COSE: Provide function to prepare signature input

a-sit-plus · Nov 12, 2024 · 9f098bc · 9f098bc
1 parent aba8ee4
commit 9f098bc
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 13 deletions.
diff --git a/docs/docs/examples.md b/docs/docs/examples.md
@@ -69,29 +69,28 @@ val protectedHeader = CoseHeader(
 val payload = byteArrayOf(0xC, 0xA, 0xF, 0xE)
 ```
 
-Both of these are signature inputs, so we'll construct a `CoseSignatureInput` to sign.
+Both of these are signature inputs, so we can construct the signature input:
 
 ```kotlin
-val signatureInput = CoseSignatureInput(
-    contextString = "Signature1",
-    protectedHeader = ByteStringWrapper(protectedHeader),
-    externalAad = byteArrayOf(),
+val signatureInput = CoseSigned.prepareCoseSignatureInput(
+    protectedHeader = protectedHeader,
     payload = payload,
-).serialize()
+    externalAad = byteArrayOf()
+)
 ```
 
-
 Now, everything is ready to be signed:
 
 ```kotlin
 val signature = signer.sign(signatureInput).signature //TODO handle error
 
-val coseSigned = CoseSigned(
-    ByteStringWrapper(protectedHeader),
-    unprotectedHeader = null,
-    payload,
-    signature
-).serialize() // sadly, there's no cwt.io, but you can use cbor.me to explore the signed data
+CoseSigned(
+    protectedHeader = ByteStringWrapper(protectedHeader),
+    unprotectedHeader = unprotectedHeader,
+    payload = payload,
+    signature = signature
+)
+// sadly, there's no cwt.io, but you can use cbor.me to explore the signed data
 ```
 
 ## Create and Parse a Custom-Tagged ASN.1 Structure

diff --git a/...pensable-cosef/src/commonMain/kotlin/at/asitplus/signum/indispensable/cosef/CoseSigned.kt b/...pensable-cosef/src/commonMain/kotlin/at/asitplus/signum/indispensable/cosef/CoseSigned.kt
@@ -7,6 +7,7 @@ import at.asitplus.signum.indispensable.SignatureAlgorithm
 import at.asitplus.signum.indispensable.cosef.io.Base16Strict
 import at.asitplus.signum.indispensable.cosef.io.ByteStringWrapper
 import at.asitplus.signum.indispensable.cosef.io.coseCompliantSerializer
+import at.asitplus.signum.indispensable.io.Base64UrlStrict
 import at.asitplus.signum.indispensable.pki.X509Certificate
 import io.matthewnelson.encoding.core.Encoder.Companion.encodeToString
 import kotlinx.serialization.ExperimentalSerializationApi
@@ -85,6 +86,23 @@ data class CoseSigned(
         fun deserialize(it: ByteArray) = catching {
             coseCompliantSerializer.decodeFromByteArray<CoseSigned>(it)
         }
+
+        /**
+         * Called by COSE signing implementations to get the bytes that will be
+         * used as the input for signature calculation of a `COSE_Sign1` object
+         */
+        @Suppress("unused")
+        fun prepareCoseSignatureInput(
+            protectedHeader: CoseHeader,
+            payload: ByteArray?,
+            externalAad: ByteArray = byteArrayOf(),
+        ): ByteArray = CoseSignatureInput(
+            contextString = "Signature1",
+            protectedHeader = ByteStringWrapper(protectedHeader),
+            externalAad = externalAad,
+            payload = payload,
+        ).serialize()
+
     }
 }