Initial QSfera import
This commit is contained in:
@@ -0,0 +1,284 @@
|
||||
package proofkeys
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"crypto"
|
||||
"crypto/rsa"
|
||||
"crypto/sha256"
|
||||
"crypto/tls"
|
||||
"encoding/base64"
|
||||
"errors"
|
||||
"math/big"
|
||||
"net/http"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/beevik/etree"
|
||||
"github.com/rs/zerolog"
|
||||
)
|
||||
|
||||
type PubKeys struct {
|
||||
Key *rsa.PublicKey
|
||||
OldKey *rsa.PublicKey
|
||||
ExpireTime time.Time
|
||||
}
|
||||
|
||||
type Verifier interface {
|
||||
Verify(accessToken, url, timestamp, sig64, oldSig64 string, opts ...VerifyOption) error
|
||||
}
|
||||
|
||||
type VerifyHandler struct {
|
||||
discoveryURL string
|
||||
insecure bool
|
||||
cachedKeys *PubKeys
|
||||
cachedDur time.Duration
|
||||
}
|
||||
|
||||
// NewVerifyHandler will return a new Verifier with the provided parameters
|
||||
// The discoveryURL must point to the https://office.wopi/hosting/discovery
|
||||
// address, which contains the xml with the proof keys (and more information)
|
||||
// The insecure parameter can be used to disable certificate verification when
|
||||
// conecting to the provided discoveryURL
|
||||
// CachedDur is the duration the keys will be cached in memory. The cached keys
|
||||
// will be used for the duration provided, after that new keys will be fetched
|
||||
// from the discoveryURL.
|
||||
//
|
||||
// For WOPI apps whose proof keys rotate after a while, you must ensure that
|
||||
// the provided duration is shorter than the rotation time. This should
|
||||
// guarantee that we can't fail to verify a request due to obsolete keys.
|
||||
func NewVerifyHandler(discoveryURL string, insecure bool, cachedDur time.Duration) Verifier {
|
||||
return &VerifyHandler{
|
||||
discoveryURL: discoveryURL,
|
||||
insecure: insecure,
|
||||
cachedDur: cachedDur,
|
||||
}
|
||||
}
|
||||
|
||||
// Verify the request comes from a trusted source
|
||||
// All the provided parameters are strings:
|
||||
// * accessToken: The access token used for this request (targeting this collaboration service)
|
||||
// * url: The full url for this request, including scheme, host and all query parameters,
|
||||
// something like "https://wopi.qsfera.test/wopi/file/abcbcbd?access_token=oiuiu" or
|
||||
// "http://wopiserver:8888/wopi/file/abcdef?access_token=zzxxyy"
|
||||
// * timestamp: The timestamp provided by the WOPI app in the "X-WOPI-TimeStamp" header, as string
|
||||
// * sig64: The base64-encoded signature, which should come directly from the "X-WOPI-Proof" header
|
||||
// * oldSig64: The base64-encoded previous signature, coming from the "X-WOPI-ProofOld" header
|
||||
//
|
||||
// The public keys will be obtained from the /hosting/discovery path of the target WOPI app.
|
||||
// Note that the method will perform the following checks in that order:
|
||||
// * current signature with the current key
|
||||
// * old signature with the current key
|
||||
// * current signature with the old key
|
||||
// If all of those checks are wrong, the method will fail, and the request should be rejected.
|
||||
//
|
||||
// The method will return an error if something fails, or nil if everything is ok
|
||||
func (vh *VerifyHandler) Verify(accessToken, url, timestamp, sig64, oldSig64 string, opts ...VerifyOption) error {
|
||||
verifyOptions := newOptions(opts...)
