Merge pull request #330 from VishnuJin/feat-label-search-for-sign-invoice

feat - add label search argument to sign-invoice

Author: thomastaylor312

bin/client/main.rs

@@ -11,7 +11,7 @@ use bindle::invoice::signature::{
 };
 use bindle::invoice::Invoice;
 use bindle::provider::ProviderError;
-use bindle::signature::{KeyEntry, KeyRingLoader, KeyRingSaver};
+use bindle::signature::{KeyEntry, KeyRingLoader, KeyRingSaver, LabelMatch};
 use bindle::standalone::{StandaloneRead, StandaloneWrite};
 use bindle::SignatureError;
 use bindle::{
@@ -246,8 +246,17 @@ async fn run() -> std::result::Result<(), ClientError> {
                 None => ensure_config_dir().await?.join("secret_keys.toml"),
             };
 
+            let match_type = match (sign_opts.label, sign_opts.label_matching) {
+                (Some(label), None) => Some(LabelMatch::FullMatch(label)),
+                (None, Some(label_matching)) => Some(LabelMatch::PartialMatch(label_matching)),
+                (None, None) => None,
+                _ => {
+                    unreachable!("both label and label-matching cannot be present at the same time")
+                }
+            };
+
             // Signing key
-            let key = first_matching_key(keyfile, &role).await?;
+            let key = first_matching_key(keyfile, &role, match_type.as_ref()).await?;
 
             // Load the invoice and sign it.
             let mut inv: Invoice = bindle::client::load::toml(sign_opts.invoice.as_str()).await?;
@@ -259,8 +268,8 @@ async fn run() -> std::result::Result<(), ClientError> {
                 .unwrap_or_else(|| format!("./invoice-{}.toml", inv.canonical_name()));
 
             println!(
-                "Signed {} with role {} and wrote to {}",
-                sign_opts.invoice, role, outfile
+                "Signed {} with role as '{}', label as '{}' and wrote to {}",
+                sign_opts.invoice, role, key.label, outfile
             );
             tokio::fs::write(outfile, toml::to_string(&inv)?).await?;
         }
@@ -315,7 +324,7 @@ async fn run() -> std::result::Result<(), ClientError> {
                         .await
                         .map_err(|e| ClientError::Other(e.to_string()))?;
 
-                    let matches: Vec<KeyEntry> = match print_key_opts.label {
+                    let matches: Vec<KeyEntry> = match print_key_opts.label_matching {
                         Some(name) => keyfile
                             .key
                             .iter()
@@ -646,12 +655,16 @@ async fn ensure_config_dir() -> Result<PathBuf> {
     Ok(dir)
 }
 
-async fn first_matching_key(fpath: PathBuf, role: &SignatureRole) -> Result<SecretKeyEntry> {
+async fn first_matching_key(
+    fpath: PathBuf,
+    role: &SignatureRole,
+    label_match: Option<&LabelMatch>,
+) -> Result<SecretKeyEntry> {
     let keys = SecretKeyFile::load_file(&fpath).await.map_err(|e| {
         ClientError::Other(format!("Error loading file {}: {}", fpath.display(), e))
     })?;
 
-    keys.get_first_matching(role)
+    keys.get_first_matching(role, label_match)
         .map(|k| k.to_owned())
         .ok_or_else(|| ClientError::Other("No satisfactory key found".to_owned()))
 }

bin/client/opts.rs

@@ -419,12 +419,11 @@ pub struct PrintKey {
     )]
     pub secret_file: Option<PathBuf>,
     #[clap(
-        short = 'l',
-        long = "label",
-        value_name = "LABEL",
-        help = "The label to search for. If supplied, this will return each key that contains this string in its label. For example, '--label=ample' will match 'label: Examples'."
+        short = 'm',
+        long = "label-matching",
+        help = "selects the keys that (partially) matches the given label. If supplied, this will return each key that contains this string in its label. For example, '--label=ample' will match 'label: Examples'."
     )]
-    pub label: Option<String>,
+    pub label_matching: Option<String>,
 }
 
