From f3afe04b6e69452ed7f237c35c6b307637112583 Mon Sep 17 00:00:00 2001
From: Marius Seufzer <marius.seufzer@protonmail.com>
Date: Mon, 12 Feb 2024 12:15:43 +1300
Subject: [PATCH] replace SwiftCBOR with PotentCodable

---
 Package.swift                                 |  7 ++++---
 .../Registration/AttestationObject.swift      |  2 +-
 .../AuthenticatorAttestationResponse.swift    | 18 +++++++++---------
 .../Ceremonies/Shared/COSE/COSEKey.swift      |  2 +-
 .../Shared/CredentialPublicKey.swift          | 12 +++++++-----
 .../TestModels/TestAttestationObject.swift    | 19 +++++++++----------
 .../TestModels/TestCredentialPublicKey.swift  | 12 +++++++-----
 .../WebAuthnManagerAuthenticationTests.swift  |  2 +-
 .../WebAuthnManagerRegistrationTests.swift    |  2 +-
 9 files changed, 40 insertions(+), 36 deletions(-)

diff --git a/Package.swift b/Package.swift
index b9d5166..4f63584 100644
--- a/Package.swift
+++ b/Package.swift
@@ -28,17 +28,18 @@ let package = Package(
         .package(url: "https://github.com/apple/swift-crypto.git", from: "2.0.0"),
         .package(url: "https://github.com/apple/swift-log.git", from: "1.0.0"),
         .package(url: "https://github.com/apple/swift-certificates.git", from: "0.3.0"),
-        .package(url: "https://github.com/apple/swift-docc-plugin", from: "1.1.0")
+        .package(url: "https://github.com/apple/swift-docc-plugin", from: "1.1.0"),
+        .package(url: "https://github.com/outfoxx/PotentCodables.git", from: "3.0.0")
     ],
     targets: [
         .target(
             name: "WebAuthn",
             dependencies: [
-                "SwiftCBOR",
                 .product(name: "Crypto", package: "swift-crypto"),
                 .product(name: "_CryptoExtras", package: "swift-crypto"),
                 .product(name: "Logging", package: "swift-log"),
-                .product(name: "X509", package: "swift-certificates")
+                .product(name: "X509", package: "swift-certificates"),
+                .product(name: "PotentCodables", package: "PotentCodables")
             ]
         ),
         .testTarget(name: "WebAuthnTests", dependencies: [
diff --git a/Sources/WebAuthn/Ceremonies/Registration/AttestationObject.swift b/Sources/WebAuthn/Ceremonies/Registration/AttestationObject.swift
index d8dc62e..98def44 100644
--- a/Sources/WebAuthn/Ceremonies/Registration/AttestationObject.swift
+++ b/Sources/WebAuthn/Ceremonies/Registration/AttestationObject.swift
@@ -14,7 +14,7 @@
 
 import Foundation
 import Crypto
-import SwiftCBOR
+import PotentCBOR
 
 /// Contains the cryptographic attestation that a new key pair was created by that authenticator.
 public struct AttestationObject {
diff --git a/Sources/WebAuthn/Ceremonies/Registration/AuthenticatorAttestationResponse.swift b/Sources/WebAuthn/Ceremonies/Registration/AuthenticatorAttestationResponse.swift
index 8a60466..74199e4 100644
--- a/Sources/WebAuthn/Ceremonies/Registration/AuthenticatorAttestationResponse.swift
+++ b/Sources/WebAuthn/Ceremonies/Registration/AuthenticatorAttestationResponse.swift
@@ -13,7 +13,7 @@
 //===----------------------------------------------------------------------===//
 
 import Foundation
-import SwiftCBOR
+import PotentCBOR
 
 /// The response from the authenticator device for the creation of a new public key credential.
 ///
@@ -56,17 +56,17 @@ struct ParsedAuthenticatorAttestationResponse {
 
         // Step 11. (assembling attestationObject)
         let attestationObjectData = Data(rawResponse.attestationObject)
-        guard let decodedAttestationObject = try? CBOR.decode([UInt8](attestationObjectData)) else {
+        guard let decodedAttestationObject = try? CBORSerialization.cbor(from: attestationObjectData) else {
             throw WebAuthnError.invalidAttestationObject
         }
 
-        guard let authData = decodedAttestationObject["authData"],
-            case let .byteString(authDataBytes) = authData else {
+        guard let authData = decodedAttestationObject["authData"]?.bytesStringValue else {
             throw WebAuthnError.invalidAuthData
         }
-        guard let formatCBOR = decodedAttestationObject["fmt"],
-            case let .utf8String(format) = formatCBOR,
-            let attestationFormat = AttestationFormat(rawValue: format) else {
+
+        guard let format = decodedAttestationObject["fmt"]?.utf8StringValue,
+            let attestationFormat = AttestationFormat(rawValue: format)
+        else {
             throw WebAuthnError.invalidFmt
         }
 
