Add l8w8jwt component

Author: laukik-hase

.github/ISSUE_TEMPLATE/bug-report.yml

@@ -36,6 +36,7 @@ body:
         - jsmn
         - json_generator
         - json_parser
+        - l8w8jwt
         - led_strip
         - libsodium
         - nghttp

.github/workflows/upload_component.yml

@@ -51,6 +51,7 @@ jobs:
             json_generator;
             json_parser;
             led_strip;
+            l8w8jwt;
             libsodium;
             nghttp;
             onewire_bus;

.gitmodules

@@ -57,3 +57,6 @@
 [submodule "catch2/Catch2"]
 	path = catch2/Catch2
 	url = https://github.com/catchorg/Catch2.git
+[submodule "l8w8jwt/l8w8jwt"]
+	path = l8w8jwt/l8w8jwt
+	url = https://github.com/GlitchedPolygons/l8w8jwt.git

l8w8jwt/CMakeLists.txt

@@ -0,0 +1,15 @@
+idf_component_register(SRCS "l8w8jwt/src/base64.c"
+        "l8w8jwt/src/claim.c"
+        "l8w8jwt/src/decode.c"
+        "l8w8jwt/src/encode.c"
+        "l8w8jwt/src/util.c"
+        "l8w8jwt/src/version.c"
+    INCLUDE_DIRS "l8w8jwt/include"
+    PRIV_INCLUDE_DIRS "port/private_include"
+    PRIV_REQUIRES "mbedtls"
+)
+
+set_source_files_properties("l8w8jwt/src/encode.c" "l8w8jwt/src/decode.c"
+                            PROPERTIES COMPILE_FLAGS "-Wno-maybe-uninitialized")
+
+target_compile_options(${COMPONENT_LIB} PRIVATE "-DL8W8JWT_SMALL_STACK=1" "-DL8W8JWT_ENABLE_EDDSA=0")

l8w8jwt/LICENSE

@@ -0,0 +1 @@
+l8w8jwt/LICENSE

l8w8jwt/README.md

@@ -0,0 +1 @@
+l8w8jwt/README.md

l8w8jwt/examples/es256/CMakeLists.txt

@@ -0,0 +1,6 @@
+# The following lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.16)
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+project(es256)

l8w8jwt/examples/es256/main/CMakeLists.txt

@@ -0,0 +1,2 @@
+idf_component_register(SRCS "main.c"
+                    INCLUDE_DIRS "")

l8w8jwt/examples/es256/main/idf_component.yml

@@ -0,0 +1,8 @@
+## IDF Component Manager Manifest File
+version: "1.0.0"
+description: l8w8jwt Example
+dependencies:
+  idf: ">=5.0"
+  espressif/l8w8jwt:
+    version: '>=2.2.1'
+    override_path: '../../../'

