Remove net/cert/jwk_serializer

This was originally added in
https://chromiumcodereview.appspot.com/21561003 for Channel ID. Channel
ID no longer exists and this code is unused.

Bug: 875053
Change-Id: I2fd1910909282bd753fd8a7f0ff32ecc2d808087
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2298343
Commit-Queue: David Benjamin <davidben@chromium.org>
Commit-Queue: Nick Harper <nharper@chromium.org>
Auto-Submit: David Benjamin <davidben@chromium.org>
Reviewed-by: Nick Harper <nharper@chromium.org>
Cr-Commit-Position: refs/heads/master@{#788450}

net/BUILD.gn

@@ -520,8 +520,6 @@ component("net") {
       "cert/ev_root_ca_metadata.h",
       "cert/internal/system_trust_store.cc",
       "cert/internal/system_trust_store.h",
-      "cert/jwk_serializer.cc",
-      "cert/jwk_serializer.h",
       "cert/known_roots.cc",
       "cert/known_roots.h",
       "cert/merkle_audit_proof.cc",
@@ -4194,7 +4192,6 @@ test("net_unittests") {
     "cert/internal/verify_certificate_chain_unittest.cc",
     "cert/internal/verify_name_match_unittest.cc",
     "cert/internal/verify_signed_data_unittest.cc",
-    "cert/jwk_serializer_unittest.cc",
     "cert/known_roots_unittest.cc",
     "cert/merkle_audit_proof_unittest.cc",
     "cert/merkle_tree_leaf_unittest.cc",

net/cert/jwk_serializer.cc

-// Copyright 2013 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "net/cert/jwk_serializer.h"
-
-#include "base/base64url.h"
-#include "base/strings/string_util.h"
-#include "base/values.h"
-#include "crypto/openssl_util.h"
-#include "third_party/boringssl/src/include/openssl/bn.h"
-#include "third_party/boringssl/src/include/openssl/bytestring.h"
-#include "third_party/boringssl/src/include/openssl/ec.h"
-#include "third_party/boringssl/src/include/openssl/ec_key.h"
-#include "third_party/boringssl/src/include/openssl/evp.h"
-
-namespace net {
-
-namespace JwkSerializer {
-
-namespace {
-
-bool ConvertEcKeyToJwk(EVP_PKEY* pkey,
-                       base::DictionaryValue* public_key_jwk,
-                       const crypto::OpenSSLErrStackTracer& err_tracer) {
-  EC_KEY* ec_key = EVP_PKEY_get0_EC_KEY(pkey);
-  if (!ec_key)
-    return false;
-  const EC_GROUP* ec_group = EC_KEY_get0_group(ec_key);
-  if (!ec_group)
-    return false;
-
-  std::string curve_name;
-  int nid = EC_GROUP_get_curve_name(ec_group);
-  if (nid == NID_X9_62_prime256v1) {
-    curve_name = "P-256";
-  } else if (nid == NID_secp384r1) {
-    curve_name = "P-384";
-  } else if (nid == NID_secp521r1) {
-    curve_name = "P-521";
-  } else {
-    return false;
-  }
-
-  int degree_bytes = (EC_GROUP_get_degree(ec_group) + 7) / 8;
-
-  const EC_POINT* ec_point = EC_KEY_get0_public_key(ec_key);
-  if (!ec_point)
-    return false;
-
-  bssl::UniquePtr<BIGNUM> x(BN_new());
-  bssl::UniquePtr<BIGNUM> y(BN_new());
-  if (!EC_POINT_get_affine_coordinates_GFp(ec_group, ec_point, x.get(), y.get(),
-                                           nullptr)) {
-    return false;
-  }
-
-  // The coordinates are encoded with leading zeros included.
-  std::string x_bytes;
-  std::string y_bytes;
-  if (!BN_bn2bin_padded(reinterpret_cast<uint8_t*>(
-                            base::WriteInto(&x_bytes, degree_bytes + 1)),
-                        degree_bytes, x.get()) ||
-      !BN_bn2bin_padded(reinterpret_cast<uint8_t*>(
-                            base::WriteInto(&y_bytes, degree_bytes + 1)),
-                        degree_bytes, y.get())) {
-    return false;
-  }
-
-  public_key_jwk->SetString("kty", "EC");
-  public_key_jwk->SetString("crv", curve_name);
-
-  std::string x_b64;
-  base::Base64UrlEncode(x_bytes, base::Base64UrlEncodePolicy::OMIT_PADDING,
-                        &x_b64);
-  public_key_jwk->SetString("x", x_b64);
-
-  std::string y_b64;
-  base::Base64UrlEncode(y_bytes, base::Base64UrlEncodePolicy::OMIT_PADDING,
-                        &y_b64);
-  public_key_jwk->SetString("y", y_b64);
-
-  return true;
-}
-
-}  // namespace
-
-bool ConvertSpkiFromDerToJwk(const base::StringPiece& spki_der,
-                             base::DictionaryValue* public_key_jwk) {
-  public_key_jwk->Clear();
-
-  crypto::EnsureOpenSSLInit();
-  crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
-
-  CBS cbs;
-  CBS_init(&cbs, reinterpret_cast<const uint8_t*>(spki_der.data()),
-           spki_der.size());
-  bssl::UniquePtr<EVP_PKEY> pubkey(EVP_parse_public_key(&cbs));
-  if (!pubkey || CBS_len(&cbs) != 0)
-    return false;
-
-  if (pubkey->type == EVP_PKEY_EC) {
-    return ConvertEcKeyToJwk(pubkey.get(), public_key_jwk, err_tracer);
-  } else {
-    // TODO(juanlang): other algorithms
-    return false;
-  }
-}
-
-}  // namespace JwkSerializer
-
-}  // namespace net

