Use System.Formats.Cbor (#257)

* Add Cbor models

* Use Cbor models

* Update CborMap to support integer keys

* Rename CborArray.Count -> Length

* Use the map's definite length when available

* Implement CborObject.Encode() and add roundtrip test coverage

* Remove PeterO.Cbor dependency from build

* Rename CborObject.Parse -> Decode

* [Tests] Format Tpm

Author: iamcarbon

Src/Fido2/AttestationFormat/AndroidKey.cs

@@ -2,8 +2,9 @@
 using System.Linq;
 using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
+
+using Fido2NetLib.Cbor;
 using Fido2NetLib.Objects;
-using PeterO.Cbor;
 
 namespace Fido2NetLib
 {
@@ -142,54 +143,48 @@ public override (AttestationType, X509Certificate2[]) Verify()
         {
             // 1. Verify that attStmt is valid CBOR conforming to the syntax defined above and perform CBOR decoding on it to extract the contained fields
             // (handled in base class)
-            if (attStmt.Keys.Count is 0 || attStmt.Values.Count is 0)
+            if (attStmt.Count is 0)
                 throw new Fido2VerificationException("Attestation format android-key must have attestation statement");
 
-            if (Sig is null || Sig.Type != CBORType.ByteString || Sig.GetByteString().Length is 0)
+            if (!(Sig is CborByteString { Length: > 0 }))
                 throw new Fido2VerificationException("Invalid android-key attestation signature");
 
             // 2. Verify that sig is a valid signature over the concatenation of authenticatorData and clientDataHash 
             // using the attestation public key in attestnCert with the algorithm specified in alg
-            if (X5c is null || X5c.Type != CBORType.Array || X5c.Count is 0)
+            if (!(X5c is CborArray { Length: > 0 } x5cArray && x5cArray[0] is CborByteString { Length: > 0 }))
                 throw new Fido2VerificationException("Malformed x5c in android-key attestation");
 
-            if (X5c.Values is null || X5c.Values.Count is 0 ||
-                X5c.Values.First().Type != CBORType.ByteString ||
-                X5c.Values.First().GetByteString().Length is 0)
-            {
-                throw new Fido2VerificationException("Malformed x5c in android-key attestation");
-            }
 
             X509Certificate2 androidKeyCert;
             ECDsa androidKeyPubKey;
             try
             {
-                androidKeyCert = new X509Certificate2(X5c.Values.First().GetByteString());
+                androidKeyCert = new X509Certificate2((byte[])x5cArray[0]);
                 androidKeyPubKey = androidKeyCert.GetECDsaPublicKey()!; // attestation public key
             }
             catch (Exception ex)
             {
                 throw new Fido2VerificationException("Failed to extract public key from android key: " + ex.Message, ex);
             }
 
-            if (Alg is null || !Alg.IsNumber)
+            if (!(Alg is CborInteger))
                 throw new Fido2VerificationException("Invalid android key attestation algorithm");
 
             byte[] ecsig;
             try
             {
-                ecsig = CryptoUtils.SigFromEcDsaSig(Sig.GetByteString(), androidKeyPubKey.KeySize);
+                ecsig = CryptoUtils.SigFromEcDsaSig((byte[])Sig, androidKeyPubKey.KeySize);
             }
             catch (Exception ex)
             {
                 throw new Fido2VerificationException("Failed to decode android key attestation signature from ASN.1 encoded form", ex);
             }
 
-            if (!androidKeyPubKey.VerifyData(Data, ecsig, CryptoUtils.HashAlgFromCOSEAlg((COSE.Algorithm)Alg.AsInt32())))
+            if (!androidKeyPubKey.VerifyData(Data, ecsig, CryptoUtils.HashAlgFromCOSEAlg((COSE.Algorithm)(int)Alg)))
                 throw new Fido2VerificationException("Invalid android key attestation signature");
 
             // 3. Verify that the public key in the first certificate in x5c matches the credentialPublicKey in the attestedCredentialData in authenticatorData.
-            if (!AuthData.AttestedCredentialData.CredentialPublicKey.Verify(Data, Sig.GetByteString()))
+            if (!AuthData.AttestedCredentialData.CredentialPublicKey.Verify(Data, (byte[])Sig))
                 throw new Fido2VerificationException("Incorrect credentialPublicKey in android key attestation");
 
