From 73ff2f179634f894cc2058804543b369b216c1ac Mon Sep 17 00:00:00 2001 From: "Jeromy Statia (from Dev Box)" Date: Tue, 18 Mar 2025 07:59:59 -0700 Subject: [PATCH 1/5] Add support for coap preimage content type parsing for validation, will only create tstr preimage content type. --- .../CoseHashEnvelopeTests.cs | 82 +++++++++++++++++-- ...eSign1MessageCoseHashEnvelopeExtensions.cs | 44 ++++++++-- 2 files changed, 116 insertions(+), 10 deletions(-) diff --git a/CoseIndirectSignature.Tests/CoseHashEnvelopeTests.cs b/CoseIndirectSignature.Tests/CoseHashEnvelopeTests.cs index 81caa034..5c840bbf 100644 --- a/CoseIndirectSignature.Tests/CoseHashEnvelopeTests.cs +++ b/CoseIndirectSignature.Tests/CoseHashEnvelopeTests.cs @@ -112,7 +112,7 @@ public void TestExtensionMethodNullHandling(int testCase) algoName.Should().BeNull(); break; case 3: - coseSign1Message.TryGetPreImageContentType(out string? contentType).Should().BeFalse(); + coseSign1Message.TryGetPreImageContentType(out string? contentType, out _).Should().BeFalse(); contentType.Should().BeNull(); break; case 4: @@ -140,7 +140,7 @@ public void ValidCoseHashEnvelopeMinusContentShouldInvalidate() message!.TryGetIsCoseHashEnvelope().Should().BeFalse(); message.TryGetPayloadHashAlgorithm(out CoseHashAlgorithm? algoName).Should().BeTrue(); algoName.Should().Be(CoseHashAlgorithm.SHA256); - message.TryGetPreImageContentType(out string? contentType).Should().BeTrue(); + message.TryGetPreImageContentType(out string? contentType, out _).Should().BeTrue(); contentType.Should().Be("application/test"); } @@ -175,7 +175,7 @@ public void ValidCoseHashEnvelopePayloadHashAlgorithmUnprotectedHeaderShouldInva message!.TryGetIsCoseHashEnvelope().Should().BeFalse(); message.TryGetPayloadHashAlgorithm(out CoseHashAlgorithm? algoName).Should().BeFalse(); algoName.Should().BeNull(); - message.TryGetPreImageContentType(out string? contentType).Should().BeTrue(); + message.TryGetPreImageContentType(out string? contentType, out _).Should().BeTrue(); contentType.Should().Be("application/test"); } @@ -208,7 +208,7 @@ public void ValidCoseHashEnvelopeInvalidPayloadHashAlgorithmShouldInvalidate() message!.TryGetIsCoseHashEnvelope().Should().BeFalse(); message.TryGetPayloadHashAlgorithm(out CoseHashAlgorithm? algoName).Should().BeFalse(); algoName.Should().BeNull(); - message.TryGetPreImageContentType(out string? contentType).Should().BeTrue(); + message.TryGetPreImageContentType(out string? contentType, out _).Should().BeTrue(); contentType.Should().Be("application/test"); } @@ -243,7 +243,7 @@ public void ValidCoseHashEnvelopePayloadPreImageContentTypeUnprotectedHeaderShou message!.TryGetIsCoseHashEnvelope().Should().BeTrue(); message.TryGetPayloadHashAlgorithm(out CoseHashAlgorithm? algoName).Should().BeTrue(); algoName.Should().Be(CoseHashAlgorithm.SHA256); - message.TryGetPreImageContentType(out string? contentType).Should().BeTrue(); + message.TryGetPreImageContentType(out string? contentType, out _).Should().BeTrue(); contentType.Should().Be("application/test"); } @@ -279,6 +279,78 @@ public void ValidCoseHashEnvelopePayloadNoPreImageContentShouldValidate() contentType.Should().BeNullOrEmpty(); } + [Test] + public void ValidCoseHashEnvelopePayloadNoPreImageContentCoaPShouldValidate() + { + ICoseSigningKeyProvider coseSigningKeyProvider = TestUtils.SetupMockSigningKeyProvider(); + CoseSign1MessageFactory factory = new(); + + byte[] randomBytes = new byte[50]; + new Random().NextBytes(randomBytes); + Mock mockHeaderExtender = new(MockBehavior.Strict); + CoseHeaderMap protectedHeader = new(); + CoseHeaderMap unProtectedHeader = new(); + + CoseHashEnvelopeHeaderExtender headerExtender = new CoseHashEnvelopeHeaderExtender(HashAlgorithmName.SHA256, "application/test"); + protectedHeader = headerExtender.ExtendProtectedHeaders(protectedHeader); + protectedHeader.Remove(CoseHashEnvelopeHeaderExtender.CoseHashEnvelopeHeaderLabels[CoseHashEnvelopeHeaderLabels.PreimageContentType]); + // https://www.rfc-editor.org/rfc/rfc9052.html#CoAP_content_type + protectedHeader.Add(CoseHashEnvelopeHeaderExtender.CoseHashEnvelopeHeaderLabels[CoseHashEnvelopeHeaderLabels.PreimageContentType], CoseHeaderValue.FromInt32(98)); + + mockHeaderExtender.Setup(x => x.ExtendProtectedHeaders(It.IsAny())).Returns(protectedHeader); + mockHeaderExtender.Setup(x => x.ExtendUnProtectedHeaders(It.IsAny())).Returns(unProtectedHeader); + + CoseSign1Message? message = factory.CreateCoseSign1Message( + randomBytes, + coseSigningKeyProvider, + embedPayload: true, + headerExtender: mockHeaderExtender.Object); + message.Should().NotBeNull(); + message!.TryGetIsCoseHashEnvelope().Should().BeTrue(); + message.TryGetPayloadHashAlgorithm(out CoseHashAlgorithm? algoName).Should().BeTrue(); + algoName.Should().Be(CoseHashAlgorithm.SHA256); + message.TryGetPreImageContentType(out string? contentType).Should().BeFalse(); + contentType.Should().BeNullOrEmpty(); + message.TryGetPreImageContentType(out int? coapPreImageContentType).Should().BeTrue(); + coapPreImageContentType.Should().Be(98); + } + + [Test] + public void ValidCoseHashEnvelopePayloadNoPreImageContentCoaPUnprotectedShouldValidate() + { + ICoseSigningKeyProvider coseSigningKeyProvider = TestUtils.SetupMockSigningKeyProvider(); + CoseSign1MessageFactory factory = new(); + + byte[] randomBytes = new byte[50]; + new Random().NextBytes(randomBytes); + Mock mockHeaderExtender = new(MockBehavior.Strict); + CoseHeaderMap protectedHeader = new(); + CoseHeaderMap unProtectedHeader = new(); + + CoseHashEnvelopeHeaderExtender headerExtender = new CoseHashEnvelopeHeaderExtender(HashAlgorithmName.SHA256, "application/test"); + protectedHeader = headerExtender.ExtendProtectedHeaders(protectedHeader); + protectedHeader.Remove(CoseHashEnvelopeHeaderExtender.CoseHashEnvelopeHeaderLabels[CoseHashEnvelopeHeaderLabels.PreimageContentType]); + // https://www.rfc-editor.org/rfc/rfc9052.html#CoAP_content_type + unProtectedHeader.Add(CoseHashEnvelopeHeaderExtender.CoseHashEnvelopeHeaderLabels[CoseHashEnvelopeHeaderLabels.PreimageContentType], CoseHeaderValue.FromInt32(98)); + + mockHeaderExtender.Setup(x => x.ExtendProtectedHeaders(It.IsAny())).Returns(protectedHeader); + mockHeaderExtender.Setup(x => x.ExtendUnProtectedHeaders(It.IsAny())).Returns(unProtectedHeader); + + CoseSign1Message? message = factory.CreateCoseSign1Message( + randomBytes, + coseSigningKeyProvider, + embedPayload: true, + headerExtender: mockHeaderExtender.Object); + message.Should().NotBeNull(); + message!.TryGetIsCoseHashEnvelope().Should().BeTrue(); + message.TryGetPayloadHashAlgorithm(out CoseHashAlgorithm? algoName).Should().BeTrue(); + algoName.Should().Be(CoseHashAlgorithm.SHA256); + message.TryGetPreImageContentType(out string? contentType).Should().BeFalse(); + contentType.Should().BeNullOrEmpty(); + message.TryGetPreImageContentType(out int? coapPreImageContentType).Should().BeTrue(); + coapPreImageContentType.Should().Be(98); + } + [Test] public void ValidCoseHashEnvelopePayloadLocationProtectedHeaderShouldValidate() { diff --git a/CoseIndirectSignature/Extensions/CoseSign1MessageCoseHashEnvelopeExtensions.cs b/CoseIndirectSignature/Extensions/CoseSign1MessageCoseHashEnvelopeExtensions.cs index 7e3c6c06..c8101284 100644 --- a/CoseIndirectSignature/Extensions/CoseSign1MessageCoseHashEnvelopeExtensions.cs +++ b/CoseIndirectSignature/Extensions/CoseSign1MessageCoseHashEnvelopeExtensions.cs @@ -99,18 +99,39 @@ public static bool TryGetPayloadHashAlgorithm(this