net/cert/jwk_serializer.h

-// Copyright 2013 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#ifndef NET_CERT_JWK_SERIALIZER_H_
-#define NET_CERT_JWK_SERIALIZER_H_
-
-#include "base/strings/string_piece.h"
-#include "net/base/net_export.h"
-
-namespace base {
-class DictionaryValue;
-}
-
-namespace net {
-
-namespace JwkSerializer {
-
-// Converts a subject public key info from DER to JWK.
-// See http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-17 for
-// the output format.
-NET_EXPORT_PRIVATE bool ConvertSpkiFromDerToJwk(
-    const base::StringPiece& spki_der,
-    base::DictionaryValue* public_key_jwk);
-
-} // namespace JwkSerializer
-
-} // namespace net
-
-#endif  // NET_CERT_JWK_SERIALIZER_H_

net/cert/jwk_serializer_unittest.cc

-// Copyright 2013 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "net/cert/jwk_serializer.h"
-
-#include "base/base64url.h"
-#include "base/values.h"
-#include "testing/gtest/include/gtest/gtest.h"
-
-namespace net {
-
-namespace {
-
-// This is the ASN.1 prefix for a P-256 public key. Specifically it's:
-// SEQUENCE
-//   SEQUENCE
-//     OID id-ecPublicKey
-//     OID prime256v1
-//   BIT STRING, length 66, 0 trailing bits: 0x04
-//
-// The 0x04 in the BIT STRING is the prefix for an uncompressed, X9.62
-// public key. Following that are the two field elements as 32-byte,
-// big-endian numbers, as required by the Channel ID.
-static const unsigned char kP256SpkiPrefix[] = {
-    0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,
-    0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a,
-    0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
-    0x42, 0x00, 0x04
-};
-static const unsigned int kEcCoordinateSize = 32U;
-
-// This is a valid P-256 public key.
-static const unsigned char kSpkiEc[] = {
-    0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,
-    0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a,
-    0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
-    0x42, 0x00, 0x04,
-    0x29, 0x5d, 0x6e, 0xfe, 0x33, 0x77, 0x26, 0xea,
-    0x5b, 0xa4, 0xe6, 0x1b, 0x34, 0x6e, 0x7b, 0xa0,
-    0xa3, 0x8f, 0x33, 0x49, 0xa0, 0x9c, 0xae, 0x98,
-    0xbd, 0x46, 0x0d, 0xf6, 0xd4, 0x5a, 0xdc, 0x8a,
-    0x1f, 0x8a, 0xb2, 0x20, 0x51, 0xb7, 0xd2, 0x87,
-    0x0d, 0x53, 0x7e, 0x5d, 0x94, 0xa3, 0xe0, 0x34,
-    0x16, 0xa1, 0xcc, 0x10, 0x48, 0xcd, 0x70, 0x9c,
-    0x05, 0xd3, 0xd2, 0xca, 0xdf, 0x44, 0x2f, 0xf4
-};
-
-// This is a P-256 public key with a leading 0.
-static const unsigned char kSpkiEcWithLeadingZero[] = {
-    0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,
-    0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a,
-    0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
-    0x42, 0x00, 0x04,
-    0x00, 0x8e, 0xd5, 0x49, 0x51, 0xad, 0x7d, 0xd3,
-    0x3a, 0x59, 0x86, 0xd1, 0x2c, 0xba, 0x05, 0xd3,
-    0xa6, 0x3c, 0x5d, 0x6d, 0x28, 0xde, 0x8f, 0xdd,
-    0xa5, 0x3d, 0x30, 0x18, 0x05, 0x86, 0x76, 0x9c,
-    0x7c, 0xa7, 0xba, 0x58, 0xea, 0x1a, 0x84, 0x19,
-    0x29, 0x0a, 0x15, 0x30, 0x7d, 0x6b, 0x00, 0x41,
-    0x64, 0x56, 0x84, 0x19, 0x54, 0x3e, 0x26, 0x13,
-    0xc9, 0x1e, 0x31, 0x89, 0xe2, 0x62, 0xcb, 0x3f
-};
-
-// Section 2 of RFC 7515 defines that an URL-safe base64 encoding must be used
-// with all trailing '=' characters omitted. Returns whether the |input|
-// contains any of the forbidden base64 characters (+, -, =).
-bool ContainsNonUrlSafeBase64Characters(base::StringPiece input) {