             // 4. Verify that the attestationChallenge field in the attestation certificate extension data is identical to clientDataHash
@@ -222,8 +217,8 @@ public override (AttestationType, X509Certificate2[]) Verify()
             if (!IsPurposeSign(attExtBytes))
                 throw new Fido2VerificationException("Found purpose field not set to KM_PURPOSE_SIGN in android key attestation certificate extension");
 
-            var trustPath = X5c.Values
-                .Select(x => new X509Certificate2(x.GetByteString()))
+            var trustPath = x5cArray.Values
+                .Select(x => new X509Certificate2((byte[])x))
                 .ToArray();
 
             return (AttestationType.Basic, trustPath);

Src/Fido2/AttestationFormat/AndroidSafetyNet.cs

@@ -7,9 +7,10 @@
 using System.Text;
 using System.Text.Json;
 
+using Fido2NetLib.Cbor;
 using Fido2NetLib.Objects;
+
 using Microsoft.IdentityModel.Tokens;
-using PeterO.Cbor;
 
 namespace Fido2NetLib
 {
@@ -35,20 +36,18 @@ public override (AttestationType, X509Certificate2[]) Verify()
             // 1. Verify that attStmt is valid CBOR conforming to the syntax defined above and perform 
             // CBOR decoding on it to extract the contained fields
             // (handled in base class)
-            if (attStmt["ver"].Type != CBORType.TextString ||
-                attStmt["ver"].AsString().Length is 0)
+            if (!(attStmt["ver"] is CborTextString { Length: > 0 }))
             {
                 throw new Fido2VerificationException("Invalid version in SafetyNet data");
             }
 
             // 2. Verify that response is a valid SafetyNet response of version ver
-            var ver = attStmt["ver"].AsString();
+            var ver = (string)attStmt["ver"];
 
-            if (attStmt["response"].Type != CBORType.ByteString ||
-                attStmt["response"].GetByteString().Length is 0)
+            if (!(attStmt["response"] is CborByteString { Length: > 0}))
                 throw new Fido2VerificationException("Invalid response in SafetyNet data");
 
-            var response = attStmt["response"].GetByteString();
+            var response = (byte[])attStmt["response"];
             var responseJWT = Encoding.UTF8.GetString(response);
 
             if (string.IsNullOrWhiteSpace(responseJWT))

Src/Fido2/AttestationFormat/Apple.cs

@@ -3,8 +3,9 @@
 using System.Linq;
 using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
+
+using Fido2NetLib.Cbor;
 using Fido2NetLib.Objects;
-using PeterO.Cbor;
 
 namespace Fido2NetLib
 {
@@ -41,19 +42,16 @@ public static byte[] GetAppleAttestationExtensionValue(X509ExtensionCollection e
         public override (AttestationType, X509Certificate2[]) Verify()
         {
             // 1. Verify that attStmt is valid CBOR conforming to the syntax defined above and perform CBOR decoding on it to extract the contained fields.
-            if (X5c is null || X5c.Type != CBORType.Array || X5c.Count < 2 ||
-                X5c.Values is null || X5c.Values.Count is 0 ||
-                X5c.Values.First().Type != CBORType.ByteString ||
-                X5c.Values.First().GetByteString().Length is 0)
+            if (!(X5c is CborArray { Length: >= 2 } x5cArray && x5cArray[0] is CborByteString {  Length: > 0 }))
             {
                 throw new Fido2VerificationException("Malformed x5c in Apple attestation");
             }
 
             // 2. Verify x5c is a valid certificate chain starting from the credCert to the Apple WebAuthn root certificate.
             // This happens in AuthenticatorAttestationResponse.VerifyAsync using metadata from MDS3
 
-            var trustPath = X5c.Values
-                .Select(x => new X509Certificate2(x.GetByteString()))
+            var trustPath = x5cArray.Values
+                .Select(x => new X509Certificate2((byte[])x))
                 .ToArray();
 
             // credCert is the first certificate in the trust path
@@ -74,7 +72,7 @@ X5c.Values is null || X5c.Values.Count is 0 ||
 
             // 6. Verify credential public key matches the Subject Public Key of credCert.
             // First, obtain COSE algorithm being used from credential public key
-            var coseAlg = CredentialPublicKey[CBORObject.FromObject(COSE.KeyCommonParameter.Alg)].AsInt32();
+            var coseAlg = (int)CredentialPublicKey[COSE.KeyCommonParameter.Alg];
 
             // Next, build temporary CredentialPublicKey for comparison from credCert and COSE algorithm
             var cpk = new CredentialPublicKey(credCert, coseAlg);

Src/Fido2/AttestationFormat/AttestationFormat.cs

@@ -1,26 +1,25 @@
 #nullable disable
 
-using PeterO.Cbor;
-using System;
+using System.Formats.Asn1;
+using System.Linq;
 using System.Security.Cryptography.X509Certificates;
+using Fido2NetLib.Cbor;
 using Fido2NetLib.Objects;
-using System.Linq;
-using System.Formats.Asn1;
 
 namespace Fido2NetLib
 {
     public abstract class AttestationVerifier
     {
-        public CBORObject attStmt;
+        public CborMap attStmt;
         public byte[] authenticatorData;
         public byte[] clientDataHash;
 
-        internal CBORObject Sig => attStmt["sig"];
-        internal CBORObject X5c => attStmt["x5c"];
-        internal CBORObject Alg => attStmt["alg"];
-        internal CBORObject EcdaaKeyId => attStmt["ecdaaKeyId"];
+        internal CborObject Sig => attStmt["sig"];
+        internal CborObject X5c => attStmt["x5c"];
+        internal CborObject Alg => attStmt["alg"];
+        internal CborObject EcdaaKeyId => attStmt["ecdaaKeyId"];
         internal AuthenticatorData AuthData => new AuthenticatorData(authenticatorData);
-        internal CBORObject CredentialPublicKey => AuthData.AttestedCredentialData.CredentialPublicKey.GetCBORObject();
+        internal CborMap CredentialPublicKey => AuthData.AttestedCredentialData.CredentialPublicKey.GetCborObject();
         internal byte[] Data => DataHelper.Concat(authenticatorData, clientDataHash);
 
         internal static byte[] AaguidFromAttnCertExts(X509ExtensionCollection exts)
@@ -74,7 +73,7 @@ internal static byte U2FTransportsFromAttnCert(X509ExtensionCollection exts)
 
             return u2ftransports;
         }
-        public virtual (AttestationType, X509Certificate2[]) Verify(CBORObject attStmt, byte[] authenticatorData, byte[] clientDataHash)
+        public virtual (AttestationType, X509Certificate2[]) Verify(CborMap attStmt, byte[] authenticatorData, byte[] clientDataHash)
         {
             this.attStmt = attStmt;
             this.authenticatorData = authenticatorData;

Src/Fido2/AttestationFormat/FidoU2f.cs

@@ -3,8 +3,9 @@
 using System.Runtime.InteropServices;
 using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
+
+using Fido2NetLib.Cbor;
 using Fido2NetLib.Objects;
-using PeterO.Cbor;
 
 namespace Fido2NetLib
 {
@@ -19,19 +20,14 @@ public override (AttestationType, X509Certificate2[]) Verify()
             // https://www.w3.org/TR/webauthn/#fido-u2f-attestation
             // 1. Verify that attStmt is valid CBOR conforming to the syntax defined above and perform CBOR decoding on it to extract the contained fields.
             // (handled in base class)
-            if (X5c is null || X5c.Type != CBORType.Array || X5c.Count != 1)
-                throw new Fido2VerificationException("Malformed x5c in fido - u2f attestation");
 
             // 2a. Check that x5c has exactly one element and let attCert be that element.
-            if (X5c.Values is null ||
-                X5c.Values.Count is 0 ||
-                X5c.Values.First().Type != CBORType.ByteString ||
-                X5c.Values.First().GetByteString().Length is 0)
+            if (!(X5c is CborArray { Length: 1 } x5cArray && x5cArray[0] is CborByteString { Length: > 0 }))
             {
                 throw new Fido2VerificationException("Malformed x5c in fido-u2f attestation");
             }
 
