From 25df072594ff146103fc83e08a2bfa3a44026063 Mon Sep 17 00:00:00 2001 From: Paul Flynn Date: Sun, 9 Jun 2024 23:59:05 -0400 Subject: [PATCH] Refactor BinaryParser and tests, update key representation This commit includes modifications to handling of key access in BinaryParser and changes the way the ephemeral public key data is represented in NanoTDF. Removed redundant code in BinaryParser by eliminating unnecessary if-else checks and updated how bindingSize is calculated. Some previously commented code in the test suite has been uncommented and refined, ensuring a more accurate validation of our tests. Now, the test suite also checks the existence of the ephemeral public key. --- NanoTDF/BinaryParser.swift | 10 ++++------ NanoTDF/NanoTDF.swift | 2 +- Tests/NanoTDFCreationTests.swift | 11 ++++++----- 3 files changed, 11 insertions(+), 12 deletions(-) diff --git a/NanoTDF/BinaryParser.swift b/NanoTDF/BinaryParser.swift index 01a6a16..d110f9e 100644 --- a/NanoTDF/BinaryParser.swift +++ b/NanoTDF/BinaryParser.swift @@ -87,7 +87,7 @@ class BinaryParser { print("Failed to read Embedded Policy plaintext / ciphertext") return nil } - let keyAccess = policyType == .embeddedEncryptedWithPolicyKeyAccess ? readPolicyKeyAccess(bindingMode: bindingMode) : nil +// let keyAccess = policyType == .embeddedEncryptedWithPolicyKeyAccess ? readPolicyKeyAccess(bindingMode: bindingMode) : nil return EmbeddedPolicyBody(length: plaintextCiphertext.count, body: plaintextCiphertext, keyAccess: nil) } @@ -138,8 +138,6 @@ class BinaryParser { var bindingSize: Int print("bindingMode", bindingMode) if bindingMode.ecdsaBinding { - bindingSize = 64 - } else { switch bindingMode.curve { case .secp256r1, .xsecp256k1: bindingSize = 64 @@ -148,11 +146,11 @@ class BinaryParser { case .secp521r1: bindingSize = 132 } + } else { + // GMAC Tag Binding + bindingSize = 16 } print("bindingSize", bindingSize) - if bindingMode.ecdsaBinding { - bindingSize = 64 - } return read(length: bindingSize) } diff --git a/NanoTDF/NanoTDF.swift b/NanoTDF/NanoTDF.swift index e45ce6a..4892c32 100644 --- a/NanoTDF/NanoTDF.swift +++ b/NanoTDF/NanoTDF.swift @@ -373,7 +373,7 @@ func createNanoTDF(kas: KasMetadata, policy: inout Policy, plaintext: Data) thro let curve: Curve = .secp256r1 var ephemeralPublicKeyData: Data = Data() if let ephemeralPublicKey = ephemeralPublicKey as? P256.KeyAgreement.PublicKey { - ephemeralPublicKeyData = ephemeralPublicKey.x963Representation + ephemeralPublicKeyData = ephemeralPublicKey.compressedRepresentation } print("ephemeralPublicKeyData.count", ephemeralPublicKeyData.count) let header = Header(magicNumber: magicNumber, diff --git a/Tests/NanoTDFCreationTests.swift b/Tests/NanoTDFCreationTests.swift index b473afd..f7575c5 100644 --- a/Tests/NanoTDFCreationTests.swift +++ b/Tests/NanoTDFCreationTests.swift @@ -22,6 +22,7 @@ class NanoTDFCreationTests: XCTestCase { XCTAssertNotNil(nanoTDF, "NanoTDF should not be nil") XCTAssertNotNil(nanoTDF.header, "Header should not be nil") XCTAssertNotNil(nanoTDF.header.policy.remote, "Policy body should not be nil") + XCTAssertNotNil(nanoTDF.header.ephemeralPublicKey, "Ephemeral PublicKey should not be nil") XCTAssertNotNil(nanoTDF.payload, "Payload should not be nil") XCTAssertNotNil(nanoTDF.payload.iv, "Payload nonce should not be nil") XCTAssertNotNil(nanoTDF.payload.ciphertext, "Payload ciphertext should not be nil") @@ -56,11 +57,11 @@ class NanoTDFCreationTests: XCTestCase { // Ephemeral Key let ephemeralKeyHexString = header.ephemeralPublicKey.map { String(format: "%02x", $0) }.joined(separator: " ") print("Ephemeral Key:", ephemeralKeyHexString) - // FIXME payload length is incorrect -// let payload = try parser.parsePayload(config: header.payloadSignatureConfig) -// let snanoTDF = NanoTDF(header: header, payload: payload, signature: nil) -// // Print final the signature NanoTDF -// print(snanoTDF) + let payload = try parser.parsePayload(config: header.payloadSignatureConfig) + let snanoTDF = NanoTDF(header: header, payload: payload, signature: nil) + // Print final the signature NanoTDF + print(snanoTDF) + XCTAssertEqual(payload.length, 43) } func testCreateNanoTDFWithInvalidKasMetadata() {