-  return input.find_first_of("+-=") != std::string::npos;
-}
-
-}  // namespace
-
-TEST(JwkSerializerTest, ConvertSpkiFromDerToJwkEc) {
-  base::StringPiece spki;
-  base::DictionaryValue public_key_jwk;
-
-  EXPECT_FALSE(JwkSerializer::ConvertSpkiFromDerToJwk(spki, &public_key_jwk));
-  EXPECT_TRUE(public_key_jwk.empty());
-
-  // Test the result of a "normal" point on this curve.
-  spki = base::StringPiece(reinterpret_cast<const char*>(kSpkiEc),
-                           sizeof(kSpkiEc));
-  EXPECT_TRUE(JwkSerializer::ConvertSpkiFromDerToJwk(spki, &public_key_jwk));
-
-  std::string string_value;
-  EXPECT_TRUE(public_key_jwk.GetString("kty", &string_value));
-  EXPECT_STREQ("EC", string_value.c_str());
-  EXPECT_TRUE(public_key_jwk.GetString("crv", &string_value));
-  EXPECT_STREQ("P-256", string_value.c_str());
-
-  EXPECT_TRUE(public_key_jwk.GetString("x", &string_value));
-  EXPECT_FALSE(ContainsNonUrlSafeBase64Characters(string_value));
-  std::string decoded_coordinate;
-  EXPECT_TRUE(base::Base64UrlDecode(
-      string_value, base::Base64UrlDecodePolicy::DISALLOW_PADDING,
-      &decoded_coordinate));
-  EXPECT_EQ(kEcCoordinateSize, decoded_coordinate.size());
-  EXPECT_EQ(0,
-            memcmp(decoded_coordinate.data(),
-                   kSpkiEc + sizeof(kP256SpkiPrefix),
-                   kEcCoordinateSize));
-
-  EXPECT_TRUE(public_key_jwk.GetString("y", &string_value));
-  EXPECT_FALSE(ContainsNonUrlSafeBase64Characters(string_value));
-  EXPECT_TRUE(base::Base64UrlDecode(
-      string_value, base::Base64UrlDecodePolicy::DISALLOW_PADDING,
-      &decoded_coordinate));
-  EXPECT_EQ(kEcCoordinateSize, decoded_coordinate.size());
-  EXPECT_EQ(0,
-            memcmp(decoded_coordinate.data(),
-                  kSpkiEc + sizeof(kP256SpkiPrefix) + kEcCoordinateSize,
-                  kEcCoordinateSize));
-
-  // Test the result of a corner case: leading 0s in the x, y coordinates are
-  // not trimmed, but the point is fixed-length encoded.
-  spki = {reinterpret_cast<const char*>(kSpkiEcWithLeadingZero),
-          sizeof(kSpkiEcWithLeadingZero)};
-  EXPECT_TRUE(JwkSerializer::ConvertSpkiFromDerToJwk(spki, &public_key_jwk));
-
-  EXPECT_TRUE(public_key_jwk.GetString("kty", &string_value));
-  EXPECT_STREQ("EC", string_value.c_str());
-  EXPECT_TRUE(public_key_jwk.GetString("crv", &string_value));
-  EXPECT_STREQ("P-256", string_value.c_str());
-
-  EXPECT_TRUE(public_key_jwk.GetString("x", &string_value));
-  EXPECT_FALSE(ContainsNonUrlSafeBase64Characters(string_value));
-  EXPECT_TRUE(base::Base64UrlDecode(
-      string_value, base::Base64UrlDecodePolicy::DISALLOW_PADDING,
-      &decoded_coordinate));
-  EXPECT_EQ(kEcCoordinateSize, decoded_coordinate.size());
-  EXPECT_EQ(0,
-            memcmp(decoded_coordinate.data(),
-                   kSpkiEcWithLeadingZero + sizeof(kP256SpkiPrefix),
-                   kEcCoordinateSize));
-
-  EXPECT_TRUE(public_key_jwk.GetString("y", &string_value));
-  EXPECT_FALSE(ContainsNonUrlSafeBase64Characters(string_value));
-  EXPECT_TRUE(base::Base64UrlDecode(
-      string_value, base::Base64UrlDecodePolicy::DISALLOW_PADDING,
-      &decoded_coordinate));
-  EXPECT_EQ(kEcCoordinateSize, decoded_coordinate.size());
-  EXPECT_EQ(0, memcmp(
-      decoded_coordinate.data(),
-      kSpkiEcWithLeadingZero + sizeof(kP256SpkiPrefix) + kEcCoordinateSize,
-      kEcCoordinateSize));
-}
-
-}  // namespace net