xref: /aosp_15_r20/external/tink/cc/signature/public_key_verify_wrapper.cc (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1 // Copyright 2017 Google Inc.
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ///////////////////////////////////////////////////////////////////////////////
16 
17 #include "tink/signature/public_key_verify_wrapper.h"
18 
19 #include <memory>
20 #include <string>
21 #include <utility>
22 
23 #include "absl/status/status.h"
24 #include "absl/strings/str_cat.h"
25 #include "tink/crypto_format.h"
26 #include "tink/internal/monitoring_util.h"
27 #include "tink/internal/registry_impl.h"
28 #include "tink/internal/util.h"
29 #include "tink/monitoring/monitoring.h"
30 #include "tink/primitive_set.h"
31 #include "tink/public_key_verify.h"
32 #include "tink/util/status.h"
33 #include "tink/util/statusor.h"
34 #include "proto/tink.pb.h"
35 
36 namespace crypto {
37 namespace tink {
38 
39 namespace {
40 
41 constexpr absl::string_view kPrimitive = "public_key_verify";
42 constexpr absl::string_view kVerifyApi = "verify";
43 
44 using ::google::crypto::tink::OutputPrefixType;
45 
Validate(PrimitiveSet<PublicKeyVerify> * public_key_verify_set)46 util::Status Validate(PrimitiveSet<PublicKeyVerify>* public_key_verify_set) {
47   if (public_key_verify_set == nullptr) {
48     return util::Status(absl::StatusCode::kInternal,
49                         "public_key_verify_set must be non-NULL");
50   }
51   if (public_key_verify_set->get_primary() == nullptr) {
52     return util::Status(absl::StatusCode::kInvalidArgument,
53                         "public_key_verify_set has no primary");
54   }
55   return util::OkStatus();
56 }
57 
58 class PublicKeyVerifySetWrapper : public PublicKeyVerify {
59  public:
PublicKeyVerifySetWrapper(std::unique_ptr<PrimitiveSet<PublicKeyVerify>> public_key_verify_set,std::unique_ptr<MonitoringClient> monitoring_verify_client=nullptr)60   explicit PublicKeyVerifySetWrapper(
61       std::unique_ptr<PrimitiveSet<PublicKeyVerify>> public_key_verify_set,
62       std::unique_ptr<MonitoringClient> monitoring_verify_client = nullptr)
63       : public_key_verify_set_(std::move(public_key_verify_set)),
64       monitoring_verify_client_(std::move(monitoring_verify_client)) {}
65 
66   crypto::tink::util::Status Verify(absl::string_view signature,
67                                     absl::string_view data) const override;
68 
69   ~PublicKeyVerifySetWrapper() override = default;
70 
71  private:
72   std::unique_ptr<PrimitiveSet<PublicKeyVerify>> public_key_verify_set_;
73   std::unique_ptr<MonitoringClient> monitoring_verify_client_;
74 };
75 
Verify(absl::string_view signature,absl::string_view data) const76 util::Status PublicKeyVerifySetWrapper::Verify(absl::string_view signature,
77                                                absl::string_view data) const {
78   // BoringSSL expects a non-null pointer for data,
79   // regardless of whether the size is 0.
80   data = internal::EnsureStringNonNull(data);
81   signature = internal::EnsureStringNonNull(signature);
82 
83   if (signature.length() <= CryptoFormat::kNonRawPrefixSize) {
84     // This also rejects raw signatures with size of 4 bytes or fewer.
85     // We're not aware of any schemes that output signatures that small.
86     return util::Status(absl::StatusCode::kInvalidArgument,
87                         "Signature too short.");
88   }
89   absl::string_view key_id =
90       signature.substr(0, CryptoFormat::kNonRawPrefixSize);
91   auto primitives_result = public_key_verify_set_->get_primitives(key_id);
92   if (primitives_result.ok()) {
93     absl::string_view raw_signature =
94         signature.substr(CryptoFormat::kNonRawPrefixSize);
95     for (auto& entry : *(primitives_result.value())) {
96       std::string legacy_data;
97       absl::string_view view_on_data_or_legacy_data = data;
98       if (entry->get_output_prefix_type() == OutputPrefixType::LEGACY) {
99         legacy_data = absl::StrCat(data, std::string("\x00", 1));
100         view_on_data_or_legacy_data = legacy_data;
101       }
102       auto& public_key_verify = entry->get_primitive();
103       auto verify_result =
104           public_key_verify.Verify(raw_signature, view_on_data_or_legacy_data);
105       if (verify_result.ok()) {
106         if (monitoring_verify_client_ != nullptr) {
107           monitoring_verify_client_->Log(entry->get_key_id(), data.size());
108         }
109         return util::OkStatus();
110       } else {
111         // LOG that a matching key didn't verify the signature.
112       }
113     }
114   }
115 
116   // No matching key succeeded with verification, try all RAW keys.
117   auto raw_primitives_result = public_key_verify_set_->get_raw_primitives();
118   if (raw_primitives_result.ok()) {
119     for (auto& public_key_verify_entry : *(raw_primitives_result.value())) {
120       auto& public_key_verify = public_key_verify_entry->get_primitive();
121       auto verify_result = public_key_verify.Verify(signature, data);
122       if (verify_result.ok()) {
123         if (monitoring_verify_client_ != nullptr) {
124           monitoring_verify_client_->Log(public_key_verify_entry->get_key_id(),
125                                          data.size());
126         }
127         return util::OkStatus();
128       }
129     }
130   }
131   if (monitoring_verify_client_ != nullptr) {
132     monitoring_verify_client_->LogFailure();
133   }
134   return util::Status(absl::StatusCode::kInvalidArgument, "Invalid signature.");
135 }
136 
137 }  // anonymous namespace
138 
Wrap(std::unique_ptr<PrimitiveSet<PublicKeyVerify>> public_key_verify_set) const139 util::StatusOr<std::unique_ptr<PublicKeyVerify>> PublicKeyVerifyWrapper::Wrap(
140     std::unique_ptr<PrimitiveSet<PublicKeyVerify>> public_key_verify_set)
141     const {
142   util::Status status = Validate(public_key_verify_set.get());
143   if (!status.ok()) return status;
144 
145   MonitoringClientFactory* const monitoring_factory =
146       internal::RegistryImpl::GlobalInstance().GetMonitoringClientFactory();
147 
148   // Monitoring is not enabled. Create a wrapper without monitoring clients.
149   if (monitoring_factory == nullptr) {
150     return {absl::make_unique<PublicKeyVerifySetWrapper>(
151         std::move(public_key_verify_set))};
152   }
153 
154   util::StatusOr<MonitoringKeySetInfo> keyset_info =
155       internal::MonitoringKeySetInfoFromPrimitiveSet(*public_key_verify_set);
156   if (!keyset_info.ok()) {
157     return keyset_info.status();
158   }
159 
160   util::StatusOr<std::unique_ptr<MonitoringClient>> monitoring_verify_client =
161       monitoring_factory->New(
162           MonitoringContext(kPrimitive, kVerifyApi, *keyset_info));
163   if (!monitoring_verify_client.ok()) {
164     return monitoring_verify_client.status();
165   }
166 
167   return {absl::make_unique<PublicKeyVerifySetWrapper>(
168       std::move(public_key_verify_set), *std::move(monitoring_verify_client))};
169 }
170 
171 }  // namespace tink
172 }  // namespace crypto
173