|
||||
|
||||
// check timestamp
|
||||
if err := vh.checkTimestamp(timestamp); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// need to decode the signatures
|
||||
signature, err := base64.StdEncoding.DecodeString(sig64)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
var oldSignature []byte
|
||||
if oldSig64 != "" {
|
||||
if oldSig, err := base64.StdEncoding.DecodeString(oldSig64); err != nil {
|
||||
return err
|
||||
} else {
|
||||
oldSignature = oldSig
|
||||
}
|
||||
}
|
||||
|
||||
pubkeys := vh.cachedKeys
|
||||
if pubkeys == nil || pubkeys.ExpireTime.Before(time.Now()) {
|
||||
// fetch the public keys
|
||||
newpubkeys, err := vh.fetchPublicKeys(verifyOptions.Logger)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
pubkeys = newpubkeys
|
||||
vh.cachedKeys = newpubkeys
|
||||
}
|
||||
|
||||
// build and hash the expected proof
|
||||
expectedProof := vh.generateProof(accessToken, url, timestamp)
|
||||
hashedProof := sha256.Sum256(expectedProof)
|
||||
|
||||
// verify
|
||||
if err := rsa.VerifyPKCS1v15(pubkeys.Key, crypto.SHA256, hashedProof[:], signature); err != nil {
|
||||
if err := rsa.VerifyPKCS1v15(pubkeys.Key, crypto.SHA256, hashedProof[:], oldSignature); err != nil {
|
||||
if pubkeys.OldKey != nil {
|
||||
return rsa.VerifyPKCS1v15(pubkeys.OldKey, crypto.SHA256, hashedProof[:], signature)
|
||||
} else {
|
||||
return err
|
||||
}
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// checkTimestamp will check if the provided timestamp is valid.
|
||||
// The timestamp is valid if it isn't older than 20 minutes (info from
|
||||
// MS WOPI docs).
|
||||
//
|
||||
// Note: the timestamp is based on C# DateTime.UtcNow.Ticks
|
||||
// "One tick equals 100 nanoseconds. The value of this property represents
|
||||
// the number of ticks that have elapsed since 12:00:00 midnight, January 1, 0001."
|
||||
// It is NOT a unix timestamp (current unix timestamp ~1718123417 secs ;
|
||||
// expected timestamp ~638537195321890000 100-nanosecs)
|
||||
func (vh *VerifyHandler) checkTimestamp(timestamp string) error {
|
||||
// set the stamp
|
||||
stamp, err := strconv.ParseInt(timestamp, 10, 64)
|
||||
if err != nil {
|
||||
return errors.New("Invalid timestamp")
|
||||
}
|
||||
|
||||
// 62135596800 seconds from "January 1, 1 AD" to "January 1, 1970 12:00:00 AM"
|
||||
// need to convert those secs into 100-nanosecs in order to compare the stamp
|
||||
unixBaseStamp := int64(62135596800 * 1000 * 1000 * 10)
|
||||
|
||||
// stamp - unixBaseStamp gives us the unix-based timestamp we can use
|
||||
unixStamp := stamp - unixBaseStamp
|
||||
|
||||
// divide between 1000*1000*10 to get the seconds and 100-nanoseconds
|
||||
unixStampSec := unixStamp / (1000 * 1000 * 10)
|
||||
unixStampNanoSec := (unixStamp % (1000 * 1000 * 10)) * 100
|
||||
|
||||
// both seconds and nanoseconds should be within int64 range
|
||||
convertedUnixTimestamp := time.Unix(unixStampSec, unixStampNanoSec)
|
||||
|
||||
if time.Now().After(convertedUnixTimestamp.Add(20 * time.Minute)) {
|
||||
return errors.New("Timestamp expired")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// generateProof will generated a expected proof to be verified later.
|
||||
// The method will return a slice of bytes with the proof (consider it binary
|
||||
// data).
|
||||
// The bytes will need to be hashed later in order to perform the verification
|
||||
func (vh *VerifyHandler) generateProof(accessToken, url, timestamp string) []byte {
|
||||
tokenBytes := []byte(accessToken)
|
||||
tokenLen := len(tokenBytes)
|
||||
tokenLenBytes := big.NewInt(int64(tokenLen)).FillBytes(make([]byte, 4))
|
||||
|
||||
// url needs to be uppercase
|
||||
urlBytes := []byte(strings.ToUpper(url))
|
||||
urlLen := len(urlBytes)
|
||||
urlLenBytes := big.NewInt(int64(urlLen)).FillBytes(make([]byte, 4))
|
||||
|
||||
stampBigInt, _ := new(big.Int).SetString(timestamp, 10)
|
||||
stampBytes := stampBigInt.FillBytes(make([]byte, 8))
|
||||
stampLen := len(stampBytes)
|
||||
stampLenBytes := big.NewInt(int64(stampLen)).FillBytes(make([]byte, 4))
|
||||
|
||||
proof := new(bytes.Buffer)
|
||||
proof.Write(tokenLenBytes)
|
||||
proof.Write(tokenBytes)
|
||||
proof.Write(urlLenBytes)
|
||||
proof.Write(urlBytes)
|
||||
proof.Write(stampLenBytes)
|
||||
proof.Write(stampBytes)
|
||||
return proof.Bytes()
|
||||
}
|
||||
|
||||
// fetchPublicKeys will fetch the public keys from the /hosting/discovery URL
|
||||
// of the provided WOPI app.
