mirror of
https://github.com/fluencelabs/trust-graph
synced 2024-12-04 15:20:19 +00:00
ci: remove circle, update gh, add lints; remove warnings (#43)
This commit is contained in:
parent
aa72fdab64
commit
7fbaaaa8f9
6
.cargo/config
Normal file
6
.cargo/config
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
[http]
|
||||||
|
timeout = 30 # timeout for each HTTP request, in seconds
|
||||||
|
multiplexing = false # HTTP/2 multiplexing
|
||||||
|
|
||||||
|
[net]
|
||||||
|
retry = 50 # network retries
|
@ -1,38 +0,0 @@
|
|||||||
version: 2.1
|
|
||||||
|
|
||||||
orbs:
|
|
||||||
docker: circleci/docker@1.5.0
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
Build:
|
|
||||||
docker:
|
|
||||||
- image: circleci/rust:latest
|
|
||||||
resource_class: xlarge
|
|
||||||
environment:
|
|
||||||
RUST_BACKTRACE: 1
|
|
||||||
steps:
|
|
||||||
- checkout
|
|
||||||
- run: |
|
|
||||||
sudo bash .github/download_marine.sh
|
|
||||||
- restore_cache:
|
|
||||||
keys:
|
|
||||||
- trust-graph00-{{ checksum "./Cargo.lock" }}
|
|
||||||
- run: |
|
|
||||||
rustup target add wasm32-wasi
|
|
||||||
cargo test --no-fail-fast --release --all-features --
|
|
||||||
cd ./service
|
|
||||||
./build.sh
|
|
||||||
mkdir -p data
|
|
||||||
cargo test --no-fail-fast --release --all-features -- --test-threads=1
|
|
||||||
- save_cache:
|
|
||||||
paths:
|
|
||||||
- ~/.cargo
|
|
||||||
- ~/.rustup
|
|
||||||
key: trust-graph00-{{ checksum "./Cargo.lock" }}
|
|
||||||
|
|
||||||
|
|
||||||
workflows:
|
|
||||||
version: 2
|
|
||||||
CircleCI:
|
|
||||||
jobs:
|
|
||||||
- Build
|
|
2
.github/download_marine.sh
vendored
2
.github/download_marine.sh
vendored
@ -3,7 +3,7 @@ set -o pipefail -o errexit -o nounset
|
|||||||
set -x
|
set -x
|
||||||
|
|
||||||
MARINE_RELEASE="https://api.github.com/repos/fluencelabs/marine/releases/latest"
|
MARINE_RELEASE="https://api.github.com/repos/fluencelabs/marine/releases/latest"
|
||||||
OUT_DIR=/usr/local/bin
|
OUT_DIR=~/.bin
|
||||||
|
|
||||||
# get metadata about release
|
# get metadata about release
|
||||||
curl -s -H "Accept: application/vnd.github.v3+json" $MARINE_RELEASE |
|
curl -s -H "Accept: application/vnd.github.v3+json" $MARINE_RELEASE |
|
||||||
|
5
.github/workflows/changelog_config.json
vendored
5
.github/workflows/changelog_config.json
vendored
@ -1,5 +1,6 @@
|
|||||||
{
|
{
|
||||||
"template": "${{CHANGELOG}}\n\n${{UNCATEGORIZED}}",
|
"template": "## Changes since ${{FROM_TAG}}\n\n${{CHANGELOG}}\n\n${{UNCATEGORIZED}}",
|
||||||
"pr_template": "- #${{NUMBER}} ${{TITLE}}",
|
"pr_template": "- #${{NUMBER}} ${{TITLE}}",
|
||||||
"empty_template": "- no changes"
|
"empty_template": "## No changes since ${{FROM_TAG}}",
|
||||||
|
"sort": "DESC"
|
||||||
}
|
}
|
||||||
|
45
.github/workflows/release.yml
vendored
45
.github/workflows/release.yml
vendored
@ -6,9 +6,9 @@ on:
|
|||||||
- "v*"
|
- "v*"
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
npm-publish:
|
release:
|
||||||
name: "Publish"
|
name: "Publish"
|
||||||
runs-on: ubuntu-latest
|
runs-on: builder
|
||||||
container: rust
|
container: rust
|
||||||
defaults:
|
defaults:
|
||||||
run:
|
run:
|
||||||
@ -30,36 +30,43 @@ jobs:
|
|||||||
- name: Download marine
|
- name: Download marine
|
||||||
run: bash $GITHUB_WORKSPACE/.github/download_marine.sh
|
run: bash $GITHUB_WORKSPACE/.github/download_marine.sh
|
||||||
|
|
||||||
|
- uses: actions/setup-java@v2
|
||||||
|
with:
|
||||||
|
distribution: 'adopt'
|
||||||
|
java-version: '11'
|
||||||
|
|
||||||
- name: Cache npm
|
- name: Cache npm
|
||||||
uses: actions/cache@v2
|
uses: actions/cache@v2
|
||||||
with:
|
with:
|
||||||
path: ~/.npm
|
path: ~/.npm
|
||||||
key: ${{ runner.os }}-node-v01-${{ hashFiles('**/package-lock.json') }}