l8w8jwt/examples/es256/main/main.c

@@ -0,0 +1,166 @@
+/*
+   Copyright 2020 Raphael Beck
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+*/
+
+#include <stdio.h>
+#include <string.h>
+#include "l8w8jwt/encode.h"
+#include "l8w8jwt/decode.h"
+
+/*
+ * This keypair was generated using the following command:
+ * openssl ecparam -name prime256v1 -genkey -noout -out private.pem && openssl ec -in private.pem -pubout -out public.pem
+ */
+
+static const char ECDSA_PRIVATE_KEY[] = "-----BEGIN EC PRIVATE KEY-----\n"
+                                        "MHcCAQEEILvM6E7mLOdndALDyFc3sOgUTb6iVjgwRBtBwYZngSuwoAoGCCqGSM49\n"
+                                        "AwEHoUQDQgAEMlFGAIxe+/zLanxz4bOxTI6daFBkNGyQ+P4bc/RmNEq1NpsogiMB\n"
+                                        "5eXC7jUcD/XqxP9HCIhdRBcQHx7aOo3ayQ==\n"
+                                        "-----END EC PRIVATE KEY-----";
+
+static const char ECDSA_PUBLIC_KEY[] = "-----BEGIN PUBLIC KEY-----\n"
+                                       "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEMlFGAIxe+/zLanxz4bOxTI6daFBk\n"
+                                       "NGyQ+P4bc/RmNEq1NpsogiMB5eXC7jUcD/XqxP9HCIhdRBcQHx7aOo3ayQ==\n"
+                                       "-----END PUBLIC KEY-----";
+
+int example_jwt_decode(char *jwt)
+{
+    struct l8w8jwt_decoding_params params;
+    l8w8jwt_decoding_params_init(&params);
+
+    params.alg = L8W8JWT_ALG_ES256;
+
+    params.jwt = jwt;
+    params.jwt_length = strlen(jwt);
+
+    params.verification_key = (unsigned char *)ECDSA_PUBLIC_KEY;
+    params.verification_key_length = strlen(ECDSA_PUBLIC_KEY);
+
+    params.validate_iss = "Black Mesa";
+    params.validate_iss_length = strlen(params.validate_iss);
+
+    params.validate_sub = "Gordon Freeman";
+    params.validate_sub_length = strlen(params.validate_sub);
+
+    params.validate_exp = 1;
+    params.exp_tolerance_seconds = 60;
+
+    params.validate_iat = 1;
+    params.iat_tolerance_seconds = 60;
+
+    enum l8w8jwt_validation_result validation_result;
+    int r = l8w8jwt_decode(&params, &validation_result, NULL, NULL);
+
+    printf("\nl8w8jwt_decode_es256 function returned %s (code %d).\n\nValidation result: \n%d\n", r == L8W8JWT_SUCCESS ? "successfully" : "", r, validation_result);
+    return r;
+}
+
+char *example_jwt_encode(void)
+{
+    char *jwt;
+    size_t jwt_length;
+
+    struct l8w8jwt_claim header_claims[] = {
+        {
+            .key = "kid",
+            .key_length = 3,
+            .value = "some-key-id-here-012345",
+            .value_length = strlen("some-key-id-here-012345"),
+            .type = L8W8JWT_CLAIM_TYPE_STRING
+        }
+    };
+
+    struct l8w8jwt_claim payload_claims[] = {
+        {
+            .key = "ctx",
+            .key_length = 3,
+            .value = "Unforseen Consequences",
+            .value_length = strlen("Unforseen Consequences"),
+            .type = L8W8JWT_CLAIM_TYPE_STRING
+        },
+        {
+            .key = "age",
+            .key_length = 3,
+            .value = "27",
+            .value_length = strlen("27"),
+            .type = L8W8JWT_CLAIM_TYPE_INTEGER
+        },
+        {
+            .key = "size",
+            .key_length = strlen("size"),
+            .value = "1.85",
+            .value_length = strlen("1.85"),
+            .type = L8W8JWT_CLAIM_TYPE_NUMBER
+        },
+        {
+            .key = "alive",
+            .key_length = strlen("alive"),
+            .value = "true",
+            .value_length = strlen("true"),
+            .type = L8W8JWT_CLAIM_TYPE_BOOLEAN
+        },
+        {
+            .key = "nulltest",
+            .key_length = strlen("nulltest"),
+            .value = "null",
+            .value_length = strlen("null"),
+            .type = L8W8JWT_CLAIM_TYPE_NULL
+        }
+    };
+
+    struct l8w8jwt_encoding_params params;
+    l8w8jwt_encoding_params_init(&params);
+
+    params.alg = L8W8JWT_ALG_ES256;
+
+    params.sub = "Gordon Freeman";
+    params.sub_length = strlen("Gordon Freeman");
+
+    params.iss = "Black Mesa";
+    params.iss_length = strlen("Black Mesa");
+
+    params.aud = "Administrator";
+    params.aud_length = strlen("Administrator");
+
+    params.iat = time(NULL);
+    params.exp = time(NULL) + 600; // Set to expire after 10 minutes (600 seconds).
+
+    params.additional_header_claims = header_claims;
+    params.additional_header_claims_count = sizeof(header_claims) / sizeof(struct l8w8jwt_claim);
+
+    params.additional_payload_claims = payload_claims;
+    params.additional_payload_claims_count = sizeof(payload_claims) / sizeof(struct l8w8jwt_claim);
+
+    params.secret_key = (unsigned char *)ECDSA_PRIVATE_KEY;
+    params.secret_key_length = strlen(ECDSA_PRIVATE_KEY);
+
+    params.out = &jwt;
+    params.out_length = &jwt_length;
+
+    int r = l8w8jwt_encode(&params);
+    printf("\nl8w8jwt_encode_es256 function returned %s (code %d).\n\nCreated token: \n%s\n", r == L8W8JWT_SUCCESS ? "successfully" : "", r, jwt);
+
+    return jwt;
+}
+
+void app_main(void)
+{
+    printf("=== JWT Example on ESP32 ===\n");
+    char *jwt = example_jwt_encode();
+    int ret = example_jwt_decode(jwt);
+    l8w8jwt_free(jwt); /* Never forget to free the jwt string! */
+    printf("JWT generation and decoding: %s\n", ret == L8W8JWT_SUCCESS ? "success" : "failed");
+    return;
+}

