Properly handle invalid pad values

contentauth · Mar 1, 2025 · b5a417a · b5a417a
1 parent 6cdc7c9
commit b5a417a
Show file tree

Hide file tree

Showing 3 changed files with 93 additions and 3 deletions.
diff --git a/cawg_identity/src/identity_assertion/assertion.rs b/cawg_identity/src/identity_assertion/assertion.rs
@@ -257,7 +257,7 @@ impl IdentityAssertion {
         status_tracker: &mut StatusTracker,
         verifier: &SV,
     ) -> Result<SV::Output, ValidationError<SV::Error>> {
-        self.check_padding()?;
+        self.check_padding(status_tracker)?;
 
         self.signer_payload
             .check_against_manifest(manifest, status_tracker)?;
@@ -267,9 +267,24 @@ impl IdentityAssertion {
             .await
     }
 
-    fn check_padding<E>(&self) -> Result<(), ValidationError<E>> {
+    fn check_padding<E: Debug>(
+        &self,
+        status_tracker: &mut StatusTracker,
+    ) -> Result<(), ValidationError<E>> {
         if !self.pad1.iter().all(|b| *b == 0) {
-            return Err(ValidationError::InvalidPadding);
+            // TO DO: Where would we get assertion label?
+            log_item!(
+                "NEED TO FIND LABEL".to_owned(),
+                "invalid value in pad fields",
+                "SignerPayload::check_padding"
+            )
+            .validation_status("cawg.identity.pad.invalid")
+            .failure(status_tracker, ValidationError::<E>::InvalidPadding)?;
+
+            // We'll only get to this line if `pad1` is invalid and the status tracker is
+            // configured to continue through recoverable errors. In that case, we want to
+            // avoid logging a second "invalid padding" warning if `pad2` is also invalid.
+            return Ok(());
         }
 
         if let Some(pad2) = self.pad2.as_ref() {

diff --git a/cawg_identity/src/tests/fixtures/validation_method/pad1_invalid.jpg b/cawg_identity/src/tests/fixtures/validation_method/pad1_invalid.jpg
diff --git a/cawg_identity/src/tests/identity_assertion/validation_method.rs b/cawg_identity/src/tests/identity_assertion/validation_method.rs
@@ -556,3 +556,78 @@ mod invalid_sig_type {
         );
     }
 }
+
+/// The `pad1` and `pad2` fields of an identity assertion MUST contain only
+/// zero-value (`0x00`) bytes. The `cawg.identity.pad.invalid` error code SHALL
+/// be used to report assertions that contain other values in these fields.
+#[cfg_attr(not(target_arch = "wasm32"), tokio::test)]
+#[cfg_attr(
+    all(target_arch = "wasm32", not(target_os = "wasi")),
+    wasm_bindgen_test
+)]
+#[cfg_attr(target_os = "wasi", wstd::test)]
+async fn pad1_invalid() {
+    // The test asset `pad1_invalid.jpg` was written using a temporarily
+    // modified version of this SDK that incorrectly placed a non-zero value in the
+    // `pad1` field.
+
+    let format = "image/jpeg";
+    let test_image = include_bytes!("../fixtures/validation_method/pad1_invalid.jpg");
+
+    let mut test_image = Cursor::new(test_image);
+
+    // Initial read with default `Reader` should pass without issues.
+    let reader = Reader::from_stream(format, &mut test_image).unwrap();
+    assert_eq!(reader.validation_status(), None);
+
+    // Re-parse with identity assertion code should find invalid pad error.
+    let mut status_tracker = StatusTracker::default();
+
+    let active_manifest = reader.active_manifest().unwrap();
+    let ia_results: Vec<Result<IdentityAssertion, c2pa::Error>> =
+        IdentityAssertion::from_manifest(active_manifest, &mut status_tracker).collect();
+
+    assert_eq!(ia_results.len(), 1);
+
+    // This condition is parseable, but incorrect. There should be a validation
+    // status log for this failure.
+    let ia = ia_results[0].as_ref().unwrap();
+
+    let sp = &ia.signer_payload;
+    assert_eq!(sp.referenced_assertions.len(), 1);
+
+    assert_eq!(
+        sp.referenced_assertions[0].url(),
+        "self#jumbf=c2pa.assertions/c2pa.hash.data".to_owned()
+    );
+
+    assert_eq!(sp.sig_type, "cawg.x509.cose".to_owned());
+
+    let x509_verifier = X509SignatureVerifier {};
+    let sig_info = ia
+        .validate(
+            reader.active_manifest().unwrap(),
+            &mut status_tracker,
+            &x509_verifier,
+        )
+        .await
+        .unwrap();
+
+    assert_eq!(status_tracker.logged_items().len(), 1);
+
+    let log = &status_tracker.logged_items()[0];
+    assert_eq!(log.kind, LogKind::Failure);
+    assert_eq!(log.label, "NEED TO FIND LABEL"); // !!!
+    assert_eq!(log.description, "invalid value in pad fields");
+    assert_eq!(
+        log.validation_status.as_ref().unwrap().as_ref(),
+        "cawg.identity.pad.invalid"
+    );
+
+    let cert_info = &sig_info.cert_info;
+    assert_eq!(cert_info.alg.unwrap(), SigningAlg::Ed25519);
+    assert_eq!(
+        cert_info.issuer_org.as_ref().unwrap(),
+        "C2PA Test Signing Cert"
+    );
+}