add a wrapper around cbor

haxxnz · Nov 12, 2021 · 338039d · 338039d
1 parent 62f6af0
commit 338039d
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 8 deletions.
diff --git a/src/cbor.test.ts b/src/cbor.test.ts
@@ -1,14 +1,16 @@
 import { base32 } from "rfc4648";
-import cbor from "cbor";
+import { decodeCBOR } from "./cbor";
 
 test("CBOR library works", async () => {
   const res = base32.parse(
     "2KCEVIQEIVVWK6JNGEASNICZAEP2KALYDZSGSZB2O5SWEOTOPJRXALTDN53GSZBRHEXGQZLBNR2GQLTOPICRUYMBTIFAIGTUKBAAUYTWMOSGQQDDN5XHIZLYOSBHQJTIOR2HA4Z2F4XXO53XFZ3TGLTPOJTS6MRQGE4C6Y3SMVSGK3TUNFQWY4ZPOYYXQKTIOR2HA4Z2F4XW46TDOAXGG33WNFSDCOJONBSWC3DUNAXG46RPMNXW45DFPB2HGL3WGFTXMZLSONUW63TFGEXDALRQMR2HS4DFQJ2FMZLSNFTGSYLCNRSUG4TFMRSW45DJMFWG6UDVMJWGSY2DN53GSZCQMFZXG4LDOJSWIZLOORUWC3CTOVRGUZLDOSRWSZ3JOZSW4TTBNVSWISTBMNVWUZTBNVUWY6KOMFWWKZ2TOBQXE4TPO5RWI33CNIYTSNRQFUYDILJRGYDVAYFE6VGU4MCDGK7DHLLYWHVPUS2YIDJOA6Y524TD3AZRM263WTY2BE4DPKIF27WKF3UDNNVSVWRDYIYVJ65IRJJJ6Z25M2DO4YZLBHWFQGVQR5ZLIWEQJOZTS3IQ7JTNCFDX"
   );
 
-  const cborobj = cbor.decode(res);
+  const cborobj = decodeCBOR(res);
 
   expect(cborobj.err).toEqual(undefined);
   expect(cborobj.tag).toEqual(18);
   expect(cborobj.value.length).toEqual(4);
 });
+
+// TODO: test for cbor library encodes
diff --git a/src/cbor.ts b/src/cbor.ts
@@ -0,0 +1,18 @@
+// centralized place where cbor is included, in case we need to patch it
+
+import util from 'util';
+// @ts-ignore
+global.TextDecoder = util.TextDecoder;
+// @ts-ignore
+global.TextEncoder = util.TextEncoder;
+
+import cbor from "cbor";
+
+
+export const encodeCBOR = (obj: any): Buffer => {
+  return cbor.encode(obj);
+}
+
+export const decodeCBOR = (buf: Buffer | Uint8Array): any => {
+  return cbor.decode(buf);
+}
diff --git a/src/crypto.ts b/src/crypto.ts
@@ -1,7 +1,7 @@
-import cbor from "cbor";
 import { sha256 } from "js-sha256";
 import elliptic from "elliptic";
 import { DecodedCOSEStructure } from "./coseTypes";
+import { encodeCBOR } from "./cbor";
 
 const EC = elliptic.ec;
 const ec = new EC("p256");
@@ -36,7 +36,7 @@ export function validateCOSESignature(
   const bufferPayload_ = Buffer.from(payload_ as Buffer)
   const SigStructure = ["Signature1", bufferProtected_, buffer0, bufferPayload_];
 
-  const ToBeSigned = cbor.encode(SigStructure);
+  const ToBeSigned = encodeCBOR(SigStructure);
   const messageHash = sha256.digest(ToBeSigned);
   const signature = {
     r: signature_.slice(0, signature_.length / 2),

diff --git a/src/main.ts b/src/main.ts
@@ -1,10 +1,10 @@
 import { base32 } from "rfc4648";
-import cbor from "cbor";
 import did from "./did";
 import { addBase32Padding } from "./util";
 import { validateCOSESignature } from "./crypto";
 import { parseCWTClaims, parseCWTHeaders, validateCWTClaims } from "./cwt";
 import { VerificationResult } from "./generalTypes";
+import { decodeCBOR } from "./cbor";
 
 // The function below implements v1 of NZ COVID Pass - Technical Specification
 // https://nzcp.covid19.health.nz/
@@ -118,7 +118,7 @@ export const verifyPassURIWithTrustedIssuers = async (
   //       a501781e6469643a7765623a6e7a63702e636f76696431392e6865616c74682e6e7a051a61819a0a041a7450400a627663a46840636f6e7465787482782668747470733a2f2f7777772e77332e6f72672f323031382f63726564656e7469616c732f7631782a68747470733a2f2f6e7a63702e636f76696431392e6865616c74682e6e7a2f636f6e74657874732f76316776657273696f6e65312e302e306474797065827456657269666961626c6543726564656e7469616c6f5075626c6963436f766964506173737163726564656e7469616c5375626a656374a369676976656e4e616d65644a61636b6a66616d696c794e616d656753706172726f7763646f626a313936302d30342d3136075060a4f54d4e304332be33ad78b1eafa4b -- [2], a501781e6469643a7765623a6e7a63702e636f76696431392e6865616c74682e6e7a051a61819a0a041a7450400a627663a46840636f6e7465787482782668747470733a2f2f7777772e77332e6f72672f323031382f63726564656e7469616c732f7631782a68747470733a2f2f6e7a63702e636f76696431392e6865616c74682e6e7a2f636f6e74657874732f76316776657273696f6e65312e302e306474797065827456657269666961626c6543726564656e7469616c6f5075626c6963436f766964506173737163726564656e7469616c5375626a656374a369676976656e4e616d65644a61636b6a66616d696c794e616d656753706172726f7763646f626a313936302d30342d3136075060a4f54d4e304332be33ad78b1eafa4b
   //   58            -- Bytes, length next 1 byte
   //     40          -- Bytes, length: 64
-  const decodedCOSEStructure = cbor.decode(uint8array);
+  const decodedCOSEStructure = decodeCBOR(uint8array);
 
   // Decoding the byte string present in the first element of the Decoded COSE structure, as a CBOR structure and rendering it via the expanded form yields the following.
   // Let this result be known as the Decoded CWT protected headers.
@@ -128,7 +128,7 @@ export const verifyPassURIWithTrustedIssuers = async (
   //   6b65792d31    -- {Val:0}, 6b65792d31
   // 01              -- {Key:1}, 1
   // 26              -- {Val:1}, -7
-  const decodedCWTProtectedHeaders = cbor.decode(
+  const decodedCWTProtectedHeaders = decodeCBOR(
     decodedCOSEStructure.value[0]
   ) as Map<number, Buffer | number>;
 
@@ -167,7 +167,7 @@ export const verifyPassURIWithTrustedIssuers = async (
     };
   }
 
-  const rawCWTClaims = cbor.decode(decodedCOSEStructure.value[2]) as Map<
+  const rawCWTClaims = decodeCBOR(decodedCOSEStructure.value[2]) as Map<
     number | string,
     string | number | Buffer | unknown
   >;