Merge pull request #603 from justahero/sebastian/implement-multiple-signature

Implement multiple variants of Signature field

Author: Shnatsel

cyclonedx-bom/src/models/component.rs

@@ -641,10 +641,7 @@ mod test {
                 ))])),
                 copyright: Some(CopyrightTexts(vec![Copyright("copyright".to_string())])),
             }),
-            signature: Some(Signature {
-                algorithm: Algorithm::HS512,
-                value: "abcdefgh".to_string(),
-            }),
+            signature: Some(Signature::single(Algorithm::HS512, "abcdefgh")),
         }])
         .validate();
 
@@ -732,10 +729,7 @@ mod test {
                 ))])),
                 copyright: Some(CopyrightTexts(vec![Copyright("copyright".to_string())])),
             }),
-            signature: Some(Signature {
-                algorithm: Algorithm::HS512,
-                value: "abcdefgh".to_string(),
-            }),
+            signature: Some(Signature::single(Algorithm::HS512, "abcdefgh")),
         }])
         .validate();
 

cyclonedx-bom/src/models/composition.rs

@@ -134,10 +134,7 @@ mod test {
             aggregate: AggregateType::Complete,
             assemblies: Some(vec![BomReference("reference".to_string())]),
             dependencies: Some(vec![BomReference("reference".to_string())]),
-            signature: Some(Signature {
-                algorithm: Algorithm::HS512,
-                value: "abcdefgh".to_string(),
-            }),
+            signature: Some(Signature::single(Algorithm::HS512, "abcdefgh")),
         }])
         .validate();
 
@@ -150,10 +147,7 @@ mod test {
             aggregate: AggregateType::UnknownAggregateType("unknown aggregate type".to_string()),
             assemblies: Some(vec![BomReference("reference".to_string())]),
             dependencies: Some(vec![BomReference("reference".to_string())]),
-            signature: Some(Signature {
-                algorithm: Algorithm::HS512,
-                value: "abcdefgh".to_string(),
-            }),
+            signature: Some(Signature::single(Algorithm::HS512, "abcdefgh")),
         }])
         .validate();
 

cyclonedx-bom/src/models/service.rs

@@ -315,10 +315,7 @@ mod test {
                 value: NormalizedString::new("value"),
             }])),
             services: Some(Services(vec![])),
-            signature: Some(Signature {
-                algorithm: Algorithm::HS512,
-                value: "abcdefgh".to_string(),
-            }),
+            signature: Some(Signature::single(Algorithm::HS512, "abcdefgh")),
         }])
         .validate();
 
@@ -377,10 +374,7 @@ mod test {
                 services: None,
                 signature: None,
             }])),
-            signature: Some(Signature {
-                algorithm: Algorithm::HS512,
-                value: "abcdefgh".to_string(),
-            }),
+            signature: Some(Signature::single(Algorithm::HS512, "abcdefgh")),
         }])
         .validate();
 

cyclonedx-bom/src/models/signature.rs

@@ -18,25 +18,15 @@
 
 use std::str::FromStr;
 
-/// Enveloped signature in [JSON Signature Format (JSF)](https://cyberphone.github.io/doc/security/jsf.html)
-#[derive(Clone, Debug, PartialEq, Eq)]
-pub struct Signature {
-    /// Signature algorithm.
-    pub algorithm: Algorithm,
-    /// The signature data.
-    pub value: String,
-}
-
-/*
 /// Enveloped signature in [JSON Signature Format (JSF)](https://cyberphone.github.io/doc/security/jsf.html)
 #[derive(Clone, Debug, PartialEq, Eq)]
 pub enum Signature {
     /// Multiple signatures
     Signers(Vec<Signer>),
-    /// A single signature chain
-    Chain(Signer),
+    /// A signature chain consisting of multiple signatures
+    Chain(Vec<Signer>),
     /// A single signature
-    Signature(Signer),
+    Single(Signer),
 }
 
 /// For now the [`Signer`] struct only holds algorithm and value
@@ -47,10 +37,48 @@ pub struct Signer {
     /// The signature data.
     pub value: String,
 }
-*/
+
+impl Signer {
+    pub fn new(algorithm: Algorithm, value: &str) -> Self {
+        Self {
+            algorithm,
+            value: value.to_string(),
+        }
+    }
+}
+
+impl Signature {
+    /// Creates a single signature.
+    pub fn single(algorithm: Algorithm, value: &str) -> Self {
+        Self::Single(Signer {
+            algorithm,
+            value: value.to_string(),
+        })
+    }
+
+    /// Creates a chain of multiple signatures
+    pub fn chain(chain: &[(Algorithm, &str)]) -> Self {
+        Self::Chain(
+            chain
+                .iter()
+                .map(|(algorithm, value)| Signer::new(*algorithm, value))
+                .collect(),
+        )
+    }
+
+    /// Creates a list of multiple signatures.
+    pub fn signers(signers: &[(Algorithm, &str)]) -> Self {
+        Self::Signers(
+            signers
+                .iter()
+                .map(|(algorithm, value)| Signer::new(*algorithm, value))
+                .collect(),
+        )
+    }
+}
 
 /// Supported signature algorithms.
-#[derive(Clone, Debug, PartialEq, Eq)]
+#[derive(Clone, Copy, Debug, PartialEq, Eq)]
 pub enum Algorithm {
     RS256,
     RS384,