crev_data/proof/
content.rs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
use crate::{proof, proof::Proof, Error, ParseError, Result};
use chrono::{self, prelude::*};
use crev_common::{
    self,
    serde::{as_base64, as_rfc3339_fixed, from_base64, from_rfc3339_fixed},
};
use derive_builder::Builder;
use serde::{self, Deserialize, Serialize};
use std::{fmt, io};

pub type Date = chrono::DateTime<FixedOffset>;

/// Common operations on types containing `Common`
pub trait CommonOps {
    // until we support legacy, we have to stick to `Common` here
    fn common(&self) -> &Common;

    /// Is it crate review or something else?
    fn kind(&self) -> &str {
        self.common()
            .kind
            .as_ref()
            .expect("Common types are expected to always have the `kind` field backfilled")
    }

    /// Who wrote and signed this review/trust
    fn from(&self) -> &crate::PublicId {
        &self.common().from
    }

    /// When it has been written according to its creator
    fn date(&self) -> &chrono::DateTime<chrono::offset::FixedOffset> {
        &self.common().date
    }

    /// When it has been written according to its creator
    fn date_utc(&self) -> chrono::DateTime<Utc> {
        self.date().with_timezone(&Utc)
    }

    /// ID of the person who signed it
    fn author_id(&self) -> &crate::Id {
        &self.common().from.id
    }

    /// Displayable version of ID of the person who signed it
    fn author_public_id(&self) -> &crate::PublicId {
        &self.common().from
    }

    /// Easy check of `kind()`
    fn ensure_kind_is(&self, kind: &str) -> ValidationResult<()> {
        let expected = self.kind();
        if expected != kind {
            return Err(ValidationError::InvalidKind(Box::new((
                expected.to_string(),
                kind.to_string(),
            ))));
        }
        Ok(())
    }
}

/// Reference to original proof when reissuing
#[derive(Clone, Debug, Serialize, Deserialize)]
pub struct OriginalReference {
    /// original proof digest (blake2b256)
    #[serde(serialize_with = "as_base64", deserialize_with = "from_base64")]
    pub proof: Vec<u8>,
    /// Any text
    #[serde(skip_serializing_if = "String::is_empty", default = "Default::default")]
    pub comment: String,
}

/// A `Common` part of every `Content` format
#[derive(Clone, Builder, Debug, Serialize, Deserialize)]
pub struct Common {
    /// Type of this review/trust/whatever file
    pub kind: Option<String>,
    /// A version, to allow future backward-incompatible extensions
    /// and changes.
    pub version: i64,
    #[builder(default = "crev_common::now()")]
    #[serde(
        serialize_with = "as_rfc3339_fixed",
        deserialize_with = "from_rfc3339_fixed"
    )]
    /// Timestamp of proof creation
    pub date: chrono::DateTime<FixedOffset>,
    /// Author of the proof
    pub from: crate::PublicId,
    /// Reference to original proof when reissuing
    #[serde(skip_serializing_if = "Option::is_none", default = "Option::default")]
    pub original: Option<OriginalReference>,
}

impl CommonOps for Common {
    fn common(&self) -> &Common {
        self
    }
}

pub trait WithReview {
    fn review(&self) -> &super::Review;
}

#[derive(Debug, thiserror::Error)]
pub enum ValidationError {
    #[error("Invalid kind: {}, expected: {}", _0.0, _0.1)]
    InvalidKind(Box<(String, String)>),

    /// Alternative source can't be empty
    #[error("Alternative source can't be empty")]
    AlternativeSourceCanNotBeEmpty,

    /// Alternative name can't be empty
    #[error("Alternative name can't be empty")]
    AlternativeNameCanNotBeEmpty,

    /// Issues with an empty `id` field are not allowed
    #[error("Issues with an empty `id` field are not allowed")]
    IssuesWithAnEmptyIDFieldAreNotAllowed,

    /// Advisories with no `id`s are not allowed
    #[error("Advisories with no `id`s are not allowed")]
    AdvisoriesWithNoIDSAreNotAllowed,

    /// Advisories with an empty `id` field are not allowed
    #[error("Advisories with an empty `id` field are not allowed")]
    AdvisoriesWithAnEmptyIDFieldAreNotAllowed,
}

pub type ValidationResult<T> = std::result::Result<T, ValidationError>;

/// Proof Content
///
/// `Content` is a standardized format of a crev proof body
/// (part that is being signed over).
///
/// It is open-ended, and different software
/// can implement their own formats.
pub trait Content: CommonOps {
    fn validate_data(&self) -> ValidationResult<()> {
        // typically just OK
        Ok(())
    }

    fn serialize_to(&self, fmt: &mut dyn std::fmt::Write) -> fmt::Result;
}

pub trait ContentDeserialize: Content + Sized {
    fn deserialize_from<IO>(io: IO) -> std::result::Result<Self, Error>
    where
        IO: io::Read;
}

impl<T> ContentDeserialize for T
where
    T: serde::de::DeserializeOwned + Content + Sized,
{
    fn deserialize_from<IO>(io: IO) -> std::result::Result<Self, Error>
    where
        IO: io::Read,
    {
        let s: Self = serde_yaml::from_reader(io).map_err(ParseError::Proof)?;

        s.validate_data()?;

        Ok(s)
    }
}

/// A Proof Content `Draft`
///
/// A simplified version of content, used
/// for user interaction - editing the parts
/// that are not neccessary for the user to see.
pub struct Draft {
    pub(crate) title: String,
    pub(crate) body: String,
}

impl Draft {
    #[must_use]
    pub fn title(&self) -> &str {
        &self.title
    }

    #[must_use]
    pub fn body(&self) -> &str {
        &self.body
    }
}

/// A content with draft support
///
/// Draft is a compact, human
pub trait ContentWithDraft: Content {
    fn to_draft(&self) -> Draft;

    fn apply_draft(&self, body: &str) -> Result<Self>
    where
        Self: Sized;
}

pub trait ContentExt: Content {
    fn serialize(&self) -> Result<String> {
        let mut body = String::new();
        self.serialize_to(&mut body)
            .map_err(|e| crate::Error::YAMLFormat(e.to_string().into()))?;
        Ok(body)
    }

    fn sign_by(&self, id: &crate::id::UnlockedId) -> Result<Proof> {
        let body = self.serialize()?;
        let signature = id.sign(body.as_bytes());
        Ok(Proof {
            digest: crev_common::blake2b256sum(body.as_bytes()),
            body,
            signature: crev_common::base64_encode(&signature),
            common_content: self.common().clone(),
        })
    }

    /// Ensure the proof generated from this `Content` is going to deserialize
    fn ensure_serializes_to_valid_proof(&self) -> Result<()> {
        let body = self.serialize()?;
        let signature = "somefakesignature";
        let proof = proof::Proof {
            digest: crev_common::blake2b256sum(body.as_bytes()),
            body,
            signature: crev_common::base64_encode(&signature),
            common_content: self.common().clone(),
        };
        let parsed = proof::Proof::parse_from(std::io::Cursor::new(proof.to_string().as_bytes()))?;

        if parsed.len() != 1 {
            return Err(Error::SerializedTooManyProofs(parsed.len()));
        }

        Ok(())
    }
}

impl<T> ContentExt for T where T: Content {}