feat: Assertion verification

cmd/tdf-decrypt.go

@@ -12,6 +12,8 @@ import (
 
 var TDF = "tdf"
 
+var assertionVerification string
+
 func dev_tdfDecryptCmd(cmd *cobra.Command, args []string) {
 	c := cli.New(cmd, args, cli.WithPrintJson())
 	h := NewHandler(c)
@@ -35,7 +37,7 @@ func dev_tdfDecryptCmd(cmd *cobra.Command, args []string) {
 		cli.ExitWithError("Must provide ONE of the following to decrypt: [file argument, stdin input]", errors.New("no input provided"))
 	}
 
-	decrypted, err := h.DecryptBytes(bytesToDecrypt, disableAssertionVerification)
+	decrypted, err := h.DecryptBytes(bytesToDecrypt, assertionVerification, disableAssertionVerification)
 	if err != nil {
 		cli.ExitWithError("Failed to decrypt file", err)
 	}
@@ -74,6 +76,13 @@ func init() {
 		decryptCmd.GetDocFlag("tdf-type").Default,
 		decryptCmd.GetDocFlag("tdf-type").Description,
 	)
+	decryptCmd.Flags().StringVarP(
+		&assertionVerification,
+		decryptCmd.GetDocFlag("with-assertion-verification-keys").Name,
+		decryptCmd.GetDocFlag("with-assertion-verification-keys").Shorthand,
+		"",
+		decryptCmd.GetDocFlag("with-assertion-verification-keys").Description,
+	)
 	decryptCmd.Flags().Bool(
 		decryptCmd.GetDocFlag("no-verify-assertions").Name,
 		decryptCmd.GetDocFlag("no-verify-assertions").DefaultAsBool(),

docs/man/decrypt/_index.md

@@ -13,6 +13,9 @@ command:
     - name: no-verify-assertions
       description: disable verification of assertions
       default: false
+    - name: with-assertion-verification-keys
+      description: >
+        EXPERIMENTAL: JSON string of keys to verify signed assertions. See examples for more information.
 ---
 
 Decrypt a Trusted Data Format (TDF) file and output the contents to stdout or a file in the current working directory.
@@ -40,3 +43,10 @@ Advanced piping is supported
 $ echo "hello world" | otdfctl encrypt | otdfctl decrypt | cat
 hello world
 ```
+
+Assertion verification:
+```shell
+# decrypt file and write to standard output
+otdfctl decrypt hello.txt.tdf --with-assertion-verification-keys '{"keys":{"assertion1":{ "alg":"HS256","key":"xxxx"},"assertion2":{ "alg":"RS256","key":"-----BEGIN PUBLIC KEY-----..."}}}'
+
+```

docs/man/encrypt/_index.md

@@ -93,5 +93,6 @@ Assertions are a way to bind metadata to the TDF data object in a cryptographica
 The following example demonstrates how to bind a STANAG 5636 metadata assertion to the TDF data object.
 