 #[derive(Parser)]
@@ -447,6 +446,19 @@ pub struct SignInvoice {
         help = "the role to sign with. Values are: c[reator], a[pprover], h[ost], p[roxy]. If no role is specified, 'creator' is used"
     )]
     pub role: Option<String>,
+    #[clap(
+        short = 'l',
+        long = "label",
+        conflicts_with = "label-matching",
+        help = "selects the key with the exact given label"
+    )]
+    pub label: Option<String>,
+    #[clap(
+        short = 'm',
+        long = "label-matching",
+        help = "selects the key that (partially) matches the given label. If supplied, this will sign with the key that contains this string in its label. For example, '--label=ample' will match 'label: Examples'."
+    )]
+    pub label_matching: Option<String>,
     #[clap(
         short = 'o',
         long = "out",

src/invoice/signature.rs

@@ -365,12 +365,16 @@ impl SecretKeyEntry {
 /// all of them must provide a way for the system to fetch a key matching the
 /// desired role.
 pub trait SecretKeyStorage {
-    /// Get a key appropriate for signing with the given role.
+    /// Get a key appropriate for signing with the given role and optional match criteria with LabelMatch enum.
     ///
     /// If no key is found, this will return a None.
     /// In general, if multiple keys match, the implementation chooses the "best fit"
     /// and returns that key.
-    fn get_first_matching(&self, role: &SignatureRole) -> Option<&SecretKeyEntry>;
+    fn get_first_matching(
+        &self,
+        role: &SignatureRole,
+        label_match: Option<&LabelMatch>,
+    ) -> Option<&SecretKeyEntry>;
 }
 
 #[derive(Serialize, Deserialize, Debug, Clone)]
@@ -414,10 +418,32 @@ impl SecretKeyFile {
         Ok(())
     }
 }
+/// This enumerates the select criteria of the key based on the given Label
+pub enum LabelMatch {
+    /// Key will be selected with an exact match of the given label.
+    /// Matches are case sensitive
+    FullMatch(String),
+    /// Key will be selected with a partial match of the given label,
+    /// Matches are case insensitive.
+    ///
+    /// For example: "pika" will match "Pikachu" and "puff" will match "Jigglypuff"
+    PartialMatch(String),
+}
 
 impl SecretKeyStorage for SecretKeyFile {
-    fn get_first_matching(&self, role: &SignatureRole) -> Option<&SecretKeyEntry> {
-        self.key.iter().find(|k| k.roles.contains(role))
+    fn get_first_matching(
+        &self,
+        role: &SignatureRole,
+        label_match: Option<&LabelMatch>,
+    ) -> Option<&SecretKeyEntry> {
+        self.key.iter().find(|k| {
+            k.roles.contains(role)
+                && match label_match {
+                    Some(LabelMatch::FullMatch(label)) => k.label.eq(label),
+                    Some(LabelMatch::PartialMatch(label)) => k.label.contains(label),
+                    None => true,
+                }
+        })
     }
 }
 

src/server/handlers.rs

@@ -74,7 +74,7 @@ pub mod v1 {
         // with my private key, and THEN go on to store.create_invoice()
 
         let role = SignatureRole::Host;
-        let sk = match secret_store.get_first_matching(&role) {
+        let sk = match secret_store.get_first_matching(&role, None) {
             None => {
                 return Ok(reply::into_reply(ProviderError::FailedSigning(
                     SignatureError::NoSuitableKey,

src/server/mod.rs

@@ -187,7 +187,7 @@ mod test {
             SignatureRole::Creator,
             valid_v1
                 .keys
-                .get_first_matching(&SignatureRole::Creator)
+                .get_first_matching(&SignatureRole::Creator, None)
                 .unwrap(),
         )
         .unwrap();

src/testing/mod.rs

@@ -17,7 +17,7 @@ use crate::invoice::signature::{
 use crate::provider::embedded::EmbeddedProvider;
 use crate::provider::file::FileProvider;
 use crate::search::StrictEngine;
-use crate::signature::KeyRingLoader;
+use crate::signature::{KeyRingLoader, LabelMatch};
 
 use sha2::{Digest, Sha256};
 use tempfile::tempdir;
@@ -296,7 +296,11 @@ impl Default for MockKeyStore {
 }
 
 impl SecretKeyStorage for MockKeyStore {
-    fn get_first_matching(&self, _role: &SignatureRole) -> Option<&SecretKeyEntry> {
+    fn get_first_matching(
+        &self,
+        _role: &SignatureRole,
+        _match_type: Option<&LabelMatch>,
+    ) -> Option<&SecretKeyEntry> {
         Some(&self.mock_secret_key)
     }
 }

tests/client.rs

@@ -170,7 +170,7 @@ async fn test_already_created() {
             SignatureRole::Creator,
             scaffold
                 .keys
-                .get_first_matching(&SignatureRole::Creator)
+                .get_first_matching(&SignatureRole::Creator, None)
                 .unwrap(),
         )
         .unwrap();