Merged
Conversation
This commit introduces a new signature version, `CoseHashEnvelope`, to replace the older `CoseHashV` format. Key changes include: - Updated `CoseSign1MessageIndirectSignatureExtensionsTests` and `IndirectSignatureFactory` to support the new format. - Refactored methods for creating indirect signatures to align with `CoseHashEnvelope`. - Removed obsolete methods from the `CoseHashV` class and replaced them with implementations for the new format. - Enhanced `CoseSign1Message` with methods to check for `CoseHashEnvelope` presence and retrieve associated hash algorithms and content types. These changes improve the functionality and flexibility of the COSE signing library while ensuring backward compatibility.
- Updated `System.Threading.Tasks.Extensions` to 4.6.0 in `CoseIndirectSignature.csproj`. - Updated `System.Security.Cryptography.Cose` to 9.0.2 in `CoseSign1.Abstractions.csproj` and `CoseSign1.Tests.csproj`. - Updated `System.Runtime.Caching` to 9.0.2 in `CoseSign1.Certificates.csproj`. - Removed `System.Formats.Cbor` from `CoseSign1.Tests.csproj`.
There was a problem hiding this comment.
PR Overview
This PR adds comprehensive support for the new CoseHashEnvelope signature format to the COSE signing library while maintaining backward compatibility with the legacy CoseHashV approach. Key changes include:
- New extension methods and overloads to create, validate, and extract CoseHashEnvelope signatures.
- Updates to the indirect signature factory to support both CoseHashEnvelope and CoseHashV formats.
- Modifications to tests and documentation ensuring correct usage and error handling for the new envelope format.
Reviewed Changes
| File | Description |
|---|---|
| CoseIndirectSignature/Extensions/CoseSign1MessageCoseHashVExtensions.cs | Added helper methods for CoseHashV signatures (unchanged in this PR). |
| CoseIndirectSignature/Extensions/CoseSign1MessageCoseHashEnvelopeExtensions.cs | New extensions to support CoseHashEnvelope functionality. |
| CoseIndirectSignature/CoseHashEnvelopeHeaderExtender.cs | Added header extender for CoseHashEnvelope and updated header handling. |
| IndirectSignatureFactory.* files | Added and modified methods to create indirect signatures based on both CoseHashEnvelope and CoseHashV formats. |
| CoseIndirectSignature.Tests/* and CoseSignTool.Tests/* | Updated tests to verify functionality for both the new and legacy formats. |
| README.md | Minor documentation update regarding dependencies. |
Copilot reviewed 19 out of 19 changed files in this pull request and generated 1 comment.
Comments suppressed due to low confidence (1)
CoseIndirectSignature/CoseHashV.cs:138
- [nitpick] The variable name 'hashAlgorightm' is misspelled; consider renaming it to 'hashAlgorithm' for clarity and consistency.
using HashAlgorithm hashAlgorightm = GetHashAlgorithmFromCoseHashAlgorithm(algorithm);
…thub.com/microsoft/CoseSignTool into users/jstatia/support_COSE_Hash_Envelope
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
elantiguamsft
approved these changes
Mar 13, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add CoseHashEnvelope support to signing library from https://datatracker.ietf.org/doc/draft-ietf-cose-hash-envelope/03/
This commit introduces a new signature version,
CoseHashEnvelope, to replace the olderCoseHashVformat. Key changes include:CoseSign1MessageIndirectSignatureExtensionsTestsandIndirectSignatureFactoryto support the new format.CoseHashEnvelope.CoseHashEnvelopeas the default format andCoseHashVis now theuseOldFormat=truevalue.CoseSign1Messagewith methods to check forCoseHashEnvelopepresence and retrieve associated hash algorithms and content types.These changes improve the functionality and flexibility of the COSE signing library while ensuring backward compatibility for creation and validation.