COSEAlgorithmIdentifier.java

// Copyright (c) 2018, Yubico AB
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are met:
//
// 1. Redistributions of source code must retain the above copyright notice, this
//    list of conditions and the following disclaimer.
//
// 2. Redistributions in binary form must reproduce the above copyright notice,
//    this list of conditions and the following disclaimer in the documentation
//    and/or other materials provided with the distribution.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
// CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
// OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

package com.yubico.webauthn.data;

import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonValue;
import com.upokecenter.cbor.CBORException;
import com.upokecenter.cbor.CBORObject;
import java.util.Optional;
import java.util.stream.Stream;
import lombok.Getter;
import lombok.NonNull;

/**
 * A number identifying a cryptographic algorithm. The algorithm identifiers SHOULD be values
 * registered in the IANA COSE Algorithms registry, for instance, -7 for "ES256" and -257 for
 * "RS256".
 *
 * @since 0.3.0
 * @see <a
 *     href="https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#typedefdef-cosealgorithmidentifier">§5.10.5.
 *     Cryptographic Algorithm Identifier (typedef COSEAlgorithmIdentifier)</a>
 */
public enum COSEAlgorithmIdentifier {

  /**
   * The signature scheme Ed25519 as defined in <a href="https://www.rfc-editor.org/rfc/rfc8032">RFC
   * 8032</a>.
   *
   * <p>Note: This COSE identifier does not in general identify the full Ed25519 parameter suite,
   * but is specialized to that meaning within the WebAuthn API.
   *
   * @since 1.4.0
   * @see <a href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">COSE Algorithms
   *     registry</a>
   * @see <a href="https://www.rfc-editor.org/rfc/rfc8032">RFC 8032</a>
   * @see <a href="https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-alg-identifier">WebAuthn
   *     §5.8.5. Cryptographic Algorithm Identifier (typedef <code>COSEAlgorithmIdentifier</code>
   *     )</a>
   */
  EdDSA(-8),

  /**
   * ECDSA with SHA-256 on the NIST P-256 curve.
   *
   * <p>Note: This COSE identifier does not in general restrict the curve to P-256, but is
   * specialized to that meaning within the WebAuthn API.
   *
   * @since 0.3.0
   * @see <a href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">COSE Algorithms
   *     registry</a>
   * @see <a href="https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-alg-identifier">WebAuthn
   *     §5.8.5. Cryptographic Algorithm Identifier (typedef <code>COSEAlgorithmIdentifier</code>
   *     )</a>
   */
  ES256(-7),

  /**
   * ECDSA with SHA-384 on the NIST P-384 curve.
   *
   * <p>Note: This COSE identifier does not in general restrict the curve to P-384, but is
   * specialized to that meaning within the WebAuthn API.
   *
   * @since 2.1.0
   * @see <a href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">COSE Algorithms
   *     registry</a>
   * @see <a href="https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-alg-identifier">WebAuthn
   *     §5.8.5. Cryptographic Algorithm Identifier (typedef <code>COSEAlgorithmIdentifier</code>
   *     )</a>
   */
  ES384(-35),

  /**
   * ECDSA with SHA-512 on the NIST P-521 curve.
   *
   * <p>Note: This COSE identifier does not in general restrict the curve to P-521, but is
   * specialized to that meaning within the WebAuthn API.
   *
   * @since 2.1.0
   * @see <a href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">COSE Algorithms
   *     registry</a>
   * @see <a href="https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-alg-identifier">WebAuthn
   *     §5.8.5. Cryptographic Algorithm Identifier (typedef <code>COSEAlgorithmIdentifier</code>
   *     )</a>
   */
  ES512(-36),

  /**
   * RSASSA-PKCS1-v1_5 using SHA-256.
   *
   * @since 0.3.0
   * @see <a href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">COSE Algorithms
   *     registry</a>
   */
  RS256(-257),

