From 4c630876384fd7e40b18ad0f44053040dcb5ffec Mon Sep 17 00:00:00 2001 From: Mike West Date: Tue, 8 Oct 2024 15:59:00 +0200 Subject: [PATCH] Header depth is now less-weird. --- index.bs | 6 ++-- index.html | 88 +++++++++++++++++++++++++++--------------------------- 2 files changed, 47 insertions(+), 47 deletions(-) diff --git a/index.bs b/index.bs index 210fb01..62e907d 100644 --- a/index.bs +++ b/index.bs @@ -143,7 +143,7 @@ At a high level, we'll make the following changes to SRI: The following sections adjust algorithms accordingly. -

Parse |metadata|.

+

Parse |metadata|.

First, we'll newly define two sets of algorithm tokens: @@ -191,7 +191,7 @@ of signature expressions which are likewise understood: 3. Return |result|. -

Do |bytes| and |header list| match |metadataList|?

+

Do |bytes| and |header list| match |metadataList|?

Since we adjusted the result of [[#parsing]] above, we need to adjust the matching algorithm to match. The core change will be processing both hashing @@ -225,7 +225,7 @@ entire [=response/header list=]: 4. If |result| is `true`, set |signature-match| to `true` and [=iteration/break=]. 9. Return `false`.Return `true` if both |hash-match| and |signature-match| are `true`. Otherwise return `false`. -

Validate a signature using |algorithm| over |bytes| and |header list| with |public key|

+

Validate a signature using |algorithm| over |bytes| and |header list| with |public key|

The matching algorithm above calls into a new signature validation function. Let's write that down. At core, it will execute the Ed25519 validation steps diff --git a/index.html b/index.html index c85036d..b1a2803 100644 --- a/index.html +++ b/index.html @@ -7,7 +7,7 @@ - +