8 files changed, 16 insertions, 24 deletions

diff --git a/packages/server/src/metadata/parseJWT.ts b/packages/server/src/metadata/parseJWT.ts
index 254e14e..72a83dd 100644
--- a/packages/server/src/metadata/parseJWT.ts
+++ b/packages/server/src/metadata/parseJWT.ts
@@ -1,4 +1,4 @@
-import base64url from 'base64url';
+import * as base64url from "../helpers/base64url";
 
 /**
  * Process a JWT into Javascript-friendly data structures
@@ -6,8 +6,8 @@ import base64url from 'base64url';
 export function parseJWT<T1, T2>(jwt: string): [T1, T2, string] {
   const parts = jwt.split('.');
   return [
-    JSON.parse(base64url.decode(parts[0])) as T1,
-    JSON.parse(base64url.decode(parts[1])) as T2,
+    JSON.parse(base64url.toString(parts[0])) as T1,
+    JSON.parse(base64url.toString(parts[1])) as T2,
     parts[2],
   ];
 }
diff --git a/packages/server/src/metadata/verifyAttestationWithMetadata.test.ts b/packages/server/src/metadata/verifyAttestationWithMetadata.test.ts
index b48ef2e..228a1b7 100644
--- a/packages/server/src/metadata/verifyAttestationWithMetadata.test.ts
+++ b/packages/server/src/metadata/verifyAttestationWithMetadata.test.ts
@@ -1,7 +1,6 @@
-import base64url from 'base64url';
-
 import { verifyAttestationWithMetadata } from './verifyAttestationWithMetadata';
 import { MetadataStatement } from '../metadata/mdsTypes';
+import * as base64url from '../helpers/base64url';
 
 test('should verify attestation with metadata (android-safetynet)', async () => {
   const metadataStatementJSONSafetyNet: MetadataStatement = {
diff --git a/packages/server/src/registration/verifications/verifyAttestationAndroidKey.test.ts b/packages/server/src/registration/verifications/verifyAttestationAndroidKey.test.ts
index f7cdd4f..7e9ce37 100644
--- a/packages/server/src/registration/verifications/verifyAttestationAndroidKey.test.ts
+++ b/packages/server/src/registration/verifications/verifyAttestationAndroidKey.test.ts
@@ -1,6 +1,5 @@
-import base64url from 'base64url';
-
 import { SettingsService } from '../../services/settingsService';
+import * as base64url from '../../helpers/base64url';
 
 import { verifyRegistrationResponse } from '../verifyRegistrationResponse';
 
@@ -12,7 +11,7 @@ SettingsService.setRootCertificates({ identifier: 'android-key', certificates: [
 
 test('should verify Android KeyStore response', async () => {
   const expectedChallenge = '4ab7dfd1-a695-4777-985f-ad2993828e99';
-  jest.spyOn(base64url, 'encode').mockReturnValueOnce(expectedChallenge);
+  jest.spyOn(base64url, 'fromString').mockReturnValueOnce(expectedChallenge);
   const verification = await verifyRegistrationResponse({
     credential: {
       id: 'V51GE29tGbhby7sbg1cZ_qL8V8njqEsXpAnwQBobvgw',
diff --git a/packages/server/src/registration/verifications/verifyAttestationAndroidSafetyNet.test.ts b/packages/server/src/registration/verifications/verifyAttestationAndroidSafetyNet.test.ts
index 16f5bae..51b0f22 100644
--- a/packages/server/src/registration/verifications/verifyAttestationAndroidSafetyNet.test.ts
+++ b/packages/server/src/registration/verifications/verifyAttestationAndroidSafetyNet.test.ts
@@ -1,5 +1,3 @@
-import base64url from 'base64url';
-
 import { verifyAttestationAndroidSafetyNet } from './verifyAttestationAndroidSafetyNet';
 