-            var attCert = new X509Certificate2(X5c.Values.First().GetByteString());
+            var attCert = new X509Certificate2((byte[])X5c[0]);
 
             // TODO : Check why this variable isn't used. Remove it or use it.
             var u2ftransports = U2FTransportsFromAttnCert(attCert.Extensions);
@@ -56,10 +52,10 @@ X5c.Values.Count is 0 ||
 
             // 4. Convert the COSE_KEY formatted credentialPublicKey (see Section 7 of [RFC8152]) to CTAP1/U2F public Key format (Raw ANSI X9.62 public key format)
             // 4a. Let x be the value corresponding to the "-2" key (representing x coordinate) in credentialPublicKey, and confirm its size to be of 32 bytes. If size differs or "-2" key is not found, terminate this algorithm and return an appropriate error
-            var x = CredentialPublicKey[CBORObject.FromObject(COSE.KeyTypeParameter.X)].GetByteString();
+            var x = (byte[])CredentialPublicKey[COSE.KeyTypeParameter.X];
 
             // 4b. Let y be the value corresponding to the "-3" key (representing y coordinate) in credentialPublicKey, and confirm its size to be of 32 bytes. If size differs or "-3" key is not found, terminate this algorithm and return an appropriate error
-            var y = CredentialPublicKey[CBORObject.FromObject(COSE.KeyTypeParameter.Y)].GetByteString();
+            var y = (byte[])CredentialPublicKey[COSE.KeyTypeParameter.Y];
 
             // 4c.Let publicKeyU2F be the concatenation 0x04 || x || y
             var publicKeyU2F = DataHelper.Concat(stackalloc byte[1] { 0x4 }, x, y);
@@ -74,28 +70,28 @@ X5c.Values.Count is 0 ||
             );
 
             // 6. Verify the sig using verificationData and certificate public key
-            if (Sig is null || Sig.Type != CBORType.ByteString || Sig.GetByteString().Length is 0)
+            if (!(Sig is CborByteString { Length: > 0 }))
                 throw new Fido2VerificationException("Invalid fido-u2f attestation signature");
 
             byte[] ecsig;
             try
             {
-                ecsig = CryptoUtils.SigFromEcDsaSig(Sig.GetByteString(), pubKey.KeySize);
+                ecsig = CryptoUtils.SigFromEcDsaSig((byte[])Sig, pubKey.KeySize);
             }
             catch (Exception ex)
             {
                 throw new Fido2VerificationException("Failed to decode fido-u2f attestation signature from ASN.1 encoded form", ex);
             }
 
-            var coseAlg = (COSE.Algorithm)CredentialPublicKey[CBORObject.FromObject(COSE.KeyCommonParameter.Alg)].AsInt32();
+            var coseAlg = (COSE.Algorithm)(int)CredentialPublicKey[COSE.KeyCommonParameter.Alg];
             var hashAlg = CryptoUtils.HashAlgFromCOSEAlg(coseAlg);
 
             if (!pubKey.VerifyData(verificationData, ecsig, hashAlg))
                 throw new Fido2VerificationException("Invalid fido-u2f attestation signature");
 
             // 7. Optionally, inspect x5c and consult externally provided knowledge to determine whether attStmt conveys a Basic or AttCA attestation
-            var trustPath = X5c.Values
-                .Select(x => new X509Certificate2(x.GetByteString()))
+            var trustPath = ((CborArray)X5c).Values
+                .Select(x => new X509Certificate2((byte[])x))
                 .ToArray();
 
             return (AttestationType.AttCa, trustPath);

Src/Fido2/AttestationFormat/None.cs

@@ -7,7 +7,7 @@ public sealed class None : AttestationVerifier
     {
         public override (AttestationType, X509Certificate2[]?) Verify()
         {
-            if (0 != attStmt.Keys.Count && 0 != attStmt.Values.Count)
+            if (attStmt.Count != 0)
                 throw new Fido2VerificationException("Attestation format none should have no attestation statement");
 
             return (AttestationType.None, null);