jwk.c 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490
  1. /* vim: set tabstop=8 shiftwidth=4 softtabstop=4 expandtab smarttab colorcolumn=80: */
  2. /*
  3. * Copyright 2016 Red Hat, Inc.
  4. *
  5. * Licensed under the Apache License, Version 2.0 (the "License");
  6. * you may not use this file except in compliance with the License.
  7. * You may obtain a copy of the License at
  8. *
  9. * http://www.apache.org/licenses/LICENSE-2.0
  10. *
  11. * Unless required by applicable law or agreed to in writing, software
  12. * distributed under the License is distributed on an "AS IS" BASIS,
  13. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14. * See the License for the specific language governing permissions and
  15. * limitations under the License.
  16. */
  17. #include <jose/b64.h>
  18. #include <jose/jwk.h>
  19. #include "hooks.h"
  20. #include "misc.h"
  21. #include "hsh.h"
  22. #include <stddef.h>
  23. #include <stdlib.h>
  24. #include <string.h>
  25. static bool
  26. jwk_hook(jose_cfg_t *cfg, json_t *jwk, jose_hook_jwk_kind_t kind, bool dflt)
  27. {
  28. for (const jose_hook_jwk_t *j = jose_hook_jwk_list(); j; j = j->next) {
  29. json_auto_t *upd = NULL;
  30. const char *key = NULL;
  31. json_t *val = NULL;
  32. size_t i = 0;
  33. if (j->kind != kind)
  34. continue;
  35. if (!j->prep.handles(cfg, jwk))
  36. continue;
  37. upd = j->prep.execute(cfg, jwk);
  38. if (!json_is_object(upd))
  39. return false;
  40. json_array_foreach(json_object_get(upd, "del"), i, val) {
  41. if (!json_object_get(jwk, json_string_value(val)))
  42. continue;
  43. if (json_object_del(jwk, json_string_value(val)) < 0)
  44. return false;
  45. }
  46. json_object_foreach(json_object_get(upd, "upd"), key, val) {
  47. json_t *src = json_object_get(jwk, key);
  48. if (src && !json_equal(src, val))
  49. return false;
  50. if (json_object_set(jwk, key, val) < 0)
  51. return false;
  52. }
  53. return true;
  54. }
  55. return dflt;
  56. }
  57. bool
  58. jose_jwk_gen(jose_cfg_t *cfg, json_t *jwk)
  59. {
  60. const json_t *ko = NULL;
  61. const char *alg = NULL;
  62. const char *kty = NULL;
  63. const char *use = NULL;
  64. if (!jwk_hook(cfg, jwk, JOSE_HOOK_JWK_KIND_PREP, true))
  65. return false;
  66. if (!jwk_hook(cfg, jwk, JOSE_HOOK_JWK_KIND_MAKE, false))
  67. return false;
  68. if (json_unpack(jwk, "{s?s,s:s,s?s,s?o}",
  69. "alg", &alg, "kty", &kty, "use", &use, "key_ops", &ko) < 0)
  70. return false;
  71. for (const jose_hook_alg_t *a = jose_hook_alg_list();
  72. a && alg && !use && !ko; a = a->next) {
  73. json_auto_t *ops = NULL;
  74. if (strcmp(alg, a->name) != 0)
  75. continue;
  76. ops = json_array();
  77. if (!ops)
  78. return false;
  79. switch (a->kind) {
  80. case JOSE_HOOK_ALG_KIND_SIGN:
  81. if (json_array_append_new(ops, json_string("sign")) < 0)
  82. return false;
  83. if (json_array_append_new(ops, json_string("verify")) < 0)
  84. return false;
  85. break;
  86. case JOSE_HOOK_ALG_KIND_WRAP:
  87. if (json_array_append_new(ops, json_string("wrapKey")) < 0)
  88. return false;
  89. if (json_array_append_new(ops, json_string("unwrapKey")) < 0)
  90. return false;
  91. break;
  92. case JOSE_HOOK_ALG_KIND_ENCR:
  93. if (json_array_append_new(ops, json_string("encrypt")) < 0)
  94. return false;