|
key: ${{ runner.os }}-node-v03-${{ hashFiles('**/package-lock.json') }}
|
||||||
restore-keys: |
|
restore-keys: |
|
||||||
${{ runner.os }}-node-v01-
|
${{ runner.os }}-node-v03-
|
||||||
|
|
||||||
- uses: actions/setup-node@v2
|
- uses: actions/setup-node@v2
|
||||||
with:
|
with:
|
||||||
node-version: "15"
|
node-version: "15"
|
||||||
registry-url: "https://registry.npmjs.org"
|
registry-url: "https://registry.npmjs.org"
|
||||||
|
|
||||||
- uses: actions/cache@v2
|
- name: Cache cargo
|
||||||
|
uses: actions/cache@v2
|
||||||
with:
|
with:
|
||||||
path: |
|
path: |
|
||||||
~/.cargo/registry
|
~/.cargo/registry
|
||||||
~/.cargo/git
|
~/.cargo/git
|
||||||
|
~/.cargo/bin
|
||||||
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
|
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
|
||||||
|
|
||||||
- name: Install toolchain
|
- name: Install Rust
|
||||||
uses: actions-rs/toolchain@v1
|
working-directory: ./service
|
||||||
with:
|
run: |
|
||||||
profile: minimal
|
rustup toolchain install nightly-2022-01-16-x86_64-unknown-linux-gnu
|
||||||
toolchain: nightly-2022-01-16
|
rustup default nightly-2022-01-16-x86_64-unknown-linux-gnu
|
||||||
target: wasm32-wasi
|
rustup override set nightly-2022-01-16-x86_64-unknown-linux-gnu
|
||||||
override: true
|
rustup target add wasm32-wasi --toolchain nightly-2022-01-16-x86_64-unknown-linux-gnu
|
||||||
|
|
||||||
### Build
|
### Build
|
||||||
- name: trust-graph.wasm
|
- name: Build trust-graph
|
||||||
working-directory: ./service
|
working-directory: ./service
|
||||||
run: ./build.sh
|
run: ./build.sh
|
||||||
|
|
||||||
@ -69,7 +76,7 @@ jobs:
|
|||||||
npm i
|
npm i
|
||||||
npm run build
|
npm run build
|
||||||
|
|
||||||
- name: Create builtin distribution package
|
- name: Create distribution package
|
||||||
run: |
|
run: |
|
||||||
./builtin-package/package.sh
|
./builtin-package/package.sh
|
||||||
|
|
||||||
@ -81,15 +88,15 @@ jobs:
|
|||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
|
||||||
## Publish
|
### Publish
|
||||||
- name: Release
|
- name: Release to GitHub
|
||||||
id: release
|
id: release
|
||||||
uses: softprops/action-gh-release@v1
|
uses: softprops/action-gh-release@v1
|
||||||
with:
|
with:
|
||||||
name: trust-graph ${{ env.RELEASE_VERSION }}
|
name: trust-graph ${{ env.RELEASE_VERSION }}
|
||||||
tag_name: ${{ env.RELEASE_VERSION }}
|
tag_name: ${{ env.RELEASE_VERSION }}
|
||||||
files: |
|
files: |
|
||||||
trust-graph.tar.gz
|
./trust-graph.tar.gz
|
||||||
body: ${{steps.changelog.outputs.changelog}}
|
body: ${{steps.changelog.outputs.changelog}}
|
||||||
draft: false
|
draft: false
|
||||||
prerelease: false
|
prerelease: false
|
||||||
@ -98,9 +105,9 @@ jobs:
|
|||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
|
||||||
### Publish Aqua API
|
### Publish Aqua API
|
||||||
- name: Publish Aqua API
|
- name: Publish Aqua API to NPM
|
||||||
run: |
|
run: |
|
||||||
npm version ${{ env.RELEASE_VERSION }} --allow-same-version
|
npm version ${{ env.RELEASE_VERSION }}
|
||||||
npm publish --access public
|
npm publish --access public
|
||||||
env:
|
env:
|
||||||
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
|
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
|
||||||
|
89
.github/workflows/rust_ci.yml
vendored
Normal file
89
.github/workflows/rust_ci.yml
vendored
Normal file
@ -0,0 +1,89 @@
|
|||||||
|
name: Rust CI
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
workflow_dispatch:
|
||||||
|
|
||||||
|
concurrency:
|
||||||
|
group: "${{ github.workflow }}-${{ github.ref }}"
|
||||||
|
cancel-in-progress: true
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
check:
|
||||||
|
name: cargo nextest
|
