feat: Make settings not thread-local (#1444)

* Spike: Retrofit io_utils call sites

* Spike: Adapt verify_cose

* Spike: Retrofit Store::handle_remote_manifest

* Spike: Retrofit sign_claim

* Spike: Push farther up the Store API chain

* Spike: Push Settings up through Ingredient API chain

* Spike: Push settings up through Reader API

* Spike: Push settings farther up Builder and Ingredient API chains

* Spike: Push settings up through thumbnail utils

* Switch check_ingredient_trust to passed settings

* Plumb settings through core OCSP logic

* Plumb settings through Store's OCSP logic

* One more reference in ingredient

* Plumb settings through add_auto_actions_assertions_settings

* Plumb settings through more of Builder

* Remove last references to get_settings_value in Builder

* Remove remaining references to get_settings_value in Store

* Remove remaining references to get_settings_value in Reader

* Remove remaining references to get_settings_value in Claim

* Remove remaining references to get_settings_value from IdentityAssertion

* Remove remaining get_settings_value references from time_stamp code

* Remove remaining references to get_settings_value outside Settings mod

* Move Settings::get_value to private

* Move Settings::reset to private

* Clippy

* cargo fmt

* Fix some Wasm build errors

* Fix one more Wasm build error

* cargo fmt

* Make Settings::reset() pub(crate) for now

* Retrofit Builder::to_claim()

* Retrofit Builder::add_actions_assertion_settings

* Retrofit Builder::add_auto_actions_assertions_settings

* Retrofit Builder::to_store

* Retrofit Claim::verify_actions

* Retrofit Claim::verify_internal

* Retrofit cose_sign::signing_cert_valid

* Retrofit cose_sign::cose_sign

* Retrofit Ingredient::from_file_impl

* Clippy

* Retrofit Store::new_with_label

* Retrofit Store::new

* Retrofit Store::get_ocsp_status

(Doesn't seem to be used anywhere.)

* Retrofit Store::get_manifest_labels_for_ocsp

* Retrofit Store::sign_claim

* Retrofit Store::from_jumbf

* Split out public API revisions to TO DO #1454

* Retrofit Builder::maybe_add_thumbnail

* Retrofit Store::iingredient_checks

* Retrofit Store::generate_bmff_data_hash_for_stream

* Retrofit Store::get_data_hashed_embeddable_manifest

* Retrofit Store::get_data_hashed_embeddable_manifest_async

* Retrofit Store::get_box_hashed_embeddable_manifest

* Retrofit Store::get_box_hashed_embeddable_manifest_async

* Retrofit Store::start_save_bmff_fragmented

* Retrofit Store::save_to_strema(_async) and ::save_to_bmff_fragmented

* Retrofit Store::start_save_stream

* Retrofit Store::verify_from_path

* Retrofit Store::from_manifest_data_and_stream

* Retrofit Store::load_from_file_and_fragments

* Retrofit Store::load_ingredient_to_claim

* Clippy

* Retrofit Store::test_async_dynamic_assertions

* Retrofit BmffHash::create_merkle_map_for_mdat_box

* Retrofit verify_time_stamp

* Retrofit Store::get_store_validation_info

* TO REVIEW: Can we avoid passing settings into the BmffIO implementations? 🤞🏻🤞🏻🤞🏻

* Retrofit Ingredient::add_to_claim

* Retrofit parse_and_validate_sigtst

* TO REVIEW: I don't think default_rfc3161_request needs to have Settings passed in

* Clippy

* Fix up some Wasm build errors

* fix: use validation state from reader constructor

* refactor: simplify Reader

* fix: private `Ingredient::maybe_add_thumbnail` and clean up todos

* fix: `Store::add with_settings` and `Store::from_jumbf_with_settings` to construct stores in BMFF without settings

* fix: stack overflow when constructing store

* style: fix clippy lints

* fix: remove ingredient new public API for now

* style: remove todo to add settings to identity assertion (deferred to separate PR)

