide it any way you wish, but for keeping
that detached data closely to the "cm/signed", you should use the
following approach:
prehash || BLOB(detached-data) || cm/signed
prehash {
{field . {map}}
{field t {str} =prehash}
{field algos {set} >0} {# set of hash algorithm identifiers}
}
With "prehash" you initialise your hashers used during signing process
and feed BLOB's contents (not the encoded BLOB itself!) into the them.
prehash'es /algos must contain /sigs/*/sign/a identifiers:
"/sigs/*/tbs/when" is optional signing time.
Additional values that must be protected (covered by signature) are
placed in "/sigs/*/tbs" map. Non-protected (informational) fields
are placed outside it.
"/pubs" are optionally provided [cm/pub/]lic keys to help creating the
whole verification chain. They are placed outside "/sigs", because some
of them may be shared among signers.
If signed data is also intended to be [cm/encrypted/], then
"/sigs/*/tbs/encrypted-to" should be set to corresponding recipient's
public key fingerprint(s).
Backlinks:
0 [cm/] 0
1 [cm/hashed/] 0
2 [cm/pub/] 0
3 [cm/signed/ed25519-blake2b] 2025-06-09 07:24:59 15
4 [cm/signed/ed25519ph-blake2b-merkle] 2025-06-09 07:24:59 6
5 [cm/signed/gost3410] 2025-06-26 13:25:25 9
6 [cm/signed/gost3410-merkle] 2025-06-09 07:24:59 7
7 [cm/signed/slh-dsa-shake-256s] 2025-06-24 12:41:34 8
8 [cm/signed/slh-dsa-shake-256s-merkle] 2025-06-24 12:41:34 6