||||||
|
runs-on: builder
|
||||||
|
container: rust
|
||||||
|
defaults:
|
||||||
|
run:
|
||||||
|
working-directory: service
|
||||||
|
shell: bash
|
||||||
|
steps:
|
||||||
|
- name: Checkout sources
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
|
||||||
|
- uses: actions/cache@v2
|
||||||
|
with:
|
||||||
|
path: |
|
||||||
|
~/.cargo/registry
|
||||||
|
~/.cargo/git
|
||||||
|
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
|
||||||
|
|
||||||
|
- run: mkdir -p ~/.bin
|
||||||
|
- run: echo "~/.bin" >> $GITHUB_PATH
|
||||||
|
|
||||||
|
- name: Install Rust
|
||||||
|
working-directory: ./service
|
||||||
|
run: |
|
||||||
|
rustup toolchain install nightly-2022-01-16-x86_64-unknown-linux-gnu
|
||||||
|
rustup default nightly-2022-01-16-x86_64-unknown-linux-gnu
|
||||||
|
rustup override set nightly-2022-01-16-x86_64-unknown-linux-gnu
|
||||||
|
rustup target add wasm32-wasi --toolchain nightly-2022-01-16-x86_64-unknown-linux-gnu
|
||||||
|
|
||||||
|
- name: Download jq
|
||||||
|
run: |
|
||||||
|
curl -L https://github.com/stedolan/jq/releases/download/jq-1.5/jq-linux64 -o ~/.bin/jq
|
||||||
|
chmod +x ~/.bin/jq
|
||||||
|
|
||||||
|
- name: Download marine
|
||||||
|
run: bash $GITHUB_WORKSPACE/.github/download_marine.sh
|
||||||
|
|
||||||
|
- name: Build
|
||||||
|
run: ./build.sh
|
||||||
|
|
||||||
|
- run: cargo install --locked cargo-nextest --version 0.9.22
|
||||||
|
- run: cargo nextest run --release --all-features --no-fail-fast --retries 10 --test-threads 10
|
||||||
|
|
||||||
|
lints:
|
||||||
|
name: Lints
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checkout sources
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
|
||||||
|
- uses: actions/cache@v2
|
||||||
|
with:
|
||||||
|
path: |
|
||||||
|
~/.cargo/registry
|
||||||
|
~/.cargo/git
|
||||||
|
target
|
||||||
|
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
|
||||||
|
|
||||||
|
- name: Install toolchain
|
||||||
|
uses: actions-rs/toolchain@v1
|
||||||
|
with:
|
||||||
|
profile: minimal
|
||||||
|
toolchain: nightly
|
||||||
|
override: true
|
||||||
|
components: rustfmt, clippy
|
||||||
|
|
||||||
|
- name: Run cargo fmt
|
||||||
|
uses: actions-rs/cargo@v1
|
||||||
|
with:
|
||||||
|
command: fmt
|
||||||
|
args: --all -- --check
|
||||||
|
|
||||||
|
- name: Run cargo clippy
|
||||||
|
uses: actions-rs/cargo@v1
|
||||||
|
with:
|
||||||
|
command: clippy
|
||||||
|
args: -Z unstable-options --all
|
||||||
|
continue-on-error: true # do not fail for now
|
8
.github/workflows/tag.yml
vendored
8
.github/workflows/tag.yml
vendored
@ -10,8 +10,16 @@ jobs:
|
|||||||
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v2
|
- uses: actions/checkout@v2
|
||||||
|
|
||||||
|
- name: Get branch
|
||||||
|
run: |
|
||||||
|
BRANCH=${GITHUB_REF#refs/*/}
|
||||||
|
SANITIZED=$(echo "$BRANCH" | sed -e 's/[^a-zA-Z0-9-]/-/g')
|
||||||
|
echo "BRANCH=$SANITIZED" >> $GITHUB_ENV
|
||||||
|
|
||||||
- name: Bump version and push tag
|
- name: Bump version and push tag
|
||||||
id: tag_version
|
id: tag_version
|
||||||
uses: mathieudutour/github-tag-action@v5.5
|
uses: mathieudutour/github-tag-action@v5.5
|
||||||
with:
|
with:
|
||||||
|
append_to_pre_release_tag: ${{ env.BRANCH }}
|
||||||
github_token: ${{ secrets.PERSONAL_TOKEN }}
|
github_token: ${{ secrets.PERSONAL_TOKEN }}
|
||||||
|
@ -165,7 +165,7 @@ impl TryFrom<libp2p_core::PeerId> for PublicKey {
|
|||||||
|
|
||||||
fn try_from(peer_id: libp2p_core::PeerId) -> Result<Self, Self::Error> {
|
fn try_from(peer_id: libp2p_core::PeerId) -> Result<Self, Self::Error> {
|
||||||
Ok(as_public_key(&peer_id)
|
Ok(as_public_key(&peer_id)
|
||||||
.ok_or(DecodingError::PublicKeyNotInlined(peer_id.to_base58()))?