 import {
@@ -8,6 +6,7 @@ import {
 } from '../../helpers/decodeAttestationObject';
 import { parseAuthenticatorData } from '../../helpers/parseAuthenticatorData';
 import { toHash } from '../../helpers/toHash';
+import * as base64url from '../../helpers/base64url';
 import { SettingsService } from '../../services/settingsService';
 
 const rootCertificates = SettingsService.getRootCertificates({
diff --git a/packages/server/src/registration/verifications/verifyAttestationAndroidSafetyNet.ts b/packages/server/src/registration/verifications/verifyAttestationAndroidSafetyNet.ts
index e40028b..c32ca5e 100644
--- a/packages/server/src/registration/verifications/verifyAttestationAndroidSafetyNet.ts
+++ b/packages/server/src/registration/verifications/verifyAttestationAndroidSafetyNet.ts
@@ -1,5 +1,3 @@
-import base64url from 'base64url';
-
 import type { AttestationFormatVerifierOpts } from '../verifyRegistrationResponse';
 
 import { toHash } from '../../helpers/toHash';
@@ -8,6 +6,7 @@ import { getCertificateInfo } from '../../helpers/getCertificateInfo';
 import { validateCertificatePath } from '../../helpers/validateCertificatePath';
 import { convertCertBufferToPEM } from '../../helpers/convertCertBufferToPEM';
 import * as uint8Array from '../../helpers/uint8Array';
+import * as base64url from '../../helpers/base64url';
 import { MetadataService } from '../../services/metadataService';
 import { verifyAttestationWithMetadata } from '../../metadata/verifyAttestationWithMetadata';
 
diff --git a/packages/server/src/registration/verifications/verifyAttestationApple.test.ts b/packages/server/src/registration/verifications/verifyAttestationApple.test.ts
index c2d4a49..6d2e0e8 100644
--- a/packages/server/src/registration/verifications/verifyAttestationApple.test.ts
+++ b/packages/server/src/registration/verifications/verifyAttestationApple.test.ts
@@ -1,10 +1,6 @@
-import base64url from 'base64url';
-
 import { verifyRegistrationResponse } from '../verifyRegistrationResponse';
 
 test('should verify Apple attestation', async () => {
-  const expectedChallenge = 'h5xSyIRMx2IQPr1mQk6GD98XSQOBHgMHVpJIkMV9Nkc';
-  jest.spyOn(base64url, 'encode').mockReturnValueOnce(expectedChallenge);
   const verification = await verifyRegistrationResponse({
     credential: {
       id: 'J4lAqPXhefDrUD7oh5LQMbBH5TE',
@@ -18,7 +14,7 @@ test('should verify Apple attestation', async () => {
       type: 'public-key',
       clientExtensionResults: {},
     },
-    expectedChallenge,
+    expectedChallenge: 'h5xSyIRMx2IQPr1mQk6GD98XSQOBHgMHVpJIkMV9Nkc',
     expectedOrigin: 'https://dev.dontneeda.pw',
     expectedRPID: 'dev.dontneeda.pw',
   });
diff --git a/packages/server/src/registration/verifyRegistrationResponse.test.ts b/packages/server/src/registration/verifyRegistrationResponse.test.ts
index 21562bf..b04853a 100644
--- a/packages/server/src/registration/verifyRegistrationResponse.test.ts
+++ b/packages/server/src/registration/verifyRegistrationResponse.test.ts
@@ -1,4 +1,3 @@
-import base64url from 'base64url';
 
 import { verifyRegistrationResponse } from './verifyRegistrationResponse';
 