 ```shell
-otdfctl encrypt hello.txt --out hello.txt.tdf --with-assertions '[{"id":"assertion1","type":"handling","scope":"tdo","appliesToState":"encrypted","statement":{"format":"json+stanag5636","schema":"urn:nato:stanag:5636:A:1:elements:json","value":"{\"ocl\":\"2024-10-21T20:47:36Z\"}"}}]'
+otdfctl encrypt hello.txt --out hello.txt.tdf --with-assertions '[{"id":"assertion1","type":"handling","scope":"tdo","appliesToState":"encrypted","statement":{"format":"json+stanag5636","schema":"urn:nato:stanag:5636:A:1:elements:json","value":"{\"ocl\":\"2024-10-21T20:47:36Z\"},"signingKey":{"alg":"RS256","key":"-----BEGIN PRIVATE KEY-----..."}}]
 ```
+Signing with HS256 is also available.

e2e/encrypt-decrypt.bats

@@ -22,7 +22,16 @@ setup_file() {
   VAL_ID=$(./otdfctl --host $HOST $WITH_CREDS $DEBUG_LEVEL policy attributes values create --attribute-id "$ATTR_ID" -v value1 --json | jq -r '.id')
   # entitles opentdf client id for client credentials CLI user
   SCS='[{"condition_groups":[{"conditions":[{"operator":1,"subject_external_values":["opentdf"],"subject_external_selector_value":".clientId"}],"boolean_operator":2}]}]'
+  HS256_KEY=$(openssl rand -base64 32)
+  openssl genpkey -algorithm RSA -out rs_private_key.pem -pkeyopt rsa_keygen_bits:2048
+  openssl rsa -pubout -in rs_private_key.pem -out rs_public_key.pem
+  RS256_PRIVATE_KEY=$(awk '{printf "%s\\n", $0}' rs_private_key.pem)
+  RS256_PUBLIC_KEY=$(awk '{printf "%s\\n", $0}' rs_public_key.pem)
   ASSERTIONS='[{"id":"assertion1","type":"handling","scope":"tdo","appliesToState":"encrypted","statement":{"format":"json+stanag5636","schema":"urn:nato:stanag:5636:A:1:elements:json","value":"{\"ocl\":\"2024-10-21T20:47:36Z\"}"}}]'
+  SIGNED_ASSERTIONS_HS256='[{"id":"assertion1","type":"handling","scope":"tdo","appliesToState":"encrypted","statement":{"format":"json+stanag5636","schema":"urn:nato:stanag:5636:A:1:elements:json","value":"{\"ocl\":\"2024-10-21T20:47:36Z\"}"},"signingKey":{"alg":"HS256","key":"'$HS256_KEY'"}}]'
+  SIGNED_ASSERTION_VERIFICATON_HS256='{"keys":{"assertion1":{"alg":"HS256","key":"'$HS256_KEY'"}}}'
+  SIGNED_ASSERTIONS_RS256='[{"id":"assertion1","type":"handling","scope":"tdo","appliesToState":"encrypted","statement":{"format":"json+stanag5636","schema":"urn:nato:stanag:5636:A:1:elements:json","value":"{\"ocl\":\"2024-10-21T20:47:36Z\"}"},"signingKey":{"alg":"RS256","key":"'$RS256_PRIVATE_KEY'"}}]'
+  SIGNED_ASSERTION_VERIFICATON_RS256='{"keys":{"assertion1":{"alg":"RS256","key":"'$RS256_PUBLIC_KEY'"}}}'
   SM=$(./otdfctl --host $HOST $WITH_CREDS $DEBUG_LEVEL policy subject-mappings create --action-standard DECRYPT -a "$VAL_ID" --subject-condition-set-new "$SCS")
   export FQN="https://testing-enc-dec.io/attr/attr1/value/value1"
   export MIXED_CASE_FQN="https://Testing-Enc-Dec.io/attr/Attr1/value/VALUE1"
@@ -57,6 +66,18 @@ teardown_file(){
   ./otdfctl decrypt --host $HOST --tls-no-verify $DEBUG_LEVEL $WITH_CREDS $OUTFILE_TXT | grep "$SECRET_TEXT"
 }
 
+@test "roundtrip TDF3, assertions with HS265 keys and verificaion, file" {
+  ./otdfctl encrypt -o $OUTFILE_GO_MOD --host $HOST --tls-no-verify $DEBUG_LEVEL $WITH_CREDS -a $FQN --with-assertions "$SIGNED_ASSERTIONS_HS256" --tdf-type tdf3 $INFILE_GO_MOD
+  ./otdfctl decrypt -o $RESULTFILE_GO_MOD --host $HOST --tls-no-verify $DEBUG_LEVEL $WITH_CREDS --with-assertion-verification-keys "$SIGNED_ASSERTION_VERIFICATON_HS256" --tdf-type tdf3 $OUTFILE_GO_MOD
+  diff $INFILE_GO_MOD $RESULTFILE_GO_MOD
+}
+
+@test "roundtrip TDF3, assertions with RS256 keys and verificaion, file" {
+  ./otdfctl encrypt -o $OUTFILE_GO_MOD --host $HOST --tls-no-verify $DEBUG_LEVEL $WITH_CREDS -a $FQN --with-assertions "$SIGNED_ASSERTIONS_RS256" --tdf-type tdf3 $INFILE_GO_MOD
+  ./otdfctl decrypt -o $RESULTFILE_GO_MOD --host $HOST --tls-no-verify $DEBUG_LEVEL $WITH_CREDS --with-assertion-verification-keys "$SIGNED_ASSERTION_VERIFICATON_RS256" --tdf-type tdf3 $OUTFILE_GO_MOD
+  diff $INFILE_GO_MOD $RESULTFILE_GO_MOD
+}
+
 @test "roundtrip NANO, no attributes, file" {
   ./otdfctl encrypt -o $OUTFILE_GO_MOD --host $HOST --tls-no-verify $DEBUG_LEVEL $WITH_CREDS --tdf-type nano $INFILE_GO_MOD
   ./otdfctl decrypt -o $RESULTFILE_GO_MOD --host $HOST --tls-no-verify $DEBUG_LEVEL $WITH_CREDS --tdf-type nano $OUTFILE_GO_MOD

pkg/handlers/tdf.go

@@ -2,7 +2,10 @@ package handlers
 
 import (
 	"bytes"
+	"crypto/rsa"
+	"crypto/x509"
