7.2. Validating a CWT
7.2. Validating a CWT
When validating a CWT, the following steps are performed. The order of the steps is not significant in cases where there are no dependencies between the inputs and outputs of the steps. If any of the listed steps fail, then the CWT MUST be rejected -- that is, treated by the application as invalid input.
-
Verify that the CWT is a valid CBOR object.
-
If the object begins with the CWT CBOR tag, remove it and verify that one of the COSE CBOR tags follows it.
-
If the object is tagged with one of the COSE CBOR tags, remove it and use it to determine the type of the CWT, COSE_Sign/COSE_Sign1, COSE_Mac/COSE_Mac0, or COSE_Encrypt/COSE_Encrypt0. If the object does not have a COSE CBOR tag, the COSE message type is determined from the application context.
-
Verify that the resulting COSE Header includes only parameters and values whose syntax and semantics are both understood and supported or that are specified as being ignored when not understood.
-
Depending upon whether the CWT is a signed, MACed, or encrypted, there are three cases:
-
If the CWT is a COSE_Sign/COSE_Sign1, follow the steps specified in Section 4 of [RFC8152] ("Signing Objects") for validating a COSE_Sign/COSE_Sign1 object. Let the Message be the COSE_Sign/COSE_Sign1 payload.
-
Else, if the CWT is a COSE_Mac/COSE_Mac0, follow the steps specified in Section 6 of [RFC8152] ("MAC Objects") for validating a COSE_Mac/COSE_Mac0 object. Let the Message be the COSE_Mac/COSE_Mac0 payload.
-
Else, if the CWT is a COSE_Encrypt/COSE_Encrypt0 object, follow the steps specified in Section 5 of [RFC8152] ("Encryption Objects") for validating a COSE_Encrypt/COSE_Encrypt0 object. Let the Message be the resulting plaintext.
-
-
If the Message begins with a COSE CBOR tag, then the Message is a CWT that was the subject of nested signing, MACing, or encryption operations. In this case, return to Step 1, using the Message as the CWT.
-
Verify that the Message is a valid CBOR map; let the CWT Claims Set be this CBOR map.