From 47d05983cb33c7e1dedd34de86acc0863feca20f Mon Sep 17 00:00:00 2001
From: "Ajitomi, Daisuke" <ajitomi@gmail.com>
Date: Sun, 1 Jan 2023 13:50:13 +0900
Subject: [PATCH 1/2] Refine referenced specifications.

---
 README.md      | 15 ++++++++----
 docs/index.rst | 66 +++++++++++++++++++++++++++++---------------------
 docs/specs.rst | 16 ------------
 3 files changed, 48 insertions(+), 49 deletions(-)
 delete mode 100644 docs/specs.rst

diff --git a/README.md b/README.md
index 36f6e5b..6332ca4 100644
--- a/README.md
+++ b/README.md
@@ -9,8 +9,10 @@
 
 Python CWT is a CBOR Web Token (CWT) and CBOR Object Signing and Encryption (COSE)
 implementation compliant with:
+- [RFC9052: CBOR Object Signing and Encryption (COSE): Structures and Process](https://www.rfc-editor.org/rfc/rfc9052.html)
+- [RFC9053: CBOR Object Signing and Encryption (COSE): Initial Algorithms](https://www.rfc-editor.org/rfc/rfc9053.html)
+- [RFC9338: CBOR Object Signing and Encryption (COSE): Countersignatures](https://www.rfc-editor.org/rfc/rfc9338.html)
 - [RFC8392: CWT (CBOR Web Token)](https://tools.ietf.org/html/rfc8392)
-- [RFC8152: COSE (CBOR Object Signing and Encryption)](https://tools.ietf.org/html/rfc8152)
 - and related various specifications. See [Referenced Specifications](#referenced-specifications).
 
 It is designed to make users who already know about [JWS](https://tools.ietf.org/html/rfc7515)/[JWE](https://tools.ietf.org/html/rfc7516)/[JWT](https://tools.ietf.org/html/rfc7519)
@@ -1656,11 +1658,14 @@ See [Documentation](https://python-readthedocs.io/en/stable/algorithms.html).
 
 Python CWT is (partially) compliant with following specifications:
 
-- [RFC8152: CBOR Object Signing and Encryption (COSE)](https://tools.ietf.org/html/rfc8152)
-- [RFC8230: Using RSA Algorithms with COSE Messages](https://tools.ietf.org/html/rfc8230)
-- [RFC8392: CBOR Web Token (CWT)](https://tools.ietf.org/html/rfc8392)
-- [RFC8747: Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)](https://tools.ietf.org/html/rfc8747)
+- [RFC9052: CBOR Object Signing and Encryption (COSE): Structures and Process](https://www.rfc-editor.org/rfc/rfc9052.html)
+- [RFC9053: CBOR Object Signing and Encryption (COSE): Initial Algorithms](https://www.rfc-editor.org/rfc/rfc9053.html)
+- [RFC9338: CBOR Object Signing and Encryption (COSE): Countersignatures](https://www.rfc-editor.org/rfc/rfc9338.html)
 - [RFC8812: COSE and JOSE Registrations for Web Authentication (WebAuthn) Algorithms](https://tools.ietf.org/html/rfc8812)
+- [RFC8747: Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)](https://tools.ietf.org/html/rfc8747)
+- [RFC8392: CWT (CBOR Web Token)](https://tools.ietf.org/html/rfc8392)
+- [RFC8230: Using RSA Algorithms with COSE Messages](https://tools.ietf.org/html/rfc8230)
+- [RFC8152: CBOR Object Signing and Encryption (COSE)](https://tools.ietf.org/html/rfc8152)
 - [Electronic Health Certificate Specification](https://github.com/ehn-dcc-development/hcert-spec/blob/main/hcert_spec.md)
 - [Technical Specifications for Digital Green Certificates Volume 1](https://ec.europa.eu/health/sites/default/files/ehealth/docs/digital-green-certificates_v1_en.pdf)
 
diff --git a/docs/index.rst b/docs/index.rst
index 5d074d5..050e0f5 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -7,15 +7,7 @@ Welcome to Python CWT
 =====================
 
