COSE messages can be read, validated, created, and encrypted

[jozkee]

Minimum viable product (MVP)

• Add ns2.0 support to System.Formats.Cbor #62872
• COSE_Sign1 messages (single signer) can be read, validated, and created #32121
  • Proceed adding the code normally as any other new project.
  • Namespace will be System.Security.Cryptography.Cose
  • APIs will be annotated with [RequiresPreviewFeatures], allowing the APIs to be introduced for early adopters before the API Review is conducted
  • Scenarios that need support:
    • Tag/Untagged (Assume COSE_Sign1 in untagged case).
    • Embedded/detached content
    • Get early API feedback from @blowdart and early adopters

Checkpoint MVP+1 (aligned with .NET 7 Preview 4)

• Address open PR TODO feedback from MVP
• Improve API consistency with CborReader regarding ReadOnlySpan, ReadOnlyMemory, and byte[]
  • Improving the scenarios of moving between Cose and Cbor APIs, avoiding conversions between ROS/ROM and byte[]
• Overloads that accept data types other than byte[], Span such as Stream for detached content
  • This introduces async requirements

Checkpoint MVP+2 (.NET 7 prev 6/7)

• Support Critical Headers
• Ability to modify unprotected headers and re-encode the signed message (useful for counter-sign scenarios).
• COSE_Sign messages (multiple signers) can be read, validated, and created #62599
• API review and removal of RequiresPreviewFeature.

Checkpoint MVP+3 (.NET 8)

• COSE_Encrypt and COSE_Encrypt0 messages can be read, decrypted, and created/encrypted #32123
• Support Counter signatures
• X509 extensions for chain building and timestamp handling, once unblocked by RFC ratification
  • Extension methods for handling headers and certs
  • Verify a COSE signature using an embedded x509 chain
  • Handle timestamps

Collaboration with the GluCOSE project

In parallel with the engineering efforts above, we will also be collaborating with the GluCOSE project to ensure .NET is represented as a first-tier implementation of COSE standards.

• Contribute to the GluCOSE test suite definition, with the all applicable tests implemented
• Consider support for MAC

Tagging subscribers to this area: @dotnet/area-system-security, @vcsjones, @krwq
See info in area-owners.md if you want to be subscribed.

Issue Details

---

Minimum viable product (MVP) :

0. Add support for ns2.0 to System.Formats.CBOR.
1. COSE_Sign1 messages (single signer) can be read, validated, and created #32121.
   • Proceed adding the code normally as any other new project.
   • Namespace will be System.Security.Cryptography.Cose.
   • Scenarios that need support:
     • Tag/Untagged (Assume COSE_Sign1 in untagged case).
     • Embedded/detached content.
2. We need an sponsor for adding the feature without going through API review (@bartonjs nominated @jeffhandley as sponsor).
3. Show API to @blowdart for UX validation.
4. Add write support of COSE_Sign1.

Additional scope after MVP:

5. COSE_Sign messages (multiple signers) can be read, validated, and created #62599
6. COSE_Encrypt and COSE_Encrypt0 messages can be read, decrypted, and created/encrypted #32123

Author:	Jozkee
Assignees:	Jozkee
Labels:	Epic, area-System.Security
Milestone:	7.0.0