jws_validate.go

package jws

import (
	"fmt"

	"github.com/SermoDigital/jose/crypto"
)

// VerifyCallback is a callback function that can be used to access header
// parameters to lookup needed information. For example, looking
// up the "kid" parameter.
// The return slice must be a slice of keys used in the verification
// of the JWS.
type VerifyCallback func(JWS) ([]interface{}, error)

// VerifyCallback validates the current JWS' signature as-is. It
// accepts a callback function that can be used to access header
// parameters to lookup needed information. For example, looking
// up the "kid" parameter.
// The return slice must be a slice of keys used in the verification
// of the JWS.
func (j *jws) VerifyCallback(fn VerifyCallback, methods []crypto.SigningMethod, o *SigningOpts) error {
	keys, err := fn(j)
	if err != nil {
		return err
	}
	return j.VerifyMulti(keys, methods, o)
}

// IsMultiError returns true if the given error is type *MultiError.
func IsMultiError(err error) bool {
	_, ok := err.(*MultiError)
	return ok
}

// MultiError is a slice of errors.
type MultiError []error

// Errors implements the error interface.
func (m *MultiError) Error() string {
	var s string
	var n int
	for _, err := range *m {
		if err != nil {
			if n == 0 {
				s = err.Error()
			}
			n++
		}
	}
	switch n {
	case 0:
		return ""
	case 1:
		return s
	case 2:
		return s + " and 1 other error"
	}
	return fmt.Sprintf("%s (and %d other errors)", s, n-1)
}

// Any means any of the JWS signatures need to verify.
// Refer to verifyMulti for more information.
const Any int = 0

// VerifyMulti verifies the current JWS as-is. Since it's meant to be
// called after parsing a stream of bytes into a JWS, it doesn't do any
// internal parsing like the Sign, Flat, Compact, or General methods do.
func (j *jws) VerifyMulti(keys []interface{}, methods []crypto.SigningMethod, o *SigningOpts) error {

	// Catch a simple mistake. Parameter o is irrelevant in this scenario.
	if len(keys) == 1 &&
		len(methods) == 1 &&
		len(j.sb) == 1 {
		return j.Verify(keys[0], methods[0])
	}

	if len(j.sb) != len(methods) {
		return ErrNotEnoughMethods
	}

	if len(keys) < 1 ||
		len(keys) > 1 && len(keys) != len(j.sb) {
		return ErrNotEnoughKeys
	}

	// TODO do this better.
	if len(keys) == 1 {
		k := keys[0]
		keys = make([]interface{}, len(methods))
		for i := range keys {
			keys[i] = k
		}
	}

	var o2 SigningOpts
	if o == nil {
		o = new(SigningOpts)
	}

	var m MultiError
	for i := range j.sb {
		err := j.sb[i].verify(j.plcache, keys[i], methods[i])
		if err != nil {
			m = append(m, err)
		} else {
			o2.Inc()
			if o.Needs(i) {
				o.ptr++
				o2.Append(i)
			}
		}
	}

	err := o.Validate(&o2)
	if err != nil {
		m = append(m, err)
	}
	if len(m) == 0 {
		return nil
	}
	return &m
}

// SigningOpts is a struct which holds options for validating
// JWS signatures.
// Number represents the cumulative which signatures need to verify
// in order for the JWS to be considered valid.
// Leave 'Number' empty or set it to the constant 'Any' if any number of
// valid signatures (greater than one) should verify the JWS.
//
// Use the indices of the signatures that need to verify in order
// for the JWS to be considered valid if specific signatures need
// to verify in order for the JWS to be considered valid.
//
// Note:
//     The JWS spec requires *at least* one
//     signature to verify in order for the JWS to be considered valid.
type SigningOpts struct {
	// Minimum of signatures which need to verify.
	Number int

	// Indices of specific signatures which need to verify.
	Indices []int
	ptr     int

	_ struct{}
}

// Append appends x to s' Indices member.
func (s *SigningOpts) Append(x int) {
	s.Indices = append(s.Indices, x)
}

// Needs returns true if x resides inside s' Indices member
// for the given index. It's used to match two SigningOpts Indices members.
func (s *SigningOpts) Needs(x int) bool {
	return s.ptr < len(s.Indices) && s.Indices[s.ptr] == x
}

// Inc increments s' Number member by one.
func (s *SigningOpts) Inc() { s.Number++ }

// Validate returns any errors found while validating the
// provided SigningOpts. The receiver validates |have|.
// It'll return an error if the passed SigningOpts' Number member is less
// than s' or if the passed SigningOpts' Indices slice isn't equal to s'.
func (s *SigningOpts) Validate(have *SigningOpts) error {
	if have.Number < s.Number ||
		(s.Indices != nil &&
			!eq(s.Indices, have.Indices)) {
		return ErrNotEnoughValidSignatures
	}
	return nil
}

func eq(a, b []int) bool {
	if len(a) != len(b) {
		return false
	}
	for i := range a {
		if a[i] != b[i] {
			return false
		}
	}
	return true
}

// Verify verifies the current JWS as-is. Refer to verifyMulti
// for more information.
func (j *jws) Verify(key interface{}, method crypto.SigningMethod) error {
	if len(j.sb) < 1 {
		return ErrCannotValidate
	}
	return j.sb[0].verify(j.plcache, key, method)
}

func (s *sigHead) verify(pl []byte, key interface{}, method crypto.SigningMethod) error {
	if s.method.Alg() != method.Alg() || s.method.Hasher() != method.Hasher() {
		return ErrMismatchedAlgorithms
	}
	return method.Verify(format(s.Protected, pl), s.Signature, key)
}