 Python CWT is a CBOR Web Token (CWT) and CBOR Object Signing and Encryption (COSE)
-implementation compliant with:
-
-- `RFC8392: CBOR Web Token (CWT)`_
-- `RFC8152: CBOR Object Signing and Encryption (COSE)`_
-- and related various specifications. See `Referenced Specifications`_.
-
-It is designed to make users who already know about `JWS`_/`JWE`_/`JWT`_
-be able to use it in ease. Little knowledge of `CBOR`_/`COSE`_/`CWT`_
-is required to use it.
+implementation compliant with `various COSE related specifications`_.
 
 You can install Python CWT with pip:
 
@@ -26,16 +18,43 @@ You can install Python CWT with pip:
 
 And then, you can use it as follows:
 
-.. code-block:: pycon
+COSE API:
+
+.. code-block:: python
+
+    from cwt import COSE, COSEKey
+
+    mac_key = COSEKey.generate_symmetric_key(alg="HS256", kid="01")
+
+    # The sender side:
+    sender = COSE.new()
+    encoded = sender.encode(
+        b"Hello world!",
+        mac_key,
+        protected={"alg": "HS256"},
+        unprotected={"kid": "01"},
+    )
+
+    # The recipient side:
+    recipient = COSE.new()
+    assert b"Hello world!" == recipient.decode(encoded, mac_key)
+
+CWT API:
+
+.. code-block:: python
+
+    import cwt
+    from cwt import COSEKey
+
+    mac_key = COSEKey.generate_symmetric_key(alg="HS256", kid="01")
+
+    # The sender side:
+    token = encode({1: "coaps://as.example", 2: "dajiaji", 7: b"123"}, mac_key)
+
+    # The recipient side:
+    decoded = decode(token, mac_key)
+    # decoded == {1: 'coaps://as.example', 2: 'dajiaji', 7: b'123', 4: 1620088759, 5: 1620085159, 6: 1620085159}
 
-    >>> import cwt
-    >>> from cwt import COSEKey
-    >>> key = COSEKey.from_symmetric_key(alg="HS256")
-    >>> token = cwt.encode({"iss": "coaps://as.example", "sub": "dajiaji", "cti": "123"}, key)
-    >>> token.hex()
-    'd18443a10105a05835a60172636f6170733a2f2f61732e6578616d706c65026764616a69616a690743313233041a60c6a60b051a60c697fb061a60c697fb582019d4a89e141e3a8805ba1c90d81a8a2dd8261464dce379d8af8044d1cc062258'
-    >>> cwt.decode(token, key)
-    {1: 'coaps://as.example', 2: 'dajiaji', 7: b'123', 4: 1620088759, 5: 1620085159, 6: 1620085159}
 
 Index
 -----
@@ -47,15 +66,6 @@ Index
    api
    claims
    algorithms
-   specs
    changes
 
-.. _`RFC8392: CBOR Web Token (CWT)`: https://tools.ietf.org/html/rfc8392
-.. _`RFC8152: CBOR Object Signing and Encryption (COSE)`: https://tools.ietf.org/html/rfc8152
-.. _`CBOR`: https://tools.ietf.org/html/rfc7049
-.. _`COSE`: https://tools.ietf.org/html/rfc8152
-.. _`CWT`: https://tools.ietf.org/html/rfc8392
-.. _`JWS`: https://tools.ietf.org/html/rfc7515
-.. _`JWE`: https://tools.ietf.org/html/rfc7516
-.. _`JWT`: https://tools.ietf.org/html/rfc7519
-.. _`Referenced Specifications`: ./specs.html
+.. _`various COSE related specifications`: https://github.com/dajiaji/python-cwt#referenced-specifications
diff --git a/docs/specs.rst b/docs/specs.rst
deleted file mode 100644
index bb4222f..0000000
--- a/docs/specs.rst
+++ /dev/null
@@ -1,16 +0,0 @@
-Referenced Specifications
-=========================
-
-This library is (partially) compliant with following specifications:
-
-* `RFC8152: CBOR Object Signing and Encryption (COSE)`_
-* `RFC8230: Using RSA Algorithms with COSE Messages`_
-* `RFC8392: CBOR Web Token (CWT)`_
-* `RFC8747: Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)`_
-* `RFC8812: COSE and JOSE Registrations for Web Authentication (WebAuthn) Algorithms`_
-
-.. _`RFC8152: CBOR Object Signing and Encryption (COSE)`: https://tools.ietf.org/html/rfc8152
-.. _`RFC8230: Using RSA Algorithms with COSE Messages`: https://tools.ietf.org/html/rfc8230
-.. _`RFC8392: CBOR Web Token (CWT)`: https://tools.ietf.org/html/rfc8392
-.. _`RFC8747: Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)`: https://tools.ietf.org/html/rfc8747
-.. _`RFC8812: COSE and JOSE Registrations for Web Authentication (WebAuthn) Algorithms`: https://tools.ietf.org/html/rfc8812