 	"encoding/json"
+	"encoding/pem"
 	"errors"
 	"fmt"
 	"io"
@@ -57,6 +60,15 @@ func (h Handler) EncryptBytes(tdfType string, unencrypted []byte, attrValues []s
 			if err != nil {
 				return nil, errors.Join(ErrTDFUnableToReadAssertions, err)
 			}
+			for i, config := range assertionConfigs {
+				if (config.SigningKey != sdk.AssertionKey{}) {
+					correctedKey, err := correctKeyType(config.SigningKey.Alg, config.SigningKey.Key, false)
+					if err != nil {
+						return nil, fmt.Errorf("error with assertion signing key: %w", err)
+					}
+					assertionConfigs[i].SigningKey.Key = correctedKey
+				}
+			}
 			opts = append(opts, sdk.WithAssertions(assertionConfigs...))
 		}
 
@@ -91,7 +103,72 @@ func (h Handler) EncryptBytes(tdfType string, unencrypted []byte, attrValues []s
 	}
 }
 
-func (h Handler) DecryptBytes(toDecrypt []byte, disableAssertionCheck bool) (*bytes.Buffer, error) {
+func correctKeyType(alg sdk.AssertionKeyAlg, key interface{}, public bool) (interface{}, error) {
+	//nolint:nestif // nested its within switch mainly for error catching
+	if alg == sdk.AssertionKeyAlgHS256 {
+		// convert string to []byte
+		strKey, ok := key.(string)
+		if !ok {
+			return nil, errors.New("unable to convert HS256 assertion key to string")
+		}
+		return []byte(strKey), nil
+	} else if alg == sdk.AssertionKeyAlgRS256 {
+		// convert to rsa.PrivateKey
+		strKey, ok := key.(string)
+		if !ok {
+			return nil, errors.New("unable to convert RS256 assertion pem to string")
+		}
+		// Decode the PEM block
+		block, _ := pem.Decode([]byte(strKey))
+		if block == nil {
+			return nil, errors.New("failed to decode PEM block")
+		}
+
+		// Check the block type and parse accordingly
+		var privateKey *rsa.PrivateKey
+		var publicKey *rsa.PublicKey
+		var err error
+		switch block.Type {
+		case "RSA PRIVATE KEY":
+			privateKey, err = x509.ParsePKCS1PrivateKey(block.Bytes)
+			publicKey = &privateKey.PublicKey
+		case "PRIVATE KEY":
+			parsedKey, parseErr := x509.ParsePKCS8PrivateKey(block.Bytes)
+			if parseErr != nil {
+				return nil, fmt.Errorf("failed to parse PKCS#8 private key: %w", parseErr)
+			}
+			privateKey, ok = parsedKey.(*rsa.PrivateKey)
+			if !ok {
+				return nil, errors.New("parsed key is not an RSA private key")
+			}
+			publicKey = &privateKey.PublicKey
+		case "RSA PUBLIC KEY":
+			publicKey, err = x509.ParsePKCS1PublicKey(block.Bytes)
+		case "PUBLIC KEY":
+			parsedKey, parseErr := x509.ParsePKIXPublicKey(block.Bytes)
+			if parseErr != nil {
+				return nil, fmt.Errorf("failed to parse PKIX public key: %w", parseErr)
+			}
+			publicKey, ok = parsedKey.(*rsa.PublicKey)
+			if !ok {
+				return nil, errors.New("parsed key is not an RSA public key")
+			}
+		default:
+			return nil, fmt.Errorf("unsupported key type: %s", block.Type)
+		}
+
+		if err != nil {
+			return nil, fmt.Errorf("failed to parse private key: %w", err)
+		}
+		if public {
+			return publicKey, nil
+		}
+		return privateKey, nil
+	}
+	return nil, fmt.Errorf("unsupported signing key alg: %v", alg)
+}
+
+func (h Handler) DecryptBytes(toDecrypt []byte, assertionVerification string, disableAssertionCheck bool) (*bytes.Buffer, error) {
 	out := &bytes.Buffer{}
 	pt := io.Writer(out)
 	ec := bytes.NewReader(toDecrypt)
@@ -101,7 +178,23 @@ func (h Handler) DecryptBytes(toDecrypt []byte, disableAssertionCheck bool) (*by
 			return nil, err
 		}
 	case sdk.Standard:
-		r, err := h.sdk.LoadTDF(ec, sdk.WithDisableAssertionVerification(disableAssertionCheck))
+		opts := []sdk.TDFReaderOption{sdk.WithDisableAssertionVerification(disableAssertionCheck)}
+		var assertionVerificationKeys sdk.AssertionVerificationKeys
+		if assertionVerification != "" {
+			err := json.Unmarshal([]byte(assertionVerification), &assertionVerificationKeys)
+			if err != nil {
+				return nil, errors.Join(ErrTDFUnableToReadAssertions, err)
+			}
+			for assertionName, key := range assertionVerificationKeys.Keys {
+				correctedKey, err := correctKeyType(key.Alg, key.Key, true)
+				if err != nil {
+					return nil, fmt.Errorf("error with assertion signing key: %w", err)
+				}
+				assertionVerificationKeys.Keys[assertionName] = sdk.AssertionKey{Alg: key.Alg, Key: correctedKey}
+			}
+			opts = append(opts, sdk.WithAssertionVerificationKeys(assertionVerificationKeys))
+		}
+		r, err := h.sdk.LoadTDF(ec, opts...)
 		if err != nil {
 			return nil, err
 		}