Upgrade fxamacker/cbor to v2.5.0 (#166)

Signed-off-by: qmuntal <qmuntaldiaz@microsoft.com>
veraison · Sep 26, 2023 · 6e436d2 · 6e436d2
1 parent da0f9a6
commit 6e436d2
Show file tree

Hide file tree

Showing 5 changed files with 64 additions and 15 deletions.
diff --git a/cbor.go b/cbor.go
@@ -95,7 +95,7 @@ func deterministicBinaryString(data cbor.RawMessage) (cbor.RawMessage, error) {
  }
 
  // fast path: return immediately if bstr is already deterministic
- if err := decModeWithTagsForbidden.Valid(data); err != nil {
+ if err := decModeWithTagsForbidden.Wellformed(data); err != nil {
  return nil, err
  }
  ai := data[0] & 0x1f

diff --git a/go.mod b/go.mod
@@ -2,7 +2,7 @@ module github.com/veraison/go-cose
 
 go 1.18
 
-require github.com/fxamacker/cbor/v2 v2.4.0
+require github.com/fxamacker/cbor/v2 v2.5.0
 
 require github.com/x448/float16 v0.8.4 // indirect
 

diff --git a/go.sum b/go.sum
@@ -1,4 +1,4 @@
-github.com/fxamacker/cbor/v2 v2.4.0 h1:ri0ArlOR+5XunOP8CRUowT0pSJOwhW098ZCUyskZD88=
-github.com/fxamacker/cbor/v2 v2.4.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo=
+github.com/fxamacker/cbor/v2 v2.5.0 h1:oHsG0V/Q6E/wqTS2O1Cozzsy69nqCiguo5Q1a1ADivE=
+github.com/fxamacker/cbor/v2 v2.5.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo=
 github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
 github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
diff --git a/headers_test.go b/headers_test.go
@@ -2,6 +2,7 @@ package cose
 
 import (
  "errors"
+ "math"
  "reflect"
  "testing"
 )
@@ -34,6 +35,39 @@ func TestProtectedHeader_MarshalCBOR(t *testing.T) {
  },
  },
  {
+ name: "header with MinInt64 alg",
+ h: ProtectedHeader{
+ HeaderLabelAlgorithm: math.MinInt64,
+ },
+ want: []byte{
+ 0x4b, // bstr
+ 0xa1, // map
+ 0x01, 0x3b, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, // alg
+ },
+ },
+ {
+ name: "canonical ordering",
+ h: ProtectedHeader{
+ HeaderLabelAlgorithm: 1,
+ HeaderLabelCritical: []any{HeaderLabelAlgorithm},
+ HeaderLabelContentType: 16,
+ HeaderLabelKeyID: []byte{1, 2, 3},
+ HeaderLabelIV: []byte{1, 2, 3},
+ 0x46: 0x47,
+ 0x66: 0x67,
+ },
+ want: []byte{
+ 0x58, 0x1a, // bstr
+ 0xa7, // map
+ 0x01, 0x01, // alg
+ 0x02, 0x81, 0x01, // crit
+ 0x03, 0x10, // cty
+ 0x04, 0x43, 0x01, 0x02, 0x03, // kid
+ 0x05, 0x43, 0x01, 0x02, 0x03, // iv
+ 0x18, 0x46, 0x18, 0x47, // 0x46: 0x47
+ 0x18, 0x66, 0x18, 0x67, // 0x66: 0x67
+ },
+ }, {
  name: "nil header",
  h: nil,
  want: []byte{0x40},

diff --git a/sign_test.go b/sign_test.go
@@ -654,13 +654,13 @@ func TestSignature_Sign_Internal(t *testing.T) {
  },
  },
  },
- protected: []byte{0x40, 0xa1, 0x00, 0x00},
+ protected: []byte{0x43, 0xa1, 0x00, 0x00},
  payload: []byte("hello world"),
  external: []byte{},
  toBeSigned: []byte{
  0x85, // array type
  0x69, 0x53, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, // context
- 0x40, 0xa1, 0x00, 0x00, // body_protected
+ 0x43, 0xa1, 0x00, 0x00, // body_protected
  0x47, 0xa1, 0x01, 0x3a, 0x6d, 0x6f, 0x63, 0x6a, // sign_protected
  0x40, // external
  0x4b, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x20, 0x77, 0x6f, 0x72, 0x6c, 0x64, // payload
@@ -2222,7 +2222,7 @@ func TestSignature_toBeSigned(t *testing.T) {
  payload []byte
  external []byte
  want []byte
- wantErr bool
+ wantErr string
  }{
  {
  name: "valid signature",
@@ -2233,12 +2233,12 @@ func TestSignature_toBeSigned(t *testing.T) {
  },
  },
  },
- protected: []byte{0x40, 0xa1, 0x00, 0x00},
+ protected: []byte{0x43, 0xa1, 0x00, 0x00},
  payload: []byte("hello world"),
  want: []byte{
  0x85, // array type
  0x69, 0x53, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, // context
- 0x40, 0xa1, 0x00, 0x00, // body_protected
+ 0x43, 0xa1, 0x00, 0x00, // body_protected
  0x47, 0xa1, 0x01, 0x3a, 0x6d, 0x6f, 0x63, 0x6a, // sign_protected
  0x40, // external
  0x4b, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x20, 0x77, 0x6f, 0x72, 0x6c, 0x64, // payload
@@ -2255,7 +2255,20 @@ func TestSignature_toBeSigned(t *testing.T) {
  },
  protected: []byte{0x00},
  payload: []byte{},
- wantErr: true,
+ wantErr: "cbor: require bstr type",
+ },
+ {
+ name: "extraneous protected data",
+ s: &Signature{
+ Headers: Headers{
+ Protected: ProtectedHeader{
+ HeaderLabelAlgorithm: algorithmMock,
+ },
+ },
+ },
+ protected: []byte{0x40, 0xa1, 0x00, 0x00},
+ payload: []byte("hello world"),
+ wantErr: "cbor: 3 bytes of extraneous data starting at index 1",
  },
  {
  name: "invalid sign protected header",
@@ -2268,7 +2281,7 @@ func TestSignature_toBeSigned(t *testing.T) {
  },
  protected: []byte{0x40},
  payload: []byte{},
- wantErr: true,
+ wantErr: "protected header: header label: require int / tstr type",
  },
  {
  name: "invalid raw sign protected header",
@@ -2279,15 +2292,17 @@ func TestSignature_toBeSigned(t *testing.T) {
  },
  protected: []byte{0x40},
  payload: []byte{},
- wantErr: true,
+ wantErr: "cbor: require bstr type",
  },
  }
  for _, tt := range tests {
  t.Run(tt.name, func(t *testing.T) {
  got, err := tt.s.toBeSigned(tt.protected, tt.payload, tt.external)
- if (err != nil) != tt.wantErr {
- t.Errorf("Signature.toBeSigned() error = %v, wantErr %v", err, tt.wantErr)
- return
+ if err != nil && (err.Error() != tt.wantErr) {
+ t.Fatalf("Signature.toBeSigned() error = %v, wantErr %v", err, tt.wantErr)
+ }
+ if err == nil && (tt.wantErr != "") {
+ t.Fatalf("Signature.toBeSigned() error = %v, wantErr %v", err, tt.wantErr)
  }
  if !reflect.DeepEqual(got, tt.want) {
  t.Errorf("Signature.toBeSigned() = %v, want %v", got, tt.want)