Next: , Previous: , Up: Cryptographic messages   [Index]

cm/pub format

Public key is the cm/signed structure.

Stored in a file, it should begin with "cm/pub" magic.

Its /load/t equals to pub. /load/v contains cm-pub-load: 

pub-load {
    {field . {map}}
    {field id {with fpr}}
    {field crit {} !exists}
    {field ku {set} >0 optional}
    {field pub {list} {of av} >0}
    {field sub {map} {of str} >0}
}
sub

Subject is a map of arbitrary strings. Currently no constraints on what fields must be present. Each application and usage context defines it on his own. But you may mimic X.509’s subject with keys like "CN", "C", "O" and similar ones.

pub

Public key container itself may contain multiple public keys.

That is solely intended for tasks requiring more than single key usage. For example NNCP uses one X25519 for (DH) encryption, one curve25519 for online authentication and one ed25519 for signing purposes. All those three keys are used together. That public key’s key usage field must contain something like "nncp".

If your keypair is intended for general purposes like signing of arbitrary data, then single public key should be used, with a key usage like "sig".

id

Public key(s)’s fingerprint should be generated as 256-bit hash hash of the encoded pub field. If not stated otherwise for specific algorithm.

ku

Intended public key(s) usage. Application-specific example with multiple public keys is described above. It must be absent if empty.

crit

Optional critical (in terms of X.509) extensions. Non-critical ones may be placed outside that map, directly in cm-pub-load. It must be absent if empty. Values are extension specific.

cm/signed’s sig-tbs must contain additional fields: 

exp-tai {{field . {tai} prec=s utc}}
expiration {{field . {list} {of exp-tai} len=2}}

pub-sig-tbs {
    {field . {map}}
    {field sid {with fpr}}
    {field cid {hexlet}}
    {field exp {with expiration}}
    {field nonce {bin} >0 optional}
    {field when {tai} utc prec=ms optional}
}
sid

Signing public key’s fingerprint.

cid

Certification unique identifier. UUIDv7 is a good choice. But it may be UUIDv4, or any desired method of generation.

exp

Certification expiration period. It must contain TAI64 datetime (no nanoseconds).

Example minimal certified public key may look like: 

MAGIC cm/pub
MAP {
  load {MAP {
    t {STR pub}
    v {MAP {
      id {BIN "6aee..."}
      pub {LIST {
        {MAP {
          a {STR ed25519-blake2b}
          v {BIN "c1bf..."}
        }}
      }}
      sub {MAP {
        N {STR test}
      }}
    }}
  }}
  sigs {LIST {
    {MAP {
      tbs {MAP {
        cid {HEXLET 01963308-1033-75a7-bfb6-7d3ab3db6d63}
        exp {LIST {
          {TAI64 "2025-04-14 06:41:28"}
          {TAI64 "2026-04-14 06:41:28"}
        }}
        sid {BIN "0087..."}
      }}
      sign {MAP {
        a {STR ed25519-blake2b}
        v {BIN "7450..."}
      }}
    }}
  }}
}
cm-pub-gost3410:  cm/pub with GOST R 34.10-2012
cm-pub-ed25519-blake2b:  cm/pub with Ed25519-BLAKE2b
cm-pub-sntrup4591761-x25519:  cm/pub with SNTRUP4591761+X25519
cm-pub-mceliece6960119-x25519:  cm/pub with Classic McEliece 6960-119+X25519
cm-pub-sphincs+-shake-256f:  cm/pub with SPHINCS+-SHAKE256-256f

Next: cm/hashed format, Previous: cm/signed format, Up: Cryptographic messages   [Index]