Update Trust Token to experiment_v1.

This updates Trust Token in Chromium to use experiment_v1, which updates
the SRR structure and changes the curve to P384, along with other
optimizations.

Change-Id: I654b5b487b4d9005771979f94d37e8b4a54babbd
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2198649
Commit-Queue: Steven Valdez <svaldez@chromium.org>
Reviewed-by: David Van Cleve <davidvc@chromium.org>
Cr-Commit-Position: refs/heads/master@{#769019}

services/network/trust_tokens/boringssl_trust_token_issuance_cryptographer.cc

@@ -34,7 +34,7 @@ bool BoringsslTrustTokenIssuanceCryptographer::Initialize(
     return false;
 
   ctx_ = bssl::UniquePtr<TRUST_TOKEN_CLIENT>(TRUST_TOKEN_CLIENT_new(
-      TRUST_TOKEN_experiment_v0(),
+      TRUST_TOKEN_experiment_v1(),
       static_cast<size_t>(issuer_configured_batch_size)));
   return !!ctx_;
 }

services/network/trust_tokens/boringssl_trust_token_issuance_cryptographer_unittest.cc

@@ -18,7 +18,7 @@ std::string GenerateValidVerificationKey() {
       signing(TRUST_TOKEN_MAX_PRIVATE_KEY_SIZE, 'a');
   size_t verification_len, signing_len;
   CHECK(TRUST_TOKEN_generate_key(
-      TRUST_TOKEN_experiment_v0(),
+      TRUST_TOKEN_experiment_v1(),
       base::as_writable_bytes(base::make_span(signing)).data(), &signing_len,
       signing.size(),
       base::as_writable_bytes(base::make_span(verification)).data(),

services/network/trust_tokens/boringssl_trust_token_redemption_cryptographer.cc

@@ -31,7 +31,7 @@ bool BoringsslTrustTokenRedemptionCryptographer::Initialize(
     return false;
 
   ctx_ = bssl::UniquePtr<TRUST_TOKEN_CLIENT>(TRUST_TOKEN_CLIENT_new(
-      TRUST_TOKEN_experiment_v0(),
+      TRUST_TOKEN_experiment_v1(),
       static_cast<size_t>(issuer_configured_batch_size)));
   if (!ctx_)
     return false;

services/network/trust_tokens/test/signed_request_verification_util.cc

@@ -209,7 +209,7 @@ bool ConfirmSrrBodyIntegrity(base::StringPiece srr_body,
 
   const cbor::Value::MapValue& map = maybe_map->GetMap();
 
-  if (map.size() != 3) {
+  if (map.size() != 4) {
     error = "SRR body is a map of unexpected size";
     return false;
   }
@@ -248,6 +248,7 @@ bool ConfirmSrrBodyIntegrity(base::StringPiece srr_body,
            std::make_tuple("metadata.public", &cbor::Value::is_unsigned),
            std::make_tuple("metadata.private", &cbor::Value::is_unsigned),
            std::make_tuple("expiry-timestamp", &cbor::Value::is_unsigned),
+           std::make_tuple("token-hash", &cbor::Value::is_bytestring),
        }) {
     if (!check_field(std::get<0>(tup), std::get<1>(tup))) {
       error = "Missing or type-unsafe " + std::string(std::get<0>(tup));

services/network/trust_tokens/test/trust_token_request_handler.cc

@@ -48,7 +48,7 @@ IssuanceKeyPair GenerateIssuanceKeyPair(int id) {
   keys.verification.resize(TRUST_TOKEN_MAX_PUBLIC_KEY_SIZE);
   size_t signing_key_len, verification_key_len;
   CHECK(TRUST_TOKEN_generate_key(
-      TRUST_TOKEN_experiment_v0(), keys.signing.data(), &signing_key_len,
+      TRUST_TOKEN_experiment_v1(), keys.signing.data(), &signing_key_len,
       keys.signing.size(), keys.verification.data(), &verification_key_len,
       keys.verification.size(), id));
   keys.signing.resize(signing_key_len);
@@ -111,7 +111,7 @@ struct TrustTokenRequestHandler::Rep {
 bssl::UniquePtr<TRUST_TOKEN_ISSUER>
 TrustTokenRequestHandler::Rep::CreateIssuerContextFromUnexpiredKeys() const {
   bssl::UniquePtr<TRUST_TOKEN_ISSUER> ret(
-      TRUST_TOKEN_ISSUER_new(TRUST_TOKEN_experiment_v0(), batch_size));
+      TRUST_TOKEN_ISSUER_new(TRUST_TOKEN_experiment_v1(), batch_size));
   if (!ret)
     return nullptr;
 

services/network/trust_tokens/trust_token_cryptographers_test.cc

@@ -62,7 +62,7 @@ TokenKeyPair GenerateTokenKeys(uint32_t key_id) {
   keys.verification.resize(TRUST_TOKEN_MAX_PUBLIC_KEY_SIZE);
   size_t signing_key_len, verification_key_len;
   CHECK(TRUST_TOKEN_generate_key(
-      TRUST_TOKEN_experiment_v0(), keys.signing.data(), &signing_key_len,
+      TRUST_TOKEN_experiment_v1(), keys.signing.data(), &signing_key_len,
       keys.signing.size(), keys.verification.data(), &verification_key_len,
       keys.verification.size(), key_id));
   keys.signing.resize(signing_key_len);
@@ -235,7 +235,7 @@ TEST(TrustTokenCryptographersTest, IssuanceAndRedemption) {
   // Initialization: provide the issuer context the token-signing and
   // SRR-signing keys.
   bssl::UniquePtr<TRUST_TOKEN_ISSUER> issuer_ctx(TRUST_TOKEN_ISSUER_new(
-      TRUST_TOKEN_experiment_v0(), /*max_batchsize=*/kNumTokensToRequest));
+      TRUST_TOKEN_experiment_v1(), /*max_batchsize=*/kNumTokensToRequest));
   ASSERT_TRUE(issuer_ctx);
   for (const TokenKeyPair& token_key_pair : keys.token_keys) {
     ASSERT_TRUE(TRUST_TOKEN_ISSUER_add_key(issuer_ctx.get(),
@@ -275,7 +275,7 @@ TEST(TrustTokenCryptographersTest, IssuanceAndRedemptionWithMultipleKeys) {
   // Initialization: provide the issuer context the token-signing and
   // SRR-signing keys.
   bssl::UniquePtr<TRUST_TOKEN_ISSUER> issuer_ctx(TRUST_TOKEN_ISSUER_new(
-      TRUST_TOKEN_experiment_v0(), /*max_batchsize=*/kNumTokensToRequest));
+      TRUST_TOKEN_experiment_v1(), /*max_batchsize=*/kNumTokensToRequest));
   ASSERT_TRUE(issuer_ctx);
   for (const TokenKeyPair& token_key_pair : keys.token_keys) {
     ASSERT_TRUE(TRUST_TOKEN_ISSUER_add_key(issuer_ctx.get(),