Structured cbor

[JesusMcCloud]

fixes #2975

This PR introduces structured CBOR encoding and decoding

Encoding from/to CborElement

Bytes can be decoded into an instance of CborElement with the [Cbor.decodeFromByteArray] function by either manually
specifying [CborElement.serializer()] or specifying [CborElement] as generic type parameter.
It is also possible to encode arbitrary serializable structures to a CborElement through [Cbor.encodeToCborElement].

Since these operations use the same code paths as regular serialization (but with specialized serializers), the config flags
behave as expected

Newly introduced CBOR-specific structures

• [CborPrimitive] represents primitive CBOR elements, such as string, integer, float boolean, and null.
  CBOR byte strings are also treated as primitives
  Each primitive has a [value][CborPrimitive.value]. Depending on the concrete type of the primitive, it maps
  to corresponding Kotlin Types such as String, Int, Double, etc.
  Note that Cbor discriminates between positive ("unsigned") and negative ("signed") integers!
  CborPrimitive is itself an umbrella type (a sealed class) for the following concrete primitives:

  • [CborNull] mapping to a Kotlin null
  • [CborBoolean] mapping to a Kotlin Boolean
  • [CborInt] which is an umbrella type (a sealed class) itself for the following concrete types
    (it is still possible to instantiate it as the invoke operator on its companion is overridden accordingly):
    • [CborPositiveInt] represents all Long numbers ≥0
    • [CborNegativeInt] represents all Long numbers <0
  • [CborString] maps to a Kotlin String
  • [CborFloat] maps to Kotlin Double
  • [CborByteString] maps to a Kotlin ByteArray and is used to encode them as CBOR byte string (in contrast to a list
    of individual bytes)

• [CborList] represents a CBOR array. It is a Kotlin [List] of CborElement items.

• [CborMap] represents a CBOR map/object. It is a Kotlin [Map] from CborElement keys to CborElement values.
  This is typically the result of serializing an arbitrary

Example

bf                                 # map(*)
   61                              #   text(1)
      61                           #     "a"
   cc                              #   tag(12)
      1a 0fffffff                  #     unsigned(268,435,455)
   d8 22                           #   base64 encoded text, tag(34)
      61                           #     text(1)
         62                        #       "b"
                                   #     invalid length at 0 for base64
   20                              #   negative(-1)
   d8 38                           #   tag(56)
      61                           #     text(1)
         63                        #       "c"
   d8 4e                           #   typed array of i32, little endian, twos-complement, tag(78)
      42                           #     bytes(2)
         cafe                      #       "\xca\xfe"
                                   #     invalid data length for typed array
   61                              #   text(1)
      64                           #     "d"
   d8 5a                           #   tag(90)
      cc                           #     tag(12)
         6b                        #       text(11)
            48656c6c6f20576f726c64 #         "Hello World"
   ff                              #   break

Decoding it results in the following CborElement (shown in manually formatted diagnostic notation):

CborMap(tags=[], content={  
    CborString(tags=[],   value=a) = CborPositiveInt( tags=[12],     value=268435455),  
    CborString(tags=[34], value=b) = CborNegativeInt( tags=[],       value=-1),  
    CborString(tags=[56], value=c) = CborByteString(  tags=[78],     value=h'cafe),  
    CborString(tags=[],   value=d) = CborString(      tags=[90, 12], value=Hello World)  
})

Implementation Details

I tried to stick to the existing CBOR codepaths as closely as possible, and the approach to add tags directly to CborElements is the most pragmatic way of getting expressiveness and convenient use. It does come with a caveat (also taken from the Readme:

Tags are properties of CborElements, and it is possible to mixing arbitrary serializable values with CborElements that
contain tags inside a serializable structure. It is also possible to annotate any [CborElement] property
of a generic serializable class with @ValueTags.
This can lead to asymmetric behavior when serializing and deserializing such structures!

The test cases (and comments in the test cases reflect this

Closing Remarks

I also fixed a faulty hex input test vector that I introduced myself, last year, if I pieced it together correctly (see here) and I amended the benchmarks. (see here).

Since the commits from here will be squashed anyways, I did not care for a clean history.

