Added byte encoding support to CredentialPublicKey

Author: dimitribouniol

Sources/WebAuthn/Ceremonies/Shared/COSE/CBOR+COSEHelpers.swift

@@ -0,0 +1,84 @@
+//===----------------------------------------------------------------------===//
+//
+// This source file is part of the WebAuthn Swift open source project
+//
+// Copyright (c) 2022 the WebAuthn Swift project authors
+// Licensed under Apache License v2.0
+//
+// See LICENSE.txt for license information
+// See CONTRIBUTORS.txt for the list of WebAuthn Swift project authors
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+//===----------------------------------------------------------------------===//
+
+import Foundation
+import SwiftCBOR
+
+extension CBOR {
+    subscript(key: COSEKey) -> CBOR? {
+        get { self[.signedInt(key)] }
+        set { self[.signedInt(key)] = newValue }
+    }
+    
+    static func encodeSortedPairs(_ pairs: [(COSEKey, CBOR)], options: CBOROptions = CBOROptions()) -> [UInt8] {
+        encodeSortedPairs(pairs.map { (CBOR.signedInt($0), $1) }, options: options)
+    }
+}
+
+extension CBOR {
+    static func signedInt(_ int: some SignedInteger) -> CBOR {
+        if int < 0 {
+            return .negativeInt(UInt64(abs(-1 - int)))
+        } else {
+            return .unsignedInt(UInt64(int))
+        }
+    }
+    
+    static func signedInt<T: RawRepresentable>(_ rawInt: T) -> CBOR where T.RawValue: SignedInteger {
+        .signedInt(rawInt.rawValue)
+    }
+    
+    static func signedInt<T: RawRepresentable>(_ rawInt: T) -> CBOR where T.RawValue: UnsignedInteger {
+        .unsignedInt(UInt64(rawInt.rawValue))
+    }
+}
+
+extension CBOR {
+    /// Adapted from SwiftCBOR's ``CBOR/encodeMap(_:options:)`` to account for the [CTAP2 canonical CBOR encoding form](https://fidoalliance.org/specs/fido-v2.1-ps-20210615/fido-client-to-authenticator-protocol-v2.1-ps-errata-20220621.html#ctap2-canonical-cbor-encoding-form).
+    static func encodeSortedPairs<Key: CBOREncodable, Value: CBOREncodable>(_ pairs: [(Key, Value)], options: CBOROptions = CBOROptions()) -> [UInt8] {
+        var res: [UInt8] = []
+        res.reserveCapacity(1 + pairs.count * (MemoryLayout<Key>.size + MemoryLayout<Value>.size + 2))
+        res = pairs.count.encode(options: options)
+        res[0] = res[0] | 0b101_00000
+        for (k, v) in pairs {
+            res.append(contentsOf: k.encode(options: options))
+            res.append(contentsOf: v.encode(options: options))
+        }
+        return res
+    }
+}
+
+extension UnsignedInteger {
+    init?(_ cbor: CBOR) {
+        switch cbor {
+        case .unsignedInt(let positiveInt):
+            self = Self(positiveInt)
+        default: return nil
+        }
+    }
+}
+
+extension SignedInteger {
+    init?(_ cbor: CBOR) {
+        switch cbor {
+        case .unsignedInt(let positiveInt): 
+            self = Self(positiveInt)
+        case .negativeInt(let negativeInt):
+            // https://github.com/unrelentingtech/SwiftCBOR#swiftcbor
+            // Negative integers are decoded as NegativeInt(UInt), where the actual number is -1 - i
+            self = -1 - Self(negativeInt)
+        default: return nil
+        }
+    }
+}

Sources/WebAuthn/Ceremonies/Shared/COSE/COSEKey.swift

@@ -12,47 +12,27 @@
 //
 //===----------------------------------------------------------------------===//
 
-import SwiftCBOR
-
-enum COSEKey: Sendable {
+struct COSEKey: RawRepresentable, Sendable {
+    var rawValue: Int
+    
+    init(rawValue: Int) {
+        self.rawValue = rawValue
+    }
+    
     // swiftlint:disable identifier_name
-    case kty
-    case alg
+    static let kty = COSEKey(rawValue: 1)
+    static let alg = COSEKey(rawValue: 3)
 
     // EC2, OKP
-    case crv
-    case x
+    static let crv = COSEKey(rawValue: -1)
+    static let x = COSEKey(rawValue: -2)
 
     // EC2
-    case y
+    static let y = COSEKey(rawValue: -3)
 
     // RSA
-    case n
-    case e
+    static let n = COSEKey(rawValue: -1)
+    static let e = COSEKey(rawValue: -2)
     // swiftlint:enable identifier_name
-
-    var cbor: CBOR {
-        var value: Int
-        switch self {
-        case .kty:
-            value = 1
-        case .alg:
-            value = 3
-        case .crv:
-            value = -1
-        case .x:
-            value = -2
-        case .y:
-            value = -3
-        case .n:
-            value = -1
-        case .e:
-            value = -2
-        }
-        if value < 0 {
-            return .negativeInt(UInt64(abs(-1 - value)))
-        } else {
-            return .unsignedInt(UInt64(value))
-        }
-    }
 }
+

