From f7f192fa5baa24a6124ea568020c753f30df23d9 Mon Sep 17 00:00:00 2001 From: Chris Barth Date: Tue, 30 May 2023 13:03:14 -0400 Subject: [PATCH 1/2] Lint code --- .eslintrc.json | 2 +- .vscode/settings.json | 2 ++ lib/enveloped-signature.js | 6 ++-- lib/signed-xml.js | 38 ++++++++++++------------- test/c14nWithComments-unit-tests.js | 2 +- test/canonicalization-unit-tests.js | 1 + test/signature-integration-tests.js | 1 - test/signature-unit-tests.js | 44 ++++++++++++++--------------- 8 files changed, 49 insertions(+), 47 deletions(-) diff --git a/.eslintrc.json b/.eslintrc.json index a0a756ab..01fc1525 100644 --- a/.eslintrc.json +++ b/.eslintrc.json @@ -10,7 +10,7 @@ }, "extends": ["eslint:recommended", "prettier"], "rules": { - "no-console": "warn", + "no-console": "error", "no-unused-vars": "warn", "no-prototype-builtins": "warn" } diff --git a/.vscode/settings.json b/.vscode/settings.json index 9f0f6592..5470362f 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -4,6 +4,8 @@ "canonicalize", "canonicalized", "codecov", + "feide", + "reserialization", "wsfederation", "wssecurity" ] diff --git a/lib/enveloped-signature.js b/lib/enveloped-signature.js index 43f26972..f6971c43 100644 --- a/lib/enveloped-signature.js +++ b/lib/enveloped-signature.js @@ -18,10 +18,10 @@ EnvelopedSignature.prototype.process = function (node, options) { var signatures = xpath.select(".//*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']", node); for (var h in signatures) { if (!signatures.hasOwnProperty(h)) continue; - var signature = signatures[h]; - var signatureValue = utils.findFirst(signature, ".//*[local-name(.)='SignatureValue']/text()").data; + var nodeSignature = signatures[h]; + var signatureValue = utils.findFirst(nodeSignature, ".//*[local-name(.)='SignatureValue']/text()").data; if (expectedSignatureValue === signatureValue) { - signature.parentNode.removeChild(signature); + nodeSignature.parentNode.removeChild(nodeSignature); } } return node; diff --git a/lib/signed-xml.js b/lib/signed-xml.js index ea4d792d..99bdaf72 100644 --- a/lib/signed-xml.js +++ b/lib/signed-xml.js @@ -340,7 +340,7 @@ SignedXml.findAncestorNs = findAncestorNs; SignedXml.prototype.checkSignature = function(xml, callback) { if (callback != null && typeof callback !== 'function') { - throw new Error("Last paramater must be a callback function") + throw new Error("Last parameter must be a callback function") } this.validationErrors = [] @@ -358,11 +358,11 @@ SignedXml.prototype.checkSignature = function(xml, callback) { this.signingKey = this.keyInfoProvider.getKey(this.keyInfo) if (!this.signingKey) { - var err = new Error("key info provider could not resolve key info " + this.keyInfo) + var err2 = new Error("key info provider could not resolve key info " + this.keyInfo) if (!callback) { - throw err + throw err2 } else { - callback(err) + callback(err2) return } } @@ -379,13 +379,13 @@ SignedXml.prototype.checkSignature = function(xml, callback) { } if (!callback) { - //Syncronous flow + // Synchronous flow if (!this.validateSignatureValue(doc)) { return false } return true } else { - //Asyncronous flow + // Asynchronous flow this.validateSignatureValue(doc, function (err, isValidSignature) { if (err) { this.validationErrors.push("invalid signature: the signature value " + @@ -513,7 +513,7 @@ SignedXml.prototype.validateReferences = function(doc) { } if (elem.length==0) { - this.validationErrors.push("invalid signature: the signature refernces an element with uri "+ + this.validationErrors.push("invalid signature: the signature references an element with uri "+ ref.uri + " but could not find such element in the xml") return false } @@ -681,7 +681,7 @@ SignedXml.prototype.addReference = function(xpath, transforms, digestAlgorithm, } /** - * Compute the signature of the given xml (usign the already defined settings) + * Compute the signature of the given xml (using the already defined settings) * * Options: * @@ -701,7 +701,7 @@ SignedXml.prototype.computeSignature = function(xml, opts, callback) { } if (callback != null && typeof callback !