feat(crypto): Make box_size parameter on c2pa_crypto::cose::sign an Option (#879)

scouten-adobe · web-flow · commit 00263a14ff05 · 2025-01-23T15:08:59.000-08:00
Signing via CAWG identity SDK for X.509 credentials does the padding at a different stage so I need to disable it here.
diff --git a/internal/crypto/src/cose/sign.rs b/internal/crypto/src/cose/sign.rs
@@ -76,13 +76,13 @@ use crate::{
 #[async_generic(async_signature(
     signer: &dyn AsyncRawSigner,
     data: &[u8],
-    box_size: usize,
+    box_size: Option<usize>,
     tss: TimeStampStorage
 ))]
 pub fn sign(
     signer: &dyn RawSigner,
     data: &[u8],
-    box_size: usize,
+    box_size: Option<usize>,
     tss: TimeStampStorage,
 ) -> Result<Vec<u8>, CoseError> {
     if _sync {
@@ -101,13 +101,13 @@ pub fn sign(
 #[async_generic(async_signature(
     signer: &dyn AsyncRawSigner,
     data: &[u8],
-    box_size: usize,
+    box_size: Option<usize>,
     tss: TimeStampStorage
 ))]
 pub fn sign_v1(
     signer: &dyn RawSigner,
     data: &[u8],
-    box_size: usize,
+    box_size: Option<usize>,
     tss: TimeStampStorage,
 ) -> Result<Vec<u8>, CoseError> {
     let alg = signer.alg();
@@ -171,13 +171,13 @@ pub fn sign_v1(
 #[async_generic(async_signature(
     signer: &dyn AsyncRawSigner,
     data: &[u8],
-    box_size: usize,
+    box_size: Option<usize>,
     tss: TimeStampStorage
 ))]
 pub fn sign_v2(
     signer: &dyn RawSigner,
     data: &[u8],
-    box_size: usize,
+    box_size: Option<usize>,
     tss: TimeStampStorage,
 ) -> Result<Vec<u8>, CoseError> {
     let alg = signer.alg();
@@ -283,7 +283,7 @@ fn build_protected_header(
     Ok(ph2)
 }
 
-#[async_generic(async_signature(signer: &dyn AsyncRawSigner, data: &[u8], p_header: &ProtectedHeader,     tss: TimeStampStorage,))]
+#[async_generic(async_signature(signer: &dyn AsyncRawSigner, data: &[u8], p_header: &ProtectedHeader, tss: TimeStampStorage,))]
 fn build_unprotected_header(
     signer: &dyn RawSigner,
     data: &[u8],
@@ -332,13 +332,17 @@ const PAD_OFFSET: usize = 7;
 // when that happens a second padding is added to change the remaining needed
 // padding. The default initial guess works for almost all sizes, without the
 // need for additional loops.
-fn pad_cose_sig(sign1: &mut CoseSign1, end_size: usize) -> Result<Vec<u8>, CoseError> {
+fn pad_cose_sig(sign1: &mut CoseSign1, end_size: Option<usize>) -> Result<Vec<u8>, CoseError> {
     let mut sign1_clone = sign1.clone();
 
     let cur_vec = sign1_clone
         .to_tagged_vec()
         .map_err(|e| CoseError::CborGenerationError(e.to_string()))?;
 
+    let Some(end_size) = end_size else {
+        return Ok(cur_vec);
+    };
+
     let cur_size = cur_vec.len();
     if cur_size == end_size {
         return Ok(cur_vec);
@@ -375,7 +379,7 @@ fn pad_cose_sig(sign1: &mut CoseSign1, end_size: usize) -> Result<Vec<u8>, CoseE
                 Label::Text(PAD.to_string()),
                 Value::Bytes(vec![0u8; target_guess]),
             ));
-            return pad_cose_sig(&mut sign1_clone, end_size);
+            return pad_cose_sig(&mut sign1_clone, Some(end_size));
         }
 
         // Get current CBOR vec to see if we reached target size.
@@ -397,5 +401,5 @@ fn pad_cose_sig(sign1: &mut CoseSign1, end_size: usize) -> Result<Vec<u8>, CoseE
         Value::Bytes(vec![0u8; last_pad - 10]),
     ));
 
-    pad_cose_sig(sign1, end_size)
+    pad_cose_sig(sign1, Some(end_size))
 }
diff --git a/sdk/src/cose_sign.rs b/sdk/src/cose_sign.rs
@@ -115,20 +115,20 @@ pub(crate) fn cose_sign(
 
     if _sync {
         match signer.raw_signer() {
-            Some(raw_signer) => Ok(sign(*raw_signer, data, box_size, time_stamp_storage)?),
+            Some(raw_signer) => Ok(sign(*raw_signer, data, Some(box_size), time_stamp_storage)?),
             None => {
                 let wrapper = SignerWrapper(signer);
-                Ok(sign(&wrapper, data, box_size, time_stamp_storage)?)
+                Ok(sign(&wrapper, data, Some(box_size), time_stamp_storage)?)
             }
         }
     } else {
         match signer.async_raw_signer() {
             Some(raw_signer) => {
-                Ok(sign_async(*raw_signer, data, box_size, time_stamp_storage).await?)
+                Ok(sign_async(*raw_signer, data, Some(box_size), time_stamp_storage).await?)
             }
             None => {
                 let wrapper = AsyncSignerWrapper(signer);
-                Ok(sign_async(&wrapper, data, box_size, time_stamp_storage).await?)
+                Ok(sign_async(&wrapper, data, Some(box_size), time_stamp_storage).await?)
             }
         }
     }

Original file line number	Diff line number	Diff line change
`@@ -115,20 +115,20 @@ pub(crate) fn cose_sign(`
`115`	`115`
`116`	`116`	`if _sync {`
`117`	`117`	`match signer.raw_signer() {`
`118`		`- Some(raw_signer) => Ok(sign(*raw_signer, data, box_size, time_stamp_storage)?),`
	`118`	`+ Some(raw_signer) => Ok(sign(*raw_signer, data, Some(box_size), time_stamp_storage)?),`
`119`	`119`	`None => {`
`120`	`120`	`let wrapper = SignerWrapper(signer);`
`121`		`- Ok(sign(&wrapper, data, box_size, time_stamp_storage)?)`
	`121`	`+ Ok(sign(&wrapper, data, Some(box_size), time_stamp_storage)?)`
`122`	`122`	`}`
`123`	`123`	`}`
`124`	`124`	`} else {`
`125`	`125`	`match signer.async_raw_signer() {`
`126`	`126`	`Some(raw_signer) => {`
`127`		`- Ok(sign_async(*raw_signer, data, box_size, time_stamp_storage).await?)`
	`127`	`+ Ok(sign_async(*raw_signer, data, Some(box_size), time_stamp_storage).await?)`
`128`	`128`	`}`
`129`	`129`	`None => {`
`130`	`130`	`let wrapper = AsyncSignerWrapper(signer);`
`131`		`- Ok(sign_async(&wrapper, data, box_size, time_stamp_storage).await?)`
	`131`	`+ Ok(sign_async(&wrapper, data, Some(box_size), time_stamp_storage).await?)`
`132`	`132`	`}`
`133`	`133`	`}`
`134`	`134`	`}`