  /**
   * RSASSA-PKCS1-v1_5 using SHA-384.
   *
   * @since 2.4.0
   * @see <a href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">COSE Algorithms
   *     registry</a>
   */
  RS384(-258),

  /**
   * RSASSA-PKCS1-v1_5 using SHA-512.
   *
   * @since 2.4.0
   * @see <a href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">COSE Algorithms
   *     registry</a>
   */
  RS512(-259),

  /**
   * RSASSA-PKCS1-v1_5 using SHA-1.
   *
   * @since 1.5.0
   * @see <a href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">COSE Algorithms
   *     registry</a>
   */
  RS1(-65535);

  @JsonValue @Getter private final long id;

  COSEAlgorithmIdentifier(long id) {
    this.id = id;
  }

  /**
   * Attempt to parse an integer as a {@link COSEAlgorithmIdentifier}.
   *
   * @param id an integer equal to the {@link #getId() id} of a constant in {@link
   *     COSEAlgorithmIdentifier}
   * @return The {@link COSEAlgorithmIdentifier} instance whose {@link #getId() id} equals <code>id
   *     </code>, if any.
   * @since 0.3.0
   * @see <a href="https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-alg-identifier">§5.8.5.
   *     Cryptographic Algorithm Identifier (typedef COSEAlgorithmIdentifier)</a>
   */
  public static Optional<COSEAlgorithmIdentifier> fromId(long id) {
    return Stream.of(values()).filter(v -> v.id == id).findAny();
  }

  /**
   * Read the {@link COSEAlgorithmIdentifier} from a public key in COSE_Key format.
   *
   * @param publicKeyCose a public key in COSE_Key format.
   * @return The <code>alg</code> of the <code>publicKeyCose</code> parsed as a {@link
   *     COSEAlgorithmIdentifier}, if possible. Returns empty if the {@link COSEAlgorithmIdentifier}
   *     enum has no constant matching the <code>alg</code> value.
   * @throws IllegalArgumentException if <code>publicKeyCose</code> is not a well-formed COSE_Key.
   * @since 2.1.0
   */
  public static Optional<COSEAlgorithmIdentifier> fromPublicKey(@NonNull ByteArray publicKeyCose) {
    final CBORObject ALG = CBORObject.FromObject(3);
    final int alg;
    try {
      CBORObject cose = CBORObject.DecodeFromBytes(publicKeyCose.getBytes());
      if (!cose.ContainsKey(ALG)) {
        throw new IllegalArgumentException(
            "Public key does not contain an \"alg\"(3) value: " + publicKeyCose);
      }
      CBORObject algCbor = cose.get(ALG);
      if (!(algCbor.isNumber() && algCbor.AsNumber().IsInteger())) {
        throw new IllegalArgumentException(
            "Public key has non-integer \"alg\"(3) value: " + publicKeyCose);
      }
      alg = algCbor.AsInt32();
    } catch (CBORException e) {
      throw new IllegalArgumentException("Failed to parse public key", e);
    }
    return fromId(alg);
  }

  @JsonCreator
  private static COSEAlgorithmIdentifier fromJson(long id) {
    return fromId(id)
        .orElseThrow(
            () -> new IllegalArgumentException("Unknown COSE algorithm identifier: " + id));
  }
}









Active mutators

CONDITIONALS_BOUNDARY
EMPTY_RETURNS
FALSE_RETURNS
INCREMENTS
INVERT_NEGS
MATH
NEGATE_CONDITIONALS
NULL_RETURNS
PRIMITIVE_RETURNS
TRUE_RETURNS
VOID_METHOD_CALLS

Tests examined

com.yubico.webauthn.data.EnumsSpec (7 ms)
com.yubico.webauthn.RelyingPartyUserIdentificationSpec (41 ms)
com.yubico.webauthn.RelyingPartyCeremoniesSpec (498 ms)
com.yubico.webauthn.PackedAttestationStatementVerifierSpec (728 ms)
com.yubico.webauthn.RelyingPartyV2AssertionSpec (792 ms)
com.yubico.webauthn.AppleAttestationStatementVerifierSpec (965 ms)
com.yubico.webauthn.RelyingPartyAssertionSpec (1392 ms)
com.yubico.webauthn.data.JsonIoSpec (4291 ms)
com.yubico.webauthn.RelyingPartyV2RegistrationSpec (8093 ms)
com.yubico.webauthn.RelyingPartyRegistrationSpec (10978 ms)

Report generated by PIT 1.15.0

1		// Copyright (c) 2018, Yubico AB
2		// All rights reserved.
3		//
4		// Redistribution and use in source and binary forms, with or without
5		// modification, are permitted provided that the following conditions are met:
6		//
7		// 1. Redistributions of source code must retain the above copyright notice, this
8		// list of conditions and the following disclaimer.
9		//
10		// 2. Redistributions in binary form must reproduce the above copyright notice,
11		// this list of conditions and the following disclaimer in the documentation
12		// and/or other materials provided with the distribution.
13		//
14		// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
15		// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16		// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
17		// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
18		// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19		// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
20		// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
21		// CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
22		// OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
23		// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24
25		package com.yubico.webauthn.data;
26
27		import com.fasterxml.jackson.annotation.JsonCreator;
28		import com.fasterxml.jackson.annotation.JsonValue;
29		import com.upokecenter.cbor.CBORException;
30		import com.upokecenter.cbor.CBORObject;
31		import java.util.Optional;
32		import java.util.stream.Stream;
33		import lombok.Getter;
34		import lombok.NonNull;
35
36		/**
37		* A number identifying a cryptographic algorithm. The algorithm identifiers SHOULD be values
38		* registered in the IANA COSE Algorithms registry, for instance, -7 for "ES256" and -257 for
39		* "RS256".
40		*
41		* @since 0.3.0
42		* @see <a
43		* href="https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#typedefdef-cosealgorithmidentifier">§5.10.5.
44		* Cryptographic Algorithm Identifier (typedef COSEAlgorithmIdentifier)</a>
45		*/
46		public enum COSEAlgorithmIdentifier {
47
48		/**
49		* The signature scheme Ed25519 as defined in <a href="https://www.rfc-editor.org/rfc/rfc8032">RFC
50		* 8032</a>.
51		*
52		* <p>Note: This COSE identifier does not in general identify the full Ed25519 parameter suite,
53		* but is specialized to that meaning within the WebAuthn API.
54		*
55		* @since 1.4.0
56		* @see <a href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">COSE Algorithms
57		* registry</a>
58		* @see <a href="https://www.rfc-editor.org/rfc/rfc8032">RFC 8032</a>
59		* @see <a href="https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-alg-identifier">WebAuthn
60		* §5.8.5. Cryptographic Algorithm Identifier (typedef <code>COSEAlgorithmIdentifier</code>
61		* )</a>
62		*/
63		EdDSA(-8),
64
65		/**
66		* ECDSA with SHA-256 on the NIST P-256 curve.
67		*
68		* <p>Note: This COSE identifier does not in general restrict the curve to P-256, but is
69		* specialized to that meaning within the WebAuthn API.
70		*
71		* @since 0.3.0