[JesusMcCloud]

Full disclosure: This PR incorporates code from a draft generated by Junie (albeit an impressive draft that saved a day of work). This is not a dumb copypasta of AI-generated code. Even if it were already feature-complete It would still not yet be marked ready for review because we have yet to review everything internally. I also want to stress that "we" is not a euphemism. There will be at least two of us reviewing and discussing internally, almost certainly with additional input from other humans in the process of readying this PR.

[pdvrieze]

I've reviewed the code at a general level. There is a lot of repetition, so I've only commented on the first case, not every one. I guess some of the AI generation is visible in the details.

[JesusMcCloud]

Performance seems to be OK (fromBytes and toBytes are the baseline on my machine):

Metric / Benchmark	fromBytes	fromStruct	structFromBytes	toBytes	structToBytes	toStruct
Average (ops/ms)	1205.615 ± 20.541	1545.814 ± 50.743	2896.728 ± 74.485	2089.013 ± 30.152	1442.766 ± 32.257	2581.397 ± 32.497
Min	1186.023	1458.225	2796.131	2066.499	1404.482	2550.026
Max	1229.778	1581.420	2960.572	2125.658	1475.015	2619.815
Stdev	13.586	33.563	49.267	19.944	21.336	21.495
CI low (99.9 %)	1185.075	1495.071	2822.244	2058.861	1410.509	2548.900
CI high (99.9 %)	1226.156	1596.557	2971.213	2119.165	1475.023	2613.893

My hot takes:

• Deserialising from a structure is fast enough since it is in the same ballpark as deserialising from bytes
• Deserialising into a generic CBOR structure takes twice the time than directly deserialising, which is fine, given that we instantiate much more as even primitives need a containing class and an array of tags
• Serialising a generic CBOR structure to bytes is faster but in the same ballpark as generic to-byte serialisation of arbitrary serializable data
• Serializing to a CBOR structure is slower than to bytes, but OK enough, since it's in the same ballpark and we instantiate more

[JesusMcCloud]

I just noticed something that looks weird to me. See this test case here that is failing and closely compare expected vs actual.

the byte string is wrapped twice for the reference. I know there were some discussions, but I don't recall them, so I have to ask: why? did I mess this up last year or is this intentional? Because the way I see it, were' wrapping a bytearray instead of encoding it differently
EDIT: the test vector is faulty as this comparison fails the same way

[whyoleg]

First round of review from my side :)
Mostly reviewed API surface, will take a look on the implementation details later

[whyoleg]

According to RFC 8949, integers are:

• type 0 - 0..2^64-1
• type 1 - -2^64..-1

This means that only ULong can really fit both positive and negative values.

So I believe that it will be more correct to have a single CborInt implementation, with an API similar to:

public class CborInt(sign: Int, absoluteValue: ULong, tags) {
  constructor(value: Long)
  fun toLong(): Long
  fun toLongOrNull(): Long?
}

where:

• sign is: -1, 0, 1
• toLong - will throw if can't fit - probably a very rare case

[JesusMcCloud]

Good catch! I agree. The constructors with the current signature (simply passing a number) should stay for convenience.

[whyoleg]

It might make sense to call it CborArray, as spec says, it's array, and Json format also calls it JsonArray because it's called array in spec :)

[JesusMcCloud]

Sadly, there is an annotation by the very same name ins the same package. Now moving the cbor elements is easily done, but it will probably not be very intuitive (thinking of autocompletion here).

In any case: Good point but not my call!

[whyoleg]

Oh, yes, how did I miss that :(

[JesusMcCloud]

But this is on my anyhow because git blame says "Prünster" for the whole file containing the @CborArray annotation. So my short-sighted naming is to blame.

[whyoleg]

I believe we should make the implementation in a way, that it will be not mutable

[JesusMcCloud]

We can make it so that there is a val with a custom getter that delegates to the actual field, but the tags should still be simply written to a CborElement as they are collected upon deserialisation, to avoid serialization overhead. Actually, the elements should probably be mutable too internally so the whole container structure that now collects tags and elements for Cbor structures can go away.

In the end this would mean that we have:

• an internal var making it possible to collect tags during deserialisation, but a public val tags with a custom getter and no backing field
• an internal val elements for array and map so we can also collect elements as we go and get rid of another instantiation, but a public val elements: List<CborElement>

This should boost performance for deserialisation significantly

[whyoleg]

Of course, this is related to #3036 (comment), but it would also be nice to compare it to how JSON works with lists. Maybe there is some pattern there that could be used inside the CBOR implementation.