CoseSign1Message? @this, out } } + /// + /// Tries to get the preimage content type as string from the headers of the CoseSign1Message. + /// + /// The to evaluate. + /// OUT param which will have the value of the PreImageContentType Cose Header as a string. + /// True if the PreImageContentType header is found and will be non-null, False otherwise. + public static bool TryGetPreImageContentType(this CoseSign1Message? @this, out string? preImageContentType) => + TryGetPreImageContentType(@this, out preImageContentType, out _) ? string.IsNullOrWhiteSpace(preImageContentType) == false : false; + + /// + /// Tries to get the preimage content type as CoaP from the headers of the CoseSign1Message. + /// + /// The to evaluate. + /// OUT param which will have the value of the PreImageContentType Cose Header as a CoAP content type. + /// True if the PreImageContentType header is found and will be non-null, False otherwise. + public static bool TryGetPreImageContentType(this CoseSign1Message? @this, out int? coapPreImageContentType) => + TryGetPreImageContentType(@this, out _, out coapPreImageContentType) ? coapPreImageContentType != null : false; + /// /// Tries to get the preimage content type from the headers of the CoseSign1Message. /// /// The to evaluate. /// OUT param which will have the value of the PreImageContentType Cose Header. + /// OUT param which will have the value of the PreImageContentType Cose Header as a CoAP content type. /// True if the PreImageContentType header is found and will be non-null, False otherwise. - public static bool TryGetPreImageContentType(this CoseSign1Message? @this, out string? preImageContentType) + public static bool TryGetPreImageContentType(this CoseSign1Message? @this, out string? preImageContentType, out int? coapPreImageContentType) { + coapPreImageContentType = null; + preImageContentType = null; + if (@this == null) { Trace.TraceError($"{nameof(TryGetPayloadHashAlgorithm)} was called on a null CoseSign1Message object"); - preImageContentType = null; return false; } @@ -120,19 +141,32 @@ public static bool TryGetPreImageContentType(this CoseSign1Message? @this, out s // first check protected headers as its preferred to be present there if (@this.ProtectedHeaders.TryGetValue(CoseHashEnvelopeHeaderExtender.CoseHashEnvelopeHeaderLabels[CoseHashEnvelopeHeaderLabels.PreimageContentType], out CoseHeaderValue preImageContentTypeValue)) { - preImageContentType = preImageContentTypeValue.GetValueAsString(); + try + { + preImageContentType = preImageContentTypeValue.GetValueAsString(); + } + catch(InvalidOperationException) + { + coapPreImageContentType = preImageContentTypeValue.GetValueAsInt32(); + } return true; } // second check unprotected headers if (@this.UnprotectedHeaders.TryGetValue(CoseHashEnvelopeHeaderExtender.CoseHashEnvelopeHeaderLabels[CoseHashEnvelopeHeaderLabels.PreimageContentType], out preImageContentTypeValue)) { - preImageContentType = preImageContentTypeValue.GetValueAsString(); + try + { + preImageContentType = preImageContentTypeValue.GetValueAsString(); + } + catch (InvalidOperationException) + { + coapPreImageContentType = preImageContentTypeValue.GetValueAsInt32(); + } return true; } Trace.TraceWarning($"{nameof(TryGetPreImageContentType)} was called on a CoseSign1Message object({@this.GetHashCode()}) without the PreimageContentType header present."); - preImageContentType = null; return false; } From 653e6e66b7c5220099c1b45ffea012aada469213 Mon Sep 17 00:00:00 2001 From: "Jeromy Statia (from Dev Box)" Date: Tue, 18 Mar 2025 08:05:12 -0700 Subject: [PATCH 2/5] revert some test signature updates that are not needed. --- CoseIndirectSignature.Tests/CoseHashEnvelopeTests.cs | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/CoseIndirectSignature.Tests/CoseHashEnvelopeTests.cs