> On Mar 17, 2024, at 5:09 PM, Orie Steele <[email protected]> wrote: > > I don't find the size arguments compelling since any context that includes a > protected header will have to handle variable length.
The way COSE is now, I am able to incrementally hash the bits of CBOR for the Enc_structure as I construct the protected headers. Right now my COSE implementation has no limit on the size of the protected headers (except the size of the output buffer). So yes, there is variable length, but it’s handled without a buffer, malloc or a size limit. It took a some cleverness to make this work and I like that there is no size limit and no malloc. (My COSE implementation never uses malloc) I’ve implemented the algorithm ID in COSE_KDF_Context, so I know it works well without too much trouble between layers. Trying to do this incremental hashing for two Enc_structures simultaneously across two layers/objects would be too complicated, make interfaces ugly and be too much object code. I realize that in a language like Python or an implementation that doesn’t worry about memory use, this is no big deal, but one of the great things about COSE is that it works really well in constrained environments. LL _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
