diff options
Diffstat (limited to 'jose')
-rw-r--r-- | jose/apr_jose.c | 298 | ||||
-rw-r--r-- | jose/apr_jose_decode.c | 115 |
2 files changed, 203 insertions, 210 deletions
diff --git a/jose/apr_jose.c b/jose/apr_jose.c index 26f6b0ffa..f48554b54 100644 --- a/jose/apr_jose.c +++ b/jose/apr_jose.c @@ -21,141 +21,138 @@ APR_DECLARE(apu_err_t *) apr_jose_error(apr_jose_t *jose) return &jose->result; } -APR_DECLARE(apr_status_t) apr_jose_make(apr_jose_t **jose, apr_jose_type_e type, +APR_DECLARE(apr_jose_t *) apr_jose_make(apr_jose_t *jose, apr_jose_type_e type, apr_pool_t *pool) { - apr_jose_t *j; - - if (*jose) { - j = *jose; - } else { - *jose = j = apr_pcalloc(pool, sizeof(apr_jose_t)); - if (!j) { - return APR_ENOMEM; + + if (!jose) { + jose = apr_pcalloc(pool, sizeof(apr_jose_t)); + if (!jose) { + return NULL; } } - j->pool = pool; - j->type = type; + jose->pool = pool; + jose->type = type; - return APR_SUCCESS; + return jose; } -APR_DECLARE(apr_status_t) apr_jose_data_make(apr_jose_t **jose, const char *typ, +APR_DECLARE(apr_jose_t *) apr_jose_data_make(apr_jose_t *jose, const char *typ, const unsigned char *in, apr_size_t inlen, apr_pool_t *pool) { - apr_jose_t *j; - apr_status_t status; - status = apr_jose_make(jose, APR_JOSE_TYPE_DATA, pool); - if (APR_SUCCESS != status) { - return status; + if (!jose) { + jose = apr_jose_make(jose, APR_JOSE_TYPE_DATA, pool); + if (!jose) { + return NULL; + } } - j = *jose; - j->typ = typ; - j->jose.data = apr_palloc(pool, sizeof(apr_jose_data_t)); - if (!j->jose.data) { - return APR_ENOMEM; + jose->typ = typ; + jose->jose.data = apr_palloc(pool, sizeof(apr_jose_data_t)); + if (!jose->jose.data) { + return NULL; } - j->jose.data->data = in; - j->jose.data->len = inlen; + jose->jose.data->data = in; + jose->jose.data->len = inlen; - return APR_SUCCESS; + return jose; } -APR_DECLARE(apr_status_t) apr_jose_json_make(apr_jose_t **jose, const char *cty, +APR_DECLARE(apr_jose_t *) apr_jose_json_make(apr_jose_t *jose, const char *cty, apr_json_value_t *json, apr_pool_t *pool) { - apr_jose_t *j; - apr_status_t status; - status = apr_jose_make(jose, APR_JOSE_TYPE_JSON, pool); - if (APR_SUCCESS != status) { - return status; + if (!jose) { + jose = apr_jose_make(jose, APR_JOSE_TYPE_JSON, pool); + if (!jose) { + return NULL; + } } - j = *jose; - j->cty = cty; - j->jose.json = apr_palloc(pool, sizeof(apr_jose_json_t)); - if (!j->jose.json) { - return APR_ENOMEM; + jose->cty = cty; + jose->jose.json = apr_palloc(pool, sizeof(apr_jose_json_t)); + if (!jose->jose.json) { + return NULL; } - j->jose.json->json = json; + jose->jose.json->json = json; - return APR_SUCCESS; + return jose; } -APR_DECLARE(apr_status_t) apr_jose_signature_make( - apr_jose_signature_t **signature, apr_json_value_t *header, +APR_DECLARE(apr_jose_signature_t *) apr_jose_signature_make( + apr_jose_signature_t *signature, apr_json_value_t *header, apr_json_value_t *protected, apr_pool_t *pool) { - apr_jose_signature_t *s; - *signature = s = apr_pcalloc(pool, sizeof(apr_jose_signature_t)); - if (!s) { - return APR_ENOMEM; + if (!signature) { + signature = apr_pcalloc(pool, sizeof(apr_jose_signature_t)); + if (!signature) { + return NULL; + } } - s->header = header; - s->protected_header = protected; + signature->header = header; + signature->protected_header = protected; - return APR_SUCCESS; + return signature; } -APR_DECLARE(apr_status_t) apr_jose_recipient_make( - apr_jose_recipient_t **recipient, apr_json_value_t *header, +APR_DECLARE(apr_jose_recipient_t *) apr_jose_recipient_make( + apr_jose_recipient_t *recipient, apr_json_value_t *header, apr_pool_t *pool) { - apr_jose_recipient_t *r; - *recipient = r = apr_pcalloc(pool, sizeof(apr_jose_recipient_t)); - if (!r) { - return APR_ENOMEM; + if (!recipient) { + recipient = apr_pcalloc(pool, sizeof(apr_jose_recipient_t)); + if (!recipient) { + return NULL; + } } - r->header = header; + recipient->header = header; - return APR_SUCCESS; + return recipient; } -APR_DECLARE(apr_status_t) apr_jose_encryption_make( - apr_jose_encryption_t **encryption, apr_json_value_t *header, +APR_DECLARE(apr_jose_encryption_t *) apr_jose_encryption_make( + apr_jose_encryption_t *encryption, apr_json_value_t *header, apr_json_value_t *protected_header, apr_pool_t *pool) { - apr_jose_encryption_t *e; - *encryption = e = apr_pcalloc(pool, sizeof(apr_jose_encryption_t)); - if (!e) { - return APR_ENOMEM; + if (!encryption) { + encryption = apr_pcalloc(pool, sizeof(apr_jose_encryption_t)); + if (!encryption) { + return NULL; + } } - e->unprotected = header; - e->protected = protected_header; + encryption->unprotected = header; + encryption->protected = protected_header; - return APR_SUCCESS; + return encryption; } -APR_DECLARE(apr_status_t) apr_jose_jwe_make(apr_jose_t **jose, +APR_DECLARE(apr_jose_t *) apr_jose_jwe_make(apr_jose_t *jose, apr_jose_recipient_t *recipient, apr_array_header_t *recipients, apr_jose_encryption_t *encryption, apr_jose_t *payload, apr_pool_t *pool) { - apr_jose_t *j; apr_jose_jwe_t *jwe; - apr_status_t status; - status = apr_jose_make(jose, APR_JOSE_TYPE_JWE, pool); - if (APR_SUCCESS != status) { - return status; + if (!jose) { + jose = apr_jose_make(jose, APR_JOSE_TYPE_JWE, pool); + if (!jose) { + return NULL; + } } - j = *jose; - j->cty = payload->cty; + jose->cty = payload->cty; - jwe = j->jose.jwe = apr_palloc(pool, sizeof(apr_jose_jwe_t)); + jwe = jose->jose.jwe = apr_palloc(pool, sizeof(apr_jose_jwe_t)); if (!jwe) { - return APR_ENOMEM; + return NULL; } jwe->recipient = recipient; @@ -163,31 +160,30 @@ APR_DECLARE(apr_status_t) apr_jose_jwe_make(apr_jose_t **jose, jwe->encryption = encryption; jwe->payload = payload; - return APR_SUCCESS; + return jose; } -APR_DECLARE(apr_status_t) apr_jose_jwe_json_make(apr_jose_t **jose, +APR_DECLARE(apr_jose_t *) apr_jose_jwe_json_make(apr_jose_t *jose, apr_jose_recipient_t *recipient, apr_array_header_t *recipients, apr_jose_encryption_t *encryption, apr_jose_t *payload, apr_pool_t *pool) { - apr_jose_t *j; apr_jose_jwe_t *jwe; - apr_status_t status; - status = apr_jose_make(jose, APR_JOSE_TYPE_JWE_JSON, pool); - if (APR_SUCCESS != status) { - return status; + if (!jose) { + jose = apr_jose_make(jose, APR_JOSE_TYPE_JWE_JSON, pool); + if (!jose) { + return NULL; + } } - j = *jose; if (payload) { - j->cty = payload->cty; + jose->cty = payload->cty; } - jwe = j->jose.jwe = apr_palloc(pool, sizeof(apr_jose_jwe_t)); + jwe = jose->jose.jwe = apr_palloc(pool, sizeof(apr_jose_jwe_t)); if (!jwe) { - return APR_ENOMEM; + return NULL; } jwe->recipient = recipient; @@ -195,159 +191,153 @@ APR_DECLARE(apr_status_t) apr_jose_jwe_json_make(apr_jose_t **jose, jwe->encryption = encryption; jwe->payload = payload; - return APR_SUCCESS; + return jose; } -APR_DECLARE(apr_status_t) apr_jose_jwk_make(apr_jose_t **jose, +APR_DECLARE(apr_jose_t *) apr_jose_jwk_make(apr_jose_t *jose, apr_json_value_t *key, apr_pool_t *pool) { - apr_jose_t *j; apr_jose_jwk_t *jwk; - apr_status_t status; - status = apr_jose_make(jose, APR_JOSE_TYPE_JWK, pool); - if (APR_SUCCESS != status) { - return status; + if (!jose) { + jose = apr_jose_make(jose, APR_JOSE_TYPE_JWK, pool); + if (!jose) { + return NULL; + } } - j = *jose; - jwk = j->jose.jwk = apr_palloc(pool, sizeof(apr_jose_jwk_t)); + jwk = jose->jose.jwk = apr_palloc(pool, sizeof(apr_jose_jwk_t)); if (!jwk) { - return APR_ENOMEM; + return NULL; } jwk->key = key; - return APR_SUCCESS; + return jose; } -APR_DECLARE(apr_status_t) apr_jose_jwks_make(apr_jose_t **jose, +APR_DECLARE(apr_jose_t *) apr_jose_jwks_make(apr_jose_t *jose, apr_json_value_t *keys, apr_pool_t *pool) { - apr_jose_t *j; apr_jose_jwks_t *jwks; - apr_status_t status; - status = apr_jose_make(jose, APR_JOSE_TYPE_JWKS, pool); - if (APR_SUCCESS != status) { - return status; + if (!jose) { + jose = apr_jose_make(jose, APR_JOSE_TYPE_JWKS, pool); + if (!jose) { + return NULL; + } } - j = *jose; - jwks = j->jose.jwks = apr_palloc(pool, sizeof(apr_jose_jwks_t)); + jwks = jose->jose.jwks = apr_palloc(pool, sizeof(apr_jose_jwks_t)); if (!jwks) { - return APR_ENOMEM; + return NULL; } jwks->keys = keys; - return APR_SUCCESS; + return jose; } -APR_DECLARE(apr_status_t) apr_jose_jws_make(apr_jose_t **jose, +APR_DECLARE(apr_jose_t *) apr_jose_jws_make(apr_jose_t *jose, apr_jose_signature_t *signature, apr_array_header_t *signatures, apr_jose_t *payload, apr_pool_t *pool) { - apr_jose_t *j; apr_jose_jws_t *jws; - apr_status_t status; - status = apr_jose_make(jose, APR_JOSE_TYPE_JWS, pool); - if (APR_SUCCESS != status) { - return status; + if (!jose) { + jose = apr_jose_make(jose, APR_JOSE_TYPE_JWS, pool); + if (!jose) { + return NULL; + } } - j = *jose; if (payload) { - j->cty = payload->cty; + jose->cty = payload->cty; } - jws = j->jose.jws = apr_pcalloc(pool, sizeof(apr_jose_jws_t)); + jws = jose->jose.jws = apr_pcalloc(pool, sizeof(apr_jose_jws_t)); if (!jws) { - return APR_ENOMEM; + return NULL; } jws->signature = signature; jws->signatures = signatures; jws->payload = payload; - return APR_SUCCESS; + return jose; } -APR_DECLARE(apr_status_t) apr_jose_jws_json_make(apr_jose_t **jose, +APR_DECLARE(apr_jose_t *) apr_jose_jws_json_make(apr_jose_t *jose, apr_jose_signature_t *signature, apr_array_header_t *signatures, apr_jose_t *payload, apr_pool_t *pool) { - apr_jose_t *j; apr_jose_jws_t *jws; - apr_status_t status; - status = apr_jose_make(jose, APR_JOSE_TYPE_JWS_JSON, pool); - if (APR_SUCCESS != status) { - return status; + if (!jose) { + jose = apr_jose_make(jose, APR_JOSE_TYPE_JWS_JSON, pool); + if (!jose) { + return NULL; + } } - j = *jose; if (payload) { - j->cty = payload->cty; + jose->cty = payload->cty; } - jws = j->jose.jws = apr_pcalloc(pool, sizeof(apr_jose_jws_t)); + jws = jose->jose.jws = apr_pcalloc(pool, sizeof(apr_jose_jws_t)); if (!jws) { - return APR_ENOMEM; + return NULL; } jws->signature = signature; jws->signatures = signatures; jws->payload = payload; - return APR_SUCCESS; + return jose; } -APR_DECLARE(apr_status_t) apr_jose_jwt_make(apr_jose_t **jose, apr_json_value_t *claims, +APR_DECLARE(apr_jose_t *) apr_jose_jwt_make(apr_jose_t *jose, apr_json_value_t *claims, apr_pool_t *pool) { - apr_jose_t *j; apr_jose_jwt_t *jwt; - apr_status_t status; - status = apr_jose_make(jose, APR_JOSE_TYPE_JWT, pool); - if (APR_SUCCESS != status) { - return status; + if (!jose) { + jose = apr_jose_make(jose, APR_JOSE_TYPE_JWT, pool); + if (!jose) { + return NULL; + } } - j = *jose; - j->cty = "JWT"; + jose->cty = "JWT"; - jwt = j->jose.jwt = apr_palloc(pool, sizeof(apr_jose_jwt_t)); + jwt = jose->jose.jwt = apr_palloc(pool, sizeof(apr_jose_jwt_t)); if (!jwt) { - return APR_ENOMEM; + return NULL; } jwt->claims = claims; - return APR_SUCCESS; + return jose; } -APR_DECLARE(apr_status_t) apr_jose_text_make(apr_jose_t **jose, const char *cty, +APR_DECLARE(apr_jose_t *) apr_jose_text_make(apr_jose_t *jose, const char *cty, const char *in, apr_size_t inlen, apr_pool_t *pool) { - apr_jose_t *j; - apr_status_t status; - status = apr_jose_make(jose, APR_JOSE_TYPE_TEXT, pool); - if (APR_SUCCESS != status) { - return status; + if (!jose) { + jose = apr_jose_make(jose, APR_JOSE_TYPE_TEXT, pool); + if (!jose) { + return NULL; + } } - j = *jose; - j->cty = cty; - j->jose.text = apr_palloc(pool, sizeof(apr_jose_text_t)); - if (!j->jose.text) { - return APR_ENOMEM; + jose->cty = cty; + jose->jose.text = apr_palloc(pool, sizeof(apr_jose_text_t)); + if (!jose->jose.text) { + return NULL; } - j->jose.text->text = in; - j->jose.text->len = inlen; + jose->jose.text->text = in; + jose->jose.text->len = inlen; - return APR_SUCCESS; + return jose; } diff --git a/jose/apr_jose_decode.c b/jose/apr_jose_decode.c index 7d0b01d49..defe06a34 100644 --- a/jose/apr_jose_decode.c +++ b/jose/apr_jose_decode.c @@ -41,23 +41,24 @@ apr_status_t apr_jose_decode_jwk(apr_jose_t **jose, const char *typ, apr_bucket_brigade *bb, apr_jose_cb_t *cb, int level, int flags, apr_pool_t *pool) { + apr_json_value_t *key; apr_jose_text_t in; apr_off_t offset; apr_status_t status; - status = apr_jose_jwk_make(jose, NULL, pool); - if (APR_SUCCESS != status) { - return status; - } - status = apr_jose_flatten(bb, &in, pool); if (APR_SUCCESS != status) { return status; } - status = apr_json_decode(&(*jose)->jose.jwk->key, in.text, in.len, &offset, + status = apr_json_decode(&key, in.text, in.len, &offset, APR_JSON_FLAGS_WHITESPACE, level, pool); + *jose = apr_jose_jwk_make(NULL, key, pool); + if (!