package jws import ( "fmt" "github.com/SermoDigital/jose/crypto" ) // VerifyCallback is a callback function that can be used to access header // parameters to lookup needed information. For example, looking // up the "kid" parameter. // The return slice must be a slice of keys used in the verification // of the JWS. type VerifyCallback func(JWS) ([]interface{}, error) // VerifyCallback validates the current JWS' signature as-is. It // accepts a callback function that can be used to access header // parameters to lookup needed information. For example, looking // up the "kid" parameter. // The return slice must be a slice of keys used in the verification // of the JWS. func (j *jws) VerifyCallback(fn VerifyCallback, methods []crypto.SigningMethod, o *SigningOpts) error { keys, err := fn(j) if err != nil { return err } return j.VerifyMulti(keys, methods, o) } // IsMultiError returns true if the given error is type *MultiError. func IsMultiError(err error) bool { _, ok := err.(*MultiError) return ok } // MultiError is a slice of errors. type MultiError []error // Errors implements the error interface. func (m *MultiError) Error() string { var s string var n int for _, err := range *m { if err != nil { if n == 0 { s = err.Error() } n++ } } switch n { case 0: return "" case 1: return s case 2: return s + " and 1 other error" } return fmt.Sprintf("%s (and %d other errors)", s, n-1) } // Any means any of the JWS signatures need to verify. // Refer to verifyMulti for more information. const Any int = 0 // VerifyMulti verifies the current JWS as-is. Since it's meant to be // called after parsing a stream of bytes into a JWS, it doesn't do any // internal parsing like the Sign, Flat, Compact, or General methods do. func (j *jws) VerifyMulti(keys []interface{}, methods []crypto.SigningMethod, o *SigningOpts) error { // Catch a simple mistake. Parameter o is irrelevant in this scenario. if len(keys) == 1 && len(methods) == 1 && len(j.sb) == 1 { return j.Verify(keys[0], methods[0]) } if len(j.sb) != len(methods) { return ErrNotEnoughMethods } if len(keys) < 1 || len(keys) > 1 && len(keys) != len(j.sb) { return ErrNotEnoughKeys } // TODO do this better. if len(keys) == 1 { k := keys[0] keys = make([]interface{}, len(methods)) for i := range keys { keys[i] = k } } var o2 SigningOpts if o == nil { o = new(SigningOpts) } var m MultiError for i := range j.sb { err := j.sb[i].verify(j.plcache, keys[i], methods[i]) if err != nil { m = append(m, err) } else { o2.Inc() if o.Needs(i) { o.ptr++ o2.Append(i) } } } err := o.Validate(&o2) if err != nil { m = append(m, err) } if len(m) == 0 { return nil } return &m } // SigningOpts is a struct which holds options for validating // JWS signatures. // Number represents the cumulative which signatures need to verify // in order for the JWS to be considered valid. // Leave 'Number' empty or set it to the constant 'Any' if any number of // valid signatures (greater than one) should verify the JWS. // // Use the indices of the signatures that need to verify in order // for the JWS to be considered valid if specific signatures need // to verify in order for the JWS to be considered valid. // // Note: // The JWS spec requires *at least* one // signature to verify in order for the JWS to be considered valid. type SigningOpts struct { // Minimum of signatures which need to verify. Number int // Indices of specific signatures which need to verify. Indices []int ptr int _ struct{} } // Append appends x to s' Indices member. func (s *SigningOpts) Append(x int) { s.Indices = append(s.Indices, x) } // Needs returns true if x resides inside s' Indices member // for the given index. It's used to match two SigningOpts Indices members. func (s *SigningOpts) Needs(x int) bool { return s.ptr < len(s.Indices) && s.Indices[s.ptr] == x } // Inc increments s' Number member by one. func (s *SigningOpts) Inc() { s.Number++ } // Validate returns any errors found while validating the // provided SigningOpts. The receiver validates |have|. // It'll return an error if the passed SigningOpts' Number member is less // than s' or if the passed SigningOpts' Indices slice isn't equal to s'. func (s *SigningOpts) Validate(have *SigningOpts) error { if have.Number < s.Number || (s.Indices != nil && !eq(s.Indices, have.Indices)) { return ErrNotEnoughValidSignatures } return nil } func eq(a, b []int) bool { if len(a) != len(b) { return false } for i := range a { if a[i] != b[i] { return false } } return true } // Verify verifies the current JWS as-is. Refer to verifyMulti // for more information. func (j *jws) Verify(key interface{}, method crypto.SigningMethod) error { if len(j.sb) < 1 { return ErrCannotValidate } return j.sb[0].verify(j.plcache, key, method) } func (s *sigHead) verify(pl []byte, key interface{}, method crypto.SigningMethod) error { if s.method.Alg() != method.Alg() || s.method.Hasher() != method.Hasher() { return ErrMismatchedAlgorithms } return method.Verify(format(s.Protected, pl), s.Signature, key) }