[whyoleg]

I believe that there should also be CborEncoder.encoderCborElement as in Json

[JesusMcCloud]

That just delegates to encodeToByteArray<CborElement>, right?!

[whyoleg]

Most probably to encodeSerializableValue(CborElementSerializer, element), but yes, just for symmetry

[whyoleg]

I do think that we should probably make it possible to cast only to CborEncoder here so that we use the same public API as the user.
As far as I see, the only thing needed is encodeTags—so is this a sign that encodeTags might be exposed on the CborEncoder interface?
I'm not sure, though, how useful it could be in reality, but it seems like it should be possible to encode tags manually.

[JesusMcCloud]

You are probably on to something here. I should investigate tag handling some more

[whyoleg]

This vararg feels very unfortunate. For example, currently, it's possible to call CborPositiveInt(1u, 2u, 3u), and it's really hard to tell what's going on here.
UlongArray will probably be better

Overall, it's applied to all other declarations; e.g., CborString("1", 1, 2, 3) doesn't feel better.

[JesusMcCloud]

I agree with the first part, but the second part is simply in line with how the tagging annotations behave and it is convenient for the user (much more so that ulongArrrayOf().
Yet, I am aware that it should be consistent, so making ints work differently from everything else is also not really nice… In the end, don't really have an opinion. Sort it out internally, it's a straight-forward refactor anyways.

What would help in such cases is a language feature that forces parameter name specification at the call site, but that is not going to happen anytime soon, if ever.

[whyoleg]

Just in case, for me additional tags field looks very similar to how annotations are applied currently.
Additionally, with Collection Literals it will look like CborString("hello", [1u, 2u, 3u]) or with Named-only parameters it could even be forced to call it like CborString("hello", tags = [1u, 2u, 3u])

[JesusMcCloud]

Those two features would help, but in the meantime, we need something else for a solution

[whyoleg]

What do you think about the alternative design:

sealed class CborElement {
    abstract val tags: ULongArray
    abstract fun withTags(tags: ULongArray): CborElement
}
// and all other
class CborString(value: String): CborElement() {
    override fun withTags(tags: ULongArray): CborString
}

Or, even having CborElement have no tags at all, but have a wrapper element CborTagged?

sealed class CborElement
// and all other
class CborString(value: String): CborElement()
class CborTagged(element: CborElement, tags: ULongArray): CborElement

Both variants may apply some performance penalty, though.
It's just that, reading the spec and current implementation of CborElementSerializers, the current placement of tags seems unfortunate and does not result in straightforward logic.

[JesusMcCloud]

The first one solves the issues nicely and it would work well with the internally mutable tags array s.t. it would avoid instantiation overhead just for modifying tags. BUT, that would be a footgun for the consumer.

I have thought about CborTagged, also because of the asymmetric serialization/deserialization behaviour, which really is not all that nice, but also very niche (why would anyone in their right mind do this??)

When I started with the implementation, I was imagining how the most straight-forward and usable way would look like: Tags are attached to something and have a hierarchy. An array is enough to represent this and makes for a nice API that mirrors the pattern of @ValueTags, @ObjectTags, and @KeyTags. Now you could get rid of that pesky asymmetry, if you disallow those annotations on CborElement. Then I'd assume we'd be back to straightforward logic again?!

Bottom line: there are issues that need sorting out. The inconsistency issue is documented in the readme, so I was not trying to cover anything up, but I wanted unbiased opinions and fresh ideas because I could not get to a satisfactory solution by myself. It worked once already. I just hope Leonid checks the code first, and the comments later ;-)

[whyoleg]

By the way, all new declarations/APIs should probably have an @ExperimentalSerializationApi

[sandwwraith]

I think it is OK to not annotate them all, since the whole CBOR part is formally experimental. Although people probably don't perceive it so without annotations.

[whyoleg]

IMO, it will just feel a bit odd if those are not annotated, while all other declarations in CBOR are annotated.
I would treat that as if the CborElement hierarchy is stable (or stabilized), but other parts are not(yet).