*jose) { + return APR_ENOMEM; + } + if (APR_SUCCESS != status) { char buf[1024]; apr_strerror(status, buf, sizeof(buf)); @@ -75,23 +76,24 @@ apr_status_t apr_jose_decode_jwks(apr_jose_t **jose, const char *typ, apr_bucket_brigade *bb, apr_jose_cb_t *cb, int level, int flags, apr_pool_t *pool) { + apr_json_value_t *keys; apr_jose_text_t in; apr_off_t offset; apr_status_t status; - status = apr_jose_jwks_make(jose, NULL, pool); - if (APR_SUCCESS != status) { - return status; - } - status = apr_jose_flatten(bb, &in, pool); if (APR_SUCCESS != status) { return status; } - status = apr_json_decode(&(*jose)->jose.jwks->keys, in.text, in.len, + status = apr_json_decode(&keys, in.text, in.len, &offset, APR_JSON_FLAGS_WHITESPACE, level, pool); + *jose = apr_jose_jwks_make(NULL, keys, pool); + if (!*jose) { + return APR_ENOMEM; + } + if (APR_SUCCESS != status) { char buf[1024]; apr_strerror(status, buf, sizeof(buf)); @@ -102,7 +104,7 @@ apr_status_t apr_jose_decode_jwks(apr_jose_t **jose, return status; } - if ((*jose)->jose.jwks->keys->type != APR_JSON_ARRAY) { + if (keys->type != APR_JSON_ARRAY) { apr_errprintf(&(*jose)->result, pool, NULL, 0, "Syntax error: JWKS 'keys' is not an array"); return APR_EINVAL; @@ -115,23 +117,24 @@ apr_status_t apr_jose_decode_jwt(apr_jose_t **jose, const char *typ, apr_bucket_brigade *bb, apr_jose_cb_t *cb, int level, int flags, apr_pool_t *pool) { + apr_json_value_t *claims; apr_jose_text_t in; apr_off_t offset; apr_status_t status; - status = apr_jose_jwt_make(jose, NULL, pool); - if (APR_SUCCESS != status) { - return status; - } - status = apr_jose_flatten(bb, &in, pool); if (APR_SUCCESS != status) { return status; } - status = apr_json_decode(&(*jose)->jose.jwt->claims, in.text, in.len, &offset, + status = apr_json_decode(&claims, in.text, in.len, &offset, APR_JSON_FLAGS_WHITESPACE, level, pool); + *jose = apr_jose_jwt_make(NULL, claims, pool); + if (!*jose) { + return APR_ENOMEM; + } + if (APR_SUCCESS != status) { char buf[1024]; apr_strerror(status, buf, sizeof(buf)); @@ -157,10 +160,10 @@ apr_status_t apr_jose_decode_data(apr_jose_t **jose, const char *typ, return status; } - status = apr_jose_data_make(jose, typ, (const unsigned char *) in.text, in.len, - pool); - if (APR_SUCCESS != status) { - return status; + *jose = apr_jose_data_make(NULL, typ, (const unsigned char *) in.text, + in.len, pool); + if (!*jose) { + return APR_ENOMEM; } return status; @@ -404,9 +407,9 @@ apr_status_t apr_jose_decode_compact_jws(apr_jose_t **jose, return APR_EINIT; } - status = apr_jose_jws_make(jose, NULL, NULL, NULL, pool); - if (APR_SUCCESS != status) { - return status; + *jose = apr_jose_jws_make(*jose, NULL, NULL, NULL, pool); + if (!