|
||||
// It will return a PubKeys struct to hold the public keys based on the modulus
|
||||
// and exponent found.
|
||||
// The PubKeys returned might be either nil (with the non-nil error), or might
|
||||
// contain only a PubKeys.Key field (the PubKeys.OldKey might be nil)
|
||||
func (vh *VerifyHandler) fetchPublicKeys(logger *zerolog.Logger) (*PubKeys, error) {
|
||||
logger.Debug().Str("WopiAppUrl", vh.discoveryURL).Msg("WopiDiscovery: requesting new public keys")
|
||||
|
||||
httpClient := http.Client{
|
||||
Transport: &http.Transport{
|
||||
TLSClientConfig: &tls.Config{
|
||||
MinVersion: tls.VersionTLS12,
|
||||
InsecureSkipVerify: vh.insecure,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
httpResp, err := httpClient.Get(vh.discoveryURL)
|
||||
if err != nil {
|
||||
logger.Error().
|
||||
Err(err).
|
||||
Str("WopiAppUrl", vh.discoveryURL).
|
||||
Msg("WopiDiscovery: failed to access wopi app url")
|
||||
return nil, err
|
||||
}
|
||||
|
||||
defer httpResp.Body.Close()
|
||||
|
||||
if httpResp.StatusCode != http.StatusOK {
|
||||
logger.Error().
|
||||
Str("WopiAppUrl", vh.discoveryURL).
|
||||
Int("HttpCode", httpResp.StatusCode).
|
||||
Msg("WopiDiscovery: wopi app url failed with unexpected code")
|
||||
return nil, errors.New("wopi app url failed with unexpected code")
|
||||
}
|
||||
|
||||
doc := etree.NewDocument()
|
||||
if _, err := doc.ReadFrom(httpResp.Body); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
root := doc.SelectElement("wopi-discovery")
|
||||
if root == nil {
|
||||
return nil, errors.New("wopi-discovery element not found in the XML body")
|
||||
}
|
||||
|
||||
proofKey := root.SelectElement("proof-key")
|
||||
if proofKey == nil {
|
||||
return nil, errors.New("proof-key element not found in the XML body")
|
||||
}
|
||||
|
||||
mod64 := proofKey.SelectAttrValue("modulus", "")
|
||||
exp64 := proofKey.SelectAttrValue("exponent", "")
|
||||
oldMod64 := proofKey.SelectAttrValue("oldmodulus", "")
|
||||
oldExp64 := proofKey.SelectAttrValue("oldexponent", "")
|
||||
|
||||
if mod64 == "" || exp64 == "" {
|
||||
return nil, errors.New("modulus or exponent not found in the proof-key element")
|
||||
}
|
||||
|
||||
keys := &PubKeys{
|
||||
Key: vh.keyFromBase64(mod64, exp64),
|
||||
ExpireTime: time.Now().Add(vh.cachedDur),
|
||||
}
|
||||
|
||||
if oldMod64 != "" && oldExp64 != "" {
|
||||
keys.OldKey = vh.keyFromBase64(oldMod64, oldExp64)
|
||||
}
|
||||
|
||||
return keys, nil
|
||||
}
|
||||
|
||||
// keyFromBase64 will create a rsa public key from the provided modulus and
|
||||
// exponent, both encoded with base64.
|
||||
// If any of the provided strings can't be decoded, nil will be returned.
|
||||
func (vh *VerifyHandler) keyFromBase64(mod64, exp64 string) *rsa.PublicKey {
|
||||
dataMod, err := base64.StdEncoding.DecodeString(mod64)
|
||||
if err != nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
dataE, err := base64.StdEncoding.DecodeString(exp64)
|
||||
if err != nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
pub := &rsa.PublicKey{
|
||||
N: new(big.Int).SetBytes(dataMod),
|
||||
E: int(new(big.Int).SetBytes(dataE).Int64()),
|
||||
}
|
||||
return pub
|
||||
}
|
||||
Reference in New Issue
Block a user