Update CBOR serialization library

a-sit-plus · Jul 26, 2023 · 4cbb62f · 4cbb62f
1 parent fa0e799
commit 4cbb62f
Show file tree

Hide file tree

Showing 6 changed files with 28 additions and 6 deletions.
diff --git a/kotlinx.serialization b/kotlinx.serialization
diff --git a/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/cbor/CoseService.kt b/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/cbor/CoseService.kt
@@ -46,6 +46,7 @@ class DefaultCoseService(private val cryptoService: CryptoService) : CoseService
         val signatureInput = CoseSignatureInput(
             contextString = "Signature1",
             protectedHeader = ByteStringWrapper(copy),
+            externalAad = byteArrayOf(),
             payload = payload,
         ).serialize()
 
@@ -71,6 +72,7 @@ class DefaultVerifierCoseService(
         val signatureInput = CoseSignatureInput(
             contextString = "Signature1",
             protectedHeader = ByteStringWrapper(coseSigned.protectedHeader.value),
+            externalAad = byteArrayOf(),
             payload = coseSigned.payload,
         ).serialize()
 

diff --git a/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/cbor/CoseSigned.kt b/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/cbor/CoseSigned.kt
@@ -29,9 +29,9 @@ data class CoseSigned(
     @Serializable(with = ByteStringWrapperCoseHeaderSerializer::class)
     @ByteString
     val protectedHeader: ByteStringWrapper<CoseHeader>,
-    val unprotectedHeader: CoseHeader? = null,
+    val unprotectedHeader: CoseHeader?,
     @ByteString
-    val payload: ByteArray? = null,
+    val payload: ByteArray?,
     @ByteString
     val signature: ByteArray,
 ) {
@@ -87,9 +87,9 @@ data class CoseSignatureInput(
     @ByteString
     val protectedHeader: ByteStringWrapper<CoseHeader>,
     @ByteString
-    val externalAad: ByteArray = byteArrayOf(),
+    val externalAad: ByteArray,
     @ByteString
-    val payload: ByteArray? = null,
+    val payload: ByteArray?,
 ){
     fun serialize() = cborSerializer.encodeToByteArray(this)
 

diff --git a/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/iso/cborSerializer.kt b/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/iso/cborSerializer.kt
@@ -10,5 +10,6 @@ val cborSerializer by lazy {
         alwaysUseByteString = true
         encodeDefaults = false
         writeDefiniteLengths = true
+        explicitNulls = true
     }
 }
diff --git a/vclib/src/commonTest/kotlin/at/asitplus/wallet/lib/cbor/CoseServiceTest.kt b/vclib/src/commonTest/kotlin/at/asitplus/wallet/lib/cbor/CoseServiceTest.kt
@@ -42,4 +42,24 @@ class CoseServiceTest : FreeSpec({
         result shouldBe true
     }
 
+    "signed object without payload can be verified" {
+        val signed = coseService.createSignedCose(
+            protectedHeader = CoseHeader(algorithm = CoseAlgorithm.ES256),
+            unprotectedHeader = null,
+            payload = null,
+            addKeyId = true
+        ).getOrThrow()
+        signed.shouldNotBeNull()
+        println(signed.serialize().encodeBase16())
+
+        signed.payload shouldBe null
+        signed.signature.shouldNotBeNull()
+
+        val parsed = CoseSigned.deserialize(signed.serialize())
+        parsed.shouldNotBeNull()
+
+        val result = verifierCoseService.verifyCose(parsed, cryptoService.toCoseKey()).getOrThrow()
+        result shouldBe true
+    }
+
 })
diff --git a/vclib/src/commonTest/kotlin/at/asitplus/wallet/lib/iso/CborSerializationTest.kt b/vclib/src/commonTest/kotlin/at/asitplus/wallet/lib/iso/CborSerializationTest.kt
@@ -159,7 +159,6 @@ class CborSerializationTest : FreeSpec({
         docRequest.readerAuth.shouldNotBeNull()
         docRequest.readerAuth?.unprotectedHeader?.certificateChain?.shouldNotBeNull()
 
-        // TODO only F6 as "null" for readerAuth.payload is missing
         deviceRequest.serialize().encodeBase16().uppercase() shouldBe input
     }