feat: support detached payloads in COSESign and COSESign1

[alex-richards]

Hey,

I've extended COSESign and COSESign1 to support detached payloads, adds a parameter to the public API, not sure if that's desirable.

I'm also pretty new to Go, I've tried to copy the existing style but I'm sure there's plenty that could be improved.

Cheers, Alex

#195

[SteveLasker]

Hi, @alex-richards,
Thanks for the PR. Several of the maintainers/reviewers are at IETF this week. Please give us a bit of time to review.

Without knowing more about the specific scenario you want to implement, you might want to check this new draft for HASH Envelopes. It addresses many of the challenges detached payloads solve and create. Here's a set of slides we're presenting this week at the COSE Working group.

While we're still generally supportive for go-cose supporting detached payloads, one of the advantages of HASH Envelope is it's "just a payload" and you won't need to detach and re-attach the payload. Just FYI, we should still support detached payloads in go-cose.

[alex-richards]

Thanks Steve, I'll have a read, though I'm interested in ISO 18013-5, which specifies detached payloads.

I've removed the breaking changes.

[SteveLasker]

Hi @alex-richards. Welcome to the verasion/go-cose project and thank you for your contributions.
As go-cose is used in many projects and products, can you provide more info about yourself? Your profile has very limited info, with no additional info in your commits.

Thank you

[alex-richards]

Hi @alex-richards. Welcome to the verasion/go-cose project and thank you for your contributions. As go-cose is used in many projects and products, can you provide more info about yourself? Your profile has very limited info, with no additional info in your commits.

Thank you

Hi Steve,

Yeah, sure. Do you have a preferred private way for me to get in touch?

[SteveLasker]

You can reach me through my linkedin profile info.

[alex-richards]

Hey Steve,

I've signed as discussed.

Cheers, Alex

[SteveLasker]

Thanks, @alex-richards,
Several folks were at IETF this week, so maintainers may take a few days to catch up with their "day jobs" and review.

[OR13]

This seems ok to me, but it would be good to get more reviews, since this touches several interfaces

[SteveLasker]

Thanks, @alex-richards, can you please resolve the DCO error: https://github.com/veraison/go-cose/pull/197/checks?check_run_id=27984447393

[alex-richards]

@qmuntal I've made those changes, yeah, they're much clearer.

Not sure what resolving etiquette is here, tag you? Resolve myself?

[qmuntal]

@qmuntal I've made those changes, yeah, they're much clearer.

Not sure what resolving etiquette is here, tag you? Resolve myself?

You can resolve them yourself 👍

[qmuntal]

LGTM, thanks!

[alex-richards]

Any merging etiquette I should know about? Or just go for it once it's approved? Is 2 enough?

[SteveLasker]

Due to the slightly larger change, it would be good to have an additional golang and cose expert weigh in
@thomas-fossati, @shizhMSFT l, @setrofim can either of you please take a look?

[thomas-fossati]

Looks very good to me. Thanks a lot for the great contribution!

[yogeshbdeshpande]

Left some minor points on the comments to Verify, but in general LGTM!

[shizhMSFT]

I'd like to discuss more about the design in #195 before merging this PR as I have commented at #195 (comment)

[shizhMSFT]

Do we really need

func (m *SignMessage) SignDetached(rand io.Reader, detached, external []byte, signers ...Signer) error
func (m *Sign1Message) SignDetached(rand io.Reader, detached, external []byte, signer Signer) error

?

Can Sign1Detached be implemented as

Suggested change

	func Sign1Detached(rand io.Reader, signer Signer, headers Headers, detached, external []byte) ([]byte, error) {
	msg := Sign1Message{
	Headers: headers,
	}
	err := msg.SignDetached(rand, detached, external, signer)
	if err != nil {
	return nil, err
	}
	return msg.MarshalCBOR()
	}
	func Sign1Detached(rand io.Reader, signer Signer, headers Headers, detached, external []byte) ([]byte, error) {
	msg := Sign1Message{
	Headers: headers,
	Payload: detached,
	}
	err := msg.Sign(rand, external, signer)
	if err != nil {
	return nil, err
	}
	msg.Payload = nil
	return msg.MarshalCBOR()
	}

?

Same question for SignDetached.

[alex-richards]

Seems fussy to me, would making detached the base case and calling from Sign1 be ok? Saves unsetting the payload on the detached object.

[OR13]

would making detached the base case and calling from Sign1 be ok?

IMO yes. @shizhMSFT wdyt?

[SteveLasker]

@shizhMSFT, I believe this is the blocking issue on this PR. Can we consider refactoring the implementation, either in this PR, or a separate PR? Either way, can we come to some conclusion here to move forward?

[shizhMSFT]

@alex-richards Are you suggesting

func sign1(rand io.Reader, signer Signer, headers Headers, payload, external []byte) (*Sign1Message, error) {
	msg := Sign1Message{
		Headers: headers,
		Payload: payload,
	}
	err := msg.Sign(rand, external, signer)
	if err != nil {
		return nil, err
	}
	return msg, nil
}

func Sign1(rand io.Reader, signer Signer, headers Headers, payload, external []byte) ([]byte, error) {
	msg, err := sign1(rand, signer, headers, payload, external)
	if err != nil {
		return nil, err
	}
	return msg.MarshalCBOR()
}

func Sign1Detached(rand io.Reader, signer Signer, headers Headers, detached, external []byte) ([]byte, error) {
	msg, err := sign1(rand, signer, headers, detached, external)
	if err != nil {
		return nil, err
	}
	msg.Payload = nil
	return msg.MarshalCBOR()
}

That refactoring works for me.

[SteveLasker]

@alex-richards, @shizhMSFT
Can this comment be resoled?

[shizhMSFT]

@SteveLasker I think it will be better if we gather more inputs from other maintainers.

[achamayou]

Disclaimer: I am very much a random passerby, nudged to look at this. I do spend a lot time with COSE, in languages other than Go.

The refactoring proposed by @shizhMSFT seems quite reasonable to me, and results in a slightly cleaner API in my opinion.

[codecov]

Codecov Report

Attention: Patch coverage is 65.78947% with 26 lines in your changes missing coverage. Please review.

Project coverage is 91.06%. Comparing base (2b6f94f) to head (9a459d1).
Report is 7 commits behind head on main.

Files with missing lines	Patch %	Lines
sign1.go	40.90%	26 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #197      +/-   ##
==========================================
- Coverage   92.04%   91.06%   -0.99%     
==========================================
  Files          12       12              
  Lines        1973     1678     -295     
==========================================
- Hits         1816     1528     -288     
+ Misses        108       94      -14     
- Partials       49       56       +7     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[SteveLasker]

Thanks for all the feedback.
To move forward, there are a number of questions, which seem to be change requests on this PR. Yet, there are several approvals.
Can folks please update their comments?
If you have a comment you expect to be addressed before merging, please change to a change request.
If there are no "change requests" by August 23, 2024, and we have 2 or more approvals from maintainers, we'll move to merge.

[shizhMSFT]

Changing to "Request changes"

[SteveLasker]

A note we'll be reviewing today in the fortnightly go-cose meeting if folks would like to attend or comment prior to the meeting.

[OR13]

Did a full review, @shizhMSFT 's comments need to be applied or dismissed.

[SteveLasker]

@shizhMSFT, @alex-richards, this feedback appears to be the blocking topic. Can we focus on unblocking that element? I see the discussion on #195 and #205.
With the summer over, can we target resolving by Sept 20th?

[SteveLasker]

@alex-richards, @shizhMSFT, gentle ping on Issue #195 and PR #197