@@ -6,6 +5,7 @@ import * as esmDecodeAttestationObject from '../helpers/decodeAttestationObject'
 import * as esmDecodeClientDataJSON from '../helpers/decodeClientDataJSON';
 import * as esmParseAuthenticatorData from '../helpers/parseAuthenticatorData';
 import * as esmDecodeCredentialPublicKey from '../helpers/decodeCredentialPublicKey';
+import * as base64url from '../helpers/base64url';
 import { SettingsService } from '../services/settingsService';
 
 import * as esmVerifyAttestationFIDOU2F from './verifications/verifyAttestationFIDOU2F';
@@ -546,7 +546,7 @@ test('should pass verification if custom challenge verifier returns true', async
     },
     expectedChallenge: (challenge: string) => {
       const parsedChallenge: { actualChallenge: string; arbitraryData: string } = JSON.parse(
-        base64url.decode(challenge),
+        base64url.toString(challenge),
       );
       return parsedChallenge.actualChallenge === 'xRsYdCQv5WZOqmxReiZl6C9q5SfrZne4lNSr9QVtPig';
     },
@@ -635,7 +635,7 @@ const attestationFIDOU2F: RegistrationCredentialJSON = {
   clientExtensionResults: {},
   type: 'public-key',
 };
-const attestationFIDOU2FChallenge = base64url.encode('totallyUniqueValueEveryAttestation');
+const attestationFIDOU2FChallenge = base64url.fromString('totallyUniqueValueEveryAttestation');
 
 const attestationPacked: RegistrationCredentialJSON = {
   id: 'bbb',
@@ -656,7 +656,7 @@ const attestationPacked: RegistrationCredentialJSON = {
   clientExtensionResults: {},
   type: 'public-key',
 };
-const attestationPackedChallenge = base64url.encode('s6PIbBnPPnrGNSBxNdtDrT7UrVYJK9HM');
+const attestationPackedChallenge = base64url.fromString('s6PIbBnPPnrGNSBxNdtDrT7UrVYJK9HM');
 
 const attestationPackedX5C: RegistrationCredentialJSON = {
   // TODO: Grab these from another iPhone attestation
@@ -687,7 +687,7 @@ const attestationPackedX5C: RegistrationCredentialJSON = {
   clientExtensionResults: {},
   type: 'public-key',
 };
-const attestationPackedX5CChallenge = base64url.encode('totallyUniqueValueEveryTime');
+const attestationPackedX5CChallenge = base64url.fromString('totallyUniqueValueEveryTime');
 
 const attestationNone: RegistrationCredentialJSON = {
   id: 'AdKXJEch1aV5Wo7bj7qLHskVY4OoNaj9qu8TPdJ7kSAgUeRxWNngXlcNIGt4gexZGKVGcqZpqqWordXb_he1izY',
@@ -706,4 +706,4 @@ const attestationNone: RegistrationCredentialJSON = {
   clientExtensionResults: {},
   type: 'public-key',
 };
-const attestationNoneChallenge = base64url.encode('hEccPWuziP00H0p5gxh2_u5_PC4NeYgd');
+const attestationNoneChallenge = base64url.fromString('hEccPWuziP00H0p5gxh2_u5_PC4NeYgd');
diff --git a/packages/server/src/registration/verifyRegistrationResponse.ts b/packages/server/src/registration/verifyRegistrationResponse.ts
index 1711108..c8a4e21 100644
--- a/packages/server/src/registration/verifyRegistrationResponse.ts
+++ b/packages/server/src/registration/verifyRegistrationResponse.ts
@@ -1,4 +1,3 @@
-import base64url from 'base64url';
 import {
   RegistrationCredentialJSON,
   COSEAlgorithmIdentifier,
@@ -19,6 +18,7 @@ import { COSEKEYS } from '../helpers/convertCOSEtoPKCS';
 import { convertAAGUIDToString } from '../helpers/convertAAGUIDToString';
 import { parseBackupFlags } from '../helpers/parseBackupFlags';
 import * as uint8Array from '../helpers/uint8Array';
+import * as base64url from '../helpers/base64url';
 import { SettingsService } from '../services/settingsService';
 
 import { supportedCOSEAlgorithmIdentifiers } from './generateRegistrationOptions';