From 5d32d32952140ca7901c8b36cd355a773cedf337 Mon Sep 17 00:00:00 2001
From: "Ajitomi, Daisuke" <ajitomi@gmail.com>
Date: Sun, 1 Jan 2023 14:11:48 +0900
Subject: [PATCH 2/2] Bump up version to v2.2.0.

---
 CHANGES.rst     | 18 ++++++++++++++++++
 cwt/__init__.py |  2 +-
 pyproject.toml  |  2 +-
 3 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/CHANGES.rst b/CHANGES.rst
index f28eb00..2173eca 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -4,6 +4,24 @@ Changes
 Unreleased
 ----------
 
+Version 2.2.0
+-------------
+
+Released 2023-01-01
+
+- Add support for countersignatures. `#323 <https://github.com/dajiaji/python-cwt/pull/323>`__
+- Remove Python 3.7 from CI temporarilly. `#323 <https://github.com/dajiaji/python-cwt/pull/323>`__
+- Enhance COSE message validation. `#300 <https://github.com/dajiaji/python-cwt/pull/300>`__
+- Add test and sample for COSE-HPKE MAC. `#297 <https://github.com/dajiaji/python-cwt/pull/297>`__
+- Add Python 3.11 to CI. `#296 <https://github.com/dajiaji/python-cwt/pull/296>`__
+- Update dependencies.
+    - Bump cbor2 from 5.4.6. `#302 <https://github.com/dajiaji/python-cwt/pull/302>`__
+- Update dev dependencies.
+    - Bump tox to 4.1.2. `#323 <https://github.com/dajiaji/python-cwt/pull/323>`__
+    - Bump pre-commit/isort to 5.11.3. `#311 <https://github.com/dajiaji/python-cwt/pull/311>`__
+    - Bump pre-commit/black to 22.12.0. `#306 <https://github.com/dajiaji/python-cwt/pull/306>`__
+    - Bump certifi to 2022.12.7. `#303 <https://github.com/dajiaji/python-cwt/pull/303>`__
+
 Version 2.1.0
 -------------
 
diff --git a/cwt/__init__.py b/cwt/__init__.py
index 19cb5b2..b745506 100644
--- a/cwt/__init__.py
+++ b/cwt/__init__.py
@@ -18,7 +18,7 @@
 from .recipient import Recipient
 from .signer import Signer
 
-__version__ = "2.1.0"
+__version__ = "2.2.0"
 __title__ = "cwt"
 __description__ = "A Python implementation of CWT/COSE"
 __url__ = "https://python-cwt.readthedocs.io"
diff --git a/pyproject.toml b/pyproject.toml
index 045c45a..aad338c 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -4,7 +4,7 @@ build-backend = "poetry.core.masonry.api"
 
 [tool.poetry]
 name = "cwt"
-version = "2.1.0"
+version = "2.2.0"
 description = "A Python implementation of CWT/COSE."
 authors = ["Ajitomi Daisuke <dajiaji@gmail.com>"]
 license = "MIT"