Add always required keys and parse empty field

Signed-off-by: Raul Metsma <raul@metsma.ee>

Author: metsma

cdoc/Lock.cpp

@@ -23,6 +23,8 @@
 
 #include "json/base.h"
 
+#include <ranges>
+
 namespace libcdoc {
 
 std::string
@@ -59,50 +61,51 @@ Lock::parseLabel(const std::string& label)
 {
     std::map<std::string, std::string> parsed_label;
     // Check if provided label starts with the machine generated label prefix.
-    if (!label.starts_with(CDoc2::LABELPREFIX))
-    {
+    if (!label.starts_with(CDoc2::LABELPREFIX)) {
         return parsed_label;
     }
 
-    std::string label_wo_prefix(label.substr(CDoc2::LABELPREFIX.size()));
+    auto label_wo_prefix = std::string_view(label).substr(CDoc2::LABELPREFIX.size());
 
     // Label to be processed
-    std::string label_to_prcss;
+    std::string decodedBase64; // Strong ref
+    std::string_view label_to_prcss;
 
     // We ignore mediatype part
 
     // Check, if the label is Base64 encoded
-    auto base64IndPos = label_wo_prefix.find(CDoc2::LABELBASE64IND);
-    if (base64IndPos == std::string::npos)
-    {
-        if (label_wo_prefix.starts_with(",")) {
-            label_to_prcss = label_wo_prefix.substr(1);
-        } else {
-            label_to_prcss = std::move(label_wo_prefix);
-        }
-    }
-    else
+    if (auto base64IndPos = label_wo_prefix.find(CDoc2::LABELBASE64IND);
+        base64IndPos != std::string::npos)
     {
         std::string base64_label(label_wo_prefix.substr(base64IndPos + CDoc2::LABELBASE64IND.size()));
-        label_to_prcss = jwt::base::decode<jwt::alphabet::base64>(base64_label);
+        decodedBase64 = jwt::base::decode<jwt::alphabet::base64>(base64_label);
+        label_to_prcss = decodedBase64;
+    } else if (label_wo_prefix.starts_with(",")) {
+        label_to_prcss = label_wo_prefix.substr(1);
+    } else {
+        label_to_prcss = label_wo_prefix;
     }
 
-    auto label_parts(split(label_to_prcss, '&'));
-    for (auto& part : label_parts)
+    for (const auto &part : std::ranges::split_view(label_to_prcss, '&'))
     {
-        auto label_data_parts(split(part, '='));
-        if (label_data_parts.size() != 2)
-        {
-            // Invalid label data. We just ignore them.
+        auto label_data_parts = std::ranges::split_view(part, '=');
+        if (label_data_parts.empty()) {
             LOG_ERROR("The label '{}' is invalid", label);
+            continue;
         }
-        else
-        {
-            std::string key = urlDecode(label_data_parts[0]);
-            std::string value = urlDecode(label_data_parts[1]);
-            std::transform(key.begin(), key.end(), key.begin(), [](unsigned char c){ return std::tolower(c); });
-            parsed_label[key] = value;
+        auto it = label_data_parts.begin();
+        auto key_range = *it;
+        std::string key = urlDecode(std::string_view(key_range.begin(), key_range.end()));
+        ++it;
+        if (it == label_data_parts.end() || std::next(it) != label_data_parts.end()) {
+            // Must have exactly two parts
+            LOG_ERROR("The label '{}' is invalid", label);
+            continue;
         }
+        auto value_range = *it;
+        std::string value = urlDecode(std::string_view(value_range.begin(), value_range.end()));
+        std::transform(key.begin(), key.end(), key.begin(), [](unsigned char c){ return std::tolower(c); });
+        parsed_label[std::move(key)] = std::move(value);
     }
 
     return parsed_label;

cdoc/Recipient.cpp

@@ -121,12 +121,17 @@ Recipient::isTheSameRecipient(const std::vector<uint8_t>& public_key) const
 }
 
