Improve Code Quality 7 (#279)

iamcarbon · web-flow · commit cf0dd8a7fc92 · 2021-12-21T20:51:24.000-05:00
* Eliminate HashAlgorithm allocations

* Make CryptoUtils internal (to allow for future optimizations)

* Replace CompareTo with Equals

* Seal Packed AttestationVerifier

* Fix member visibility
diff --git a/Src/Fido2/AttestationFormat/Packed.cs b/Src/Fido2/AttestationFormat/Packed.cs
@@ -7,7 +7,7 @@
 
 namespace Fido2NetLib
 {
-    internal class Packed : AttestationVerifier
+    internal sealed class Packed : AttestationVerifier
     {
         private static readonly string[] s_newLine = new string[] { Environment.NewLine };
 
diff --git a/Src/Fido2/AttestationFormat/Tpm.cs b/Src/Fido2/AttestationFormat/Tpm.cs
@@ -111,23 +111,21 @@ public override (AttestationType, X509Certificate2[]) Verify()
             // Handled in CertInfo constructor, see CertInfo.Type
 
             // 4c. Verify that extraData is set to the hash of attToBeSigned using the hash algorithm employed in "alg"
-            if (!(Alg is CborInteger))
+            if (Alg is not CborInteger)
                 throw new Fido2VerificationException("Invalid TPM attestation algorithm");
 
             var alg = (COSE.Algorithm)(int)Alg;
 
-            using (HashAlgorithm hasher = CryptoUtils.GetHasher(CryptoUtils.HashAlgFromCOSEAlg(alg)))
-            {
-                if (!hasher.ComputeHash(Data).AsSpan().SequenceEqual(certInfo.ExtraData))
-                    throw new Fido2VerificationException("Hash value mismatch extraData and attToBeSigned");
-            }
-
+            ReadOnlySpan<byte> dataHash = CryptoUtils.HashData(CryptoUtils.HashAlgFromCOSEAlg(alg), Data);
+            
+            if (!dataHash.SequenceEqual(certInfo.ExtraData))
+                throw new Fido2VerificationException("Hash value mismatch extraData and attToBeSigned");
+            
             // 4d. Verify that attested contains a TPMS_CERTIFY_INFO structure, whose name field contains a valid Name for pubArea, as computed using the algorithm in the nameAlg field of pubArea 
-            using (HashAlgorithm hasher = CryptoUtils.GetHasher(CryptoUtils.HashAlgFromCOSEAlg((COSE.Algorithm)certInfo.Alg)))
-            {
-                if (!hasher.ComputeHash(pubArea.Raw).AsSpan().SequenceEqual(certInfo.AttestedName))
-                    throw new Fido2VerificationException("Hash value mismatch attested and pubArea");
-            }
+            ReadOnlySpan<byte> pubAreaRawHash = CryptoUtils.HashData(CryptoUtils.HashAlgFromCOSEAlg((COSE.Algorithm)certInfo.Alg), pubArea.Raw);
+           
+            if (!pubAreaRawHash.SequenceEqual(certInfo.AttestedName))
+                throw new Fido2VerificationException("Hash value mismatch attested and pubArea");            
 
             // 4e. Note that the remaining fields in the "Standard Attestation Structure" [TPMv2-Part1] section 31.2, i.e., qualifiedSigner, clockInfo and firmwareVersion are ignored. These fields MAY be used as an input to risk engines.
 
diff --git a/Src/Fido2/CryptoUtils.cs b/Src/Fido2/CryptoUtils.cs
@@ -7,35 +7,18 @@
 
 namespace Fido2NetLib
 {
-    public static class CryptoUtils
+    internal static class CryptoUtils
     {
-        public static HashAlgorithm GetHasher(HashAlgorithmName hashName)
+        public static byte[] HashData(HashAlgorithmName hashName, ReadOnlySpan<byte> data)
         {
-            switch (hashName.Name)
+            return hashName.Name switch
             {
-                case "SHA1":
-                    return SHA1.Create();
-                case "SHA256":
-                case "HS256":
-                case "RS256":
-                case "ES256":
-                case "PS256":
-                    return SHA256.Create();
-                case "SHA384":
-                case "HS384":
-                case "RS384":
-                case "ES384":
-                case "PS384":
-                    return SHA384.Create();
-                case "SHA512":
-                case "HS512":
-                case "RS512":
-                case "ES512":
-                case "PS512":
-                    return SHA512.Create();
-                default:
-                    throw new ArgumentOutOfRangeException(nameof(hashName));
-            }
+                "SHA1"                                               => SHA1.HashData(data),
+                "SHA256" or "HS256" or "RS256" or "ES256" or "PS256" => SHA256.HashData(data),
+                "SHA384" or "HS384" or "RS384" or "ES384" or "PS384" => SHA384.HashData(data),
+                "SHA512" or "HS512" or "RS512" or "ES512" or "PS512" => SHA512.HashData(data),
+                _ => throw new ArgumentOutOfRangeException(nameof(hashName)),
+            };
         }
 
         public static HashAlgorithmName HashAlgFromCOSEAlg(COSE.Algorithm alg)
@@ -72,12 +55,14 @@ public static bool ValidateTrustChain(X509Certificate2[] trustPath, X509Certific
             // A trust anchor can be a root certificate, an intermediate CA certificate or even the attestation certificate itself.
 
             // Let's check the simplest case first.  If subject and issuer are the same, and the attestation cert is in the list, that's all the validation we need
-            if (trustPath.Length == 1 && trustPath[0].Subject.CompareTo(trustPath[0].Issuer) == 0)
+            if (trustPath.Length == 1 && trustPath[0].Subject.Equals(trustPath[0].Issuer, StringComparison.Ordinal))
             {
                 foreach (X509Certificate2? cert in attestationRootCertificates)
                 {
-                    if (cert.Thumbprint.CompareTo(trustPath[0].Thumbprint) == 0)
+                    if (cert.Thumbprint.Equals(trustPath[0].Thumbprint, StringComparison.Ordinal))
+                    {
                         return true;
+                    }
                 }
                 return false;
             }
diff --git a/Src/Fido2/Metadata/ConformanceMetadataRepository.cs b/Src/Fido2/Metadata/ConformanceMetadataRepository.cs
@@ -98,12 +98,12 @@ public async Task<MetadataBLOBPayload> GetBLOBAsync()
             return combinedBlob;
         }
 
-        protected Task<string> DownloadStringAsync(string url)
+        private Task<string> DownloadStringAsync(string url)
         {
             return _httpClient.GetStringAsync(url);
         }
 
-        protected Task<byte[]> DownloadDataAsync(string url)
+        private Task<byte[]> DownloadDataAsync(string url)
         {
             return _httpClient.GetByteArrayAsync(url);
         }
diff --git a/Test/Attestation/Tpm.cs b/Test/Attestation/Tpm.cs
diff --git a/Test/Fido2Tests.cs b/Test/Fido2Tests.cs

Original file line number	Diff line number	Diff line change
`@@ -7,7 +7,7 @@`
`7`	`7`
`8`	`8`	`namespace Fido2NetLib`
`9`	`9`	`{`
`10`		`- internal class Packed : AttestationVerifier`
	`10`	`+ internal sealed class Packed : AttestationVerifier`
`11`	`11`	`{`
`12`	`12`	`private static readonly string[] s_newLine = new string[] { Environment.NewLine };`
`13`	`13`
Original file line number	Diff line number	Diff line change
`@@ -98,12 +98,12 @@ public async Task<MetadataBLOBPayload> GetBLOBAsync()`
`98`	`98`	`return combinedBlob;`
`99`	`99`	`}`
`100`	`100`
`101`		`- protected Task<string> DownloadStringAsync(string url)`
	`101`	`+ private Task<string> DownloadStringAsync(string url)`
`102`	`102`	`{`
`103`	`103`	`return _httpClient.GetStringAsync(url);`
`104`	`104`	`}`
`105`	`105`
`106`		`- protected Task<byte[]> DownloadDataAsync(string url)`
	`106`	`+ private Task<byte[]> DownloadDataAsync(string url)`
`107`	`107`	`{`
`108`	`108`	`return _httpClient.GetByteArrayAsync(url);`
`109`	`109`	`}`