Remove TrustTokenVerificationKey::label

Because of a recent design change, key labels are now a BoringSSL
implementation detail: the key encoding now contains a key's label,
so there's no need to represent it separately in our Chromium-side
Trust Tokens code.

This change removes the label field from the
mojom::TrustTokenVerificationKey struct but retains the label
parsing code in the key commitment parser to ensure that the key
commitment results we receive are syntactically correct. (There's no
reason in principle why the key commitment record format couldn't just
use a list now, but it's probably a little close to the initial
prototype release to change the schema.)

R=csharrison

Bug: 1068678
Change-Id: I35e6ab046cf0f98f68cd09b906e5b4ba43bd5bd2
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2158968
Commit-Queue: David Van Cleve <davidvc@chromium.org>
Auto-Submit: David Van Cleve <davidvc@chromium.org>
Reviewed-by: Charlie Harrison <csharrison@chromium.org>
Reviewed-by: Matthew Denton <mpdenton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#761159}

services/network/public/mojom/trust_tokens.mojom

@@ -150,12 +150,6 @@ interface HasTrustTokensAnswerer {
 struct TrustTokenVerificationKey {
   string body;
   mojo_base.mojom.Time expiry;
-  // Key labels are opaque values provided by the trust token issuer,
-  // constrained to be in the representable range of uint32. We keep track of
-  // them in order to provide them in Trust Tokens redemption requests, at which
-  // point the label of a token's verification key becomes bound to the token's
-  // redemption.
-  uint32 label;
 };
 
 // This is a wrapper struct that exists in order to make the batch size

services/network/trust_tokens/trust_token_key_commitment_parser.cc

@@ -19,15 +19,14 @@ namespace network {
 namespace {
 
 // Parses a single key label. If |in| is the string representation of an integer
-// in in the representable range of uint32_t, sets |*out| to that integer value
-// and returns true. Otherwise, returns false.
-bool ParseSingleKeyLabel(base::StringPiece in, uint32_t* out) {
+// in in the representable range of uint32_t, returns true. Otherwise, returns
+// false.
+bool ParseSingleKeyLabel(base::StringPiece in) {
   uint64_t key_label_in_uint64;
   if (!base::StringToUint64(in, &key_label_in_uint64))
     return false;
   if (!base::IsValueInRangeForNumericType<uint32_t>(key_label_in_uint64))
     return false;
-  *out = base::checked_cast<uint32_t>(key_label_in_uint64);
   return true;
 }
 
@@ -109,7 +108,7 @@ mojom::TrustTokenKeyCommitmentResultPtr ParseSingleIssuer(
 
     auto key = mojom::TrustTokenVerificationKey::New();
 
-    if (!ParseSingleKeyLabel(kv.first, &key->label))
+    if (!ParseSingleKeyLabel(kv.first))
       return nullptr;
 
     switch (ParseSingleKeyExceptLabel(item, key.get())) {
@@ -153,7 +152,8 @@ const char kTrustTokenKeyCommitmentKeyField[] = "Y";
 //   "srrkey" : ...,    // Required Signed Redemption Record (SRR)
 //                      // verification key, in base64.
 //
-//   "1" : {            // Key label, a number in uint32_t range.
+//   "1" : {            // Key label, a number in uint32_t range; ignored except
+//                      // for checking that it is present and type-safe.
 //     "Y" : ...,       // Required token issuance verification key, in
 //                      // base64.
 //     "expiry" : ...,  // Required token issuance key expiry time, in

services/network/trust_tokens/trust_token_key_commitment_parser_unittest.cc

@@ -244,7 +244,6 @@ TEST(TrustTokenKeyCommitmentParser, AcceptsKeyWithExpiryAndBody) {
   ASSERT_TRUE(base::JSONReader::Read(input));
 
   auto my_key = mojom::TrustTokenVerificationKey::New();
-  my_key->label = 1;
   ASSERT_TRUE(base::Base64Decode("akey", &my_key->body));
   my_key->expiry = one_minute_from_now;
 
@@ -281,12 +280,10 @@ TEST(TrustTokenKeyCommitmentParser, AcceptsMultipleKeys) {
   ASSERT_TRUE(base::JSONReader::Read(input));
 
   auto a_key = mojom::TrustTokenVerificationKey::New();
-  a_key->label = 1;
   ASSERT_TRUE(base::Base64Decode("akey", &a_key->body));
   a_key->expiry = one_minute_from_now;
 
   auto another_key = mojom::TrustTokenVerificationKey::New();
-  another_key->label = 2;
   ASSERT_TRUE(base::Base64Decode("aaaa", &another_key->body));
   another_key->expiry = two_minutes_from_now;
 

services/network/trust_tokens/trust_token_request_issuance_helper_unittest.cc

@@ -462,8 +462,8 @@ TEST_F(TrustTokenRequestIssuanceHelperTest, StoresObtainedTokens) {
       *SuitableTrustTokenOrigin::Create(GURL("https://issuer.com/"));
 
   auto key_commitment_result = mojom::TrustTokenKeyCommitmentResult::New();
-  key_commitment_result->keys.push_back(mojom::TrustTokenVerificationKey::New(
-      "key", /*expiry=*/base::Time(), /*label=*/0));
+  key_commitment_result->keys.push_back(
+      mojom::TrustTokenVerificationKey::New("key", /*expiry=*/base::Time()));
   auto getter = std::make_unique<FixedKeyCommitmentGetter>(
       issuer, std::move(key_commitment_result));
 
@@ -545,8 +545,8 @@ TEST_F(TrustTokenRequestIssuanceHelperTest, RespectsMaximumBatchsize) {
       *SuitableTrustTokenOrigin::Create(GURL("https://issuer.com/"));
 
   auto key_commitment_result = mojom::TrustTokenKeyCommitmentResult::New();
-  key_commitment_result->keys.push_back(mojom::TrustTokenVerificationKey::New(
-      "key", /*expiry=*/base::Time(), /*label=*/0));
+  key_commitment_result->keys.push_back(
+      mojom::TrustTokenVerificationKey::New("key", /*expiry=*/base::Time()));
   key_commitment_result->batch_size =
       mojom::TrustTokenKeyCommitmentBatchSize::New(
           static_cast<int>(kMaximumTrustTokenIssuanceBatchSize + 1));