Sources/WebAuthn/Ceremonies/Shared/CredentialPublicKey.swift

@@ -56,21 +56,14 @@ enum CredentialPublicKey: Sendable {
             return
         }
 
-        guard let keyTypeRaw = publicKeyObject[COSEKey.kty.cbor],
-            case let .unsignedInt(keyTypeInt) = keyTypeRaw,
-            let keyType = COSEKeyType(rawValue: keyTypeInt) else {
-            throw WebAuthnError.invalidKeyType
-        }
+        guard let keyType = publicKeyObject[COSEKey.kty].flatMap(UInt64.init).flatMap(COSEKeyType.init(rawValue:))
+        else { throw WebAuthnError.invalidKeyType }
 
-        guard let algorithmRaw = publicKeyObject[COSEKey.alg.cbor],
-            case let .negativeInt(algorithmNegative) = algorithmRaw else {
-            throw WebAuthnError.invalidAlgorithm
-        }
-        // https://github.com/unrelentingtech/SwiftCBOR#swiftcbor
-        // Negative integers are decoded as NegativeInt(UInt), where the actual number is -1 - i
-        guard let algorithm = COSEAlgorithmIdentifier(rawValue: -1 - Int(algorithmNegative)) else {
-            throw WebAuthnError.unsupportedCOSEAlgorithm
-        }
+        guard let algorithmRaw = publicKeyObject[COSEKey.alg].flatMap(Int.init)
+        else { throw WebAuthnError.invalidAlgorithm }
+        
+        guard let algorithm = COSEAlgorithmIdentifier(rawValue: algorithmRaw)
+        else { throw WebAuthnError.unsupportedCOSEAlgorithm }
 
         // Currently we only support elliptic curve algorithms
         switch keyType {
@@ -89,6 +82,14 @@ enum CredentialPublicKey: Sendable {
     func verify(signature: some DataProtocol, data: some DataProtocol) throws {
         try key.verify(signature: signature, data: data)
     }
+    
+    var bytes: [UInt8] {
+        switch self {
+        case .okp(let oKPPublicKey): oKPPublicKey.bytes
+        case .ec2(let eC2PublicKey): eC2PublicKey.bytes
+        case .rsa(let rSAPublicKeyData): rSAPublicKeyData.bytes
+        }
+    }
 }
 
 struct EC2PublicKey: PublicKey, Sendable {
@@ -108,31 +109,72 @@ struct EC2PublicKey: PublicKey, Sendable {
         self.xCoordinate = xCoordinate
         self.yCoordinate = yCoordinate
     }
+    
+    init(_ publicKey: P256.Signing.PublicKey) {
+        self.algorithm = .algES256
+        self.curve = .p256
+        
+        /// Split the key like SwiftCrypto does internally: https://github.com/apple/swift-crypto/blob/606608da0875e3dee07cb37da3b38585420db111/Sources/Crypto/Signatures/ECDSA.swift.gyb#L79
+        let rawRepresentation = publicKey.rawRepresentation
+        let half = rawRepresentation.count/2
+        self.xCoordinate = Array(rawRepresentation.prefix(half))
+        self.yCoordinate = Array(rawRepresentation.suffix(half))
+    }
+    
+    init(_ publicKey: P384.Signing.PublicKey) {
+        self.algorithm = .algES384
+        self.curve = .p384
+        
+        /// Split the key like SwiftCrypto does internally: https://github.com/apple/swift-crypto/blob/606608da0875e3dee07cb37da3b38585420db111/Sources/Crypto/Signatures/ECDSA.swift.gyb#L79
+        let rawRepresentation = publicKey.rawRepresentation
+        let half = rawRepresentation.count/2
+        self.xCoordinate = Array(rawRepresentation.prefix(half))
+        self.yCoordinate = Array(rawRepresentation.suffix(half))
+    }
+    
+    init(_ publicKey: P521.Signing.PublicKey) {
+        self.algorithm = .algES512
+        self.curve = .p521
+        
+        /// Split the key like SwiftCrypto does internally: https://github.com/apple/swift-crypto/blob/606608da0875e3dee07cb37da3b38585420db111/Sources/Crypto/Signatures/ECDSA.swift.gyb#L79
+        let rawRepresentation = publicKey.rawRepresentation
+        let half = rawRepresentation.count/2
+        self.xCoordinate = Array(rawRepresentation.prefix(half))
+        self.yCoordinate = Array(rawRepresentation.suffix(half))
+    }
 
     init(publicKeyObject: CBOR, algorithm: COSEAlgorithmIdentifier) throws {
         self.algorithm = algorithm
 
         // Curve is key -1 - or -0 for SwiftCBOR
         // X Coordinate is key -2, or NegativeInt 1 for SwiftCBOR
         // Y Coordinate is key -3, or NegativeInt 2 for SwiftCBOR
-        guard let curveRaw = publicKeyObject[COSEKey.crv.cbor],
-            case let .unsignedInt(curve) = curveRaw,
-            let coseCurve = COSECurve(rawValue: curve) else {
-            throw WebAuthnError.invalidCurve
-        }
+        guard let coseCurve = publicKeyObject[COSEKey.crv].flatMap(UInt64.init).flatMap(COSECurve.init(rawValue:))
+        else { throw WebAuthnError.invalidCurve }
         self.curve = coseCurve
 
