Signed container, some kind of analogue to ASN.1-based CMS SignedData.
=> CMS
* Ability to embed the data in the signed container
* Ability to create detached signature
* Ability to use non-prehashed signature of the embedded data, potentially
gaining more security
* Prehashed format is streaming friendly
* You can use [cm/hashed/Merkle] hashing mode to parallelise calculations
* Ability to attach arbitrary additional data
* Ability to store multiple signatures
Stored in a file, it should begin with "cm/signed" [encoding/MAGIC],
unless it is a [cm/pub/]lic key.
schema-include av.tcl
schema-include fpr.tcl
signed {
{field . {map}}
{field tbs {with tbs}}
{field data {} optional}
{field pubs {list} {of type map} >0 optional}
{field sigs {list} {of sig} >0 optional}
}
tbs {
{field . {map}}
{field t {str} >0} {# type of the data we sign}
{field id {hexlet} optional}
}
sig {
{field . {map}}
{field tbs {with sig-tbs}}
{field sign {with av}}
}
sig-tbs {
{field . {map} len=~}
{field sid {with fpr}}
{field nonce {bin} >0 optional} {# random bytes}
{field when {tai} utc prec=ms optional}
{# recipient's fingerprints}
{field encrypted-to {list} {of fpr} >0 optional}
}
av {
{field . {map}}
{field a {str} >0} {# algorithm identifier}
{field v {bin}}
}
fpr {{field . {bin} len=32}}
Signature is created by signing the:
data || /tbs || /sig/./tbs
If no "/data" is provided, then the data is detached from the
"cm/signed" structure itself and is fed into hasher before that
structure. You can provide it any way you wish, but for keeping
that detached data closely to the "cm/signed", you should use the
following approach:
prehash || BLOB(data) || cm/signed
prehash {
{field . {map}}
{field t {str} =prehash}
{field algos {set} >0} {# set of hash algorithm identifiers}
}
With "prehash" you initialise your hashers used during signing process
and feed BLOB's contents (not the encoded BLOB itself!) into the them.
prehash'es /algos must contain /sigs/*/sign/a identifiers:
"/sigs/*/tbs/when" is optional signing time.
Additional values that must be protected (covered by signature) are
placed in "/sigs/*/tbs" map. Non-protected (informational) fields
are placed outside it.
"/pubs" are optionally provided [cm/pub/]lic keys to help creating the
whole verification chain. They are placed outside "/sigs", because some
of them may be shared among signers.
If signed data is also intended to be [cm/encrypted/], then
"/sigs/*/tbs/encrypted-to" should be set to corresponding recipient's
public key fingerprint(s).
Backlinks:
0 [INSTALL] 2025-06-29 13:45:42 47
1 [Integrity] 2025-10-07 08:01:39 17
2 [cm/] 0
3 [cm/hashed/] 0
4 [cm/pub/] 0
5 [cm/signed/ed25519-blake2b] 2025-07-17 10:45:59 15
6 [cm/signed/ed25519ph-blake2b-merkle] 2025-06-09 07:24:59 6
7 [cm/signed/gost3410] 2025-06-26 13:25:25 9
8 [cm/signed/gost3410-merkle] 2025-06-09 07:24:59 7
9 [cm/signed/slh-dsa-shake-256s] 2025-06-24 12:41:34 8
10 [cm/signed/slh-dsa-shake-256s-merkle] 2025-06-24 12:41:34 6