Merge

CHANGELOG.md

@@ -1,3 +1,28 @@
+## [1.1.10]
+- return kid in CoseResult
+- Fixed CoseLogger
+
+## [1.1.9]
+- update depdencies
+
+## [1.1.8b]
+- formatting
+
+## [1.1.8]
+- Added uk signature validation
+
+## [1.1.7]
+- update depdencies
+
+## [1.1.6]
+- update depdencies
+
+## [1.1.5]
+- update depdencies
+
+## [1.1.4]
+- update depdencies
+
 ## [1.1.3]
 - return certificate use to verify signature
 

lib/src/cose.dart

@@ -29,46 +29,23 @@ class Cose {
     inst.decodeFromList(cose);
     List<dynamic>? data = inst.getDecodedData();
 
-    if (null == data) {
-      return CoseResult(
-          payload: {},
-          verified: false,
-          errorCode: CoseErrorCode.cbor_decoding_error,
-          certificate: null,
-          publicKey: null);
-    }
-
-    if (data.isEmpty) {
-      return CoseResult(
-          payload: {},
-          verified: false,
-          errorCode: CoseErrorCode.cbor_decoding_error,
-          certificate: null,
-          publicKey: null);
+    //check if the data is not there
+    if ((null == data) || (data.isEmpty)) {
+      return CoseResult.withErrorCode(CoseErrorCode.cbor_decoding_error);
     }
 
     // take the first element
     final element = data.first;
 
     // check if it is of type List
     if (!(element is List)) {
-      return CoseResult(
-          payload: {},
-          verified: false,
-          errorCode: CoseErrorCode.unsupported_format,
-          certificate: null,
-          publicKey: null);
+      return CoseResult.withErrorCode(CoseErrorCode.unsupported_format);
     }
 
     List items = element;
     // check if it has exactly 4 items
     if (items.length != _CBOR_DATA_LENGTH) {
-      return CoseResult(
-          payload: {},
-          verified: false,
-          errorCode: CoseErrorCode.invalid_format,
-          certificate: null,
-          publicKey: null);
+      return CoseResult.withErrorCode(CoseErrorCode.invalid_format);
     }
 
     // extract the useful information.
@@ -84,69 +61,53 @@ class Cose {
     var header = <dynamic, dynamic>{};
     if (headerList != null) {
       if (!(headerList is List)) {
-        return CoseResult(
-            payload: {},
-            verified: false,
-            errorCode: CoseErrorCode.unsupported_header_format,
-            certificate: null,
-            publicKey: null);
+        return CoseResult.withErrorCode(
+            CoseErrorCode.unsupported_header_format);
       }
 
       if (headerList.isEmpty) {
-        return CoseResult(
-            payload: {},
-            verified: false,
-            errorCode: CoseErrorCode.cbor_decoding_error,
-            certificate: null,
-            publicKey: null);
+        return CoseResult.withErrorCode(CoseErrorCode.cbor_decoding_error);
       }
       header = headerList.first;
     }
 
     final bKid = HeaderUtil.parseKid(header, unprotectedHeader);
     final a = HeaderUtil.parseAlg(header, unprotectedHeader);
 
-    CoseLogger.print("kid: $bKid");
-    CoseLogger.print("alg: $a");
+    CoseLogger.printDebug("kid: $bKid");
+    CoseLogger.printDebug("alg: $a");
 
     // parse the payload
     var payloadCbor = Cbor();
     payloadCbor.decodeFromBuffer(payloadBytes);
-    CoseLogger.print(payloadCbor.decodedPrettyPrint());
+    CoseLogger.printDebug(payloadCbor.decodedPrettyPrint());
 
     dynamic payload = {};
     try {
       var data = payloadCbor.getDecodedData();
       if (null == data) {
-        return CoseResult(
-            payload: {},
-            verified: false,
-            errorCode: CoseErrorCode.payload_format_error,
-            certificate: null,
-            publicKey: null);
+        return CoseResult.withErrorCodeAndKid(
+            CoseErrorCode.payload_format_error, bKid);
       }
       payload = data.first;
     } on Exception catch (e) {
       CoseLogger.printError(e);
-      return CoseResult(
-          payload: {},
-          verified: false,
-          errorCode: CoseErrorCode.payload_format_error,
-          certificate: null,
-          publicKey: null);
+      return CoseResult.withErrorCodeAndKid(
+          CoseErrorCode.payload_format_error, bKid);
     }
     if (!certs.containsKey(bKid)) {
       return CoseResult(
           payload: payload,
           verified: false,
           errorCode: CoseErrorCode.key_not_found,
+          coseKid: bKid,
           certificate: null,
           publicKey: null);
     }
 
     // Get the public key to verify the signature.
     // This can be either a x509 certificate (EU) or only the public key structure (UK)
-    // First we try to parse a x509, when that fails we try to treat is as a public key sturcture
+    // First we try to parse a x509, when that fails we try to treat is as a public key structure
     PublicKey publicKey;
     X509Certificate? x509cert;
     try {
@@ -158,9 +119,11 @@ class Cose {
             payload: payload,
             verified: false,
             errorCode: CoseErrorCode.kid_mismatch,
-            certificate: null,
+            coseKid: bKid,
+            certificate: x509cert,
             publicKey: null);
       }
+
       publicKey = x509cert.publicKey;
     } on Error {
       final key = certs[bKid]!;
@@ -201,6 +164,7 @@ class Cose {
             payload: payload,
             verified: false,
             errorCode: CoseErrorCode.unsupported_algorithm,
+            coseKid: bKid,
             certificate: x509cert,
             publicKey: publicKey);
       }
@@ -235,12 +199,13 @@ class Cose {
             npk,
             Uint8List.view(signers.buffer, 0, signers.length),
             sigStructureBytes.buffer.asUint8List());
-        CoseLogger.print(verified);
+        CoseLogger.printDebug(verified);
       } else {
         return CoseResult(
             payload: payload,
             verified: false,
             errorCode: CoseErrorCode.unsupported_algorithm,
+            coseKid: bKid,
             certificate: x509cert,
             publicKey: publicKey);
       }
@@ -249,6 +214,7 @@ class Cose {
           payload: payload,
           verified: false,
           errorCode: CoseErrorCode.unsupported_algorithm,
+          coseKid: bKid,
           certificate: x509cert,
           publicKey: publicKey);
     }
@@ -262,6 +228,7 @@ class Cose {
         payload: payload,
         verified: verified,
         errorCode: CoseErrorCode.none,
+        coseKid: bKid,
         certificate: x509cert,
         publicKey: publicKey);
   }

lib/src/logger/cose_logger.dart

@@ -7,7 +7,7 @@ class CoseLogger {
     _isEnabled = enabled;
   }
 
-  static void print(dynamic value) {
+  static void printDebug(dynamic value) {
     if (_isEnabled) print(value);
   }
 

lib/src/model/cose_result.dart

@@ -5,13 +5,36 @@ class CoseResult {
   final Map payload;
   final bool verified;
   final CoseErrorCode errorCode;
+  final String? coseKid; //the kid found inside the COSE header
   final X509Certificate? certificate;
   final PublicKey? publicKey;
 
   CoseResult(
       {required this.payload,
       required this.verified,
       required this.errorCode,
+      required this.coseKid,
       required this.certificate,
       required this.publicKey});
+
+  factory CoseResult.withErrorCode(CoseErrorCode errorCode) {
+    return new CoseResult(
+        payload: {},
+        verified: false,
+        errorCode: errorCode,
+        coseKid: null,
+        certificate: null,
+        publicKey: null);
+  }
+
+  factory CoseResult.withErrorCodeAndKid(
+      CoseErrorCode errorCode, String coseKid) {
+    return new CoseResult(
+        payload: {},
+        verified: false,
+        errorCode: errorCode,
+        coseKid: coseKid,
+        certificate: null,
+        publicKey: null);
+  }
 }

pubspec.yaml

@@ -1,6 +1,6 @@
 name: dart_cose
 description: Partial Dart implementation of COSE, RFC8152. It is used to validate European Digital Green Certificates.
-version: 1.1.9
+version: 1.1.10
 homepage: https://github.com/jeroentrappers/dart_cose
 
 environment: