feat: Add comprehensive verbose logging support across all cocli commands

ASN_HEADER_FIX_SUMMARY.md

@@ -0,0 +1,136 @@
+# ASN Header Bytes Support in cocli
+
+## Issue Summary
+GitHub Issue: [#23 - Enhance cocli corim command to skip over ASN header bytes](https://github.com/veraison/cocli/issues/23)
+
+Several vendors distribute CoRIM manifest files with ASN header bytes (`d9 01 f4 d9 01 f6`) at the beginning. Previously, cocli would fail to process these files with errors like:
+
+```
+Error: error decoding signed CoRIM from file.cbor: failed CBOR decoding for COSE-Sign1 signed CoRIM: cbor: invalid COSE_Sign1_Tagged object
+```
+
+## Solution Implemented
+
+### Changes Made
+
+1. **Added ASN Header Stripping Function** (`cmd/common.go`):
+   - Added `stripASNHeaderBytes()` function that detects and removes the ASN header pattern `d9 01 f4 d9 01 f6`
+   - Function is safe and only strips headers when the exact pattern is found at the beginning of the data
+   - Returns original data unchanged if no ASN header is detected
+
+2. **Updated CoRIM Commands**:
+   - **`corim display`** (`cmd/corimDisplay.go`): Added ASN header stripping before CBOR decoding
+   - **`corim verify`** (`cmd/corimVerify.go`): Added ASN header stripping before COSE signature verification
+   - **`corim extract`** (`cmd/corimExtract.go`): Added ASN header stripping before tag extraction
+
+3. **Preserved corim submit**: The `corim submit` command was intentionally left unchanged as it should preserve the original file format when submitting to servers.
+
+### Implementation Details
+
+The ASN header bytes `d9 01 f4 d9 01 f6` represent:
+- `tagged-corim-type-choice #6.500` (`d9 01 f4`)
+- `tagged-signed-corim #6.502` (`d9 01 f6`)
+
+These are remnants from an older draft of the CoRIM specification and are automatically detected and stripped.
+
+### Code Example
+
+```go
+// stripASNHeaderBytes removes ASN header bytes from CoRIM files if present.
+func stripASNHeaderBytes(data []byte) []byte {
+    // ASN header pattern: d9 01 f4 d9 01 f6
+    asnHeaderPattern := []byte{0xd9, 0x01, 0xf4, 0xd9, 0x01, 0xf6}
+
+    // Check if the data starts with the ASN header pattern
+    if len(data) >= len(asnHeaderPattern) && bytes.HasPrefix(data, asnHeaderPattern) {
+        // Strip the ASN header bytes
+        return data[len(asnHeaderPattern):]
+    }
+
+    // Return original data if no ASN header is found
+    return data
+}
+```
+
+## Testing
+
+### Unit Tests
+- Comprehensive unit tests for `stripASNHeaderBytes()` function covering:
+  - Files with ASN headers
+  - Files without ASN headers
+  - Edge cases (empty data, partial headers, etc.)
+  - Data integrity (original slice remains unmodified)
+
+### Integration Tests
+- End-to-end tests for all affected CoRIM commands
+- Tests with real CoRIM files that have ASN headers prepended
+- Verification that existing functionality remains unchanged
+
+### Test Results
+All existing tests pass, confirming backward compatibility:
+```bash
+$ make test
+PASS
+ok      github.com/veraison/cocli/cmd   1.159s
+```
+
+## Usage Examples
+
+### Before Fix
+```bash
+$ cocli corim display -f PS10xx-G75YG100-E3S-16TB.cbor
+Error: error decoding CoRIM (signed or unsigned) from PS10xx-G75YG100-E3S-16TB.cbor: expected map (CBOR Major Type 5), found Major Type 6
+```
+
+### After Fix
+```bash
+$ cocli corim display -f PS10xx-G75YG100-E3S-16TB.cbor
+Meta:
+{
+  "signer": {
+    "name": "...",
+    "uri": "..."
+  },
+  ...
+}
+CoRIM:
+{
+  "corim-id": "...",
+  ...
+}
+```
+
+## Verification Commands
+
+All CoRIM processing commands now work seamlessly with files that have ASN headers:
+
+```bash
+# Display CoRIM content
+cocli corim display -f corim-with-asn-headers.cbor
+
+# Verify CoRIM signature  
+cocli corim verify -f corim-with-asn-headers.cbor -k signing-key.jwk
+
+# Extract embedded tags
+cocli corim extract -f corim-with-asn-headers.cbor -o output-dir/
+```
+
+## Backwards Compatibility
+
+- ✅ Files without ASN headers continue to work exactly as before
+- ✅ All existing functionality is preserved
+- ✅ No breaking changes to command-line interface
+- ✅ No performance impact for files without ASN headers
+
+## Files Modified
+
+1. `cmd/common.go` - Added `stripASNHeaderBytes()` function
+2. `cmd/corimDisplay.go` - Added ASN header stripping to display command
+3. `cmd/corimVerify.go` - Added ASN header stripping to verify command  
+4. `cmd/corimExtract.go` - Added ASN header stripping to extract command
+5. `cmd/common_test.go` - Added comprehensive unit tests
+6. `cmd/corim_asn_integration_test.go` - Added integration tests
+
+## Resolution
+
+This fix resolves GitHub issue #23 by automatically detecting and stripping ASN header bytes from CoRIM files, allowing cocli to process vendor-distributed CoRIM files without requiring manual preprocessing. Users no longer need to manually strip the first 6 bytes before using cocli commands.