* fix: remove public API changes to builder for now

* style: remove todos in claim

* Revert cosmetic changes to bmff_io.rs

* fix: settings parameters affected by merge and clippy lints

* docs: remove review note

* fix: revert Reader::validation_state change

* docs: make note of potential refactors

* fix: plumb settings through timestamp

* test: ignore test_builder_ca_jpg for now pending fix

* docs: clarify review note

* fix: plumb more settings for CAWG identity through

* style: fix formatting

* fix: pass in settings for WASM

---------

Co-authored-by: ok-nick <[email protected]>

Author: scouten-adobe

sdk/src/assertions/bmff_hash.rs

@@ -35,7 +35,7 @@ use crate::{
     },
     asset_io::CAIRead,
     cbor_types::UriT,
-    settings::get_settings_value,
+    settings::Settings,
     utils::{
         hash_utils::{
             concat_and_hash, hash_stream_by_alg, vec_compare, verify_stream_by_alg, HashRange,
@@ -1035,17 +1035,17 @@ impl BmffHash {
     }
 
     #[cfg(feature = "file_io")]
+    #[allow(clippy::too_many_arguments)]
     pub fn add_merkle_for_fragmented(
         &mut self,
+        max_proofs: usize,
         alg: &str,
         asset_path: &std::path::Path,
         fragment_paths: &Vec<std::path::PathBuf>,
         output_dir: &std::path::Path,
         local_id: usize,
         unique_id: Option<usize>,
     ) -> crate::Result<()> {
-        let max_proofs = get_settings_value::<usize>("core.merkle_tree_max_proofs")?;
-
         if !output_dir.exists() {
             std::fs::create_dir_all(output_dir)?;
         } else {
@@ -1342,8 +1342,9 @@ impl BmffHash {
         reader: &mut dyn CAIRead,
         box_info: &BoxInfoLite,
         merkle_map: &mut MerkleMap,
+        settings: &Settings,
     ) -> crate::Result<Vec<Vec<u8>>> {
-        let max_proofs = get_settings_value::<usize>("core.merkle_tree_max_proofs")?;
+        let max_proofs = settings.core.merkle_tree_max_proofs;
 
         // build the Merkle tree
         let m_tree = self.create_merkle_tree_for_merkle_map(reader, box_info, merkle_map)?;

sdk/src/assertions/timestamp.rs

@@ -50,7 +50,10 @@ impl TimeStamp {
 
     #[cfg(not(target_arch = "wasm32"))]
     pub fn send_timestamp_token_request(tsa_url: &str, message: &[u8]) -> Result<Vec<u8>> {
-        use crate::{crypto::cose::CertificateTrustPolicy, status_tracker::StatusTracker, Error};
+        use crate::{
+            crypto::cose::CertificateTrustPolicy, settings::Settings,
+            status_tracker::StatusTracker, Error,
+        };
 
         let body = crate::crypto::time_stamp::default_rfc3161_message(message)?;
         let headers = None;
@@ -62,7 +65,19 @@ impl TimeStamp {
         // make sure it is a good response
         let ctp = CertificateTrustPolicy::passthrough();
         let mut tracker = StatusTracker::default();
-        crate::crypto::time_stamp::verify_time_stamp(&bytes, message, &ctp, &mut tracker)?;
+
+        // TODO: separate verifying time stamp and verifying time stamp trust into separate functions?
+        //       do we need to pass settings here at all if `ctp` is set to pasthrough anyways?
+        let mut settings = Settings::default();
+        settings.verify.verify_timestamp_trust = false;
+
+        crate::crypto::time_stamp::verify_time_stamp(
+            &bytes,
+            message,
+            &ctp,
+            &mut tracker,
+            &settings,
+        )?;
 
         let token = crate::crypto::cose::timestamptoken_from_timestamprsp(&bytes)
             .ok_or(Error::OtherError("timestamp token not found".into()))?;

sdk/src/asset_handlers/c2pa_io.rs

@@ -149,6 +149,7 @@ pub mod tests {
     use super::{AssetIO, C2paIO, CAIReader, CAIWriter};
     use crate::{
         crypto::raw_signature::SigningAlg,
+        settings::Settings,
         status_tracker::{ErrorBehavior, StatusTracker},
         store::Store,
         utils::{
@@ -160,6 +161,8 @@ pub mod tests {
 
     #[test]
     fn c2pa_io_parse() {
+        let settings = Settings::default();
+
         let path = fixture_path("C.jpg");
 
         let temp_dir = tempdirectory().expect("temp dir");
@@ -183,6 +186,7 @@ pub mod tests {
             &stream,
             true,
             &mut StatusTracker::with_error_behavior(ErrorBehavior::StopOnFirstError),
+            &settings,
         )
         .expect("loading store");