From 6d513772022f2532b600145a5843e01e585ea34d Mon Sep 17 00:00:00 2001 From: Victor Embacher Date: Thu, 27 Jul 2023 09:35:29 +0200 Subject: [PATCH] Rebased to main. Signed-off-by: Victor Embacher --- src/rekor/models/checkpoint.rs | 16 ++++++++-------- src/rekor/models/inclusion_proof.rs | 6 +++--- src/rekor/models/log_entry.rs | 18 ++++++++++++++++-- src/rekor/models/log_info.rs | 10 +++------- 4 files changed, 30 insertions(+), 20 deletions(-) diff --git a/src/rekor/models/checkpoint.rs b/src/rekor/models/checkpoint.rs index 09c920fafd..5d57238871 100644 --- a/src/rekor/models/checkpoint.rs +++ b/src/rekor/models/checkpoint.rs @@ -15,7 +15,7 @@ use std::str::FromStr; /// The `note` field stores this data, /// and its authenticity can be verified with the data in `signature`. #[derive(Debug, PartialEq, Clone, Eq)] -pub struct SignedCheckpoint { +pub struct Checkpoint { pub note: CheckpointNote, pub signature: CheckpointSignature, } @@ -67,7 +67,7 @@ pub enum ParseCheckpointError { DecodeError(String), } -impl FromStr for SignedCheckpoint { +impl FromStr for Checkpoint { type Err = ParseCheckpointError; fn from_str(s: &str) -> Result { @@ -82,7 +82,7 @@ impl FromStr for SignedCheckpoint { let signature = signature.parse()?; let note = CheckpointNote::unmarshal(note)?; - Ok(SignedCheckpoint { note, signature }) + Ok(Checkpoint { note, signature }) } } @@ -139,7 +139,7 @@ impl CheckpointNote { } } -impl ToString for SignedCheckpoint { +impl ToString for Checkpoint { fn to_string(&self) -> String { let note = self.note.marshal(); let signature = self.signature.to_string(); @@ -147,7 +147,7 @@ impl ToString for SignedCheckpoint { } } -impl SignedCheckpoint { +impl Checkpoint { /// This method can be used to verify that the checkpoint was issued by the log with the /// public key `rekor_key`. pub fn verify_signature(&self, rekor_key: &CosignVerificationKey) -> Result<(), SigstoreError> { @@ -175,7 +175,7 @@ impl SignedCheckpoint { } } -impl Serialize for SignedCheckpoint { +impl Serialize for Checkpoint { fn serialize(&self, serializer: S) -> Result where S: Serializer, @@ -184,13 +184,13 @@ impl Serialize for SignedCheckpoint { } } -impl<'de> Deserialize<'de> for SignedCheckpoint { +impl<'de> Deserialize<'de> for Checkpoint { fn deserialize(deserializer: D) -> Result where D: Deserializer<'de>, { ::deserialize(deserializer).and_then(|s| { - SignedCheckpoint::from_str(&s).map_err(|DecodeError(err)| serde::de::Error::custom(err)) + Checkpoint::from_str(&s).map_err(|DecodeError(err)| serde::de::Error::custom(err)) }) } } diff --git a/src/rekor/models/inclusion_proof.rs b/src/rekor/models/inclusion_proof.rs index 09bf753fb4..f0bfd53f39 100644 --- a/src/rekor/models/inclusion_proof.rs +++ b/src/rekor/models/inclusion_proof.rs @@ -14,7 +14,7 @@ use crate::crypto::merkle::{ use crate::crypto::CosignVerificationKey; use crate::errors::SigstoreError; use crate::errors::SigstoreError::{InclusionProofError, UnexpectedError}; -use crate::rekor::models::checkpoint::SignedCheckpoint; +use crate::rekor::models::checkpoint::Checkpoint; use crate::rekor::TreeSize; use serde::{Deserialize, Serialize}; @@ -32,7 +32,7 @@ pub struct InclusionProof { /// A list of hashes required to compute the inclusion proof, sorted in order from leaf to root #[serde(rename = "hashes")] pub hashes: Vec, - pub checkpoint: Option, + pub checkpoint: Option, } impl InclusionProof { @@ -41,7 +41,7 @@ impl InclusionProof { root_hash: String, tree_size: TreeSize, hashes: Vec, - checkpoint: Option, + checkpoint: Option, ) -> InclusionProof { InclusionProof { log_index, diff --git a/src/rekor/models/log_entry.rs b/src/rekor/models/log_entry.rs index d895ac7970..fcc8528d9b 100644 --- a/src/rekor/models/log_entry.rs +++ b/src/rekor/models/log_entry.rs @@ -19,7 +19,8 @@ use base64::{engine::general_purpose::STANDARD as BASE64_STD_ENGINE, Engine as _ use crate::crypto::CosignVerificationKey; use crate::errors::SigstoreError::UnexpectedError; -use crate::rekor::models::InclusionProof; +use crate::rekor::models::checkpoint::Checkpoint; +use crate::rekor::models::InclusionProof as InclusionProof2; use olpc_cjson::CanonicalFormatter; use serde::{Deserialize, Serialize}; use serde_json::{json, Error, Value}; @@ -54,7 +55,7 @@ impl FromStr for LogEntry { decode_body(body.as_str().expect("Failed to parse Body")) .expect("Failed to decode Body"), ) - .expect("Serialization failed"); + .expect("Serialization failed"); *body = json!(decoded_body); }); let log_entry_str = serde_json::to_string(&log_entry_map)?; @@ -143,6 +144,19 @@ impl LogEntry { .inclusion_proof .as_ref() .ok_or(UnexpectedError("missing inclusion proof".to_string())) + .and_then(|proof| { + Checkpoint::from_str(&proof.checkpoint) + .map_err(|_| UnexpectedError("failed to parse checkpoint".to_string())) + .map(|checkpoint| { + InclusionProof2::new( + proof.log_index, + proof.root_hash.clone(), + proof.tree_size, + proof.hashes.clone(), + Some(checkpoint), + ) + }) + }) .and_then(|proof| { // encode as canonical JSON let mut encoded_entry = Vec::new(); diff --git a/src/rekor/models/log_info.rs b/src/rekor/models/log_info.rs index 91587e7660..31f536db3b 100644 --- a/src/rekor/models/log_info.rs +++ b/src/rekor/models/log_info.rs @@ -11,7 +11,7 @@ use crate::crypto::merkle::hex_to_hash_output; use crate::crypto::CosignVerificationKey; use crate::errors::SigstoreError; -use crate::rekor::models::checkpoint::SignedCheckpoint; +use crate::rekor::models::checkpoint::Checkpoint; use crate::rekor::models::ConsistencyProof; use crate::rekor::TreeSize; use serde::{Deserialize, Serialize}; @@ -26,7 +26,7 @@ pub struct LogInfo { pub tree_size: TreeSize, /// The current signed tree head #[serde(rename = "signedTreeHead")] - pub signed_tree_head: SignedCheckpoint, + pub signed_tree_head: Checkpoint, /// The current treeID #[serde(rename = "treeID")] pub tree_id: Option, @@ -35,11 +35,7 @@ pub struct LogInfo { } impl LogInfo { - pub fn new( - root_hash: String, - tree_size: TreeSize, - signed_tree_head: SignedCheckpoint, - ) -> LogInfo { + pub fn new(root_hash: String, tree_size: TreeSize, signed_tree_head: Checkpoint) -> LogInfo { LogInfo { root_hash, tree_size,