  95. if (json_array_append_new(ops, json_string("decrypt")) < 0)
  96. return false;
  97. break;
  98. case JOSE_HOOK_ALG_KIND_EXCH:
  99. if (json_array_append_new(ops, json_string("deriveKey")) < 0)
  100. return false;
  101. break;
  102. default:
  103. break;
  104. }
  105. if (json_array_size(ops) > 0 &&
  106. json_object_set(jwk, "key_ops", ops) < 0)
  107. return false;
  108. break;
  109. }
  110. for (const jose_hook_jwk_t *j = jose_hook_jwk_list(); j; j = j->next) {
  111. if (j->kind != JOSE_HOOK_JWK_KIND_TYPE)
  112. continue;
  113. if (strcmp(j->type.kty, kty) == 0) {
  114. for (size_t i = 0; j->type.req[i]; i++) {
  115. if (!json_object_get(jwk, j->type.req[i]))
  116. return false;
  117. }
  118. return true;
  119. }
  120. }
  121. return false;
  122. }
  123. static bool
  124. jwk_clean(jose_cfg_t *cfg, json_t *jwk)
  125. {
  126. const jose_hook_jwk_t *type = NULL;
  127. const char *kty = NULL;
  128. bool sym = false;
  129. if (json_unpack(jwk, "{s:s}", "kty", &kty) == -1)
  130. return false;
  131. for (type = jose_hook_jwk_list(); type; type = type->next) {
  132. if (type->kind != JOSE_HOOK_JWK_KIND_TYPE)
  133. continue;
  134. if (strcasecmp(kty, type->type.kty) == 0)
  135. break;
  136. }
  137. if (!type)
  138. return false;
  139. sym = !type->type.pub || !type->type.pub[0];
  140. for (size_t i = 0; type->type.prv[i]; i++) {
  141. if (!json_object_get(jwk, type->type.prv[i]))
  142. continue;
  143. if (json_object_del(jwk, type->type.prv[i]) == -1)
  144. return false;
  145. }
  146. for (const jose_hook_jwk_t *o = jose_hook_jwk_list(); o; o = o->next) {
  147. json_t *arr = NULL;
  148. if (o->kind != JOSE_HOOK_JWK_KIND_OPER)
  149. continue;
  150. if (!o->oper.prv && (!sym || !o->oper.pub))
  151. continue;
  152. arr = json_object_get(jwk, "key_ops");
  153. for (size_t i = 0; i < json_array_size(arr); i++) {
  154. const char *ko = NULL;
  155. ko = json_string_value(json_array_get(arr, i));
  156. if (!ko)
  157. continue;
  158. if ((!o->oper.prv || strcmp(o->oper.prv, ko) != 0) &&
  159. (!sym || !o->oper.pub || strcmp(o->oper.pub, ko) != 0))
  160. continue;
  161. if (json_array_remove(arr, i--) == -1)
  162. return false;
  163. }
  164. }
  165. return true;
  166. }
  167. bool
  168. jose_jwk_pub(jose_cfg_t *cfg, json_t *jwk)
  169. {
  170. json_t *keys = NULL;
  171. if (json_is_array(jwk))
  172. keys = jwk;
  173. else if (json_is_array(json_object_get(jwk, "keys")))
  174. keys = json_object_get(jwk, "keys");
  175. if (!keys)
  176. return jwk_clean(cfg, jwk);
  177. for (size_t i = 0; i < json_array_size(keys); i++) {
  178. if (!jwk_clean(cfg, json_array_get(keys, i)))
  179. return false;
  180. }
  181. return true;
  182. }
  183. bool
  184. jose_jwk_prm(jose_cfg_t *cfg, const json_t *jwk, bool req, const char *op)
  185. {
  186. const char *use = NULL;
  187. json_t *ko = NULL;
  188. if (!json_is_object(jwk))
  189. return true;
  190. if (!op)
  191. return false;
  192. if (json_unpack((json_t *) jwk, "{s?s,s?o}",
  193. "use", &use, "key_ops", &ko) != 0)
  194. return false;
  195. if (!use && !ko)
  196. return !req;
  197. for (size_t i = 0; i < json_array_size(ko); i++) {
  198. json_t *v = json_array_get(ko, i);
  199. if (json_is_string(v) && strcmp(op, json_string_value(v)) == 0)
  200. return true;
  201. }