*jose) { + return APR_ENOMEM; } jws = (*jose)->jose.jws; @@ -415,9 +418,9 @@ apr_status_t apr_jose_decode_compact_jws(apr_jose_t **jose, * the JWS Protected Header. */ - status = apr_jose_signature_make(&jws->signature, NULL, ph, pool); - if (APR_SUCCESS != status) { - return status; + jws->signature = apr_jose_signature_make(NULL, NULL, ph, pool); + if (!jws->signature) { + return APR_ENOMEM; } dot = memchr(left, '.', right - left); @@ -501,21 +504,21 @@ apr_status_t apr_jose_decode_compact_jwe(apr_jose_t **jose, const char *left, return APR_EINIT; } - status = apr_jose_jwe_make(jose, NULL, NULL, NULL, NULL, pool); - if (APR_SUCCESS != status) { - return status; + *jose = apr_jose_jwe_make(*jose, NULL, NULL, NULL, NULL, pool); + if (!*jose) { + return APR_ENOMEM; } jwe = (*jose)->jose.jwe; - status = apr_jose_encryption_make(&jwe->encryption, NULL, + jwe->encryption = apr_jose_encryption_make(NULL, NULL, NULL, pool); - if (APR_SUCCESS != status) { - return status; + if (!jwe->encryption) { + return APR_ENOMEM; } - status = apr_jose_recipient_make(&jwe->recipient, NULL, pool); - if (APR_SUCCESS != status) { - return status; + jwe->recipient = apr_jose_recipient_make(NULL, NULL, pool); + if (!jwe->recipient) { + return APR_ENOMEM; } /* @@ -655,9 +658,9 @@ apr_status_t apr_jose_decode_compact(apr_jose_t **jose, const char *typ, left = in.text; right = in.text + in.len; - status = apr_jose_make(jose, APR_JOSE_TYPE_NONE, pool); - if (APR_SUCCESS != status) { - return status; + *jose = apr_jose_make(NULL, APR_JOSE_TYPE_NONE, pool); + if (!*jose) { + return APR_ENOMEM; } bb = apr_brigade_create(pool, brigade->bucket_alloc); @@ -852,9 +855,9 @@ apr_status_t apr_jose_decode_json_jws(apr_jose_t **jose, apr_json_value_t *val, return APR_BADCH; } - status = apr_jose_jws_json_make(jose, NULL, NULL, NULL, pool); - if (APR_SUCCESS != status) { - return status; + *jose = apr_jose_jws_json_make(*jose, NULL, NULL, NULL, pool); + if (!*jose) { + return APR_ENOMEM; } jws = (*jose)->jose.jws; @@ -1037,10 +1040,10 @@ apr_status_t apr_jose_decode_json_jws(apr_jose_t **jose, apr_json_value_t *val, return APR_SUCCESS; } - status = apr_jose_signature_make(&jws->signature, NULL, NULL, + jws->signature = apr_jose_signature_make(NULL, NULL, NULL, pool); - if (APR_SUCCESS != status) { - return status; + if (!jws->signature) { + return APR_ENOMEM; } kv = apr_json_object_get(val, APR_JOSE_JWSE_PROTECTED, @@ -1173,16 +1176,16 @@ apr_status_t apr_jose_decode_json_jwe(apr_jose_t **jose, apr_json_value_t *val, return APR_EINVAL; } - status = apr_jose_jwe_json_make(jose, NULL, NULL, NULL, NULL, pool); - if (APR_SUCCESS != status) { - return status; + *jose = apr_jose_jwe_json_make(*jose, NULL, NULL, NULL, NULL, pool); + if (!*jose) { + return APR_ENOMEM; } jwe = (*jose)->jose.jwe; - status = apr_jose_encryption_make(&jwe->encryption, NULL, + jwe->encryption = apr_jose_encryption_make(NULL, NULL, NULL, pool); - if (APR_SUCCESS != status) { - return status; + if (!jwe->encryption) { + return APR_ENOMEM; } /* @@ -1547,9 +1550,9 @@ apr_status_t apr_jose_decode_json(apr_jose_t **jose, const char *typ, apr_off_t offset; apr_status_t status; - status = apr_jose_make(jose, APR_JOSE_TYPE_NONE, pool); - if (APR_SUCCESS != status) { - return status; + *jose = apr_jose_make(NULL, APR_JOSE_TYPE_NONE, pool); + if (!*jose) { + return APR_ENOMEM; } status = apr_jose_flatten(brigade, &in, pool); |