passwordless-lib · abergs · Nov 18, 2024 · Nov 8, 2024 · Nov 8, 2024 · Nov 8, 2024
diff --git a/Demo/TestController.cs b/Demo/TestController.cs
@@ -1,5 +1,7 @@
-using System.Text;
+using System.Buffers.Text;
+using System.Text;
 using System.Text.Json;
+
 using Fido2NetLib;
 using Fido2NetLib.Development;
 using Fido2NetLib.Objects;
@@ -42,7 +44,7 @@ public OkObjectResult MakeCredentialOptionsTest([FromBody] TEST_MakeCredentialPa
 
         try
         {
-            username = Base64Url.Decode(opts.Username);
+            username = Base64Url.DecodeFromChars(opts.Username);
         }
         catch (FormatException)
         {

diff --git a/Src/Fido2.Models/Base64Url.cs b/Src/Fido2.Models/Base64Url.cs
diff --git a/Src/Fido2.Models/Converters/Base64UrlConverter.cs b/Src/Fido2.Models/Converters/Base64UrlConverter.cs
@@ -1,4 +1,6 @@
-using System.Text.Json;
+using System.Buffers;
+using System.Buffers.Text;
+using System.Text.Json;
 using System.Text.Json.Serialization;
 
 namespace Fido2NetLib;
@@ -12,16 +14,27 @@ public override byte[] Read(ref Utf8JsonReader reader, Type typeToConvert, JsonS
     {
         if (!reader.HasValueSequence)
         {
-            return Base64Url.DecodeUtf8(reader.ValueSpan);
+            return Base64Url.DecodeFromUtf8(reader.ValueSpan);
         }
         else
         {
-            return Base64Url.Decode(reader.GetString());
+            return Base64Url.DecodeFromChars(reader.GetString());
         }
     }
 
     public override void Write(Utf8JsonWriter writer, byte[] value, JsonSerializerOptions options)
     {
-        writer.WriteStringValue(Base64Url.Encode(value));
+        var rentedBuffer = ArrayPool<byte>.Shared.Rent(Base64Url.GetEncodedLength(value.Length));
+
+        try
+        {
+            Base64Url.EncodeToUtf8(value, rentedBuffer, out _, out int written);
+
+            writer.WriteStringValue(rentedBuffer.AsSpan(0..written));
+        }
+        finally
+        {
+            ArrayPool<byte>.Shared.Return(rentedBuffer);
+        }
     }
 }
diff --git a/Src/Fido2.Models/Fido2.Models.csproj b/Src/Fido2.Models/Fido2.Models.csproj
@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
     <TargetFrameworks>$(SupportedTargetFrameworks)</TargetFrameworks>
@@ -9,4 +9,8 @@
     <IsPackable>true</IsPackable>
   </PropertyGroup>
 
+  <ItemGroup>
+    <PackageReference Include="Microsoft.Bcl.Memory" Version="9.0.0-rc.2.24473.5" />
+  </ItemGroup>
+
 </Project>
diff --git a/Src/Fido2.Models/Metadata/BiometricStatusReport.cs b/Src/Fido2.Models/Metadata/BiometricStatusReport.cs
@@ -1,5 +1,4 @@
-using System.ComponentModel.DataAnnotations;
-using System.Text.Json.Serialization;
+using System.Text.Json.Serialization;
 
 namespace Fido2NetLib;
 

diff --git a/Src/Fido2/AttestationFormat/AndroidSafetyNet.cs b/Src/Fido2/AttestationFormat/AndroidSafetyNet.cs
@@ -1,4 +1,5 @@
 using System;
+using System.Buffers.Text;
 using System.Collections.Generic;
 using System.Linq;
 using System.Security.Cryptography;
@@ -46,7 +47,7 @@ public override async ValueTask<VerifyAttestationResult> VerifyAsync(VerifyAttes
 
         try
         {
-            jwtHeaderBytes = Base64Url.Decode(jwtComponents[0]);
+            jwtHeaderBytes = Base64Url.DecodeFromChars(jwtComponents[0]);
         }
         catch (FormatException)
         {

diff --git a/Src/Fido2/AuthenticatorAssertionResponse.cs b/Src/Fido2/AuthenticatorAssertionResponse.cs
@@ -1,5 +1,4 @@
 using System;
-using System.Collections.Generic;
 using System.Linq;
 using System.Security.Cryptography;
 using System.Text;

diff --git a/Src/Fido2/MakeAssertionParams.cs b/Src/Fido2/MakeAssertionParams.cs
@@ -1,6 +1,4 @@
-using System;
-using System.Collections.Generic;
-using System.ComponentModel;
+using System.ComponentModel;
 