== 'function') { - throw new Error("Last paramater must be a callback function") + throw new Error("Last parameter must be a callback function") } var doc = new Dom().parseFromString(xml), @@ -775,17 +775,17 @@ SignedXml.prototype.computeSignature = function(xml, opts, callback) { // A trick to remove the namespaces that already exist in the xml // This only works if the prefix and namespace match with those in te xml var dummySignatureWrapper = "" + signatureXml + "" - var xml = new Dom().parseFromString(dummySignatureWrapper) - var signatureDoc = xml.documentElement.firstChild; + var nodeXml = new Dom().parseFromString(dummySignatureWrapper) + var signatureDoc = nodeXml.documentElement.firstChild; var referenceNode = xpath.select(location.reference, doc); if (!referenceNode || referenceNode.length === 0) { - var err = new Error("the following xpath cannot be used because it was not found: " + location.reference); + var err2 = new Error("the following xpath cannot be used because it was not found: " + location.reference); if (!callback) { - throw err + throw err2 } else { - callback(err, null) + callback(err2, null) return } } @@ -805,11 +805,11 @@ SignedXml.prototype.computeSignature = function(xml, opts, callback) { this.signatureNode = signatureDoc var signedInfoNode = utils.findChilds(this.signatureNode, "SignedInfo") if (signedInfoNode.length == 0) { - var err = new Error("could not find SignedInfo element in the message") + var err3 = new Error("could not find SignedInfo element in the message") if (!callback) { - throw err + throw err3 } else { - callback(err) + callback(err3) return } } @@ -934,8 +934,8 @@ SignedXml.prototype.getCanonXml = function(transforms, node, options) { var transform = this.findCanonicalizationAlgorithm(transforms[t]) canonXml = transform.process(canonXml, options); //TODO: currently transform.process may return either Node or String value (enveloped transformation returns Node, exclusive-canonicalization returns String). - //This eitehr needs to be more explicit in the API, or all should return the same. - //exclusive-canonicalization returns String since it builds the Xml by hand. If it had used xmldom it would inccorectly minimize empty tags + //This either needs to be more explicit in the API, or all should return the same. + //exclusive-canonicalization returns String since it builds the Xml by hand. If it had used xmldom it would incorrectly minimize empty tags //to instead of and also incorrectly handle some delicate line break issues. //enveloped transformation returns Node since if it would return String consider this case: // diff --git a/test/c14nWithComments-unit-tests.js b/test/c14nWithComments-unit-tests.js index cc512678..7a885dcc 100644 --- a/test/c14nWithComments-unit-tests.js +++ b/test/c14nWithComments-unit-tests.js @@ -185,7 +185,7 @@ module.exports = { }, - "Exclusive canonicalization preserves white space bewteen elements": function (test) { + "Exclusive canonicalization preserves white space between elements": function (test) { compare(test, "123\n", "//*[local-name(.)='child']", diff --git a/test/canonicalization-unit-tests.js b/test/canonicalization-unit-tests.js index ebdd5c33..31e33441 100644 --- a/test/canonicalization-unit-tests.js +++ b/test/canonicalization-unit-tests.js @@ -195,6 +195,7 @@ module.exports = { "Exclusive canonicalization works on xml with element values with special characters": function (test) { compare(test, + // eslint-disable-next-line no-useless-escape "&<>"11 &>\"11\r\", "//*[local-name(.)='child']", "&<>\"11 &>\"11\n") diff --git a/test/signature-integration-tests.js b/test/signature-integration-tests.js index 36d32ef2..a97bfbe6 100644 --- a/test/signature-integration-tests.js +++ b/test/signature-integration-tests.js @@ -151,7 +151,6 @@ module.exports = { sig.computeSignature(xml) var signed = sig.getSignedXml(); - console.log(signed); var doc = new Dom().parseFromString(signed); diff --git a/test/signature-unit-tests.js b/test/signature-unit-tests.js index eff239e8..3c4937c6 100644 --- a/test/signature-unit-tests.js +++ b/test/signature-unit-tests.js @@ -7,7 +7,7 @@ var select = require('xpath').select module.exports = { - "signer adds increasing id atributes to elements": function (test) { + "signer adds increasing id attributes to elements": function (test) { verifyAddsId(test, "wssecurity", "equal") verifyAddsId(test, null, "different") test.done(); @@ -131,14 +131,14 @@ module.exports = { "signer creates signature with correct structure": function(test) { function DummyKeyInfo() { - this.getKeyInfo = function(key) { + this.getKeyInfo = function() { return "dummy key info" } } function DummyDigest() { - this.getHash = function(xml) { + this.getHash = function() { return "dummy digest" } @@ -149,7 +149,7 @@ module.exports = { function DummySignatureAlgorithm() { - this.getSignature = function(xml, signingKey) { + this.getSignature = function() { return "dummy signature" } @@ -160,7 +160,7 @@ module.exports = { } function DummyTransformation() { - this.process = function(node) { + this.process = function() { return "< x/>" } @@ -170,7 +170,7 @@ module.exports = { } function DummyCanonicalization() { - this.process = function(node) { + this.process = function() { return "< x/>" } @@ -283,14 +283,14 @@ module.exports = { var prefix = 'ds'; function DummyKeyInfo() { - this.getKeyInfo = function(key) { + this.getKeyInfo = function() { return "dummy key info" } } function DummyDigest() { - this.getHash = function(xml) { + this.getHash = function() { return "dummy digest" } @@ -301,7 +301,7 @@ module.exports = { function DummySignatureAlgorithm() { - this.getSignature = function(xml, signingKey) { + this.getSignature = function( ) { return "dummy signature" } @@ -312,7 +312,7 @@ module.exports = { } function DummyTransformation() { - this.process = function(node) { + this.process = function() { return "< x/>" } @@ -322,7 +322,7 @@ module.exports = { } function DummyCanonicalization() { - this.process = function(node) { + this.process = function() { return "< x/>" } @@ -505,7 +505,7 @@ module.exports = { sig.addReference("//*[local-name(.)='y']") sig.addReference("//*[local-name(.)='w']") - sig.computeSignature(xml, function(err) { + sig.computeSignature(xml, function() { var signedXml = sig.getSignedXml() var expected = "" + "" + @@ -613,10 +613,10 @@ module.exports = { "signer adds existing prefixes": function(test) { function AssertionKeyInfo(assertionId) { - this.getKeyInfo = function(key, prefix) { + this.getKeyInfo = function() { return ' ' + - ''+assertionId+'' + ''+assertionId+'' + ''; }; } @@ -648,7 +648,7 @@ module.exports = { wsu: "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" } }); - result = sig.getSignedXml(); + var result = sig.getSignedXml(); test.equal((result.match(/xmlns:wsu=/g) || []).length, 1) test.equal((result.match(/xmlns:wsse=/g) || []).length, 1) test.done(); @@ -825,7 +825,7 @@ function verifySignature(xml, mode) { sig.keyInfoProvider = new FileKeyInfo("./test/static/client_public.pem") sig.loadSignature(node) var res = sig.checkSignature(xml) - console.log(sig.validationErrors) + test.equals(sig.validationErrors.length, 0, "there were validation errors: " + sig.validationErrors) return res; } @@ -835,10 +835,10 @@ function verifyDoesNotDuplicateIdAttributes(test, mode, prefix) { sig.signingKey = fs.readFileSync("./test/static/client.pem") sig.addReference("//*[local-name(.)='x']") sig.computeSignature(xml) - var signedxml = sig.getOriginalXmlWithIds() - var doc = new dom().parseFromString(signedxml) + var signedXml = sig.getOriginalXmlWithIds() + var doc = new dom().parseFromString(signedXml) var attrs = select("//@*", doc) - test.equals(2, attrs.length, "wrong nuber of attributes") + test.equals(2, attrs.length, "wrong number of attributes") } @@ -852,10 +852,10 @@ function verifyAddsId(test, mode, nsMode) { sig.addReference("//*[local-name(.)='w']") sig.computeSignature(xml) - var signedxml = sig.getOriginalXmlWithIds() - var doc = new dom().parseFromString(signedxml) + var signedXml = sig.getOriginalXmlWithIds() + var doc = new dom().parseFromString(signedXml) - op = nsMode == "equal" ? "=" : "!=" + var op = nsMode == "equal" ? "=" : "!=" var xpath = "//*[local-name(.)='{elem}' and '_{id}' = @*[local-name(.)='Id' and namespace-uri(.)" + op + "'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd']]" From b08a7828c45272804f6346655288fca4b223ecbd Mon Sep 17 00:00:00 2001 From: Chris Barth Date: Tue, 30 May 2023 13:13:52 -0400 Subject: [PATCH 2/2] Fix test --- test/signature-unit-tests.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/signature-unit-tests.js b/test/signature-unit-tests.js index 3c4937c6..ea9df1dd 100644 --- a/test/signature-unit-tests.js +++ b/test/signature-unit-tests.js @@ -825,7 +825,7 @@ function verifySignature(xml, mode) { sig.keyInfoProvider = new FileKeyInfo("./test/static/client_public.pem") sig.loadSignature(node) var res = sig.checkSignature(xml) - test.equals(sig.validationErrors.length, 0, "there were validation errors: " + sig.validationErrors) + return res; }