README.md

@@ -233,6 +233,36 @@ $ cocli comid display -f m1.cbor \
                     -d yet-another-comid-folder/
 ```
 
+#### Verbose Mode
+
+Add the `--verbose` flag to get detailed processing information:
+```
+$ cocli comid display --file data/comid/comid-psa-refval.cbor --verbose
+[INFO] Collecting CoMID files from specified paths
+[INFO] Found 1 CoMID files to process
+[INFO] Progress: 1/1 files processed
+[DEBUG] Reading CoMID file: data/comid/comid-psa-refval.cbor
+[INFO] Processing file data/comid/comid-psa-refval.cbor (416 bytes)
+[TRACE] Starting CBOR decoding for file: data/comid/comid-psa-refval.cbor
+[TRACE] Raw CBOR data length: 416 bytes
+[INFO] Starting displaying CoMID from data/comid/comid-psa-refval.cbor...
+>> [data/comid/comid-psa-refval.cbor]
+{
+  "lang": "en-GB",
+  "tag-identity": {
+    "id": "43bbe37f-2e61-4b33-aed3-53cff1428b16"
+  },
+  ...
+}
+[INFO] Successfully displayed all 1 CoMID files
+```
+
+The verbose mode provides:
+- File processing progress and statistics
+- CBOR decoding details and byte counts  
+- Error diagnostics with detailed context
+- Processing step timing and status
+
 ## CoTSs manipulation
 The `cots` subcommand allows you to create, display and validate CoTSs.
 
@@ -458,6 +488,41 @@ will give
 Error: error verifying signed-corim-bad-signature.cbor with key ec-p256.jwk: verification failed ecdsa.Verify
 ```
 
+#### Verbose Mode
+
+Add the `--verbose` flag to get detailed verification process information:
+```
+$ cocli corim verify --file cmd/testcases/signed-corim-valid.cbor --key cmd/testcases/ec-p256.jwk --verbose
+[INFO] Starting CoRIM verification process
+[DEBUG] Signed CoRIM file: cmd/testcases/signed-corim-valid.cbor
+[DEBUG] Key file: cmd/testcases/ec-p256.jwk
+[DEBUG] Reading signed CoRIM file
+[INFO] Processing file cmd/testcases/signed-corim-valid.cbor (808 bytes)
+[TRACE] Original signed CoRIM data length: 808 bytes
+[DEBUG] No ASN header bytes detected
+[DEBUG] Decoding COSE Sign1 structure
+[TRACE] Processing COSE data length: 808 bytes
+[INFO] Successfully decoded COSE Sign1 structure
+[DEBUG] Reading verification key file
+[INFO] Processing file cmd/testcases/ec-p256.jwk (228 bytes)
+[TRACE] JWK data length: 228 bytes
+[DEBUG] Parsing JWK to extract public key
+[INFO] Successfully loaded public key from JWK
+[TRACE] Public key type: *ecdsa.PublicKey
+[INFO] Performing cryptographic signature verification
+[INFO] Signature verification successful
+[DEBUG] CoRIM contains 1 embedded tags
+>> "cmd/testcases/signed-corim-valid.cbor" verified
+```
+
+The verbose mode provides detailed insights into:
+- File reading and processing steps
+- ASN header detection and stripping
+- COSE Sign1 structure decoding
+- JWK parsing and public key extraction
+- Cryptographic signature verification process
+- Embedded tag information
+
 ### Display
 
 Use the `corim display` subcommand to print to stdout a signed CoRIM in human
@@ -525,6 +590,50 @@ Tags:
 }
 ```
 
+#### Verbose Mode
+
+Add the `--verbose` flag to get detailed processing information during display operations:
+```
+$ cocli corim display --file cmd/testcases/signed-corim-valid.cbor --show-tags --verbose
+[INFO] Processing CoRIM file: cmd/testcases/signed-corim-valid.cbor
+[DEBUG] Show tags mode: true
+[DEBUG] Reading CoRIM file from disk
+[INFO] Processing file cmd/testcases/signed-corim-valid.cbor (808 bytes)
+[TRACE] Original CBOR data length: 808 bytes
+[DEBUG] No ASN header bytes detected
+[DEBUG] Attempting to decode as signed CoRIM (COSE format)
+[INFO] Successfully decoded as signed CoRIM
+[DEBUG] CoRIM has 1 tags
+[DEBUG] Extracting Meta information from signed CoRIM
+[TRACE] Meta JSON size: 194 bytes
+Meta:
+{
+  "signer": {
+    "name": "ACME Ltd signing key",
+    "uri": "https://acme.example"
+  },
+  ...
+}
+[DEBUG] Extracting unsigned CoRIM content
+[TRACE] CoRIM JSON size: 1130 bytes
+CoRIM:
+{
+  "corim-id": "5c57e8f4-46cd-421b-91c9-08cf93e13cfc",
+  ...
+}
+[INFO] Displaying embedded tags (1 total)
+Tags:
+[INFO] Progress: 1/1 tags processed
+[DEBUG] Processing CoMID tag at index 0 (content size: 416 bytes)
+```
+
+The verbose mode shows:
+- File processing and size information
+- CBOR data processing steps
+- Meta and CoRIM extraction details
+- Tag processing with progress indicators
+- Detailed decoding information for troubleshooting
+
 ### Extract CoSWIDs, CoMIDs and CoTSs
 
 Use the `corim extract` subcommand to extract the embedded CoMIDs, CoSWIDs and CoTSs