@@ -75,8 +75,8 @@ struct ParsedAuthenticatorAttestationResponse {
         }
 
         attestationObject = AttestationObject(
-            authenticatorData: try AuthenticatorData(bytes: Data(authDataBytes)),
-            rawAuthenticatorData: Data(authDataBytes),
+            authenticatorData: try AuthenticatorData(bytes: authData),
+            rawAuthenticatorData: authData,
             format: attestationFormat,
             attestationStatement: attestationStatement
         )
diff --git a/Sources/WebAuthn/Ceremonies/Shared/COSE/COSEKey.swift b/Sources/WebAuthn/Ceremonies/Shared/COSE/COSEKey.swift
index 83eeab3..e1b15d3 100644
--- a/Sources/WebAuthn/Ceremonies/Shared/COSE/COSEKey.swift
+++ b/Sources/WebAuthn/Ceremonies/Shared/COSE/COSEKey.swift
@@ -12,7 +12,7 @@
 //
 //===----------------------------------------------------------------------===//
 
-import SwiftCBOR
+import PotentCBOR
 
 enum COSEKey {
     // swiftlint:disable identifier_name
diff --git a/Sources/WebAuthn/Ceremonies/Shared/CredentialPublicKey.swift b/Sources/WebAuthn/Ceremonies/Shared/CredentialPublicKey.swift
index 2ed75f1..d901e74 100644
--- a/Sources/WebAuthn/Ceremonies/Shared/CredentialPublicKey.swift
+++ b/Sources/WebAuthn/Ceremonies/Shared/CredentialPublicKey.swift
@@ -15,7 +15,7 @@
 import Crypto
 import _CryptoExtras
 import Foundation
-import SwiftCBOR
+import PotentCBOR
 
 protocol PublicKey {
     var algorithm: COSEAlgorithmIdentifier { get }
@@ -40,7 +40,10 @@ enum CredentialPublicKey {
     }
 
     init(publicKeyBytes: [UInt8]) throws {
-        guard let publicKeyObject = try CBOR.decode(publicKeyBytes) else {
+        var publicKeyObject: CBOR
+        do {
+            publicKeyObject = try CBORSerialization.cbor(from: Data(publicKeyBytes))
+        } catch {
             throw WebAuthnError.badPublicKeyBytes
         }
 
@@ -222,11 +225,10 @@ struct OKPPublicKey: PublicKey {
         }
         self.curve = curve
         // X Coordinate is key -2, or NegativeInt 1 for SwiftCBOR
-        guard let xCoordRaw = publicKeyObject[.negativeInt(1)],
-            case let .byteString(xCoordinateBytes) = xCoordRaw else {
+        guard let xCoordinateBytes = publicKeyObject[.negativeInt(1)]?.bytesStringValue else {
             throw WebAuthnError.invalidXCoordinate
         }
-        xCoordinate = xCoordinateBytes
+        xCoordinate = [UInt8](xCoordinateBytes)
     }
 
     func verify(signature: Data, data: Data) throws {
diff --git a/Tests/WebAuthnTests/Utils/TestModels/TestAttestationObject.swift b/Tests/WebAuthnTests/Utils/TestModels/TestAttestationObject.swift
index 6abdaca..941849c 100644
--- a/Tests/WebAuthnTests/Utils/TestModels/TestAttestationObject.swift
+++ b/Tests/WebAuthnTests/Utils/TestModels/TestAttestationObject.swift
@@ -12,10 +12,9 @@
 //
 //===----------------------------------------------------------------------===//
 
+import Foundation
 import WebAuthn
-import SwiftCBOR
-
-// protocol AttestationObjectParameter: CBOR {}
+import PotentCBOR
 
 struct TestAttestationObject {
     var fmt: CBOR?
@@ -23,7 +22,7 @@ struct TestAttestationObject {
     var authData: CBOR?
 
     var cborEncoded: [UInt8] {
-        var attestationObject: [CBOR: CBOR] = [:]
+        var attestationObject = CBOR.Map()
         if let fmt {
             attestationObject[.utf8String("fmt")] = fmt
         }
@@ -33,8 +32,8 @@ struct TestAttestationObject {
         if let authData {
             attestationObject[.utf8String("authData")] = authData
         }
-
-        return [UInt8](CBOR.map(attestationObject).encode())
+        let bytes = try! CBORSerialization.data(from: CBOR.map(attestationObject))
+        return [UInt8](bytes)
     }
 }
 
@@ -49,7 +48,7 @@ struct TestAttestationObjectBuilder {
         var temp = self
         temp.wrapped.fmt = .utf8String("none")
         temp.wrapped.attStmt = .map([:])
-        temp.wrapped.authData = .byteString(TestAuthDataBuilder().validMock().build().byteArrayRepresentation)
+        temp.wrapped.authData = .byteString(Data(TestAuthDataBuilder().validMock().build().byteArrayRepresentation))
         return temp
     }
 
@@ -111,19 +110,19 @@ struct TestAttestationObjectBuilder {
 
     func emptyAuthData() -> Self {
         var temp = self
-        temp.wrapped.authData = .byteString([])
+        temp.wrapped.authData = .byteString(Data())
         return temp
     }
 
     func zeroAuthData(byteCount: Int) -> Self {
         var temp = self
-        temp.wrapped.authData = .byteString([UInt8](repeating: 0, count: byteCount))
+        temp.wrapped.authData = .byteString(Data(repeating: 0, count: byteCount))
         return temp
     }
 
     func authData(_ builder: TestAuthDataBuilder) -> Self {
         var temp = self
-        temp.wrapped.authData = .byteString(builder.build().byteArrayRepresentation)
+        temp.wrapped.authData = .byteString(Data(builder.build().byteArrayRepresentation))
         return temp
     }
 
diff --git a/Tests/WebAuthnTests/Utils/TestModels/TestCredentialPublicKey.swift b/Tests/WebAuthnTests/Utils/TestModels/TestCredentialPublicKey.swift
index 9159922..586e4c0 100644
--- a/Tests/WebAuthnTests/Utils/TestModels/TestCredentialPublicKey.swift
+++ b/Tests/WebAuthnTests/Utils/TestModels/TestCredentialPublicKey.swift
@@ -12,8 +12,9 @@
 //
 //===----------------------------------------------------------------------===//
 
+import Foundation
 @testable import WebAuthn
-import SwiftCBOR
+import PotentCBOR
 
 struct TestCredentialPublicKey {
     var kty: CBOR?
@@ -23,7 +24,7 @@ struct TestCredentialPublicKey {
     var yCoordinate: CBOR?
 
     var byteArrayRepresentation: [UInt8] {
-        var value: [CBOR: CBOR] = [:]
+        var value = CBOR.Map()
         if let kty {
             value[COSEKey.kty.cbor] = kty
         }
@@ -39,7 +40,8 @@ struct TestCredentialPublicKey {
         if let yCoordinate {
             value[COSEKey.y.cbor] = yCoordinate
         }
-        return CBOR.map(value).encode()
+        let data = try! CBORSerialization.data(from: .map(value))
+        return [UInt8](data)
     }
 }
 
@@ -83,13 +85,13 @@ struct TestCredentialPublicKeyBuilder {
 
     func xCoordinate(_ xCoordinate: [UInt8]) -> Self {
         var temp = self
-        temp.wrapped.xCoordinate = .byteString(xCoordinate)
+        temp.wrapped.xCoordinate = .byteString(Data(xCoordinate))
         return temp
     }
 
     func yCoordiante(_ yCoordinate: [UInt8]) -> Self {
         var temp = self
-        temp.wrapped.yCoordinate = .byteString(yCoordinate)
+        temp.wrapped.yCoordinate = .byteString(Data(yCoordinate))
         return temp
     }
 }
diff --git a/Tests/WebAuthnTests/WebAuthnManagerAuthenticationTests.swift b/Tests/WebAuthnTests/WebAuthnManagerAuthenticationTests.swift
index 6b3ca02..13ad3e1 100644
--- a/Tests/WebAuthnTests/WebAuthnManagerAuthenticationTests.swift
+++ b/Tests/WebAuthnTests/WebAuthnManagerAuthenticationTests.swift
@@ -14,7 +14,7 @@
 
 @testable import WebAuthn
 import XCTest
-import SwiftCBOR
+import PotentCBOR
 import Crypto
 
 final class WebAuthnManagerAuthenticationTests: XCTestCase {
diff --git a/Tests/WebAuthnTests/WebAuthnManagerRegistrationTests.swift b/Tests/WebAuthnTests/WebAuthnManagerRegistrationTests.swift
index fe76a2f..5f795ca 100644
--- a/Tests/WebAuthnTests/WebAuthnManagerRegistrationTests.swift
+++ b/Tests/WebAuthnTests/WebAuthnManagerRegistrationTests.swift
@@ -14,7 +14,7 @@
 
 @testable import WebAuthn
 import XCTest
-import SwiftCBOR
+import PotentCBOR
 
 // swiftlint:disable:next type_body_length
 final class WebAuthnManagerRegistrationTests: XCTestCase {