Update to new version of CBOR-JAVA

Update to newest version of CBOR-JAVA to deal with the latest security bug in the library.

Author: jimsch

pom.xml

@@ -6,7 +6,7 @@
 
     <groupId>com.augustcellars.cose</groupId>
     <artifactId>cose-java</artifactId>
-    <version>0.9.10</version>
+    <version>1.0.0</version>
 
     <name>com.augustcellars.cose:cose-java</name>
     <description>A Java implementation that supports the COSE secure message specification.</description>
@@ -109,7 +109,7 @@
         <dependency>
             <groupId>com.upokecenter</groupId>
             <artifactId>cbor</artifactId>
-            <version>3.5.0</version>
+            <version>4.0.1</version>
         </dependency>
 
         <dependency>

src/main/java/COSE/Attribute.java

@@ -111,7 +111,7 @@ public class Attribute {
 
     public void addAttribute(CBORObject label, CBORObject value, int where) throws CoseException {
         removeAttribute(label);
-        if ((label.getType() != CBORType.Number) &&  (label.getType() != CBORType.TextString)) {
+        if ((label.getType() != CBORType.Integer) &&  (label.getType() != CBORType.TextString)) {
             throw new CoseException("Labels must be integers or strings");
         }
         switch (where) {

src/main/java/COSE/CounterSign1.java

@@ -27,6 +27,8 @@ public CounterSign1(byte[] rgb) {
     public CounterSign1(OneKey key) {
         super(key);
         contextString = "CounterSignature0";
+        objUnprotected.Clear();
+        objProtected.Clear();
     }
 
     private Message m_msgToSign;
@@ -42,6 +44,11 @@ public void setObject(Signer signer)
         m_signerToSign = signer;
     }
 
+    public void setKey(OneKey key)
+    {
+        cnKey = key;
+    }
+    
     @Override
     public void DecodeFromCBORObject(CBORObject cbor) throws CoseException {
         if (cbor.getType() != CBORType.ByteString) {
@@ -54,7 +61,7 @@ public void DecodeFromCBORObject(CBORObject cbor) throws CoseException {
 
     public CBORObject EncodeToCBORObject() throws CoseException {
         if (!objProtected.getValues().isEmpty() || !objUnprotected.getValues().isEmpty()) {
-            throw new CoseException("CoutnerSign1 object cannot have protected or unprotected attributes");
+            throw new CoseException("CounterSign1 object cannot have protected or unprotected attributes");
         }
 
         return CBORObject.FromObject(rgbSignature);

src/main/java/COSE/OneKey.java

@@ -140,7 +140,7 @@ public CBORObject get(KeyKeys keyValue) {
     }
 
     public CBORObject get(CBORObject keyValue) throws CoseException {
-        if ((keyValue.getType() != CBORType.Number) && (keyValue.getType() != CBORType.TextString)) throw new CoseException("keyValue type is incorrect");
+        if ((keyValue.getType() != CBORType.Integer) && (keyValue.getType() != CBORType.TextString)) throw new CoseException("keyValue type is incorrect");
         return keyMap.get(keyValue);
     }
 
@@ -232,13 +232,13 @@ public boolean HasKeyOp(Integer that) {
             result = (thisObj == null);
         } else {
             result = false;
-            if (thisObj.getType() == CBORType.Number) {
+            if (thisObj.getType() == CBORType.Integer) {
                 if (thisObj.AsInt32() == that) {
                     result = true;
                 }
             } else if (thisObj.getType() == CBORType.Array) {
                 for (int i = 0; i < thisObj.size(); i++) {
-                    if ((thisObj.get(i).getType() == CBORType.Number) && (thisObj.get(i).AsInt32() == that)) {
+                    if ((thisObj.get(i).getType() == CBORType.Integer) && (thisObj.get(i).AsInt32() == that)) {
                         result = true;
                         break;
                     }
@@ -253,7 +253,7 @@ private void CheckKeyState() throws CoseException {
 
         //  Must have a key type
         val = OneKey.this.get(KeyKeys.KeyType);
-        if ((val == null) || (val.getType() != CBORType.Number)) throw new CoseException("Missing or incorrect key type field");
+        if ((val == null) || (val.getType() != CBORType.Integer)) throw new CoseException("Missing or incorrect key type field");
 
         if (val.equals(KeyKeys.KeyType_Octet)) {
             val = OneKey.this.get(KeyKeys.Octet_K);
@@ -652,7 +652,7 @@ else if (val.equals(KeyKeys.KeyType_OKP)) {
 
         for (CBORObject obj : keyMap.getKeys()) {
             val = keyMap.get(obj);
-            if (obj.getType() == CBORType.Number) {
+            if (obj.getType() == CBORType.Integer) {
                 if (obj.AsInt32() > 0) {
                     newKey.add(obj, val);
                 }

src/test/java/COSE/RegressionTest.java

@@ -985,7 +985,7 @@ public byte[] hexStringToByteArray(String s) {
 
     static CBORObject AlgorithmMap(CBORObject old)
      {
-         if (old.getType() == CBORType.Number) {
+         if (old.getType() == CBORType.Integer) {
              return old;
          }
 

src/test/java/COSE/SignWikiTest.java

@@ -157,13 +157,13 @@ public static boolean MultiValidateSignedMessage(byte[] message, KeySet keys, bo
 
                     CBORObject ops = k.get(KeyKeys.Key_Ops);
                     if (ops != null) {
-                        if (ops.getType() == CBORType.Number) {
+                        if (ops.getType() == CBORType.Integer) {
                             if (ops.AsInt32() != 2) continue;
                         } 
                         else if (ops.getType() == CBORType.Array) {
                             boolean found = false;
                             for (int i=0; i<ops.size(); i++) {
-                                if ((ops.get(i).getType() == CBORType.Number) && (ops.get(i).AsInt32() == 2)) {
+                                if ((ops.get(i).getType() == CBORType.Integer) && (ops.get(i).AsInt32() == 2)) {
                                     found = true;
                                     break;
                                 }