From 222041cfc6fe2225fad603c1f4cde4fd811d153b Mon Sep 17 00:00:00 2001 From: popeeyy <29686338+popeeyy@users.noreply.github.com> Date: Mon, 18 Dec 2023 15:49:35 -0700 Subject: [PATCH 1/7] Update certUtils.js --- lib/certUtils.js | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/lib/certUtils.js b/lib/certUtils.js index 6639bb12..cf23db76 100644 --- a/lib/certUtils.js +++ b/lib/certUtils.js @@ -8,10 +8,14 @@ class Certificate { cert = cert.replace(/\r/g, ""); } + const decoded = Buffer.from(cert, "base64").toString() + if (isPem(cert)) { cert = pemToBase64(cert); + } else if (isPem(decoded)) { + cert = pemToBase64(decoded); } - + // Clean up certificate if (typeof cert === "string" || cert instanceof String) { cert = cert.replace(/\n/g, ""); From 84dc9fac2290acd8328b6236a63ba89c6c4310b7 Mon Sep 17 00:00:00 2001 From: popeeyy <29686338+popeeyy@users.noreply.github.com> Date: Mon, 18 Dec 2023 15:53:00 -0700 Subject: [PATCH 2/7] Pass testing --- lib/certUtils.js | 8 ++++---- package-lock.json | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/certUtils.js b/lib/certUtils.js index cf23db76..d5b9fb2e 100644 --- a/lib/certUtils.js +++ b/lib/certUtils.js @@ -2,17 +2,17 @@ import { ab2str, coerceToArrayBuffer, isPem, pemToBase64, tools } from "./utils. class Certificate { constructor(cert) { - + let decoded; + // Clean up base64 string if (typeof cert === "string" || cert instanceof String) { cert = cert.replace(/\r/g, ""); + decoded = Buffer.from(cert, "base64").toString(); } - const decoded = Buffer.from(cert, "base64").toString() - if (isPem(cert)) { cert = pemToBase64(cert); - } else if (isPem(decoded)) { + } else if (decoded && isPem(decoded)) { cert = pemToBase64(decoded); } diff --git a/package-lock.json b/package-lock.json index fbfd35e7..34971a8b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "fido2-lib", - "version": "3.4.1", + "version": "3.4.3", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "fido2-lib", - "version": "3.4.1", + "version": "3.4.3", "license": "MIT", "dependencies": { "@hexagon/base64": "~1.1.26", From d6605ffb534dcb05942844c6fe26f4bd6f223d70 Mon Sep 17 00:00:00 2001 From: popeeyy <29686338+popeeyy@users.noreply.github.com> Date: Mon, 18 Dec 2023 15:59:42 -0700 Subject: [PATCH 3/7] Add trim --- lib/certUtils.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/certUtils.js b/lib/certUtils.js index d5b9fb2e..50ae424d 100644 --- a/lib/certUtils.js +++ b/lib/certUtils.js @@ -6,7 +6,7 @@ class Certificate { // Clean up base64 string if (typeof cert === "string" || cert instanceof String) { - cert = cert.replace(/\r/g, ""); + cert = cert.replace(/\r/g, "").trim(); decoded = Buffer.from(cert, "base64").toString(); } From d847572126f36695eaf4e64c1ff2cd39d8c6d6f9 Mon Sep 17 00:00:00 2001 From: popeeyy <29686338+popeeyy@users.noreply.github.com> Date: Mon, 18 Dec 2023 16:19:49 -0700 Subject: [PATCH 4/7] Deno support --- lib/certUtils.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/certUtils.js b/lib/certUtils.js index 50ae424d..a8b602fd 100644 --- a/lib/certUtils.js +++ b/lib/certUtils.js @@ -7,7 +7,7 @@ class Certificate { // Clean up base64 string if (typeof cert === "string" || cert instanceof String) { cert = cert.replace(/\r/g, "").trim(); - decoded = Buffer.from(cert, "base64").toString(); + decoded = ab2str(coerceToArrayBuffer(cert, "certificate")); } if (isPem(cert)) { From 4c68f46bb0e4b7717cb89a4e78c3150af95bde6b Mon Sep 17 00:00:00 2001 From: popeeyy <29686338+popeeyy@users.noreply.github.com> Date: Wed, 20 Dec 2023 12:13:25 -0700 Subject: [PATCH 5/7] Revert package-lock.json --- package-lock.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package-lock.json b/package-lock.json index 34971a8b..fbfd35e7 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "fido2-lib", - "version": "3.4.3", + "version": "3.4.1", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "fido2-lib", - "version": "3.4.3", + "version": "3.4.1", "license": "MIT", "dependencies": { "@hexagon/base64": "~1.1.26", From e66a5d98c1eeaf75d5d08887ac9421a9c9535b1c Mon Sep 17 00:00:00 2001 From: popeeyy <29686338+popeeyy@users.noreply.github.com> Date: Wed, 20 Dec 2023 12:13:41 -0700 Subject: [PATCH 6/7] Bump version --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 22feb223..e03f21a2 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "fido2-lib", - "version": "3.4.3", + "version": "3.4.4", "description": "A library for performing FIDO 2.0 / WebAuthn functionality", "type": "module", "main": "dist/main.cjs", From 193edd035d2dbc65c1653a8458b65b4a150bba7e Mon Sep 17 00:00:00 2001 From: popeeyy <29686338+popeeyy@users.noreply.github.com> Date: Thu, 21 Dec 2023 15:09:35 -0700 Subject: [PATCH 7/7] Add tests --- test/certUtils.test.js | 6 ++++++ test/helpers/fido2-helpers.js | 3 +++ 2 files changed, 9 insertions(+) diff --git a/test/certUtils.test.js b/test/certUtils.test.js index 0209a7ff..dae0fdc9 100644 --- a/test/certUtils.test.js +++ b/test/certUtils.test.js @@ -29,6 +29,12 @@ describe("cert utils", function() { assert.isObject(cert._cert); }); + it("can decode base64 encoded cert", function() { + const cert = new Certificate(h.certs.truUCert); + assert.instanceOf(cert, Certificate); + assert.isObject(cert._cert); + }); + it("throws if no arg to constructor", function() { assert.throws(() => { new Certificate(); diff --git a/test/helpers/fido2-helpers.js b/test/helpers/fido2-helpers.js index 1b6e13da..0e4b358e 100644 --- a/test/helpers/fido2-helpers.js +++ b/test/helpers/fido2-helpers.js @@ -3782,11 +3782,14 @@ const tpmAttestation = new Uint8Array([ 0x3D, ]).buffer; +const truUCert = "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNTekNDQWZLZ0F3SUJBZ0lVVzNYSzh5eXdiQVdsaWdsaXhJRjYzZHZxWXk4d0NnWUlLb1pJemowRUF3SXcKZkRFTE1Ba0dBMVVFQmhNQ1ZWTXhFVEFQQmdOVkJBZ01DRU52Ykc5eVlXUnZNUTh3RFFZRFZRUUhEQVpFWlc1MgpaWEl4RXpBUkJnTlZCQW9NQ2xSeWRWVXNJRWx1WXk0eElqQWdCZ05WQkFzTUdVRjFkR2hsYm5ScFkyRjBiM0lnClFYUjBaWE4wWVhScGIyNHhFREFPQmdOVkJBTU1CM1J5ZFhVdVlXa3dJQmNOTWpNeE1UQXpNakF6TmpVeFdoZ1AKTWpBMU16RXdNall5TURNMk5URmFNSHd4Q3pBSkJnTlZCQVlUQWxWVE1SRXdEd1lEVlFRSURBaERiMnh2Y21GawpiekVQTUEwR0ExVUVCd3dHUkdWdWRtVnlNUk13RVFZRFZRUUtEQXBVY25WVkxDQkpibU11TVNJd0lBWURWUVFMCkRCbEJkWFJvWlc1MGFXTmhkRzl5SUVGMGRHVnpkR0YwYVc5dU1SQXdEZ1lEVlFRRERBZDBjblYxTG1GcE1Ga3cKRXdZSEtvWkl6ajBDQVFZSUtvWkl6ajBEQVFjRFFnQUVOQXZidGNjTXI3ai9TUldtcUlFWlRSV05KeWo2bXNZcgo1bEdlQWdkU0d5QzlPMDM1NlJJZWN1YVZpT3F6MER4Z1MxZi81S1BiWnAxdDB5RDJmVlJYOTZOUU1FNHdIUVlEClZSME9CQllFRkE1dEwxMGc4OHQycVhsUGxoSVNJMmRJemxhVk1COEdBMVVkSXdRWU1CYUFGQTV0TDEwZzg4dDIKcVhsUGxoSVNJMmRJemxhVk1Bd0dBMVVkRXdFQi93UUNNQUF3Q2dZSUtvWkl6ajBFQXdJRFJ3QXdSQUlnWGZ1dgpqc3ArNHY1aUdPcW5nVWdPZzFobWJnRlBGTWdJanlXeENLcXcvZDhDSUZpbUxOWExESXdBK29JYlAxeU9mcUU4CnhrNnE3LzRMV09WWWtSQUxvQkMyCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0="; + const certs = { yubiKeyAttestation, yubicoRoot, feitianFido2, tpmAttestation, + truUCert, }; /** ******************************************************************************