fix: update hash format validation to -01 spec (plain base64url, no prefix)

Go ValidateHashFormat was still validating the old -00 format (algorithm:base64url with sha-256/sha-384/sha-512 prefix). Updated to validate plain base64url without prefix per -01 spec and RFC 9449. Python was already updated but uncommitted. Both refimpls now match.
2026-04-11 17:51:29 +02:00
parent 884d2dc836
commit ba38569319
5 changed files with 38 additions and 46 deletions
--- a/refimpl/go-lang/ect/errors.go
+++ b/refimpl/go-lang/ect/errors.go
@@ -23,5 +23,5 @@ var (
 	ErrInvalidJTI          = errors.New("ect: jti must be UUID format")
 	ErrInvalidWID          = errors.New("ect: wid must be UUID format when set")
 	ErrPredLength          = errors.New("ect: pred exceeds max length")
-	ErrHashFormat          = errors.New("ect: inp_hash/out_hash must be algorithm:base64url (e.g. sha-256:...)")
+	ErrHashFormat          = errors.New("ect: inp_hash/out_hash must be plain base64url (no prefix)")
 )
--- a/refimpl/go-lang/ect/validate.go
+++ b/refimpl/go-lang/ect/validate.go
@@ -4,7 +4,6 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"regexp"
-	"strings"
 )

 // ExtMaxSize is the recommended max serialized size of ext (Section 4.2.7).
@@ -19,8 +18,8 @@ const DefaultMaxPredLength = 100
 // uuidRegex matches RFC 9562 UUID: 8-4-4-4-12 hex.
 var uuidRegex = regexp.MustCompile(`^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$`)

-// allowedHashAlgs are the spec-recommended hash algorithm prefixes for inp_hash/out_hash.
-var allowedHashAlgs = map[string]bool{"sha-256": true, "sha-384": true, "sha-512": true}
+// base64urlRegex matches a non-empty base64url string without padding.
+var base64urlRegex = regexp.MustCompile(`^[A-Za-z0-9_-]+$`)

 // ValidateExt returns an error if ext exceeds ExtMaxSize or ExtMaxDepth.
 func ValidateExt(ext map[string]interface{}) error {
@@ -61,23 +60,18 @@ func ValidUUID(s string) bool {
 	return uuidRegex.MatchString(s)
 }

-// ValidateHashFormat returns nil if s is empty or matches "algorithm:base64url" (sha-256, sha-384, sha-512).
+// ValidateHashFormat returns nil if s is empty or is plain base64url (no padding)
+// per draft-nennemann-wimse-ect-01 and RFC 9449 (no algorithm prefix).
 func ValidateHashFormat(s string) error {
 	if s == "" {
 		return nil
 	}
-	idx := strings.Index(s, ":")
-	if idx <= 0 {
+	if !base64urlRegex.MatchString(s) {
 		return ErrHashFormat
 	}
-	alg := strings.ToLower(s[:idx])
-	if !allowedHashAlgs[alg] {
+	_, err := base64.RawURLEncoding.DecodeString(s)
+	if err != nil {
 		return ErrHashFormat
 	}
-	encoded := s[idx+1:]
-	if encoded == "" {
-		return ErrHashFormat
-	}
-	_, err := base64.RawURLEncoding.DecodeString(encoded)
-	return err
+	return nil
 }