72		* @see <a href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">COSE Algorithms
73		* registry</a>
74		* @see <a href="https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-alg-identifier">WebAuthn
75		* §5.8.5. Cryptographic Algorithm Identifier (typedef <code>COSEAlgorithmIdentifier</code>
76		* )</a>
77		*/
78		ES256(-7),
79
80		/**
81		* ECDSA with SHA-384 on the NIST P-384 curve.
82		*
83		* <p>Note: This COSE identifier does not in general restrict the curve to P-384, but is
84		* specialized to that meaning within the WebAuthn API.
85		*
86		* @since 2.1.0
87		* @see <a href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">COSE Algorithms
88		* registry</a>
89		* @see <a href="https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-alg-identifier">WebAuthn
90		* §5.8.5. Cryptographic Algorithm Identifier (typedef <code>COSEAlgorithmIdentifier</code>
91		* )</a>
92		*/
93		ES384(-35),
94
95		/**
96		* ECDSA with SHA-512 on the NIST P-521 curve.
97		*
98		* <p>Note: This COSE identifier does not in general restrict the curve to P-521, but is
99		* specialized to that meaning within the WebAuthn API.
100		*
101		* @since 2.1.0
102		* @see <a href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">COSE Algorithms
103		* registry</a>
104		* @see <a href="https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-alg-identifier">WebAuthn
105		* §5.8.5. Cryptographic Algorithm Identifier (typedef <code>COSEAlgorithmIdentifier</code>
106		* )</a>
107		*/
108		ES512(-36),
109
110		/**
111		* RSASSA-PKCS1-v1_5 using SHA-256.
112		*
113		* @since 0.3.0
114		* @see <a href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">COSE Algorithms
115		* registry</a>
116		*/
117		RS256(-257),
118
119		/**
120		* RSASSA-PKCS1-v1_5 using SHA-384.
121		*
122		* @since 2.4.0
123		* @see <a href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">COSE Algorithms
124		* registry</a>
125		*/
126		RS384(-258),
127
128		/**
129		* RSASSA-PKCS1-v1_5 using SHA-512.
130		*
131		* @since 2.4.0
132		* @see <a href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">COSE Algorithms
133		* registry</a>
134		*/
135		RS512(-259),
136
137		/**
138		* RSASSA-PKCS1-v1_5 using SHA-1.
139		*
140		* @since 1.5.0
141		* @see <a href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">COSE Algorithms
142		* registry</a>
143		*/
144		RS1(-65535);
145
146		@JsonValue @Getter private final long id;
147
148		COSEAlgorithmIdentifier(long id) {
149		this.id = id;
150		}
151
152		/**
153		* Attempt to parse an integer as a {@link COSEAlgorithmIdentifier}.
154		*
155		* @param id an integer equal to the {@link #getId() id} of a constant in {@link
156		* COSEAlgorithmIdentifier}
157		* @return The {@link COSEAlgorithmIdentifier} instance whose {@link #getId() id} equals <code>id
158		* </code>, if any.
159		* @since 0.3.0
160		* @see <a href="https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-alg-identifier">§5.8.5.
161		* Cryptographic Algorithm Identifier (typedef COSEAlgorithmIdentifier)</a>
162		*/
163		public static Optional<COSEAlgorithmIdentifier> fromId(long id) {
164	3 1. lambda$fromId$0 : replaced boolean return with true for com/yubico/webauthn/data/COSEAlgorithmIdentifier::lambda$fromId$0 → KILLED 2. lambda$fromId$0 : negated conditional → KILLED 3. fromId : replaced return value with Optional.empty for com/yubico/webauthn/data/COSEAlgorithmIdentifier::fromId → KILLED	return Stream.of(values()).filter(v -> v.id == id).findAny();
165		}
166
167		/**
168		* Read the {@link COSEAlgorithmIdentifier} from a public key in COSE_Key format.
169		*
170		* @param publicKeyCose a public key in COSE_Key format.