  202. for (const jose_hook_jwk_t *o = jose_hook_jwk_list(); use && o; o = o->next) {
  203. if (o->kind != JOSE_HOOK_JWK_KIND_OPER)
  204. continue;
  205. if (!o->oper.use || strcmp(use, o->oper.use) != 0)
  206. continue;
  207. if (o->oper.pub && strcmp(op, o->oper.pub) == 0)
  208. return true;
  209. if (o->oper.prv && strcmp(op, o->oper.prv) == 0)
  210. return true;
  211. }
  212. return false;
  213. }
  214. static const jose_hook_jwk_t *
  215. find_type(const json_t *jwk)
  216. {
  217. const char *kty = NULL;
  218. if (json_unpack((json_t *) jwk, "{s:s}", "kty", &kty) < 0)
  219. return NULL;
  220. for (const jose_hook_jwk_t *t = jose_hook_jwk_list(); t; t = t->next) {
  221. if (t->kind != JOSE_HOOK_JWK_KIND_TYPE)
  222. continue;
  223. if (strcasecmp(kty, t->type.kty) == 0)
  224. return t;
  225. }
  226. return NULL;
  227. }
  228. bool
  229. jose_jwk_eql(jose_cfg_t *cfg, const json_t *a, const json_t *b)
  230. {
  231. const jose_hook_jwk_t *type = NULL;
  232. type = find_type(a);
  233. if (!type)
  234. return false;
  235. if (!json_equal(json_object_get(a, "kty"), json_object_get(b, "kty")))
  236. return false;
  237. for (size_t i = 0; type->type.req[i]; i++) {
  238. json_t *aa = json_object_get(a, type->type.req[i]);
  239. json_t *bb = json_object_get(b, type->type.req[i]);
  240. if (!aa || !bb || !json_equal(aa, bb))
  241. return false;
  242. }
  243. return true;
  244. }
  245. static char *
  246. jwk_str(const json_t *jwk)
  247. {
  248. const jose_hook_jwk_t *type = NULL;
  249. json_auto_t *key = NULL;
  250. type = find_type(jwk);
  251. if (!type)
  252. return NULL;
  253. key = json_object();
  254. if (!key)
  255. return NULL;
  256. if (json_object_set(key, "kty", json_object_get(jwk, "kty")) < 0)
  257. return NULL;
  258. for (size_t i = 0; type->type.req[i]; i++) {
  259. json_t *tmp = NULL;
  260. tmp = json_object_get(jwk, type->type.req[i]);
  261. if (!tmp)
  262. return NULL;
  263. if (json_object_set(key, type->type.req[i], tmp) < 0)
  264. return NULL;
  265. }
  266. return json_dumps(key, JSON_SORT_KEYS | JSON_COMPACT);
  267. }
  268. json_t *
  269. jose_jwk_thp(jose_cfg_t *cfg, const json_t *jwk, const char *hash)
  270. {
  271. json_t *thp = NULL;
  272. char *str = NULL;
  273. str = jwk_str(jwk);
  274. if (!str)
  275. return NULL;
  276. thp = hsh(cfg, hash, str, strlen(str));
  277. zero(str, strlen(str));
  278. free(str);
  279. return thp;
  280. }
  281. size_t
  282. jose_jwk_thp_buf(jose_cfg_t *cfg, const json_t *jwk,
  283. const char *alg, uint8_t *thp, size_t len)
  284. {
  285. char *str = NULL;
  286. if (!thp || len == 0)
  287. return hsh_buf(cfg, alg, NULL, 0, NULL, 0);
  288. str = jwk_str(jwk);
  289. if (!str)
  290. return SIZE_MAX;
  291. len = hsh_buf(cfg, alg, str, strlen(str), thp, len);
  292. zero(str, strlen(str));
  293. free(str);
  294. return len;
  295. }
  296. json_t *
  297. jose_jwk_exc(jose_cfg_t *cfg, const json_t *prv, const json_t *pub)
  298. {
  299. const char *alga = NULL;
  300. const char *algb = NULL;
  301. const char *ktya = NULL;
  302. const char *ktyb = NULL;
  303. if (json_unpack((json_t *) prv, "{s:s,s?s}",
  304. "kty", &ktya, "alg", &alga) < 0) {
  305. jose_cfg_err(cfg, JOSE_CFG_ERR_JWK_INVALID, "Private JWK is invalid");
  306. return NULL;
  307. }
