Cleaned up and simplified testing configurations

Author: dimitribouniol

Tests/WebAuthnTests/Utils/TestModels/TestAttestationObject.swift

@@ -13,13 +13,20 @@
 
 import WebAuthn
 @preconcurrency import SwiftCBOR
+import Testing
 
 // protocol AttestationObjectParameter: CBOR {}
 
 struct TestAttestationObject {
     var fmt: CBOR?
     var attStmt: CBOR?
-    var authData: CBOR?
+    var authData: AuthData = .none
+    
+    enum AuthData {
+        case structured(TestAuthData)
+        case cbor(CBOR)
+        case none
+    }
 
     var cborEncoded: [UInt8] {
         var attestationObject: [CBOR: CBOR] = [:]
@@ -29,8 +36,12 @@ struct TestAttestationObject {
         if let attStmt {
             attestationObject[.utf8String("attStmt")] = attStmt
         }
-        if let authData {
+        switch authData {
+        case .structured(let authData):
+            attestationObject[.utf8String("authData")] = .byteString(authData.byteArrayRepresentation)
+        case .cbor(let authData):
             attestationObject[.utf8String("authData")] = authData
+        case .none: break
         }
 
         return [UInt8](CBOR.map(attestationObject).encode())
@@ -53,13 +64,13 @@ struct TestAttestationObjectBuilder {
 
     func validMockECDSA() -> Self {
         var temp = self.keyAgnosticBase()
-        temp.wrapped.authData = .byteString(TestAuthDataBuilder().validMockECDSA().build().byteArrayRepresentation)
+        temp.wrapped.authData = .structured(TestAuthDataBuilder().validMockECDSA().build())
         return temp
     }
 
     func validMockRSA() -> Self {
         var temp = self.keyAgnosticBase()
-        temp.wrapped.authData = .byteString(TestAuthDataBuilder().validMockRSA().build().byteArrayRepresentation)
+        temp.wrapped.authData = .structured(TestAuthDataBuilder().validMockRSA().build())
         return temp
     }
 
@@ -115,25 +126,38 @@ struct TestAttestationObjectBuilder {
 
     func invalidAuthData() -> Self {
         var temp = self
-        temp.wrapped.authData = .double(1)
+        temp.wrapped.authData = .cbor(.double(1))
         return temp
     }
 
     func emptyAuthData() -> Self {
         var temp = self
-        temp.wrapped.authData = .byteString([])
+        temp.wrapped.authData = .cbor(.byteString([]))
         return temp
     }
 
     func zeroAuthData(byteCount: Int) -> Self {
         var temp = self
-        temp.wrapped.authData = .byteString([UInt8](repeating: 0, count: byteCount))
+        temp.wrapped.authData = .cbor(.byteString([UInt8](repeating: 0, count: byteCount)))
         return temp
     }
 
     func authData(_ builder: TestAuthDataBuilder) -> Self {
         var temp = self
-        temp.wrapped.authData = .byteString(builder.build().byteArrayRepresentation)
+        temp.wrapped.authData = .structured(builder.build())
+        return temp
+    }
+    
+    func authData(builder: (TestAuthDataBuilder) -> TestAuthDataBuilder) -> Self {
+        var temp = self
+        switch temp.wrapped.authData {
+        case .structured(let testAuthData):
+            temp.wrapped.authData = .structured(builder(.init(wrapped: testAuthData)).build())
+        case .cbor:
+            Issue.record("authData must be structured")
+        case .none:
+            temp.wrapped.authData = .structured(builder(.init()).build())
+        }
         return temp
     }
 

Tests/WebAuthnTests/Utils/TestModels/TestECCKeyPair.swift

@@ -33,30 +33,33 @@ struct TestECCKeyPair: TestSigner {
     static let publicKeyXCoordinate = "9621b40922a4b52f513c1b6679b8d48f81019972c7f3c64d6c856de34e45a645".hexadecimal!
     static let publicKeyYCoordinate = "6637312afe0ae9a2bec08bcf4611e0e9081e6f120311a8986605d5d3b4b248f8".hexadecimal!
 
-    static func signature(data: Data) throws -> P256.Signing.ECDSASignature {
-        let privateKey = try P256.Signing.PrivateKey(pemRepresentation: privateKeyPEM)
-        return try privateKey.signature(for: data)
-    }
-
     static func sign(data: Data) throws -> [UInt8] {
-        Array(try signature(data: data).derRepresentation)
+        let privateKey = try P256.Signing.PrivateKey(pemRepresentation: privateKeyPEM)
+        return Array(try privateKey.signature(for: data).derRepresentation)
     }
 
     static var signature: [UInt8] {
         get throws {
             let authenticatorData = TestAuthDataBuilder()
                 .validAuthenticationMock()
                 .buildAsBase64URLEncoded()
-            
+
             // Create a signature. This part is usually performed by the authenticator
             let clientData: Data = TestClientDataJSON(type: "webauthn.get").jsonData
             let clientDataHash = SHA256.hash(data: clientData)
             let rawAuthenticatorData = authenticatorData.urlDecoded.decoded!
             let signatureBase = rawAuthenticatorData + clientDataHash
-            // swiftlint:disable:next force_try
-            let signature = try TestECCKeyPair.signature(data: signatureBase).derRepresentation
-            
-            return [UInt8](signature)
+
+            return try sign(data: signatureBase)
         }
     }
 }
+
+extension TestKeyConfiguration {
+    static let ecdsa = TestKeyConfiguration(
+        signer: TestECCKeyPair.self,
+        credentialPublicKeyBuilder: TestCredentialPublicKeyBuilder().validMockECDSA(),
+        authDataBuilder: TestAuthDataBuilder().validMockECDSA(),
+        attestationObjectBuilder: TestAttestationObjectBuilder().validMockECDSA()
+    )
+}

Tests/WebAuthnTests/Utils/TestModels/TestSigner.swift renamed to Tests/WebAuthnTests/Utils/TestModels/TestKeyConfiguration.swift

@@ -15,4 +15,20 @@ import Foundation
 
 protocol TestSigner {
     static func sign(data: Data) throws -> [UInt8]
+    
+    static var signature: [UInt8] { get throws }
+}
+
+struct TestKeyConfiguration {
+    var signer: any TestSigner.Type
+    var credentialPublicKeyBuilder: TestCredentialPublicKeyBuilder
+    var authDataBuilder: TestAuthDataBuilder
+    var attestationObjectBuilder: TestAttestationObjectBuilder
+    
+    var credentialPublicKey: [UInt8] {
+        credentialPublicKeyBuilder.buildAsByteArray()
+    }
+    var attestationObject: [UInt8] {
+        attestationObjectBuilder.build().cborEncoded
+    }
 }

Tests/WebAuthnTests/Utils/TestModels/TestRSAKeyPair.swift

@@ -46,7 +46,7 @@ struct TestRSAKeyPair: TestSigner {
     m0Eq9qinAmFyVbkuIzqCJMGeC1FxUYIf/DkpAMOb/ACTyig+YFgFjdU=
     -----END RSA PRIVATE KEY-----
     """
-    
+
     static let publicKeyPEM = """
     -----BEGIN PUBLIC KEY-----
     MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngCfNRz1D1HvyvWxURSK
@@ -60,32 +60,34 @@ struct TestRSAKeyPair: TestSigner {
     """
     static let publicKeyNCoordinate = [UInt8](try! _RSA.Signing.PublicKey(pemRepresentation: publicKeyPEM).getKeyPrimitives().modulus)
     static let publicKeyECoordinate = [UInt8](try! _RSA.Signing.PublicKey(pemRepresentation: publicKeyPEM).getKeyPrimitives().publicExponent)
-    
-    static func signature(data: Data) throws -> _RSA.Signing.RSASignature {
-        let privateKey = try _RSA.Signing.PrivateKey(pemRepresentation: privateKeyPEM)
-        let rsaSignature =  try privateKey.signature(for: data,padding:_RSA.Signing.Padding.insecurePKCS1v1_5)
-        return rsaSignature
-    }
 
     static func sign(data: Data) throws -> [UInt8] {
-        Array(try signature(data: data).rawRepresentation)
+        let privateKey = try _RSA.Signing.PrivateKey(pemRepresentation: privateKeyPEM)
+        return Array(try privateKey.signature(for: data,padding:_RSA.Signing.Padding.insecurePKCS1v1_5).rawRepresentation)
     }
-    
+
     static var signature: [UInt8] {
         get throws {
             let authenticatorData = TestAuthDataBuilder()
                 .validAuthenticationMock()
                 .buildAsBase64URLEncoded()
-            
+
             // Create a signature. This part is usually performed by the authenticator
             let clientData: Data = TestClientDataJSON(type: "webauthn.get").jsonData
             let clientDataHash = SHA256.hash(data: clientData)
             let rawAuthenticatorData = authenticatorData.urlDecoded.decoded!
             let signatureBase = rawAuthenticatorData + clientDataHash
-            // swiftlint:disable:next force_try
-            let signature = try TestRSAKeyPair.signature(data: signatureBase).rawRepresentation
-            
-            return [UInt8](signature)
+
+            return try sign(data: signatureBase)
         }
     }
 }
+
+extension TestKeyConfiguration {
+    static let rsa = TestKeyConfiguration(
+        signer: TestRSAKeyPair.self,
+        credentialPublicKeyBuilder: TestCredentialPublicKeyBuilder().validMockRSA(),
+        authDataBuilder: TestAuthDataBuilder().validMockRSA(),
+        attestationObjectBuilder: TestAttestationObjectBuilder().validMockRSA()
+    )
+}