-
Notifications
You must be signed in to change notification settings - Fork 11
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement FromStr
for Cwt
#8
Comments
This one will make @allevo proud! 😇 |
Any idea how to implement it? just convert it to |
If the parse is made by |
My idea was to just be an alternative to calling this function directly: https://github.com/rust-italia/dgc/blob/main/src/parse.rs#L173 |
So literally something like this: impl FromStr for Cwt {
type Err = ParseError;
fn from_str(s: &str) -> Result<Self, Self::Err> {
// remove prefix
let data = remove_prefix(data)?;
// base45 decode
let decoded = decode_base45(data)?;
// decompress the data
let decompressed = decompress(decoded)?;
// parse cose payload
let cwt = parse_cwt_payload(decompressed)?;
Ok(cwt)
}
} |
I only have one doubt in terms of ergonomics:
I am not really sure if it will be more ergonomic and consistent to always return a One of the advantages of having a CWT is that you have access to more data (headers, signature, etc). But at the same time you don't care about this data unless you want to verify the signature (which is the reason why Thoughts? |
I tried to reverse the logic: implement the parse into Cwt and DgcContainer pub fn decode_cwt(data: &str) -> Result<Cwt, CwtParseError> {
data.parse()
}
pub fn decode(data: &str) -> Result<DgcCertContainer, CwtParseError> {
let cwt = decode_cwt(data)?;
Ok(cwt.payload)
} As you can see, i changed the errortype reversing the inclusion ( |
@allevo, i like the idea of With that being said, I am starting to think that maybe we shouldn't leak the CWT at all. At the end of the day, it is a little bit of an implementation detail. What really matter is not the encoding format (CWT) but the CWT makes sense only in the context of validating the signature but that's something we are covering with What about implementing I know this is a bit philosophical, but it's probably better to keep the api surface small and simple... Regarding the 2 errors. I think i was implementing CWT as a standalone lib initially, that's maybe why i came up with 2 different error sets (one for CWT decoding and one for the whole parsing). Let's definitely revisit this decision if it does not make too much sense to you... |
Removing To hide the implementation details there are other options, like we could make Regarding the To give an example, in the docs will be written "DgcCertContainer::parse Parses a string s to return a value of this type." and someone may understand that it parases the JSON object of the greenpass, someone else might think that it parses the CBOR of the HCERT, another one may think that it parses the raw COSE data, etc. What I agree on is merging the Some things I want to add that I also referenced in the other issue: I think that those functions (
Cwt::decode(data)?.verify(trust_list) == SignatureValidity::Valid |
You raise some very good points, @Rimpampa! I am sold on the fact that it might make sense to expose the CWT (even though right now some important fields are private, maybe we should revisit that). On the Regarding API ergonomics I think the validation is the one that seems to be raising more skepticism, so there are probably many opportunities to revisit that. I like your suggestions to make If we can figure out a decent API that will allow us in the future to do "all types" of validation easily that would be awesome. Should we close this issue then and continue the API conversation in #21? |
I forgot to mention that i did some renaming in #29 and also added a diagram that should help with understanding how the data is laid out across the various containers/structs. |
It would be nice to be able to do something like this:
This will be possible by implementing the
FromStr
trait onCwt
.The text was updated successfully, but these errors were encountered: