From 84c2042d647813bd6c13ec53db97b4f0dc803709 Mon Sep 17 00:00:00 2001 From: oleggrib Date: Wed, 24 Aug 2022 12:15:22 +0300 Subject: [PATCH] =?UTF-8?q?fix:=20=F0=9F=90=9B=20asn=5Fdecoding=20fix(patc?= =?UTF-8?q?h),=20attestation=20timestamp=20check=20(#273)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Added patch to fix ASN1_schema bug for Integers, added Attestation validate timestamp --- src/main/javascript/crypto/package.json | 6 +++-- .../patches/@peculiar+asn1-schema+2.1.9.patch | 26 +++++++++++++++++++ .../asn1/shemas/AuthenticationFramework.ts | 13 ++-------- .../javascript/crypto/src/libs/Attestation.ts | 15 ++++++----- 4 files changed, 41 insertions(+), 19 deletions(-) create mode 100644 src/main/javascript/crypto/patches/@peculiar+asn1-schema+2.1.9.patch diff --git a/src/main/javascript/crypto/package.json b/src/main/javascript/crypto/package.json index 1fdd1ccd..c2d8c3e0 100644 --- a/src/main/javascript/crypto/package.json +++ b/src/main/javascript/crypto/package.json @@ -12,7 +12,8 @@ "clean": "rm -R dist", "watch": "webpack --watch --progress", "testjest": "jest", - "prepublishOnly": "npm run clean && npm run build" + "prepublishOnly": "npm run clean && npm run build", + "postinstall": "patch-package" }, "repository": { "type": "git", @@ -50,11 +51,12 @@ "crypto": false }, "dependencies": { - "@peculiar/asn1-schema": "^2.1.6", + "@peculiar/asn1-schema": "^2.1.9", "elliptic": "^6.5.3", "ethers": "^5.0.31", "js-sha3": "^0.8.0", "jsonwebtoken": "^8.5.1", + "patch-package": "^6.4.7", "secure-random": "^1.1.2", "string.prototype.matchall": "^4.0.4", "url": "^0.11.0" diff --git a/src/main/javascript/crypto/patches/@peculiar+asn1-schema+2.1.9.patch b/src/main/javascript/crypto/patches/@peculiar+asn1-schema+2.1.9.patch new file mode 100644 index 00000000..97fa1e62 --- /dev/null +++ b/src/main/javascript/crypto/patches/@peculiar+asn1-schema+2.1.9.patch @@ -0,0 +1,26 @@ +diff --git a/node_modules/@peculiar/asn1-schema/build/cjs/converters.js b/node_modules/@peculiar/asn1-schema/build/cjs/converters.js +index 8e6f1ae..53ac31d 100644 +--- a/node_modules/@peculiar/asn1-schema/build/cjs/converters.js ++++ b/node_modules/@peculiar/asn1-schema/build/cjs/converters.js +@@ -17,7 +17,7 @@ exports.AsnAnyConverter = { + }, + }; + exports.AsnIntegerConverter = { +- fromASN: (value) => value.valueBlock.valueHex.byteLength > 4 ++ fromASN: (value) => value.valueBlock.valueHex.byteLength >= 4 + ? value.valueBlock.toString() + : value.valueBlock.valueDec, + toASN: (value) => new asn1.Integer({ value: value }), +diff --git a/node_modules/@peculiar/asn1-schema/build/es2015/converters.js b/node_modules/@peculiar/asn1-schema/build/es2015/converters.js +index ac78302..7d15bbc 100644 +--- a/node_modules/@peculiar/asn1-schema/build/es2015/converters.js ++++ b/node_modules/@peculiar/asn1-schema/build/es2015/converters.js +@@ -14,7 +14,7 @@ export const AsnAnyConverter = { + }, + }; + export const AsnIntegerConverter = { +- fromASN: (value) => value.valueBlock.valueHex.byteLength > 4 ++ fromASN: (value) => value.valueBlock.valueHex.byteLength >= 4 + ? value.valueBlock.toString() + : value.valueBlock.valueDec, + toASN: (value) => new asn1.Integer({ value: value }), diff --git a/src/main/javascript/crypto/src/asn1/shemas/AuthenticationFramework.ts b/src/main/javascript/crypto/src/asn1/shemas/AuthenticationFramework.ts index 6af78413..5e1736b2 100644 --- a/src/main/javascript/crypto/src/asn1/shemas/AuthenticationFramework.ts +++ b/src/main/javascript/crypto/src/asn1/shemas/AuthenticationFramework.ts @@ -1,5 +1,4 @@ import {AsnProp, AsnPropTypes, AsnType, AsnTypeTypes} from "@peculiar/asn1-schema"; -// import {Null} from "asn1js"; export class AlgorithmIdentifierASN { // @AsnProp({ type: AsnPropTypes.ObjectIdentifier }) public algorithm: AsnPropTypes.ObjectIdentifier;// OBJECT IDENTIFIER, @@ -11,14 +10,6 @@ export class Version { @AsnProp({ type: AsnPropTypes.Integer }) public version: number = 0;// Version ::= INTEGER { v1(0), v2(1), v3(2) } } -// export class CertificateSerialNumber { -// @AsnProp({ type: AsnPropTypes.Integer }) public version: number = 0; -// } - -// export class Time { -// @AsnProp({ type: AsnPropTypes.GeneralizedTime }) public generalizedTime: AsnPropTypes.GeneralizedTime; -// } - @AsnType({ type: AsnTypeTypes.Choice }) class Time { @AsnProp({ type: AsnPropTypes.UTCTime}) @@ -29,9 +20,9 @@ class Time { export class ValidityValue { @AsnProp({ type: Time }) public notBefore: Time; - @AsnProp({ type: AsnPropTypes.Integer, optional: true }) public notBeforeInt?: number; + @AsnProp({ type: AsnPropTypes.Integer, optional: true }) public notBeforeInt?: number|string; @AsnProp({ type: Time }) public notAfter: Time; - @AsnProp({ type: AsnPropTypes.Integer, optional: true }) public notAfterInt?: number; + @AsnProp({ type: AsnPropTypes.Integer, optional: true }) public notAfterInt?: number|string; } @AsnType({ type: AsnTypeTypes.Choice }) diff --git a/src/main/javascript/crypto/src/libs/Attestation.ts b/src/main/javascript/crypto/src/libs/Attestation.ts index 9228d085..9f2518e0 100644 --- a/src/main/javascript/crypto/src/libs/Attestation.ts +++ b/src/main/javascript/crypto/src/libs/Attestation.ts @@ -64,13 +64,16 @@ export class Attestation { if (decodedAttestationObj.validity){ me.notValidBefore = decodedAttestationObj.validity.notBefore.generalizedTime.getTime(); me.notValidAfter = decodedAttestationObj.validity.notAfter.generalizedTime.getTime(); + // TODO validate time when it will be updated in Java code - // if ( - // (decodedAttestationObj.validity.notAfterInt && (decodedAttestationObj.validity.notAfterInt != Math.floor( me.notValidAfter / 1000 ) )) || - // (decodedAttestationObj.validity.notBeforeInt && (decodedAttestationObj.validity.notBeforeInt != Math.floor( me.notValidBefore / 1000 ) )) - // ) { - // throw new Error("Date doesnt fit"); - // } + if ( + (decodedAttestationObj.validity.notAfterInt + && Number(decodedAttestationObj.validity.notAfterInt) != Math.floor( me.notValidAfter / 1000 )) || + (decodedAttestationObj.validity.notBeforeInt + && Number(decodedAttestationObj.validity.notBeforeInt) != Math.floor( me.notValidBefore / 1000 )) + ) { + throw new Error("Date doesnt fit"); + } if (typeof decodedAttestationObj.validity.notBeforeInt === 'undefined' || typeof decodedAttestationObj.validity.notAfterInt === 'undefined') { this.blockchainFriendly = false; } else {