chore: create abstract class for VDS/IDB

Author: li0ard

src/generic.ts

@@ -0,0 +1,66 @@
+import { bytesToNumberBE } from "@noble/curves/utils.js";
+import { concatBytes } from "@noble/hashes/utils.js";
+import { DerTLV } from "./utils.js";
+
+/** Abstract seal */
+export abstract class AbstractSeal {
+    /** Signed bytes */
+    abstract get signedBytes(): Uint8Array;
+
+    /** Signature bytes */
+    abstract get signatureBytes(): Uint8Array | null;
+
+    /** Encoded seal/barcode */
+    abstract get encoded(): unknown;
+}
+
+/** Abstract ECDSA signature (Raw format) */
+export abstract class AbstractECDSARawSignature {
+    static readonly TAG: number;
+    abstract readonly TAG: number;
+    private _r: Uint8Array;
+    private _s: Uint8Array;
+
+    constructor(r: Uint8Array, s: Uint8Array) {
+        this._r = r;
+        this._s = s;
+    }
+
+    /** `r` as bigint */
+    get r(): bigint { return bytesToNumberBE(this._r); }
+    /** `r` as bytes */
+    get rBytes(): Uint8Array { return this._r; }
+    /** `s` as bigint */
+    get s(): bigint { return bytesToNumberBE(this._s); }
+    /** `s` as bytes */
+    get sBytes(): Uint8Array { return this._s; }
+
+    /** Encoded IDB signature */
+    get encoded(): Uint8Array {
+        return new DerTLV(this.TAG, concatBytes(this.rBytes, this.sBytes)).encoded;
+    }
+
+    /** Encoded IDB signature (as ASN.1) */
+    toDER(): Uint8Array {
+        return new DerTLV(0x30, concatBytes(
+            DerTLV.getDerInteger(this.rBytes),
+            DerTLV.getDerInteger(this.sBytes),
+        )).encoded;
+    }
+
+    static decode<T extends AbstractECDSARawSignature>(
+        this: {
+            new (r: Uint8Array, s: Uint8Array): T;
+            readonly TAG: number;
+        },
+        data: Uint8Array
+    ): T {
+        if(data[0] != this.TAG) throw new Error("Signature tag mismatch");
+        const parsed = DerTLV.decode(data);
+        if(parsed == null) throw new Error("Invalid signature");
+        return new this(
+            parsed.value.subarray(0, parsed.value.length / 2),
+            parsed.value.subarray(parsed.value.length / 2, parsed.value.length)
+        );
+    }
+}

src/idb/idb.ts

@@ -1,7 +1,8 @@
 import { concatBytes } from "@noble/curves/utils.js";
-import { AbstractECDSARawSignature, C40Encoder, DateEncoder, DerTLV, parseTLVs } from "../utils.js";
+import { C40Encoder, DateEncoder, DerTLV, parseTLVs } from "../utils.js";
 import { deflate, inflate } from "pako";
 import { base32nopad } from "@scure/base";
+import { AbstractECDSARawSignature, AbstractSeal } from "../generic.js"
 
 /** IDB signature algorithm */
 export enum IDBSignatureAlgorithm {
@@ -19,9 +20,6 @@ export enum IDBSignatureAlgorithm {
  * Described by ICAO Datastructure for Barcode section 3.2
  */
 export class IDBHeader {
-    /** Offset for decoding */
-    public _offset = 0;
-
     /**
      * Barcode header
      * @param countryIdentifier Issuing country code
@@ -66,9 +64,7 @@ export class IDBHeader {
         const signatureCreationDate = DateEncoder.decodeMaskedDate(data.subarray(offset, offset + 4));
         offset += 4;
 
-        const decoded = new IDBHeader(countryIdentifier, signatureAlgorithm, certificateReference, signatureCreationDate);
-        decoded._offset = offset;
-        return decoded;
+        return new IDBHeader(countryIdentifier, signatureAlgorithm, certificateReference, signatureCreationDate);
     }
 }
 
@@ -162,7 +158,7 @@ export class IDBPayload {
  * 
  * Described by ICAO Datastructure for Barcode section 2
  */
-export class ICAOBarcode {
+export class ICAOBarcode implements AbstractSeal {
     /** Barcode identifier (Old) */
     static readonly BARCODE_IDENTIFIER_OLD = "NDB1";
     /** Barcode identifier */
@@ -187,11 +183,9 @@ export class ICAOBarcode {
     /** Is barcode compressed? */
     get isZipped(): boolean { return ((this._flag - 0x41) & 2) == 2; }
 
-    /** Signed bytes */
     get signedBytes(): Uint8Array {
         return concatBytes(this.header.encoded, this.payload.messageListEncoded);
     }
-    /** Signature bytes */
     get signatureBytes(): Uint8Array | null {
         return this.payload.signature ? this.payload.signature.toDER() : null;
     }

src/utils.ts

@@ -126,8 +126,7 @@ export class C40Encoder {
             .replaceAll("\r", "")
             .replaceAll("\n", "");
 