-        guard let xCoordRaw = publicKeyObject[COSEKey.x.cbor],
-              case let .byteString(xCoordinateBytes) = xCoordRaw else {
-            throw WebAuthnError.invalidXCoordinate
-        }
+        guard 
+            let xCoordRaw = publicKeyObject[COSEKey.x],
+            case let .byteString(xCoordinateBytes) = xCoordRaw
+        else { throw WebAuthnError.invalidXCoordinate }
         xCoordinate = xCoordinateBytes
-        guard let yCoordRaw = publicKeyObject[COSEKey.y.cbor],
-              case let .byteString(yCoordinateBytes) = yCoordRaw else {
-            throw WebAuthnError.invalidYCoordinate
-        }
+        
+        guard 
+            let yCoordRaw = publicKeyObject[COSEKey.y],
+            case let .byteString(yCoordinateBytes) = yCoordRaw
+        else { throw WebAuthnError.invalidYCoordinate }
         yCoordinate = yCoordinateBytes
     }
+    
+    var bytes: [UInt8] {
+        CBOR.encodeSortedPairs([
+            (COSEKey.kty, .signedInt(COSEKeyType.ellipticKey)),
+            (COSEKey.alg, .signedInt(algorithm)),
+            (COSEKey.crv, .signedInt(curve)),
+            (COSEKey.x, .byteString(Array(xCoordinate))),
+            (COSEKey.y, .byteString(Array(yCoordinate))),
+        ])
+    }
 
     func verify(signature: some DataProtocol, data: some DataProtocol) throws {
         switch algorithm {
@@ -171,18 +213,27 @@ struct RSAPublicKeyData: PublicKey, Sendable {
     init(publicKeyObject: CBOR, algorithm: COSEAlgorithmIdentifier) throws {
         self.algorithm = algorithm
 
-        guard let nRaw = publicKeyObject[COSEKey.n.cbor],
-              case let .byteString(nBytes) = nRaw else {
-            throw WebAuthnError.invalidModulus
-        }
+        guard 
+            let nRaw = publicKeyObject[COSEKey.n],
+            case let .byteString(nBytes) = nRaw
+        else { throw WebAuthnError.invalidModulus }
         n = nBytes
 
-        guard let eRaw = publicKeyObject[COSEKey.e.cbor],
-              case let .byteString(eBytes) = eRaw else {
-            throw WebAuthnError.invalidExponent
-        }
+        guard 
+            let eRaw = publicKeyObject[COSEKey.e],
+            case let .byteString(eBytes) = eRaw
+        else { throw WebAuthnError.invalidExponent }
         e = eBytes
     }
+    
+    var bytes: [UInt8] {
+        CBOR.encodeSortedPairs([
+            (COSEKey.kty, .signedInt(COSEKeyType.rsaKey)),
+            (COSEKey.alg, .signedInt(algorithm)),
+            (COSEKey.n, .byteString(Array(n))),
+            (COSEKey.e, .byteString(Array(e))),
+        ])
+    }
 
     func verify(signature: some DataProtocol, data: some DataProtocol) throws {
         throw WebAuthnError.unsupported
@@ -228,6 +279,15 @@ struct OKPPublicKey: PublicKey, Sendable {
         }
         xCoordinate = xCoordinateBytes
     }
+    
+    var bytes: [UInt8] {
+        CBOR.encodeSortedPairs([
+            (COSEKey.kty, .signedInt(COSEKeyType.octetKey)),
+            (COSEKey.alg, .signedInt(algorithm)),
+            (COSEKey.crv, .unsignedInt(curve)),
+            (COSEKey.x, .byteString(xCoordinate)),
+        ])
+    }
 
     func verify(signature: some DataProtocol, data: some DataProtocol) throws {
         throw WebAuthnError.unsupported

Tests/WebAuthnTests/Utils/TestModels/TestCredentialPublicKey.swift

@@ -23,23 +23,23 @@ struct TestCredentialPublicKey {
     var yCoordinate: CBOR?
 
     var byteArrayRepresentation: [UInt8] {
-        var value: [CBOR: CBOR] = [:]
+        var value: [(COSEKey, CBOR)] = []
         if let kty {
-            value[COSEKey.kty.cbor] = kty
+            value.append((COSEKey.kty, kty))
         }
         if let alg {
-            value[COSEKey.alg.cbor] = alg
+            value.append((COSEKey.alg, alg))
         }
         if let crv {
-            value[COSEKey.crv.cbor] = crv
+            value.append((COSEKey.crv, crv))
         }
         if let xCoordinate {
-            value[COSEKey.x.cbor] = xCoordinate
+            value.append((COSEKey.x, xCoordinate))
         }
         if let yCoordinate {
-            value[COSEKey.y.cbor] = yCoordinate
+            value.append((COSEKey.y, yCoordinate))
         }
-        return CBOR.map(value).encode()
+        return CBOR.encodeSortedPairs(value)
     }
 }