|
.ok_or_else(|| DecodingError::PublicKeyNotInlined(peer_id.to_base58()))?
|
||||||
.into())
|
.into())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -177,7 +177,9 @@ fn as_public_key(peer_id: &PeerId) -> Option<libp2p_core::PublicKey> {
|
|||||||
let mhash = peer_id.as_ref();
|
let mhash = peer_id.as_ref();
|
||||||
|
|
||||||
match multihash::Code::try_from(mhash.code()) {
|
match multihash::Code::try_from(mhash.code()) {
|
||||||
Ok(multihash::Code::Identity) => libp2p_core::PublicKey::from_protobuf_encoding(mhash.digest()).ok(),
|
Ok(multihash::Code::Identity) => {
|
||||||
|
libp2p_core::PublicKey::from_protobuf_encoding(mhash.digest()).ok()
|
||||||
|
}
|
||||||
_ => None,
|
_ => None,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -40,7 +40,7 @@ pub struct Certificate {
|
|||||||
impl From<trust_graph::Certificate> for Certificate {
|
impl From<trust_graph::Certificate> for Certificate {
|
||||||
fn from(c: trust_graph::Certificate) -> Self {
|
fn from(c: trust_graph::Certificate) -> Self {
|
||||||
let chain: Vec<Trust> = c.chain.into_iter().map(|t| t.into()).collect();
|
let chain: Vec<Trust> = c.chain.into_iter().map(|t| t.into()).collect();
|
||||||
return Certificate { chain };
|
Certificate { chain }
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -51,10 +51,10 @@ impl TryFrom<Certificate> for trust_graph::Certificate {
|
|||||||
let chain: Result<Vec<trust_graph::Trust>, DtoConversionError> = c
|
let chain: Result<Vec<trust_graph::Trust>, DtoConversionError> = c
|
||||||
.chain
|
.chain
|
||||||
.into_iter()
|
.into_iter()
|
||||||
.map(|t| trust_graph::Trust::try_from(t))
|
.map(trust_graph::Trust::try_from)
|
||||||
.collect();
|
.collect();
|
||||||
let chain = chain?;
|
let chain = chain?;
|
||||||
return Ok(trust_graph::Certificate { chain });
|
Ok(trust_graph::Certificate { chain })
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -85,12 +85,12 @@ impl TryFrom<Trust> for trust_graph::Trust {
|
|||||||
let signature = Signature::from_bytes(KeyFormat::from_str(&t.sig_type)?, signature);
|
let signature = Signature::from_bytes(KeyFormat::from_str(&t.sig_type)?, signature);
|
||||||
let expires_at = Duration::from_secs(t.expires_at);
|
let expires_at = Duration::from_secs(t.expires_at);
|
||||||
let issued_at = Duration::from_secs(t.issued_at);
|
let issued_at = Duration::from_secs(t.issued_at);
|
||||||
return Ok(trust_graph::Trust {
|
Ok(trust_graph::Trust {
|
||||||
issued_for,
|
issued_for,
|
||||||
expires_at,
|
expires_at,
|
||||||
signature,
|
signature,
|
||||||
issued_at,
|
issued_at,
|
||||||
});
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -101,13 +101,13 @@ impl From<trust_graph::Trust> for Trust {
|
|||||||
let signature = bs58::encode(raw_signature.bytes).into_string();
|
let signature = bs58::encode(raw_signature.bytes).into_string();
|
||||||
let expires_at = t.expires_at.as_secs();
|
let expires_at = t.expires_at.as_secs();
|
||||||
let issued_at = t.issued_at.as_secs();
|
let issued_at = t.issued_at.as_secs();
|
||||||
return Trust {
|
Trust {
|
||||||
issued_for,
|
issued_for,
|
||||||
expires_at,
|
expires_at,
|
||||||
signature,
|
signature,
|
||||||
sig_type: raw_signature.sig_type.into(),
|
sig_type: raw_signature.sig_type.into(),
|
||||||
issued_at,
|
issued_at,
|
||||||
};
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -142,12 +142,12 @@ impl TryFrom<Revocation> for trust_graph::Revocation {
|
|||||||
let signature = bs58::decode(&r.signature).into_vec()?;
|
let signature = bs58::decode(&r.signature).into_vec()?;
|
||||||
let signature = Signature::from_bytes(KeyFormat::from_str(&r.sig_type)?, signature);
|
let signature = Signature::from_bytes(KeyFormat::from_str(&r.sig_type)?, signature);
|
||||||
let revoked_at = Duration::from_secs(r.revoked_at);
|
let revoked_at = Duration::from_secs(r.revoked_at);
|
||||||
return Ok(trust_graph::Revocation {
|
Ok(trust_graph::Revocation {
|
||||||
pk: revoked_pk,
|
pk: revoked_pk,
|
||||||
revoked_at,
|
revoked_at,
|
||||||
revoked_by: revoked_by_pk,
|
revoked_by: revoked_by_pk,
|
||||||
signature,
|
signature,
|
||||||
});
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -158,12 +158,12 @@ impl From<trust_graph::Revocation> for Revocation {
|
|||||||
let raw_signature = r.signature.get_raw_signature();
|
let raw_signature = r.signature.get_raw_signature();
|
||||||
let signature = bs58::encode(raw_signature.bytes).into_string();
|
let signature = bs58::encode(raw_signature.bytes).into_string();
|
||||||
let revoked_at = r.revoked_at.as_secs();
|
let revoked_at = r.revoked_at.as_secs();
|
||||||
return Revocation {
|
Revocation {
|
||||||
revoked_peer_id,
|
revoked_peer_id,
|
||||||
revoked_at,
|
revoked_at,
|
||||||
signature,
|
signature,
|
||||||
sig_type: raw_signature.sig_type.into(),
|
sig_type: raw_signature.sig_type.into(),
|
||||||
revoked_by,
|
revoked_by,
|
||||||
};
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -27,10 +27,10 @@ fn set_root(peer_id: String, max_chain_len: u32) -> SetRootResult {
|
|||||||
})
|
})
|
||||||
.into()
|
.into()
|
||||||
} else {
|
} else {
|
||||||
return SetRootResult {
|
SetRootResult {
|
||||||
success: false,
|
success: false,
|
||||||
error: ServiceError::NotOwner.to_string(),
|
error: ServiceError::NotOwner.to_string(),
|
||||||
};
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -272,7 +272,7 @@ impl Storage for SQLiteStorage {
|
|||||||
statement.bind(6, &Value::Binary(relation.signature().encode()))?;
|
statement.bind(6, &Value::Binary(relation.signature().encode()))?;
|
||||||
|
|
||||||
statement.next()?;
|
statement.next()?;
|
||||||
Ok({})
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
fn get_root_weight_factor(&self, pk: &PK) -> Result<Option<WeightFactor>, Self::Error> {
|
fn get_root_weight_factor(&self, pk: &PK) -> Result<Option<WeightFactor>, Self::Error> {
|
||||||
@ -309,7 +309,7 @@ impl Storage for SQLiteStorage {
|
|||||||
])?;
|
])?;
|
||||||
|
|
||||||
cursor.next()?;
|
cursor.next()?;
|
||||||
Ok({})
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
fn root_keys(&self) -> Result<Vec<PK>, Self::Error> {
|
fn root_keys(&self) -> Result<Vec<PK>, Self::Error> {
|
||||||
|
@ -74,14 +74,26 @@ impl Certificate {
|
|||||||
Self { chain }
|
Self { chain }
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn new_from_root_trust(root_trust: Trust, issued_trust: Trust, cur_time: Duration) -> Result<Self, CertificateError> {
|
pub fn new_from_root_trust(
|
||||||
|
root_trust: Trust,
|
||||||
|
issued_trust: Trust,
|
||||||
|
cur_time: Duration,
|
||||||
|
) -> Result<Self, CertificateError> {
|
||||||
Trust::verify(&root_trust, &root_trust.issued_for, cur_time).map_err(MalformedRoot)?;