-        let len = dataString.length;
-
+        const len = dataString.length;
         for(let i = 0; i < len; i++) {
             if (i % 3 == 0) {
                 if (i + 2 < len) {
@@ -296,55 +295,4 @@ export const intToBytesBE = (value: bigint | number): Uint8Array => {
     }
 
     return new Uint8Array(bytes);
-}
-
-/** Abstract ECDSA signature (Raw format) */
-export abstract class AbstractECDSARawSignature {
-    static readonly TAG: number;
-    abstract readonly TAG: number;
-    private _r: Uint8Array;
-    private _s: Uint8Array;
-
-    constructor(r: Uint8Array, s: Uint8Array) {
-        this._r = r;
-        this._s = s;
-    }
-
-    /** `r` as bigint */
-    get r(): bigint { return bytesToNumberBE(this._r); }
-    /** `r` as bytes */
-    get rBytes(): Uint8Array { return this._r; }
-    /** `s` as bigint */
-    get s(): bigint { return bytesToNumberBE(this._s); }
-    /** `s` as bytes */
-    get sBytes(): Uint8Array { return this._s; }
-
-    /** Encoded IDB signature */
-    get encoded(): Uint8Array {
-        return new DerTLV(this.TAG, concatBytes(this.rBytes, this.sBytes)).encoded;
-    }
-
-    /** Encoded IDB signature (as ASN.1) */
-    toDER(): Uint8Array {
-        return new DerTLV(0x30, concatBytes(
-            DerTLV.getDerInteger(this.rBytes),
-            DerTLV.getDerInteger(this.sBytes),
-        )).encoded;
-    }
-
-    static decode<T extends AbstractECDSARawSignature>(
-        this: {
-            new (r: Uint8Array, s: Uint8Array): T;
-            readonly TAG: number;
-        },
-        data: Uint8Array
-    ): T {
-        if(data[0] != this.TAG) throw new Error("Signature tag mismatch");
-        const parsed = DerTLV.decode(data);
-        if(parsed == null) throw new Error("Invalid signature");
-        return new this(
-            parsed.value.subarray(0, parsed.value.length / 2),
-            parsed.value.subarray(parsed.value.length / 2, parsed.value.length)
-        );
-    }
 }

src/vds/vds.ts

@@ -1,5 +1,6 @@
 import { concatBytes } from "@noble/curves/utils.js";
-import { AbstractECDSARawSignature, C40Encoder, DateEncoder, DerTLV, parseTLVs } from "../utils.js";
+import { C40Encoder, DateEncoder, DerTLV, parseTLVs } from "../utils.js";
+import { AbstractECDSARawSignature, AbstractSeal } from "../generic.js"
 
 /**
  * Seal header
@@ -94,11 +95,11 @@ export class VDSHeader {
 
         const magicByte = data[offset];
         offset += 1;
-        if(magicByte != VDSHeader.TAG) throw new Error("Magic Constant mismatch");
+        if(magicByte != VDSHeader.TAG) throw new Error("Magic constant mismatch");
 
         const rawVersion = data[offset];
         offset += 1;
-        if(!(rawVersion == 2 || rawVersion == 3)) throw new Error("Unsupported raw version");
+        if(!(rawVersion == 2 || rawVersion == 3)) throw new Error("Unsupported VDS version");
 
         const issuingCountry = C40Encoder.decode(data.subarray(offset, offset + 2));
         offset += 2;
@@ -109,8 +110,16 @@ export class VDSHeader {
             offset += 4;
             signerIdentifier = signerIdentifierAndCertRefLength.substring(0, 4);
 
-            const certRefLength = parseInt(signerIdentifierAndCertRefLength.substring(4), 16);
-            const bytesToDecode = (Math.floor((certRefLength - 1) / 3) * 2) + 2;
+            //const certRefLength = parseInt(signerIdentifierAndCertRefLength.substring(4), 16);
+            //const bytesToDecode = (Math.floor((certRefLength - 1) / 3) * 2) + 2;
+            let bytesToDecode;
+            if(signerIdentifier == "DEZV") {
+                const certRefLength = parseInt(signerIdentifierAndCertRefLength.substring(4));
+                bytesToDecode = Math.floor((2 * certRefLength + 2) / 3);
+            } else {
+                const certRefLength = parseInt(signerIdentifierAndCertRefLength.substring(4), 16);
+                bytesToDecode = (Math.floor((certRefLength - 1) / 3) * 2) + 2;
+            }
 
             certificateReference = C40Encoder.decode(data.subarray(offset, offset + bytesToDecode));
             offset += bytesToDecode;
@@ -152,7 +161,7 @@ export class VDSSignature extends AbstractECDSARawSignature {
  * 
  * Described by ICAO p.13 section 2
  */
-export class Seal {
+export class Seal implements AbstractSeal {
     /**
      * Visible digital seal (VDS)
      * @param header VDS header
@@ -165,24 +174,22 @@ export class Seal {
         public signature: VDSSignature | null = null
     ) {}
 
-    /** Signed bytes */
     get signedBytes(): Uint8Array {
         return concatBytes(this.header.encoded, ...this.messageList.map(i => i.encoded));
     }
-    /** Signature bytes */
     get signatureBytes(): Uint8Array | null {
         return this.signature ? this.signature.toDER() : null;
     }
 
-    /** Encoded visible digital seal */
+    /** Encoded VDS */
     get encoded(): Uint8Array {
         let encoded = this.signedBytes;
         if(this.signature) encoded = concatBytes(encoded, this.signature.encoded);
 
         return encoded;
     }
 
-    /** Decode visible digital seal from bytes */
+    /** Decode VDS from bytes */
     static decode(data: Uint8Array): Seal {
         const header = VDSHeader.decode(data);
         const messageList: DerTLV[] = [];

test_cert.pem tests/data/test_cert.pemtest_cert.pem renamed to tests/data/test_cert.pem

@@ -98,8 +98,8 @@ class SocialInsuranceCard {
     @VDSProp({ tag: 3, coding: FeatureCoding.UTF8_STRING })
     firstName!: string;
 
-    @VDSProp({ tag: 4, coding: FeatureCoding.UTF8_STRING })
-    birthName!: string;
+    @VDSProp({ tag: 4, coding: FeatureCoding.UTF8_STRING, optional: true })
+    birthName?: string;
 }
 
 @VDSDocument({ documentRef: 0xfa06, version: 4 })