Response signature should be CMS signed data

[gmacf]

Raised by Katta from Juniper:

From bootz.proto

===============

// This is a signature of the serialized_bootstrap_data field,

// using the ownership_certificate.

// This should not be set if the device does not check for ownership

// voucher, which is indicated by the device not setting the nonce field

// in the GetBootstrapDataRequest message.

string response_signature = 103;

Specification and code assume that signature will be done with RSA key and with

PKCS#1 signature. Also, I see key should be in PKCS#1 PEM format. PKCS#8 format is

not accepted.

A standard should be accommodative to use any type of keys and signing schemes.

One could use ECDSA for signing. With RSA, one could use PKCS#1.5 or PSS signing.

Also the hash used for signing is assumed to be sha-256. Specification should allow any

hash like sha-512.

Then signature field should carry all of it (hash algo used, signature algo used, signer info etc.).

For this, I suggest to encode signature as CMS signed data (RFC 5652) and sending entire CMS

message in “response_signature” as bytes data. It adds about 700 bytes extra data which

is not significant for non-telemetry data.