Implement multiple variants of Signature tag

* implement de-/serialization logic for signature
* add helper functions to write open / close tags
* expand signature tests to check different variants
* add create functions for `Signature`, refactor code

Signed-off-by: Sebastian Ziebell <[email protected]>

Author: justahero

cyclonedx-bom/src/models/component.rs

@@ -698,10 +698,7 @@ mod test {
                 ))])),
                 copyright: Some(CopyrightTexts(vec![Copyright("copyright".to_string())])),
             }),
-            signature: Some(Signature {
-                algorithm: Algorithm::HS512,
-                value: "abcdefgh".to_string(),
-            }),
+            signature: Some(Signature::single(Algorithm::HS512, "abcdefgh")),
         }])
         .validate_with_context(ValidationContext::default())
         .expect("Error while validating");
@@ -790,10 +787,7 @@ mod test {
                 ))])),
                 copyright: Some(CopyrightTexts(vec![Copyright("copyright".to_string())])),
             }),
-            signature: Some(Signature {
-                algorithm: Algorithm::HS512,
-                value: "abcdefgh".to_string(),
-            }),
+            signature: Some(Signature::single(Algorithm::HS512, "abcdefgh")),
         }])
         .validate_with_context(ValidationContext::default())
         .expect("Error while validating");

cyclonedx-bom/src/models/composition.rs

@@ -145,10 +145,7 @@ mod test {
             aggregate: AggregateType::Complete,
             assemblies: Some(vec![BomReference("reference".to_string())]),
             dependencies: Some(vec![BomReference("reference".to_string())]),
-            signature: Some(Signature {
-                algorithm: Algorithm::HS512,
-                value: "abcdefgh".to_string(),
-            }),
+            signature: Some(Signature::single(Algorithm::HS512, "abcdefgh")),
         }])
         .validate()
         .expect("Error while validating");
@@ -162,10 +159,7 @@ mod test {
             aggregate: AggregateType::UnknownAggregateType("unknown aggregate type".to_string()),
             assemblies: Some(vec![BomReference("reference".to_string())]),
             dependencies: Some(vec![BomReference("reference".to_string())]),
-            signature: Some(Signature {
-                algorithm: Algorithm::HS512,
-                value: "abcdefgh".to_string(),
-            }),
+            signature: Some(Signature::single(Algorithm::HS512, "abcdefgh")),
         }])
         .validate()
         .expect("Error while validating");

cyclonedx-bom/src/models/service.rs

@@ -330,10 +330,7 @@ mod test {
                 value: NormalizedString::new("value"),
             }])),
             services: Some(Services(vec![])),
-            signature: Some(Signature {
-                algorithm: Algorithm::HS512,
-                value: "abcdefgh".to_string(),
-            }),
+            signature: Some(Signature::single(Algorithm::HS512, "abcdefgh")),
         }])
         .validate_with_context(ValidationContext::default())
         .expect("Error while validating");
@@ -393,10 +390,7 @@ mod test {
                 services: None,
                 signature: None,
             }])),
-            signature: Some(Signature {
-                algorithm: Algorithm::HS512,
-                value: "abcdefgh".to_string(),
-            }),
+            signature: Some(Signature::single(Algorithm::HS512, "abcdefgh")),
         }])
         .validate_with_context(ValidationContext::default())
         .expect("Error while validating");

cyclonedx-bom/src/models/signature.rs

@@ -18,25 +18,15 @@
 
 use std::str::FromStr;
 
-/// Enveloped signature in [JSON Signature Format (JSF)](https://cyberphone.github.io/doc/security/jsf.html)
-#[derive(Clone, Debug, PartialEq, Eq)]
-pub struct Signature {
-    /// Signature algorithm.
-    pub algorithm: Algorithm,
-    /// The signature data.
-    pub value: String,
-}
-
-/*
 /// Enveloped signature in [JSON Signature Format (JSF)](https://cyberphone.github.io/doc/security/jsf.html)
 #[derive(Clone, Debug, PartialEq, Eq)]
 pub enum Signature {
     /// Multiple signatures
     Signers(Vec<Signer>),
-    /// A single signature chain
-    Chain(Signer),
+    /// A signature chain consisting of multiple signatures
+    Chain(Vec<Signer>),
     /// A single signature
-    Signature(Signer),
+    Single(Signer),
 }
 
 /// For now the [`Signer`] struct only holds algorithm and value
@@ -47,10 +37,48 @@ pub struct Signer {
     /// The signature data.
     pub value: String,
 }
-*/
+
+impl Signer {
+    pub fn new(algorithm: Algorithm, value: &str) -> Self {
+        Self {
+            algorithm,
+            value: value.to_string(),
+        }
+    }
+}
+
+impl Signature {
+    /// Creates a single signature.
+    pub fn single(algorithm: Algorithm, value: &str) -> Self {
+        Self::Single(Signer {
+            algorithm,
+            value: value.to_string(),
+        })
+    }
+
+    /// Creates a chain of multiple signatures
+    pub fn chain(chain: &[(Algorithm, &str)]) -> Self {
+        Self::Chain(
+            chain
+                .iter()
+                .map(|(algorithm, value)| Signer::new(*algorithm, value))
+                .collect(),
+        )
+    }
+
+    /// Creates a list of multiple signatures.
+    pub fn signers(signers: &[(Algorithm, &str)]) -> Self {
+        Self::Signers(
+            signers
+                .iter()
+                .map(|(algorithm, value)| Signer::new(*algorithm, value))
+                .collect(),
+        )
+    }
+}
 
 /// Supported signature algorithms.
-#[derive(Clone, Debug, PartialEq, Eq)]
+#[derive(Clone, Copy, Debug, PartialEq, Eq)]
 pub enum Algorithm {
     RS256,
     RS384,