swift-server · marius-se · Feb 11, 2024
diff --git a/Package.swift b/Package.swift
@@ -28,17 +28,18 @@ let package = Package(
         .package(url: "https://github.com/apple/swift-crypto.git", from: "2.0.0"),
         .package(url: "https://github.com/apple/swift-log.git", from: "1.0.0"),
         .package(url: "https://github.com/apple/swift-certificates.git", from: "0.3.0"),
-        .package(url: "https://github.com/apple/swift-docc-plugin", from: "1.1.0")
+        .package(url: "https://github.com/apple/swift-docc-plugin", from: "1.1.0"),
+        .package(url: "https://github.com/outfoxx/PotentCodables.git", from: "3.0.0")
     ],
     targets: [
         .target(
             name: "WebAuthn",
             dependencies: [
-                "SwiftCBOR",
                 .product(name: "Crypto", package: "swift-crypto"),
                 .product(name: "_CryptoExtras", package: "swift-crypto"),
                 .product(name: "Logging", package: "swift-log"),
-                .product(name: "X509", package: "swift-certificates")
+                .product(name: "X509", package: "swift-certificates"),
+                .product(name: "PotentCodables", package: "PotentCodables")
             ]
         ),
         .testTarget(name: "WebAuthnTests", dependencies: [

diff --git a/Sources/WebAuthn/Ceremonies/Registration/AttestationObject.swift b/Sources/WebAuthn/Ceremonies/Registration/AttestationObject.swift
@@ -14,7 +14,7 @@
 
 import Foundation
 import Crypto
-import SwiftCBOR
+import PotentCBOR
 
 /// Contains the cryptographic attestation that a new key pair was created by that authenticator.
 public struct AttestationObject {

diff --git a/Sources/WebAuthn/Ceremonies/Registration/AuthenticatorAttestationResponse.swift b/Sources/WebAuthn/Ceremonies/Registration/AuthenticatorAttestationResponse.swift
@@ -13,7 +13,7 @@
 //===----------------------------------------------------------------------===//
 
 import Foundation
-import SwiftCBOR
+import PotentCBOR
 
 /// The response from the authenticator device for the creation of a new public key credential.
 ///
@@ -56,17 +56,17 @@ struct ParsedAuthenticatorAttestationResponse {
 
         // Step 11. (assembling attestationObject)
         let attestationObjectData = Data(rawResponse.attestationObject)
-        guard let decodedAttestationObject = try? CBOR.decode([UInt8](attestationObjectData)) else {
+        guard let decodedAttestationObject = try? CBORSerialization.cbor(from: attestationObjectData) else {
             throw WebAuthnError.invalidAttestationObject
         }
 
-        guard let authData = decodedAttestationObject["authData"],
-            case let .byteString(authDataBytes) = authData else {
+        guard let authData = decodedAttestationObject["authData"]?.bytesStringValue else {
             throw WebAuthnError.invalidAuthData
         }
-        guard let formatCBOR = decodedAttestationObject["fmt"],
-            case let .utf8String(format) = formatCBOR,
-            let attestationFormat = AttestationFormat(rawValue: format) else {
+
+        guard let format = decodedAttestationObject["fmt"]?.utf8StringValue,
+            let attestationFormat = AttestationFormat(rawValue: format)
+        else {
             throw WebAuthnError.invalidFmt
         }
 
@@ -75,8 +75,8 @@ struct ParsedAuthenticatorAttestationResponse {
         }
 
         attestationObject = AttestationObject(
-            authenticatorData: try AuthenticatorData(bytes: Data(authDataBytes)),
-            rawAuthenticatorData: Data(authDataBytes),
+            authenticatorData: try AuthenticatorData(bytes: authData),
+            rawAuthenticatorData: authData,
             format: attestationFormat,
             attestationStatement: attestationStatement
         )

diff --git a/Sources/WebAuthn/Ceremonies/Shared/COSE/COSEKey.swift b/Sources/WebAuthn/Ceremonies/Shared/COSE/COSEKey.swift
@@ -12,7 +12,7 @@
 //
 //===----------------------------------------------------------------------===//
 
-import SwiftCBOR
+import PotentCBOR
 
 enum COSEKey {
     // swiftlint:disable identifier_name

diff --git a/Sources/WebAuthn/Ceremonies/Shared/CredentialPublicKey.swift b/Sources/WebAuthn/Ceremonies/Shared/CredentialPublicKey.swift
@@ -15,7 +15,7 @@
 import Crypto
 import _CryptoExtras
 import Foundation
-import SwiftCBOR
+import PotentCBOR
 
 protocol PublicKey {
     var algorithm: COSEAlgorithmIdentifier { get }
@@ -40,7 +40,10 @@ enum CredentialPublicKey {
     }
 
     init(publicKeyBytes: [UInt8]) throws {
-        guard let publicKeyObject = try CBOR.decode(publicKeyBytes) else {
+        var publicKeyObject: CBOR
+        do {
+            publicKeyObject = try CBORSerialization.cbor(from: Data(publicKeyBytes))
+        } catch {
             throw WebAuthnError.badPublicKeyBytes
         }
 
@@ -222,11 +225,10 @@ struct OKPPublicKey: PublicKey {
         }
         self.curve = curve
         // X Coordinate is key -2, or NegativeInt 1 for SwiftCBOR
-        guard let xCoordRaw = publicKeyObject[.negativeInt(1)],
-            case let .byteString(xCoordinateBytes) = xCoordRaw else {
+        guard let xCoordinateBytes = publicKeyObject[.negativeInt(1)]?.bytesStringValue else {
             throw WebAuthnError.invalidXCoordinate
         }
-        xCoordinate = xCoordinateBytes
+        xCoordinate = [UInt8](xCoordinateBytes)
     }
 
     func verify(signature: Data, data: Data) throws {

diff --git a/Tests/WebAuthnTests/Utils/TestModels/TestAttestationObject.swift b/Tests/WebAuthnTests/Utils/TestModels/TestAttestationObject.swift
@@ -12,18 +12,17 @@
 //
 //===----------------------------------------------------------------------===//
 
+import Foundation
 import WebAuthn
-import SwiftCBOR
-
-// protocol AttestationObjectParameter: CBOR {}
+import PotentCBOR
 
 struct TestAttestationObject {
     var fmt: CBOR?
     var attStmt: CBOR?
     var authData: CBOR?
 
     var cborEncoded: [UInt8] {
-        var attestationObject: [CBOR: CBOR] = [:]
+        var attestationObject = CBOR.Map()
         if let fmt {
             attestationObject[.utf8String("fmt")] = fmt
         }
@@ -33,8 +32,8 @@ struct TestAttestationObject {
         if let authData {
             attestationObject[.utf8String("authData")] = authData
         }
-
-        return [UInt8](CBOR.map(attestationObject).encode())
+        let bytes = try! CBORSerialization.data(from: CBOR.map(attestationObject))
+        return [UInt8](bytes)
     }
 }
 
@@ -49,7 +48,7 @@ struct TestAttestationObjectBuilder {
         var temp = self
         temp.wrapped.fmt = .utf8String("none")
         temp.wrapped.attStmt = .map([:])
-        temp.wrapped.authData = .byteString(TestAuthDataBuilder().validMock().build().byteArrayRepresentation)
+        temp.wrapped.authData = .byteString(Data(TestAuthDataBuilder().validMock().build().byteArrayRepresentation))
         return temp
     }
 
@@ -111,19 +110,19 @@ struct TestAttestationObjectBuilder {
 
     func emptyAuthData() -> Self {
         var temp = self
-        temp.wrapped.authData = .byteString([])
+        temp.wrapped.authData = .byteString(Data())
         return temp
     }
 
     func zeroAuthData(byteCount: Int) -> Self {
         var temp = self
-        temp.wrapped.authData = .byteString([UInt8](repeating: 0, count: byteCount))
+        temp.wrapped.authData = .byteString(Data(repeating: 0, count: byteCount))
         return temp
     }
 
     func authData(_ builder: TestAuthDataBuilder) -> Self {
         var temp = self
-        temp.wrapped.authData = .byteString(builder.build().byteArrayRepresentation)
+        temp.wrapped.authData = .byteString(Data(builder.build().byteArrayRepresentation))
         return temp
     }
 

diff --git a/Tests/WebAuthnTests/Utils/TestModels/TestCredentialPublicKey.swift b/Tests/WebAuthnTests/Utils/TestModels/TestCredentialPublicKey.swift
@@ -12,8 +12,9 @@
 //
 //===----------------------------------------------------------------------===//
 
+import Foundation
 @testable import WebAuthn
-import SwiftCBOR
+import PotentCBOR
 
 struct TestCredentialPublicKey {
     var kty: CBOR?
@@ -23,7 +24,7 @@ struct TestCredentialPublicKey {
     var yCoordinate: CBOR?
 
     var byteArrayRepresentation: [UInt8] {
-        var value: [CBOR: CBOR] = [:]
+        var value = CBOR.Map()
         if let kty {
             value[COSEKey.kty.cbor] = kty
         }
@@ -39,7 +40,8 @@ struct TestCredentialPublicKey {
         if let yCoordinate {
             value[COSEKey.y.cbor] = yCoordinate
         }
-        return CBOR.map(value).encode()
+        let data = try! CBORSerialization.data(from: .map(value))
+        return [UInt8](data)
     }
 }
 
@@ -83,13 +85,13 @@ struct TestCredentialPublicKeyBuilder {
 
     func xCoordinate(_ xCoordinate: [UInt8]) -> Self {
         var temp = self
-        temp.wrapped.xCoordinate = .byteString(xCoordinate)
+        temp.wrapped.xCoordinate = .byteString(Data(xCoordinate))
         return temp
     }
 
     func yCoordiante(_ yCoordinate: [UInt8]) -> Self {
         var temp = self
-        temp.wrapped.yCoordinate = .byteString(yCoordinate)
+        temp.wrapped.yCoordinate = .byteString(Data(yCoordinate))
         return temp
     }
 }
diff --git a/Tests/WebAuthnTests/WebAuthnManagerAuthenticationTests.swift b/Tests/WebAuthnTests/WebAuthnManagerAuthenticationTests.swift
@@ -14,7 +14,7 @@
 
 @testable import WebAuthn
 import XCTest
-import SwiftCBOR
+import PotentCBOR
 import Crypto
 
 final class WebAuthnManagerAuthenticationTests: XCTestCase {

diff --git a/Tests/WebAuthnTests/WebAuthnManagerRegistrationTests.swift b/Tests/WebAuthnTests/WebAuthnManagerRegistrationTests.swift
@@ -14,7 +14,7 @@
 
 @testable import WebAuthn
 import XCTest
-import SwiftCBOR
+import PotentCBOR
 
 // swiftlint:disable:next type_body_length
 final class WebAuthnManagerRegistrationTests: XCTestCase {