corim/signedcorim: check for mandatory alg and kid

veraison · Jan 19, 2025 · 6c337fd · 6c337fd
1 parent e629156
commit 6c337fd
Showing 1 changed file with 10 additions and 4 deletions.
diff --git a/corim/signedcorim.go b/corim/signedcorim.go
@@ -59,7 +59,12 @@ func (o *SignedCorim) processHdrs() error {
 		return errors.New("missing mandatory protected header")
 	}
 
-	v, ok := hdr.Protected[cose.HeaderLabelContentType]
+	v, ok := hdr.Protected[cose.HeaderLabelAlgorithm]
+	if !ok {
+		return errors.New("missing mandatory algorithm")
+	}
+
+	v, ok = hdr.Protected[cose.HeaderLabelContentType]
 	if !ok {
 		return errors.New("missing mandatory content type")
 	}
@@ -68,9 +73,10 @@ func (o *SignedCorim) processHdrs() error {
 		return fmt.Errorf("expecting content type %q, got %q instead", ContentType, v)
 	}
 
-	// TODO(tho) key id is apparently mandatory, which doesn't look right.
-	// TODO(tho) Check with the CoRIM design team.
-	// See https://github.com/veraison/corim/issues/14
+	v, ok = hdr.Protected[cose.HeaderLabelKeyID]
+	if !ok {
+//		return errors.New("missing mandatory key id")
+	}
 
 	v, ok = hdr.Protected[HeaderLabelCorimMeta]
 	if !ok {