 static void
-buildLabel(std::ostream& ofs, std::string_view type, std::initializer_list<std::pair<std::string_view, std::string_view>> components)
+buildLabel(std::ostream& ofs, std::string_view type,
+    std::initializer_list<std::pair<std::string_view, std::string_view>> components,
+    std::initializer_list<std::pair<std::string_view, std::string_view>> optional)
 {
     ofs << CDoc2::LABELPREFIX;
     ofs << "v" << '=' << std::to_string(CDoc2::KEYLABELVERSION) << '&'
         << "type" << '=' << type;
     for (const auto& [key, value] : components) {
+        ofs << '&' << urlEncode(key) << '=' << urlEncode(value);
+    }
+    for (const auto& [key, value] : optional) {
         if (!value.empty())
             ofs << '&' << urlEncode(key) << '=' << urlEncode(value);
     }
@@ -138,6 +143,7 @@ BuildLabelEID(std::ostream& ofs, Certificate::EIDType type, const Certificate& x
     buildLabel(ofs, CDoc2::eid_strs[type], {
         {"cn", x509.getCommonName()},
         {"serial_number", x509.getSerialNumber()},
+    }, {
         {"last_name", x509.getSurname()},
         {"first_name", x509.getGivenName()},
     });
@@ -146,7 +152,7 @@ BuildLabelEID(std::ostream& ofs, Certificate::EIDType type, const Certificate& x
 static void
 BuildLabelCertificate(std::ostream &ofs, const std::string& file, const Certificate& x509)
 {
-    buildLabel(ofs, "cert", {
+    buildLabel(ofs, "cert", {}, {
         {"file", file},
         {"cn", x509.getCommonName()},
         {"cert_sha1", toHex(x509.getDigest())}
@@ -156,7 +162,7 @@ BuildLabelCertificate(std::ostream &ofs, const std::string& file, const Certific
 static void
 BuildLabelPublicKey(std::ostream &ofs, const std::string& file)
 {
-    buildLabel(ofs, "pub_key", {
+    buildLabel(ofs, "pub_key", {}, {
         {"file", file}
     });
 }
@@ -166,6 +172,7 @@ BuildLabelSymmetricKey(std::ostream &ofs, const std::string& label, const std::s
 {
     buildLabel(ofs, "secret", {
         {"label", label},
+    }, {
         {"file", file}
     });
 }
@@ -175,7 +182,7 @@ BuildLabelPassword(std::ostream &ofs, const std::string& label)
 {
     buildLabel(ofs, "pw", {
         {"label", label}
-    });
+    }, {});
 }
 
 std::string
@@ -185,30 +192,27 @@ Recipient::getLabel(const std::vector<std::pair<std::string_view, std::string_vi
     if (!label.empty()) return label;
     std::ostringstream ofs;
     switch(type) {
-        case NONE:
-            LOG_DBG("The recipient is not initialized");
-            break;
-        case SYMMETRIC_KEY:
-            if (kdf_iter > 0) {
-                BuildLabelPassword(ofs, key_name);
-            } else {
-                BuildLabelSymmetricKey(ofs, key_name, file_name);
-            }
-            break;
-        case PUBLIC_KEY:
-            if (!cert.empty()) {
-                Certificate x509(cert);
-                if (auto eid = x509.getEIDType(); eid != Certificate::Unknown) {
-                    BuildLabelEID(ofs, eid, x509);
-                } else {
-                    BuildLabelCertificate(ofs, file_name, x509);
-                }
-            } else {
-                BuildLabelPublicKey(ofs, file_name);
-            }
-            break;
-        case KEYSHARE:
-            break;
+    case NONE:
+        LOG_DBG("The recipient is not initialized");
+        break;
+    case SYMMETRIC_KEY:
+        if (kdf_iter > 0) {
+            BuildLabelPassword(ofs, key_name);
+        } else {
+            BuildLabelSymmetricKey(ofs, key_name, file_name);
+        }
+        break;
+    case PUBLIC_KEY:
+        if (Certificate x509(cert); !x509) {
+            BuildLabelPublicKey(ofs, file_name);
+        } else if (auto eid = x509.getEIDType(); eid != Certificate::Unknown) {
+            BuildLabelEID(ofs, eid, x509);
+        } else {
+            BuildLabelCertificate(ofs, file_name, x509);
+        }
+        break;
+    case KEYSHARE:
+        break;
     }
     for (const auto& [key, value] : extra) {
         if (!value.empty())

test/libcdoc_boost.cpp

@@ -790,6 +790,27 @@ BOOST_AUTO_TEST_CASE(Base64LabelParsingWithMediaType)
         }
     }
 }
+
+BOOST_AUTO_TEST_CASE(Base64LabelParsingEmptyLabel)
+{
+    const string label("data:v=1&type=pw&label=");
+
+    auto result = libcdoc::Lock::parseLabel(label);
+    for (const auto& [key, value] : {
+            pair<string, string> {"v", "1"},
+            pair<string, string> {"type", "ID-card"},
+            pair<string, string> {"label", ""},
+        })
+    {
+        auto result_pair = result.find(key);
+        BOOST_TEST((result_pair != result.cend()), "Field " << key << " presented");
+        if (result_pair != result.end())
+        {
+            BOOST_CHECK_EQUAL(result_pair->second, value);
+        }
+    }
+}
+
 BOOST_AUTO_TEST_SUITE_END()
 
 BOOST_AUTO_TEST_SUITE(StreamingDecryption)