  308. if (json_unpack((json_t *) pub, "{s:s,s?s}",
  309. "kty", &ktyb, "alg", &algb) < 0) {
  310. jose_cfg_err(cfg, JOSE_CFG_ERR_JWK_INVALID, "Public JWK is invalid");
  311. return NULL;
  312. }
  313. if (strcmp(ktya, ktyb) != 0) {
  314. jose_cfg_err(cfg, JOSE_CFG_ERR_JWK_MISMATCH,
  315. "Public and private JWKs are different types");
  316. return NULL;
  317. }
  318. if (alga && algb && strcmp(alga, algb) != 0) {
  319. jose_cfg_err(cfg, JOSE_CFG_ERR_JWK_MISMATCH,
  320. "Public and private JWKs have different algorithms");
  321. return NULL;
  322. }
  323. for (const jose_hook_alg_t *a = jose_hook_alg_list();
  324. !alga && !algb && a; a = a->next) {
  325. if (a->kind != JOSE_HOOK_ALG_KIND_EXCH)
  326. continue;
  327. alga = a->exch.sug(a, cfg, prv, pub);
  328. }
  329. if (!alga && !algb) {
  330. jose_cfg_err(cfg, JOSE_CFG_ERR_ALG_NOINFER,
  331. "Exchange algorithm cannot be inferred");
  332. return NULL;
  333. }
  334. for (const jose_hook_alg_t *a = jose_hook_alg_list(); a; a = a->next) {
  335. if (a->kind != JOSE_HOOK_ALG_KIND_EXCH)
  336. continue;
  337. if (strcmp(alga ? alga : algb, a->name) != 0)
  338. continue;
  339. if (!jose_jwk_prm(cfg, prv, false, a->exch.prm)) {
  340. jose_cfg_err(cfg, JOSE_CFG_ERR_JWK_DENIED,
  341. "Private JWK cannot be used to derive keys");
  342. return NULL;
  343. }
  344. if (!jose_jwk_prm(cfg, pub, false, a->exch.prm)) {
  345. jose_cfg_err(cfg, JOSE_CFG_ERR_JWK_DENIED,
  346. "Public JWK cannot be used to derive keys");
  347. return NULL;
  348. }
  349. return a->exch.exc(a, cfg, prv, pub);
  350. }
  351. jose_cfg_err(cfg, JOSE_CFG_ERR_ALG_NOTSUP,
  352. "Exchange algorithm %s is unsupported", alga ? alga : algb);
  353. return NULL;
  354. }
  355. static void __attribute__((constructor))
  356. constructor(void)
  357. {
  358. static const char *oct_req[] = { "k", NULL };
  359. static const char *oct_prv[] = { "k", NULL };
  360. static const char *rsa_req[] = { "e", "n", NULL };
  361. static const char *rsa_pub[] = { "e", "n", NULL };
  362. static const char *rsa_prv[] = { "p", "d", "q", "dp", "dq", "qi", "oth", NULL };
  363. static const char *ec_req[] = { "crv", "x", "y", NULL };
  364. static const char *ec_pub[] = { "x", "y", NULL };
  365. static const char *ec_prv[] = { "d", NULL };
  366. static jose_hook_jwk_t hooks[] = {
  367. { .kind = JOSE_HOOK_JWK_KIND_TYPE,
  368. .type = { .kty = "oct", .req = oct_req, .prv = oct_prv } },
  369. { .kind = JOSE_HOOK_JWK_KIND_TYPE,
  370. .type = { .kty = "RSA", .req = rsa_req, .pub = rsa_pub, .prv = rsa_prv } },
  371. { .kind = JOSE_HOOK_JWK_KIND_TYPE,
  372. .type = { .kty = "EC", .req = ec_req, .pub = ec_pub, .prv = ec_prv } },
  373. { .kind = JOSE_HOOK_JWK_KIND_OPER,
  374. .oper = { .pub = "verify", .prv = "sign", .use = "sig" } },
  375. { .kind = JOSE_HOOK_JWK_KIND_OPER,
  376. .oper = { .pub = "encrypt", .prv = "decrypt", .use = "enc" } },
  377. { .kind = JOSE_HOOK_JWK_KIND_OPER,
  378. .oper = { .pub = "wrapKey", .prv = "unwrapKey", .use = "enc" } },
  379. { .kind = JOSE_HOOK_JWK_KIND_OPER,
  380. .oper = { .pub = "deriveKey" } },
  381. { .kind = JOSE_HOOK_JWK_KIND_OPER,
  382. .oper = { .pub = "deriveBits" } },
  383. {}
  384. };
  385. for (size_t i = 0; hooks[i].kind != JOSE_HOOK_JWK_KIND_NONE; i++)
  386. jose_hook_jwk_push(&hooks[i]);
  387. }