b/CoseIndirectSignature.Tests/CoseHashEnvelopeTests.cs index 5c840bbf..11a92b6a 100644 --- a/CoseIndirectSignature.Tests/CoseHashEnvelopeTests.cs +++ b/CoseIndirectSignature.Tests/CoseHashEnvelopeTests.cs @@ -112,7 +112,7 @@ public void TestExtensionMethodNullHandling(int testCase) algoName.Should().BeNull(); break; case 3: - coseSign1Message.TryGetPreImageContentType(out string? contentType, out _).Should().BeFalse(); + coseSign1Message.TryGetPreImageContentType(out string? contentType).Should().BeFalse(); contentType.Should().BeNull(); break; case 4: @@ -140,7 +140,7 @@ public void ValidCoseHashEnvelopeMinusContentShouldInvalidate() message!.TryGetIsCoseHashEnvelope().Should().BeFalse(); message.TryGetPayloadHashAlgorithm(out CoseHashAlgorithm? algoName).Should().BeTrue(); algoName.Should().Be(CoseHashAlgorithm.SHA256); - message.TryGetPreImageContentType(out string? contentType, out _).Should().BeTrue(); + message.TryGetPreImageContentType(out string? contentType).Should().BeTrue(); contentType.Should().Be("application/test"); } @@ -175,7 +175,7 @@ public void ValidCoseHashEnvelopePayloadHashAlgorithmUnprotectedHeaderShouldInva message!.TryGetIsCoseHashEnvelope().Should().BeFalse(); message.TryGetPayloadHashAlgorithm(out CoseHashAlgorithm? algoName).Should().BeFalse(); algoName.Should().BeNull(); - message.TryGetPreImageContentType(out string? contentType, out _).Should().BeTrue(); + message.TryGetPreImageContentType(out string? contentType).Should().BeTrue(); contentType.Should().Be("application/test"); } @@ -208,7 +208,7 @@ public void ValidCoseHashEnvelopeInvalidPayloadHashAlgorithmShouldInvalidate() message!.TryGetIsCoseHashEnvelope().Should().BeFalse(); message.TryGetPayloadHashAlgorithm(out CoseHashAlgorithm? algoName).Should().BeFalse(); algoName.Should().BeNull(); - message.TryGetPreImageContentType(out string? contentType, out _).Should().BeTrue(); + message.TryGetPreImageContentType(out string? contentType).Should().BeTrue(); contentType.Should().Be("application/test"); } @@ -243,7 +243,7 @@ public void ValidCoseHashEnvelopePayloadPreImageContentTypeUnprotectedHeaderShou message!.TryGetIsCoseHashEnvelope().Should().BeTrue(); message.TryGetPayloadHashAlgorithm(out CoseHashAlgorithm? algoName).Should().BeTrue(); algoName.Should().Be(CoseHashAlgorithm.SHA256); - message.TryGetPreImageContentType(out string? contentType, out _).Should().BeTrue(); + message.TryGetPreImageContentType(out string? contentType).Should().BeTrue(); contentType.Should().Be("application/test"); } From 386e6e39abdd806feabf6ee19541566491182c27 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 18 Mar 2025 15:09:07 +0000 Subject: [PATCH 3/5] Update changelog for release --- CHANGELOG.md | 56 ++++++++++++++++++++++++++++++---------------------- 1 file changed, 32 insertions(+), 24 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 40a7230b..b6620c72 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,13 @@ # Changelog +## [v1.3.0-pre4](https://github.com/microsoft/CoseSignTool/tree/v1.3.0-pre4) (2025-03-13) + +[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.3.0-pre3...v1.3.0-pre4) + +**Merged pull requests:** + +- Add support for CoseHashEnvelope [\#125](https://github.com/microsoft/CoseSignTool/pull/125) ([JeromySt](https://github.com/JeromySt)) + ## [v1.3.0-pre3](https://github.com/microsoft/CoseSignTool/tree/v1.3.0-pre3) (2024-12-28) [Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.3.0-pre2...v1.3.0-pre3) @@ -70,31 +78,31 @@ ## [v1.2.8-pre3](https://github.com/microsoft/CoseSignTool/tree/v1.2.8-pre3) (2024-10-15) -[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.2.8-pre1...v1.2.8-pre3) +[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.2.8-pre2...v1.2.8-pre3) **Merged pull requests:** - Increase timeout for checking for empty streams [\#113](https://github.com/microsoft/CoseSignTool/pull/113) ([lemccomb](https://github.com/lemccomb)) -## [v1.2.8-pre1](https://github.com/microsoft/CoseSignTool/tree/v1.2.8-pre1) (2024-09-25) +## [v1.2.8-pre2](https://github.com/microsoft/CoseSignTool/tree/v1.2.8-pre2) (2024-09-25) -[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.2.8-pre2...v1.2.8-pre1) +[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.2.8-pre1...v1.2.8-pre2) -## [v1.2.8-pre2](https://github.com/microsoft/CoseSignTool/tree/v1.2.8-pre2) (2024-09-25) +## [v1.2.8-pre1](https://github.com/microsoft/CoseSignTool/tree/v1.2.8-pre1) (2024-09-25) -[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.2.8...v1.2.8-pre2) +[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.2.6-pre2...v1.2.8-pre1) **Merged pull requests:** - Make the advanced stream handling optional. Use simple retry instead. [\#112](https://github.com/microsoft/CoseSignTool/pull/112) ([lemccomb](https://github.com/lemccomb)) -## [v1.2.8](https://github.com/microsoft/CoseSignTool/tree/v1.2.8) (2024-09-23) +## [v1.2.6-pre2](https://github.com/microsoft/CoseSignTool/tree/v1.2.6-pre2) (2024-09-23) -[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.2.6-pre2...v1.2.8) +[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.2.8...v1.2.6-pre2) -## [v1.2.6-pre2](https://github.com/microsoft/CoseSignTool/tree/v1.2.6-pre2) (2024-09-23) +## [v1.2.8](https://github.com/microsoft/CoseSignTool/tree/v1.2.8) (2024-09-23) -[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.2.6-pre1...v1.2.6-pre2) +[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.2.6-pre1...v1.2.8) **Merged pull requests:** @@ -304,19 +312,19 @@ ## [v1.1.7-pre1](https://github.com/microsoft/CoseSignTool/tree/v1.1.7-pre1) (2024-02-14) -[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.1.6-pre1...v1.1.7-pre1) +[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.1.7...v1.1.7-pre1) **Merged pull requests:** - Command Line Validation of Indirect Signatures [\#78](https://github.com/microsoft/CoseSignTool/pull/78) ([elantiguamsft](https://github.com/elantiguamsft)) -## [v1.1.6-pre1](https://github.com/microsoft/CoseSignTool/tree/v1.1.6-pre1) (2024-02-07) +## [v1.1.7](https://github.com/microsoft/CoseSignTool/tree/v1.1.7) (2024-02-07) -[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.1.7...v1.1.6-pre1) +[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.1.6-pre1...v1.1.7) -## [v1.1.7](https://github.com/microsoft/CoseSignTool/tree/v1.1.7) (2024-02-07) +## [v1.1.6-pre1](https://github.com/microsoft/CoseSignTool/tree/v1.1.6-pre1) (2024-02-07) -[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.1.6...v1.1.7) +[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.1.6...v1.1.6-pre1) **Merged pull requests:** @@ -380,19 +388,19 @@ ## [v1.1.1-pre1](https://github.com/microsoft/CoseSignTool/tree/v1.1.1-pre1) (2024-01-17) -[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.1.1...v1.1.1-pre1) +[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.1.0-pre7...v1.1.1-pre1) **Merged pull requests:** - Move CreateChangelog to after build in PR build [\#70](https://github.com/microsoft/CoseSignTool/pull/70) ([lemccomb](https://github.com/lemccomb)) -## [v1.1.1](https://github.com/microsoft/CoseSignTool/tree/v1.1.1) (2024-01-12) +## [v1.1.0-pre7](https://github.com/microsoft/CoseSignTool/tree/v1.1.0-pre7) (2024-01-12) -[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.1.0-pre7...v1.1.1) +[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.1.1...v1.1.0-pre7) -## [v1.1.0-pre7](https://github.com/microsoft/CoseSignTool/tree/v1.1.0-pre7) (2024-01-12) +## [v1.1.1](https://github.com/microsoft/CoseSignTool/tree/v1.1.1) (2024-01-12) -[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.1.0-pre6...v1.1.0-pre7) +[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v1.1.0-pre6...v1.1.1) **Closed