More robust error handling

In particular, try to handle cases where corrupt/invalid SMART health cards, or things that aren't SHCs at all, are scanned.
steven676 · Jul 19, 2021 · 6316263 · 6316263
1 parent e124720
commit 6316263
Show file tree

Hide file tree

Showing 3 changed files with 66 additions and 25 deletions.
diff --git a/dump_shc.js b/dump_shc.js
@@ -35,11 +35,16 @@ console.log("-----");
 
 verifyJWS(scannedJWS, header.kid).then(
   function (result) {
-    return decodeJWSPayload(result.payload).then((decoded) => {
-      console.log(decoded.vc.credentialSubject.fhirBundle.entry);
-    });
+    return decodeJWSPayload(result.payload).then(
+      (decoded) => {
+        console.log(decoded.vc.credentialSubject.fhirBundle.entry);
+      },
+      (e) => {
+        console.log("Ooooh crap - this looks like a fake vaccination proof");
+      },
+    );
   },
   function (e) {
-    console.log("Ooooh crap - this looks like a fake vaccination proof");
+    console.log("Signature verification failed: " + e.message);
   }
 );
diff --git a/src/index.js b/src/index.js
@@ -42,16 +42,29 @@ function decodeOnce(codeReader, selectedDeviceId, verifySig) {
             },
           );
         },
-        function (e) {
-          console.error(e);
-          setResult("This looks like a fake vaccination proof");
+        function (error) {
+          if (error.customMessage) {
+            setResult(error.message);
+          } else {
+            console.error(error);
+            setResult("Fake vaccine record?\n" +
+              "Signature verification failed for key " + header.kid);
+          }
         }
-      );
-    },
-    (err) => {
+      ).catch((e) => {
+        console.error(e);
+        setResult("This doesn't look like a SMART health card");
+      });
+    }
+  ).catch((err) => {
+    if (err.cause) {
+      console.error(err.cause);
+      setResult("This doesn't look like a SMART health card");
+    } else {
+      console.error(err);
       setResult(err);
     }
-  );
+  });
 }
 
 let selectedDeviceId;

diff --git a/src/shc.js b/src/shc.js
@@ -12,17 +12,24 @@ function getQRFromImage(imageData) {
 }
 
 function getScannedJWS(shcString) {
-  return shcString
-    .match(/^shc:\/(.+)$/)[1]
-    .match(/(..?)/g)
-    .map((num) => String.fromCharCode(parseInt(num, 10) + 45))
-    .join("");
+  try {
+    return shcString
+      .match(/^shc:\/(.+)$/)[1]
+      .match(/(..?)/g)
+      .map((num) => String.fromCharCode(parseInt(num, 10) + 45))
+      .join("");
+  } catch (e) {
+    error = new Error("parsing shc string failed");
+    error.cause = e;
+    throw error;
+  }
 }
 
 function verifyJWS(jws, kid) {
   const key = issuerKeys.find(el => el.kid === kid);
   if (!key) {
     error = new Error("Unknown key ID " + kid);
+    error.customMessage = true;
     return Promise.reject(error);
   }
   return jose.JWK.asKey(key).then(function (jwk) {
@@ -33,26 +40,42 @@ function verifyJWS(jws, kid) {
 }
 
 function getJWSHeader(jws) {
-  const header = jws.split(".")[0];
-  const json = Buffer.from(header, "base64").toString();
-  return JSON.parse(json);
+  try {
+    const header = jws.split(".")[0];
+    const json = Buffer.from(header, "base64").toString();
+    return JSON.parse(json);
+  } catch (e) {
+    error = new Error("getting header failed");
+    error.cause = e;
+    throw error;
+  }
 }
 
 function getJWSPayload(jws) {
-  const payload = jws.split(".")[1];
-  return Buffer.from(payload, "base64");
+  try {
+    const payload = jws.split(".")[1];
+    return Buffer.from(payload, "base64");
+  } catch (e) {
+    error = new Error("getting payload failed");
+    error.cause = e;
+    throw error;
+  }
 }
 
 function decodeJWSPayload(decodedPayload) {
   return new Promise((resolve, reject) => {
     zlib.inflateRaw(decodedPayload, function (err, decompressedResult) {
       if (typeof err === "object" && err) {
         console.log("Unable to decompress");
-        reject();
+        reject(err);
       } else {
-        console.log(decompressedResult);
-        scannedResult = decompressedResult.toString("utf8");
-        resolve(JSON.parse(scannedResult));
+        try {
+          console.log(decompressedResult);
+          scannedResult = decompressedResult.toString("utf8");
+          resolve(JSON.parse(scannedResult));
+        } catch (e) {
+          reject(e);
+        }
       }
     });
   });