tagged cbor type

alex-richards · Jul 20, 2024 · 976c14d · 976c14d
1 parent cd66f40
commit 976c14d
Show file tree

Hide file tree

Showing 12 changed files with 225 additions and 82 deletions.
diff --git a/authentication.go b/authentication.go
@@ -7,9 +7,6 @@ import (
 	"github.com/veraison/go-cose"
 )
 
-type EDeviceKeyBytes TaggedEncodedCBOR
-type EReaderKeyBytes TaggedEncodedCBOR
-
 type ReaderAuth cose.UntaggedSign1Message
 
 func (ra *ReaderAuth) MarshalCBOR() ([]byte, error) {
@@ -24,7 +21,7 @@ type ReaderAuthentication struct {
 	_                    struct{} `cbor:",toarray"`
 	ReaderAuthentication string
 	SessionTranscript    SessionTranscript
-	ItemsRequestBytes    ItemsRequestBytes
+	ItemsRequestBytes    TaggedEncodedCBOR
 }
 
 type IssuerAuth cose.UntaggedSign1Message
@@ -41,19 +38,29 @@ type DeviceAuth struct {
 	// DeviceMAC DeviceMAC
 }
 
-func (ia *IssuerAuth) MobileSecurityObjectBytes() MobileSecurityObjectBytes {
-	return ia.Payload
+func (ia *IssuerAuth) MobileSecurityObjectBytes() (*TaggedEncodedCBOR, error) {
+	mobileSecurityObjectBytes := new(TaggedEncodedCBOR)
+	err := cbor.Unmarshal(ia.Payload, mobileSecurityObjectBytes)
+	if err != nil {
+		return nil, err
+	}
+
+	return mobileSecurityObjectBytes, nil
 }
 
 func (ia *IssuerAuth) MobileSecurityObject() (*MobileSecurityObject, error) {
-	var mobileSecurityObjectBytes MobileSecurityObjectBytes
-	err := cbor.Unmarshal(ia.Payload, &mobileSecurityObjectBytes)
+	mobileSecurityObjectBytes, err := ia.MobileSecurityObjectBytes()
+	if err != nil {
+		return nil, err
+	}
+
+	mobileSecurityObjectBytesUntagged, err := mobileSecurityObjectBytes.UntaggedValue()
 	if err != nil {
 		return nil, err
 	}
 
 	mobileSecurityObject := new(MobileSecurityObject)
-	err = cbor.Unmarshal(mobileSecurityObjectBytes, mobileSecurityObject)
+	err = cbor.Unmarshal(mobileSecurityObjectBytesUntagged, mobileSecurityObject)
 	if err != nil {
 		return nil, err
 	}
@@ -72,8 +79,6 @@ func (ds *DeviceSignature) UnmarshalCBOR(data []byte) error {
 
 // type DeviceMAC cose.Mac0Message
 
-type MobileSecurityObjectBytes TaggedEncodedCBOR
-
 type MobileSecurityObject struct {
 	Version         string          `cbor:"version"`
 	DigestAlgorithm DigestAlgorithm `cbor:"digestAlgorithm"`

diff --git a/cbor.go b/cbor.go
@@ -1,15 +1,19 @@
 package mdoc
 
 import (
+	"errors"
 	"reflect"
 
 	"github.com/fxamacker/cbor/v2"
 )
 
 const TagEncodedCBOR = 24
 
-type TaggedEncodedCBOR []byte
-type taggedEncodedCBOR []byte
+type bstr []byte
+type TaggedEncodedCBOR struct {
+	taggedValue   bstr
+	untaggedValue bstr
+}
 
 var (
 	encodeModeTaggedEncodedCBOR cbor.EncMode
@@ -20,7 +24,7 @@ func init() {
 	ts := cbor.NewTagSet()
 	ts.Add(
 		cbor.TagOptions{DecTag: cbor.DecTagRequired, EncTag: cbor.EncTagRequired},
-		reflect.TypeOf(taggedEncodedCBOR{}),
+		reflect.TypeOf(bstr{}),
 		TagEncodedCBOR,
 	)
 
@@ -37,10 +41,61 @@ func init() {
 	}
 }
 
-func (ec *TaggedEncodedCBOR) MarshalCBOR() ([]byte, error) {
-	return encodeModeTaggedEncodedCBOR.Marshal((*taggedEncodedCBOR)(ec))
+func (tec *TaggedEncodedCBOR) TaggedValue() ([]byte, error) {
+	if tec.taggedValue != nil {
+		return tec.taggedValue, nil
+	}
+
+	if tec.untaggedValue != nil {
+		return encodeModeTaggedEncodedCBOR.Marshal(tec.untaggedValue)
+	}
+
+	return nil, errors.New("TODO - TaggedValue - empty")
 }
 
-func (ec *TaggedEncodedCBOR) UnmarshalCBOR(data []byte) error {
-	return decodeModeTaggedEncodedCBOR.Unmarshal(data, (*taggedEncodedCBOR)(ec))
+func (tec *TaggedEncodedCBOR) UntaggedValue() ([]byte, error) {
+	if tec.untaggedValue != nil {
+		return tec.untaggedValue, nil
+	}
+
+	if tec.taggedValue != nil {
+		var untaggedValue []byte
+		if err := decodeModeTaggedEncodedCBOR.Unmarshal(tec.taggedValue, untaggedValue); err != nil {
+			return nil, err
+		}
+
+		return untaggedValue, nil
+	}
+
+	return nil, errors.New("TODO - UntaggedValue - empty")
+}
+
+func (tec *TaggedEncodedCBOR) MarshalCBOR() ([]byte, error) {
+	return tec.TaggedValue()
+}
+
+func (tec *TaggedEncodedCBOR) UnmarshalCBOR(taggedValue []byte) error {
+	var untaggedValue []byte
+	err := decodeModeTaggedEncodedCBOR.Unmarshal(taggedValue, &untaggedValue)
+	if err != nil {
+		return err
+	}
+
+	tec.taggedValue = taggedValue
+	tec.untaggedValue = untaggedValue
+	return nil
+}
+
+func NewTaggedEncodedCBOR(untaggedValue []byte) (*TaggedEncodedCBOR, error) {
+	taggedEncodedCBOR := TaggedEncodedCBOR{
+		untaggedValue: untaggedValue,
+	}
+
+	var err error
+	taggedEncodedCBOR.taggedValue, err = taggedEncodedCBOR.TaggedValue()
+	if err != nil {
+		return nil, err
+	}
+
+	return &taggedEncodedCBOR, nil
 }
diff --git a/cbor_test.go b/cbor_test.go
@@ -25,26 +25,30 @@ func TestEncodedCBORTagged(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	errUntagged := cbor.Unmarshal(testStructBytes, TaggedEncodedCBOR{})
+	errUntagged := cbor.Unmarshal(testStructBytes, &TaggedEncodedCBOR{})
 	if errUntagged == nil {
 		t.Fatal()
 	}
 
-	testStructBytesTagged, err := cbor.Marshal((TaggedEncodedCBOR)(testStructBytes))
+	taggedEncodedCBOR, err := NewTaggedEncodedCBOR(testStructBytes)
 	if err != nil {
 		t.Fatal(err)
 	}
-	if bytes.Equal(testStructBytesTagged[0:1], []byte{0xd8, TagEncodedCBOR}) {
+
+	testStructBytesTagged, err := cbor.Marshal(taggedEncodedCBOR)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !bytes.Equal(testStructBytesTagged[0:2], []byte{0xd8, TagEncodedCBOR}) {
 		t.Fatal(hex.EncodeToString(testStructBytesTagged))
 	}
 
-	testStructBytesUntagged := make([]byte, 0)
-	err = cbor.Unmarshal(testStructBytesTagged, (*TaggedEncodedCBOR)(&testStructBytesUntagged))
-	if err != nil {
+	var taggedEncodedCBORUnmarshalled TaggedEncodedCBOR
+	if err = cbor.Unmarshal(testStructBytesTagged, &taggedEncodedCBORUnmarshalled); err != nil {
 		t.Fatal(err)
 	}
 
-	if diff := cmp.Diff(testStructBytes, testStructBytesUntagged); diff != "" {
+	if diff := cmp.Diff(testStructBytes, []byte(taggedEncodedCBORUnmarshalled.untaggedValue)); diff != "" {
 		t.Fatal(diff)
 	}
 }
diff --git a/device_engagement.go b/device_engagement.go
@@ -8,7 +8,6 @@ import (
 	"github.com/veraison/go-cose"
 )
 
-type DeviceEngagementBytes TaggedEncodedCBOR
 type DeviceEngagement struct {
 	Version                string                  `cbor:"0,keyasint"`
 	Security               Security                `cbor:"1,keyasint"`
@@ -31,10 +30,16 @@ func NewDeviceEngagement(eDeviceKey *cose.Key) (*DeviceEngagement, error) {
 }
 
 func (de *DeviceEngagement) EDeviceKey() (*cose.Key, error) {
+	eDeviceKeyBytesUntagged, err := de.Security.EDeviceKeyBytes.UntaggedValue()
+	if err != nil {
+		return nil, err
+	}
+
 	eDeviceKey := new(cose.Key)
-	if err := cbor.Unmarshal(de.Security.EDeviceKeyBytes, eDeviceKey); err != nil {
+	if err := cbor.Unmarshal(eDeviceKeyBytesUntagged, eDeviceKey); err != nil {
 		return nil, err
 	}
+
 	return eDeviceKey, nil
 }
 
@@ -45,14 +50,19 @@ type Security struct {
 }
 
 func newSecurity(eDeviceKey *cose.Key) (*Security, error) {
-	eDeviceKeyBytes, err := cbor.Marshal(eDeviceKey)
+	eDeviceKeyBytesUntagged, err := cbor.Marshal(eDeviceKey)
+	if err != nil {
+		return nil, err
+	}
+
+	eDeviceKeyBytes, err := NewTaggedEncodedCBOR(eDeviceKeyBytesUntagged)
 	if err != nil {
 		return nil, err
 	}
 
 	return &Security{
 		CipherSuiteIdentifier: 1,
-		EDeviceKeyBytes:       eDeviceKeyBytes,
+		EDeviceKeyBytes:       *eDeviceKeyBytes,
 	}, nil
 }
 

diff --git a/device_engagement_test.go b/device_engagement_test.go
@@ -1,6 +1,7 @@
 package mdoc
 
 import (
+	"reflect"
 	"testing"
 
 	"github.com/fxamacker/cbor/v2"
@@ -20,12 +21,18 @@ func TestNewDeviceEngagement(t *testing.T) {
 }
 
 func TestDeviceEngagementCBORRoundTrip(t *testing.T) {
+	eDeviceKeyBytes, err := NewTaggedEncodedCBOR([]byte{1, 2, 3, 4})
+	if err != nil {
+		t.Fatal(err)
+	}
+
 	peripheralServerUUID := uuid.New()
+
 	deviceEngagement := &DeviceEngagement{
 		Version: "1.0",
 		Security: Security{
 			CipherSuiteIdentifier: 1,
-			EDeviceKeyBytes:       []byte{1, 2, 3, 4},
+			EDeviceKeyBytes:       *eDeviceKeyBytes,
 		},
 		DeviceRetrievalMethods: []DeviceRetrievalMethod{
 			{
@@ -52,17 +59,28 @@ func TestDeviceEngagementCBORRoundTrip(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	if diff := cmp.Diff(deviceEngagement, deviceEngagementUnmarshalled); diff != "" {
+	if diff := cmp.Diff(
+		deviceEngagement,
+		deviceEngagementUnmarshalled,
+		cmp.FilterPath(func(p cmp.Path) bool {
+			return p.Last().Type() == reflect.TypeOf(TaggedEncodedCBOR{})
+		}, cmp.Ignore()),
+	); diff != "" {
 		t.Fatal(diff)
 	}
 }
 
 func TestDeviceEngagementUnknownMethod(t *testing.T) {
-	deviceEngagement := &DeviceEngagement{
+	eDeviceKeyBytes, err := NewTaggedEncodedCBOR([]byte{1, 2, 3, 4})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	deviceEngagement := DeviceEngagement{
 		Version: "1.0",
 		Security: Security{
 			CipherSuiteIdentifier: 1,
-			EDeviceKeyBytes:       []byte{1, 2, 3, 4},
+			EDeviceKeyBytes:       *eDeviceKeyBytes,
 		},
 		DeviceRetrievalMethods: []DeviceRetrievalMethod{
 			{
@@ -72,15 +90,14 @@ func TestDeviceEngagementUnknownMethod(t *testing.T) {
 		},
 	}
 
-	deviceEngagementBytes, err := cbor.Marshal(deviceEngagement)
+	deviceEngagementBytes, err := cbor.Marshal(&deviceEngagement)
 	if err != nil {
 		t.Fatal(err)
 	}
 
-	deviceEngagementUnmarshalled := new(DeviceEngagement)
-	err = cbor.Unmarshal(deviceEngagementBytes, deviceEngagementUnmarshalled)
-	if err == nil {
-		t.Fatal()
+	var deviceEngagementUnmarshalled DeviceEngagement
+	if err = cbor.Unmarshal(deviceEngagementBytes, &deviceEngagementUnmarshalled); err == nil {
+		t.Fatal("expected error")
 	}
 
 	errUnreccognisedReterevalMethod := err.(*ErrorUnreccognisedReterevalMethod)

diff --git a/device_request.go b/device_request.go
@@ -15,20 +15,24 @@ func NewDeviceRequest(docRequests []DocRequest) *DeviceRequest {
 }
 
 type DocRequest struct {
-	ItemsRequestBytes ItemsRequestBytes `cbor:"itemsRequest"`
+	ItemsRequestBytes TaggedEncodedCBOR `cbor:"itemsRequest"`
 	ReaderAuth        ReaderAuth        `cbor:"readerAuth"`
 }
 
 func (dr *DocRequest) ItemsRequest() (*ItemsRequest, error) {
-	itemsRequest := new(ItemsRequest)
-	err := cbor.Unmarshal(dr.ItemsRequestBytes, itemsRequest)
+	itemsRequestBytesUntagged, err := dr.ItemsRequestBytes.UntaggedValue()
 	if err != nil {
 		return nil, err
 	}
+
+	itemsRequest := new(ItemsRequest)
+	if err := cbor.Unmarshal(itemsRequestBytesUntagged, itemsRequest); err != nil {
+		return nil, err
+	}
+
 	return itemsRequest, nil
 }
 
-type ItemsRequestBytes TaggedEncodedCBOR
 type ItemsRequest struct {
 	DocType     DocType        `cbor:"docType"`
 	NameSpaces  NameSpaces     `cbor:"nameSpaces"`