171		* @return The <code>alg</code> of the <code>publicKeyCose</code> parsed as a {@link
172		* COSEAlgorithmIdentifier}, if possible. Returns empty if the {@link COSEAlgorithmIdentifier}
173		* enum has no constant matching the <code>alg</code> value.
174		* @throws IllegalArgumentException if <code>publicKeyCose</code> is not a well-formed COSE_Key.
175		* @since 2.1.0
176		*/
177	1 1. fromPublicKey : negated conditional → KILLED	public static Optional<COSEAlgorithmIdentifier> fromPublicKey(@NonNull ByteArray publicKeyCose) {
178		final CBORObject ALG = CBORObject.FromObject(3);
179		final int alg;
180		try {
181		CBORObject cose = CBORObject.DecodeFromBytes(publicKeyCose.getBytes());
182	1 1. fromPublicKey : negated conditional → KILLED	if (!cose.ContainsKey(ALG)) {
183		throw new IllegalArgumentException(
184		"Public key does not contain an \"alg\"(3) value: " + publicKeyCose);
185		}
186		CBORObject algCbor = cose.get(ALG);
187	2 1. fromPublicKey : negated conditional → KILLED 2. fromPublicKey : negated conditional → KILLED	if (!(algCbor.isNumber() && algCbor.AsNumber().IsInteger())) {
188		throw new IllegalArgumentException(
189		"Public key has non-integer \"alg\"(3) value: " + publicKeyCose);
190		}
191		alg = algCbor.AsInt32();
192		} catch (CBORException e) {
193		throw new IllegalArgumentException("Failed to parse public key", e);
194		}
195	1 1. fromPublicKey : replaced return value with Optional.empty for com/yubico/webauthn/data/COSEAlgorithmIdentifier::fromPublicKey → KILLED	return fromId(alg);
196		}
197
198		@JsonCreator
199		private static COSEAlgorithmIdentifier fromJson(long id) {
200	1 1. fromJson : replaced return value with null for com/yubico/webauthn/data/COSEAlgorithmIdentifier::fromJson → KILLED	return fromId(id)
201		.orElseThrow(
202	1 1. lambda$fromJson$1 : replaced return value with null for com/yubico/webauthn/data/COSEAlgorithmIdentifier::lambda$fromJson$1 → KILLED	() -> new IllegalArgumentException("Unknown COSE algorithm identifier: " + id));
203		}
204		}
		Mutations
164		1.1 Location : lambda$fromId$0 Killed by : com.yubico.webauthn.data.EnumsSpec replaced boolean return with true for com/yubico/webauthn/data/COSEAlgorithmIdentifier::lambda$fromId$0 → KILLED 2.2 Location : lambda$fromId$0 Killed by : com.yubico.webauthn.data.EnumsSpec negated conditional → KILLED 3.3 Location : fromId Killed by : com.yubico.webauthn.RelyingPartyUserIdentificationSpec replaced return value with Optional.empty for com/yubico/webauthn/data/COSEAlgorithmIdentifier::fromId → KILLED
177		1.1 Location : fromPublicKey Killed by : com.yubico.webauthn.RelyingPartyUserIdentificationSpec negated conditional → KILLED
182		1.1 Location : fromPublicKey Killed by : com.yubico.webauthn.RelyingPartyUserIdentificationSpec negated conditional → KILLED
187		1.1 Location : fromPublicKey Killed by : com.yubico.webauthn.RelyingPartyUserIdentificationSpec negated conditional → KILLED 2.2 Location : fromPublicKey Killed by : com.yubico.webauthn.RelyingPartyUserIdentificationSpec negated conditional → KILLED
195		1.1 Location : fromPublicKey Killed by : com.yubico.webauthn.RelyingPartyUserIdentificationSpec replaced return value with Optional.empty for com/yubico/webauthn/data/COSEAlgorithmIdentifier::fromPublicKey → KILLED
200		1.1 Location : fromJson Killed by : com.yubico.webauthn.RelyingPartyV2AssertionSpec replaced return value with null for com/yubico/webauthn/data/COSEAlgorithmIdentifier::fromJson → KILLED
202		1.1 Location : lambda$fromJson$1 Killed by : com.yubico.webauthn.data.EnumsSpec replaced return value with null for com/yubico/webauthn/data/COSEAlgorithmIdentifier::lambda$fromJson$1 → KILLED

COSEAlgorithmIdentifier.java

Mutations

Active mutators

Tests examined