|
Trust::verify(&root_trust, &root_trust.issued_for, cur_time).map_err(MalformedRoot)?;
|
||||||
Trust::verify(&issued_trust, &root_trust.issued_for, cur_time).map_err(|e| VerificationError(1, e))?;
|
Trust::verify(&issued_trust, &root_trust.issued_for, cur_time)
|
||||||
|
.map_err(|e| VerificationError(1, e))?;
|
||||||
|
|
||||||
Ok(Self { chain: vec![root_trust, issued_trust] })
|
Ok(Self {
|
||||||
|
chain: vec![root_trust, issued_trust],
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn issue_with_trust(issued_by: PublicKey, trust: Trust, extend_cert: &Certificate, cur_time: Duration) -> Result<Self, CertificateError> {
|
pub fn issue_with_trust(
|
||||||
|
issued_by: PublicKey,
|
||||||
|
trust: Trust,
|
||||||
|
extend_cert: &Certificate,
|
||||||
|
cur_time: Duration,
|
||||||
|
) -> Result<Self, CertificateError> {
|
||||||
if trust.expires_at.lt(&trust.issued_at) {
|
if trust.expires_at.lt(&trust.issued_at) {
|
||||||
return Err(ExpirationError {
|
return Err(ExpirationError {
|
||||||
expires_at: format!("{:?}", trust.expires_at),
|
expires_at: format!("{:?}", trust.expires_at),
|
||||||
@ -89,7 +101,11 @@ impl Certificate {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
Certificate::verify(extend_cert, &[extend_cert.chain[0].issued_for.clone()], cur_time)?;
|
Certificate::verify(
|
||||||
|
extend_cert,
|
||||||
|
&[extend_cert.chain[0].issued_for.clone()],
|
||||||
|
cur_time,
|
||||||
|
)?;
|
||||||
// check if `issued_by` is allowed to issue a certificate (i.e., there’s a trust for it in a chain)
|
// check if `issued_by` is allowed to issue a certificate (i.e., there’s a trust for it in a chain)
|
||||||
let mut previous_trust_num: i32 = -1;
|
let mut previous_trust_num: i32 = -1;
|
||||||
for pk_id in 0..extend_cert.chain.len() {
|
for pk_id in 0..extend_cert.chain.len() {
|
||||||
@ -114,7 +130,6 @@ impl Certificate {
|
|||||||
Ok(Self { chain: new_chain })
|
Ok(Self { chain: new_chain })
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/// Creates new certificate with root trust (self-signed public key) from a key pair.
|
/// Creates new certificate with root trust (self-signed public key) from a key pair.
|
||||||
#[allow(dead_code)]
|
#[allow(dead_code)]
|
||||||
pub fn issue_root(
|
pub fn issue_root(
|
||||||
@ -151,7 +166,11 @@ impl Certificate {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// first, verify given certificate
|
// first, verify given certificate
|
||||||
Certificate::verify(extend_cert, &[extend_cert.chain[0].issued_for.clone()], cur_time)?;
|
Certificate::verify(
|
||||||
|
extend_cert,
|
||||||
|
&[extend_cert.chain[0].issued_for.clone()],
|
||||||
|
cur_time,
|
||||||
|
)?;
|
||||||
|
|
||||||
let issued_by_pk = issued_by.public();
|
let issued_by_pk = issued_by.public();
|
||||||
|
|
||||||
|
@ -95,7 +95,7 @@ impl From<TrustGraphError> for String {
|
|||||||
}
|
}
|
||||||
|
|
||||||
fn get_weight_factor(max_chain_len: u32) -> u32 {
|
fn get_weight_factor(max_chain_len: u32) -> u32 {
|
||||||
MAX_WEIGHT_FACTOR.checked_sub(max_chain_len).unwrap_or(0u32)
|
MAX_WEIGHT_FACTOR.saturating_sub(max_chain_len)
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn get_weight_from_factor(wf: WeightFactor) -> u32 {
|
pub fn get_weight_from_factor(wf: WeightFactor) -> u32 {
|
||||||
|
Loading…
Reference in New Issue
Block a user