 namespace Fido2NetLib;
 

diff --git a/Src/Fido2/Metadata/ConformanceMetadataRepository.cs b/Src/Fido2/Metadata/ConformanceMetadataRepository.cs
@@ -1,4 +1,5 @@
 using System;
+using System.Buffers.Text;
 using System.Collections.Generic;
 using System.Linq;
 using System.Net.Http;
@@ -132,7 +133,7 @@ public async Task<MetadataBLOBPayload> DeserializeAndValidateBlobAsync(string ra
             throw new Fido2MetadataException("The JWT does not have the 3 expected components");
 
         var blobHeader = jwtParts[0];
-        using var jsonDoc = JsonDocument.Parse(Base64Url.Decode(blobHeader));
+        using var jsonDoc = JsonDocument.Parse(Base64Url.DecodeFromChars(blobHeader));
         var tokenHeader = jsonDoc.RootElement;
 
         var blobAlg = tokenHeader.TryGetProperty("alg", out var algEl)
@@ -235,7 +236,7 @@ public async Task<MetadataBLOBPayload> DeserializeAndValidateBlobAsync(string ra
 
         var blobPayload = ((JsonWebToken)validateTokenResult.SecurityToken).EncodedPayload;
 
-        MetadataBLOBPayload blob = JsonSerializer.Deserialize(Base64Url.Decode(blobPayload), FidoModelSerializerContext.Default.MetadataBLOBPayload)!;
+        MetadataBLOBPayload blob = JsonSerializer.Deserialize(Base64Url.DecodeFromChars(blobPayload), FidoModelSerializerContext.Default.MetadataBLOBPayload)!;
         blob.JwtAlg = blobAlg;
         return blob;
     }

diff --git a/Src/Fido2/Metadata/Fido2MetadataServiceRepository.cs b/Src/Fido2/Metadata/Fido2MetadataServiceRepository.cs
@@ -1,4 +1,5 @@
 using System;
+using System.Buffers.Text;
 using System.Linq;
 using System.Net.Http;
 using System.Security.Cryptography;
@@ -67,7 +68,7 @@ private async Task<MetadataBLOBPayload> DeserializeAndValidateBlobAsync(string r
             throw new ArgumentException("The JWT does not have the 3 expected components");
 
         var blobHeaderString = jwtParts[0];
-        using var blobHeaderDoc = JsonDocument.Parse(Base64Url.Decode(blobHeaderString));
+        using var blobHeaderDoc = JsonDocument.Parse(Base64Url.DecodeFromChars(blobHeaderString));
         var blobHeader = blobHeaderDoc.RootElement;
 
         string blobAlg = blobHeader.TryGetProperty("alg", out var algEl)
@@ -186,7 +187,7 @@ private async Task<MetadataBLOBPayload> DeserializeAndValidateBlobAsync(string r
 
         var blobPayload = ((JsonWebToken)validateTokenResult.SecurityToken).EncodedPayload;
 
-        MetadataBLOBPayload blob = JsonSerializer.Deserialize(Base64Url.Decode(blobPayload), FidoModelSerializerContext.Default.MetadataBLOBPayload)!;
+        MetadataBLOBPayload blob = JsonSerializer.Deserialize(Base64Url.DecodeFromChars(blobPayload), FidoModelSerializerContext.Default.MetadataBLOBPayload)!;
         blob.JwtAlg = blobAlg;
         return blob;
     }

diff --git a/Src/Fido2/Objects/CredentialPublicKey.cs b/Src/Fido2/Objects/CredentialPublicKey.cs
@@ -1,7 +1,9 @@
 using System;
 using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
+
 using Fido2NetLib.Cbor;
+
 using NSec.Cryptography;
 
 namespace Fido2NetLib.Objects;

diff --git a/Src/Fido2/TokenBindingDto.cs b/Src/Fido2/TokenBindingDto.cs
@@ -1,4 +1,5 @@
-using System.Text.Json.Serialization;
+using System.Buffers.Text;
+using System.Text.Json.Serialization;
 namespace Fido2NetLib;
 
 public class TokenBindingDto
@@ -25,7 +26,7 @@ public void Verify(byte[]? requestTokenbinding)
             case "present":
                 if (string.IsNullOrEmpty(Id))
                     throw new Fido2VerificationException("TokenBinding status was present but Id is missing");
-                var b64 = Base64Url.Encode(requestTokenbinding);
+                var b64 = Base64Url.EncodeToString(requestTokenbinding);
                 if (Id != b64)
                     throw new Fido2VerificationException("Tokenbinding Id does not match");
                 break;