issues:** @@ -465,7 +473,7 @@ ## [v0.3.1-pre.10](https://github.com/microsoft/CoseSignTool/tree/v0.3.1-pre.10) (2023-10-10) -[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v0.3.2...v0.3.1-pre.10) +[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v0.3.1-pre.9...v0.3.1-pre.10) **Merged pull requests:** @@ -475,13 +483,13 @@ - Port changes from ADO repo to GitHub repo [\#46](https://github.com/microsoft/CoseSignTool/pull/46) ([lemccomb](https://github.com/lemccomb)) - Re-enable CodeQL [\#45](https://github.com/microsoft/CoseSignTool/pull/45) ([lemccomb](https://github.com/lemccomb)) -## [v0.3.2](https://github.com/microsoft/CoseSignTool/tree/v0.3.2) (2023-09-28) +## [v0.3.1-pre.9](https://github.com/microsoft/CoseSignTool/tree/v0.3.1-pre.9) (2023-09-28) -[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v0.3.1-pre.9...v0.3.2) +[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v0.3.2...v0.3.1-pre.9) -## [v0.3.1-pre.9](https://github.com/microsoft/CoseSignTool/tree/v0.3.1-pre.9) (2023-09-28) +## [v0.3.2](https://github.com/microsoft/CoseSignTool/tree/v0.3.2) (2023-09-28) -[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v0.3.1-pre.8...v0.3.1-pre.9) +[Full Changelog](https://github.com/microsoft/CoseSignTool/compare/v0.3.1-pre.8...v0.3.2) **Merged pull requests:** From 7ca016102192498c6c6d0b7d99351a9ec32663c8 Mon Sep 17 00:00:00 2001 From: "Jeromy Statia (from Dev Box)" Date: Tue, 18 Mar 2025 08:11:17 -0700 Subject: [PATCH 4/5] Update comments to match version 4 of the draft rfc. --- CoseIndirectSignature/CoseHashEnvelopeHeaderExtender.cs | 9 ++++----- .../CoseSign1MessageCoseHashEnvelopeExtensions.cs | 8 ++++---- 2 files changed, 8 insertions(+), 9 deletions(-) diff --git a/CoseIndirectSignature/CoseHashEnvelopeHeaderExtender.cs b/CoseIndirectSignature/CoseHashEnvelopeHeaderExtender.cs index 272ca5c6..6745b288 100644 --- a/CoseIndirectSignature/CoseHashEnvelopeHeaderExtender.cs +++ b/CoseIndirectSignature/CoseHashEnvelopeHeaderExtender.cs @@ -125,11 +125,10 @@ public CoseHeaderMap ExtendProtectedHeaders(CoseHeaderMap protectedHeaders) Label 3 (content_type) MUST NOT be present in the protected or unprotected headers. - Label 3 is easily confused with label TBD_2 - payload_preimage_content_type. The difference between content_type - (3) and payload_preimage_content_type (TBD2) is content_type is used - to identify the content format associated with payload, whereas - payload_preimage_content_type is used to identify the content format + Label 3 is easily confused with label 259 payload_preimage_content_type. + The difference between content_type (3) and payload_preimage_content_type (259) + is content_type is used to identify the content format associated with payload, + whereas payload_preimage_content_type is used to identify the content format of the bytes which are hashed to produce the payload. */ protectedHeaders.Remove(CoseHeaderLabel.ContentType); diff --git a/CoseIndirectSignature/Extensions/CoseSign1MessageCoseHashEnvelopeExtensions.cs b/CoseIndirectSignature/Extensions/CoseSign1MessageCoseHashEnvelopeExtensions.cs index c8101284..acb7fcd5 100644 --- a/CoseIndirectSignature/Extensions/CoseSign1MessageCoseHashEnvelopeExtensions.cs +++ b/CoseIndirectSignature/Extensions/CoseSign1MessageCoseHashEnvelopeExtensions.cs @@ -12,7 +12,7 @@ public static class CoseSign1MessageCoseHashEnvelopeExtensions { /// /// Checks to see if the COSE Sign1 Message is a CoseHashEnvelope. - /// https://datatracker.ietf.org/doc/draft-ietf-cose-hash-envelope/03/ + /// https://www.ietf.org/archive/id/draft-ietf-cose-hash-envelope-04.html /// /// The to check. /// True if is a CoseHashEnvelope, False otherwise. @@ -65,7 +65,7 @@ public static bool TryGetPayloadHashAlgorithm(this CoseSign1Message? @this, out return false; } - // Label TBD_1(payload hash algorithm) MUST be present in the protected header + // Label 258 (payload hash algorithm) MUST be present in the protected header if (@this.ProtectedHeaders.TryGetValue(CoseHashEnvelopeHeaderExtender.CoseHashEnvelopeHeaderLabels[CoseHashEnvelopeHeaderLabels.PayloadHashAlg], out payloadHashAlgorithmValue)) { extractedValue = GetCoseHashAlgorithmFromHeaderValue(payloadHashAlgorithmValue); @@ -135,7 +135,7 @@ public static bool TryGetPreImageContentType(this CoseSign1Message? @this, out s return false; } - // Label TBD_2(content type of the preimage of the payload) MAY be + // Label 259 (content type of the preimage of the payload) MAY be // present in the protected header or unprotected header. // first check protected headers as its preferred to be present there @@ -186,7 +186,7 @@ public static bool TryGetPayloadLocation(this CoseSign1Message? @this, out strin return false; } - // Label TBD_3(payload_location) MAY be added to the protected + // Label 260 (payload_location) MAY be added to the protected // header and MUST NOT be presented in the unprotected header. if(@this.UnprotectedHeaders?.TryGetValue(CoseHashEnvelopeHeaderExtender.CoseHashEnvelopeHeaderLabels[CoseHashEnvelopeHeaderLabels.PayloadLocation], out CoseHeaderValue payloadLocationValue) ?? false) From 2f973e69a3aefd4118410715343d7ff237eedc39 Mon Sep 17 00:00:00 2001 From: "Jeromy Statia (from Dev Box)" Date: Tue, 18 Mar 2025 08:25:13 -0700 Subject: [PATCH 5/5] fix simplification nits from AI. --- .../Extensions/CoseSign1MessageCoseHashEnvelopeExtensions.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CoseIndirectSignature/Extensions/CoseSign1MessageCoseHashEnvelopeExtensions.cs b/CoseIndirectSignature/Extensions/CoseSign1MessageCoseHashEnvelopeExtensions.cs index acb7fcd5..6d7e046a 100644 --- a/CoseIndirectSignature/Extensions/CoseSign1MessageCoseHashEnvelopeExtensions.cs +++ b/CoseIndirectSignature/Extensions/CoseSign1MessageCoseHashEnvelopeExtensions.cs @@ -106,7 +106,7 @@ public static bool TryGetPayloadHashAlgorithm(this CoseSign1Message? @this, out /// OUT param which will have the value of the PreImageContentType Cose Header as a string. /// True if the PreImageContentType header is found and will be non-null, False otherwise. public static bool TryGetPreImageContentType(this CoseSign1Message? @this, out string? preImageContentType) => - TryGetPreImageContentType(@this, out preImageContentType, out _) ? string.IsNullOrWhiteSpace(preImageContentType) == false : false; + TryGetPreImageContentType(@this, out preImageContentType, out _) && !string.IsNullOrWhiteSpace(preImageContentType); /// /// Tries to get the preimage content type as CoaP from the headers of the CoseSign1Message. @@ -115,7 +115,7 @@ public static bool TryGetPreImageContentType(this CoseSign1Message? @this, out s /// OUT param which will have the value of the PreImageContentType Cose Header as a CoAP content type. /// True if the PreImageContentType header is found and will be non-null, False otherwise. public static bool TryGetPreImageContentType(this CoseSign1Message? @this, out int? coapPreImageContentType) => - TryGetPreImageContentType(@this, out _, out coapPreImageContentType) ? coapPreImageContentType != null : false; + TryGetPreImageContentType(@this, out _, out coapPreImageContentType) && coapPreImageContentType != null; /// /// Tries to get the preimage content type from the headers of the CoseSign1Message.