git.stella-ops.org/src/Attestor/StellaOps.Attestor.Envelope/DssePreAuthenticationEncoding.cs

using System;
using System.Buffers;
using System.Globalization;
using System.Text;

namespace StellaOps.Attestor.Envelope;

/// <summary>
/// Computes DSSE pre-authentication encoding (PAE) for payload signing.
/// </summary>
public static class DssePreAuthenticationEncoding
{
    private static readonly byte[] Prefix = Encoding.ASCII.GetBytes("DSSEv1");
    private static readonly byte[] Space = new byte[] { (byte)' ' };

    public static byte[] Compute(string payloadType, ReadOnlySpan<byte> payload)
    {
        if (payloadType is null)
        {
            throw new ArgumentNullException(nameof(payloadType));
        }

        var payloadTypeBytes = Encoding.UTF8.GetBytes(payloadType);
        var payloadTypeLength = Encoding.ASCII.GetBytes(payloadTypeBytes.Length.ToString(CultureInfo.InvariantCulture));
        var payloadLength = Encoding.ASCII.GetBytes(payload.Length.ToString(CultureInfo.InvariantCulture));

        var buffer = new ArrayBufferWriter<byte>();
        Write(buffer, Prefix);
        Write(buffer, Space);
        Write(buffer, payloadTypeLength);
        Write(buffer, Space);
        Write(buffer, payloadTypeBytes);
        Write(buffer, Space);
        Write(buffer, payloadLength);
        Write(buffer, Space);
        Write(buffer, payload);

        return buffer.WrittenSpan.ToArray();
    }

    private static void Write(ArrayBufferWriter<byte> writer, ReadOnlySpan<byte> bytes)
    {
        var span = writer.GetSpan(bytes.Length);
        bytes.CopyTo(span);
        writer.Advance(bytes.Length);
    }
}