BUG? Recipient.new() has side-effect

[kentakayama]

Hi @dajiaji , I've encountered an unwilling side-effect on Recipient.new() that it may update the user defined variable protected.
This is because the to_cose_header (here) returns its reference, and this line alters the dereferenced object.
You can check it with id(protected) on this code below and cwt/utils.py:L161 , they must have the same id.

Is this a bug or an intentional behavior?

Test code

#!/usr/bin/env python3

from cwt import COSEKey, Recipient

# initialize keys (same only for test)
pub_key = COSEKey.from_jwk(
    {
        "kty": "EC",
        "kid": "01",
        "crv": "P-256",
        "x": "usWxHK2PmfnHKwXPS54m0kTcGJ90UiglWiGahtagnv8",
        "y": "IBOL-C3BttVivg-lSreASjpkttcsz-1rb7btKLv8EX4",
        # "d": "V8kgd2ZBRuh2dgyVINBUqpPDr7BOMGcF22CQMIUHtNM",
    }
)

priv_key = COSEKey.from_jwk(
    {
        "kty": "EC",
        "kid": "01",
        "crv": "P-256",
        "x": "usWxHK2PmfnHKwXPS54m0kTcGJ90UiglWiGahtagnv8",
        "y": "IBOL-C3BttVivg-lSreASjpkttcsz-1rb7btKLv8EX4",
        "d": "V8kgd2ZBRuh2dgyVINBUqpPDr7BOMGcF22CQMIUHtNM",
    }
)

protected = {} # to be modified variable
unprotected = {"alg": "ECDH-ES+A128KW"}
kdf_context = {
    "alg": "A128KW",
    "supp_pub": {
        "key_data_length": 128,
        "protected": protected,
        "other": "test",
    }
}

# BUG? Recipient.new() has side-effect on variable protected
print(f"[BEFORE] protected = {protected}") # > [BEFORE] protected = {}
r = Recipient.new(
    protected=protected,
    unprotected=unprotected,
    sender_key=priv_key,
    recipient_key=pub_key,
    context=kdf_context
)
print(f"[AFTER]  protected = {protected}") # > [AFTER]  protected = {1: -29}

Result

[BEFORE] protected = {}
[AFTER]  protected = {1: -29}

Workaround

Cut off the reference from KDF Context, but it may not appropriate if there are other header parameters in protected.

kdf_context = {
    "alg": "A128KW",
    "supp_pub": {
        "key_data_length": 128,
        "other": "test",
    }
}