l8w8jwt/idf_component.yml

@@ -0,0 +1,7 @@
+version: "2.2.1"
+description: "Minimal, OpenSSL-less and super lightweight JWT library written in C"
+url: https://github.com/espressif/idf-extra-components/tree/master/l8w8jwt
+dependencies:
+  idf: ">=5.0"
+  espressif/jsmn:
+    version: "^1.1.0"

l8w8jwt/l8w8jwt

@@ -0,0 +1,153 @@
+/*
+ * SPDX-FileCopyrightText: 2020 Raphael Beck
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * SPDX-FileContributor: 2023 Espressif Systems (Shanghai) CO LTD
+ */
+/*
+   Copyright 2020 Raphael Beck
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+*/
+
+/**
+ *  @file checknum.h
+ *  @author Raphael Beck
+ *  @brief Check whether a given string contains an integer or floating point number.
+ */
+
+/* https://github.com/GlitchedPolygons/checknum */
+
+#ifndef CHECKNUM_H
+#define CHECKNUM_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifdef CHECKNUM_STATIC
+#define CHECKNUM_API static
+#else
+#define CHECKNUM_API extern
+#endif
+
+#include <string.h>
+#include <stddef.h>
+#include <stdbool.h>
+#include <inttypes.h>
+
+/**
+ * Checks whether a given string contains a valid integer or floating point number. <p>
+ * If it's an integer, 1 is returned. <P>
+ * If it's a float or a double, 2 is returned. <p>
+ * If the string doesn't contain a valid number at all, 0 is returned.
+ */
+CHECKNUM_API int checknum(char *string, size_t string_length)
+{
+    if (string == NULL) {
+        return 0;
+    }
+
+    if (string_length == 0) {
+        string_length = strlen(string);
+    }
+
+    char *c = string;
+
+    while (*c == ' ' && c < string + string_length) {
+        c++;
+    }
+
+    while (*(string + string_length - 1) == ' ' && c < string + string_length) {
+        string_length--;
+    }
+
+    switch (*c) {
+    case '+':
+    case '-':
+        if (++c >= string + string_length) {
+            return 0;
+        }
+    default:
+        break;
+    }
+
+    unsigned int type = 0;
+
+    if (*c == '0') {
+        type |= 1 << 0;
+        if (*++c != '.' && c < string + string_length) {
+            return 0;
+        }
+    }
+
+    for (; c < string + string_length; c++) {
+        switch (*c) {
+        case '0':
+        case '1':
+        case '2':
+        case '3':
+        case '4':
+        case '5':
+        case '6':
+        case '7':
+        case '8':
+        case '9':
+            type |= 1 << 0;
+            continue;
+        case '-':
+            if (type & 1 << 1 || (*(c - 1) != 'E' && *(c - 1) != 'e')) {
+                return 0;
+            }
+            type |= 1 << 1;
+            continue;
+        case '.':
+            if (type & 1 << 2 || type & 1 << 3) {
+                return 0;
+            }
+            type |= 1 << 2;
+            continue;
+        case 'E':
+        case 'e':
+            if (!(type & 1 << 0) || type & 1 << 3 || c + 1 >= string + string_length) {
+                return 0;
+            }
+            type |= 1 << 3;
+            continue;
+        case '+':
+            if (type & 1 << 4 || (*(c - 1) != 'E' && *(c - 1) != 'e')) {
+                return 0;
+            }
+            type |= 1 << 4;
+            continue;
+        default:
+            return 0;
+        }
+    }
+
+    switch (type) {
+    case 0:
+        return 0;
+    case 1 << 0:
+        return 1;
+    default:
+        return type & 1 << 0 ? 2 : 0;
+    }
+}
+
+#ifdef __cplusplus
+} // extern "C"
+#endif
+
+#endif // CHECKNUM_H