Refactoring IO for overwriting file

Author: gilanghamidy

intel-sgx/dcap-artifact-retrieval/src/cli.rs

@@ -8,7 +8,7 @@
 use std::path::{Path, PathBuf};
 
 use clap::clap_app;
-use pcs::{PckID, DcapArtifactIssuer};
+use pcs::{PckID, DcapArtifactIssuer, WriteOption};
 use reqwest::Url;
 use rustc_serialize::hex::ToHex;
 use serde::de::{value, IntoDeserializer};
@@ -72,19 +72,19 @@ fn download_dcap_artifacts(
         // instead we mimic it using pckcert API.
         let pckcerts = prov_client.pckcerts_with_fallback(&pckid)?;
 
-        let pckcerts_file = pckcerts.store(output_dir, pckid.qe_id.as_slice())?;
+        let pckcerts_file = pckcerts.store(output_dir, pckid.qe_id.as_slice(), WriteOption { overwrite: true })?;
 
         if verbose {
-            println!("   pckcerts:    {}", pckcerts_file);
+            println!("   pckcerts:    {}", pckcerts_file.unwrap().display());
         }
 
         let fmspc = pckcerts.fmspc()?;
         let evaluation_data_numbers = prov_client
             .tcb_evaluation_data_numbers()?;
 
-        let file = evaluation_data_numbers.write_to_file(output_dir)?;
+        let file = evaluation_data_numbers.write_to_file(output_dir, WriteOption { overwrite: true })?;
         if verbose {
-            println!("   tcb evaluation data numbers:    {}\n", file);
+            println!("   tcb evaluation data numbers:    {}\n", file.unwrap().display());
         }
 
         for number in evaluation_data_numbers.evaluation_data_numbers()?.numbers() {
@@ -93,9 +93,9 @@ fn download_dcap_artifacts(
 
             match tcb_info {
                 Ok(tcb_info) => {
-                    let file = tcb_info.store(output_dir)?;
+                    let file = tcb_info.store(output_dir, WriteOption { overwrite: true })?;
                     if verbose {
-                        println!("   tcb info:    {}", file);
+                        println!("   tcb info:    {}", file.unwrap().display());
                     }
                 },
                 Err(Error::PCSError(StatusCode::Gone, _)) => {
@@ -114,9 +114,9 @@ fn download_dcap_artifacts(
 
             match qe_identity {
                 Ok(qe_identity) => {
-                    let file = qe_identity.write_to_file(output_dir)?;
+                    let file = qe_identity.write_to_file(output_dir, WriteOption { overwrite: true })?;
                     if verbose {
-                        println!("   qe identity: {}\n", file);
+                        println!("   qe identity: {}\n", file.unwrap().display());
                     }
                 }
                 Err(Error::PCSError(StatusCode::Gone, _)) => {
@@ -132,17 +132,17 @@ fn download_dcap_artifacts(
     }
     let pckcrl = prov_client
         .pckcrl(DcapArtifactIssuer::PCKProcessorCA)
-        .and_then(|crl| crl.write_to_file_as(output_dir, DcapArtifactIssuer::PCKProcessorCA).map_err(|e| e.into()))?;
+        .and_then(|crl| crl.write_to_file_as(output_dir, DcapArtifactIssuer::PCKProcessorCA, WriteOption { overwrite: true }).map_err(|e| e.into()))?;
     if verbose {
         println!("==[ generic ]==");
-        println!("   PCKProcessorCA Crl:      {}", pckcrl);
+        println!("   PCKProcessorCA Crl:      {}", pckcrl.unwrap().display());
     }
 
     let pckcrl = prov_client
         .pckcrl(DcapArtifactIssuer::PCKPlatformCA)
-        .and_then(|crl| crl.write_to_file_as(output_dir, DcapArtifactIssuer::PCKPlatformCA).map_err(|e| e.into()))?;
+        .and_then(|crl| crl.write_to_file_as(output_dir, DcapArtifactIssuer::PCKPlatformCA, WriteOption { overwrite: true }).map_err(|e| e.into()))?;
     if verbose {
-        println!("   PCKPlatformCA Crl:      {}", pckcrl);
+        println!("   PCKPlatformCA Crl:      {}", pckcrl.unwrap().display());
     }
     Ok(())
 }

intel-sgx/dcap-artifact-retrieval/src/provisioning_client/intel.rs

@@ -12,7 +12,8 @@
 //! - <https://download.01.org/intel-sgx/dcap-1.1/linux/docs/Intel_SGX_PCK_Certificate_CRL_Spec-1.1.pdf>
 
 use pcs::{
-    CpuSvn, DcapArtifactIssuer, EncPpid, EnclaveIdentity, Fmspc, PceId, PceIsvsvn, PckCert, PckCerts, PckCrl, PlatformType, PlatformTypeForTcbInfo, QeId, QeIdentitySigned, RawTcbEvaluationDataNumbers, TcbInfo, Unverified, platform
+    CpuSvn, DcapArtifactIssuer, EncPpid, EnclaveIdentity, Fmspc, PceId, PceIsvsvn, PckCert, PckCerts, PckCrl, PlatformType, 
+    PlatformTypeForTcbInfo, QeId, QeIdentitySigned, RawTcbEvaluationDataNumbers, TcbInfo, Unverified, platform,
 };
 use rustc_serialize::hex::ToHex;
 use std::borrow::Cow;
@@ -590,7 +591,7 @@ mod tests {
 
     use pcs::{
         DcapArtifactIssuer, EnclaveIdentity, Fmspc, PckID, Platform, RawTcbEvaluationDataNumbers,
-        TcbEvaluationDataNumbers,
+        TcbEvaluationDataNumbers, WriteOption,
     };
 
     use crate::provisioning_client::{
@@ -639,7 +640,7 @@ mod tests {
                     "Intel SGX Root CA"
                 );
                 pcks.fmspc().unwrap();
-                pcks.store(OUTPUT_TEST_DIR, pckid.qe_id.as_slice()).unwrap();
+                pcks.store(OUTPUT_TEST_DIR, pckid.qe_id.as_slice(), WriteOption { overwrite: true }).unwrap();
             }
         }
     }
@@ -869,7 +870,7 @@ mod tests {
                     .unwrap();
                 assert!(client
                     .tcbinfo(&pckcerts.fmspc().unwrap(), None)
-                    .and_then(|tcb| { Ok(tcb.store(OUTPUT_TEST_DIR).unwrap()) })
+                    .and_then(|tcb| { Ok(tcb.store(OUTPUT_TEST_DIR, WriteOption { overwrite: true }).unwrap()) })
                     .is_ok());
             }
         }
@@ -941,7 +942,7 @@ mod tests {
                     Err(super::Error::PCSError(status_code, _)) if status_code == super::StatusCode::Gone => continue,
                     res @Err(_) => res.unwrap(),
                 };
-                tcb.store(OUTPUT_TEST_DIR).unwrap();
+                tcb.store(OUTPUT_TEST_DIR, WriteOption { overwrite: true }).unwrap();
             }
         }
     }
@@ -1023,7 +1024,7 @@ mod tests {
                 let client = intel_builder.build(reqwest_client());
                 assert!(client
                     .pckcrl(ca)
-                    .and_then(|crl| { Ok(crl.write_to_file(OUTPUT_TEST_DIR).unwrap()) })
+                    .and_then(|crl| { Ok(crl.write_to_file(OUTPUT_TEST_DIR, WriteOption { overwrite: true }).unwrap()) })
                     .is_ok());
             }
         }
@@ -1095,7 +1096,7 @@ mod tests {
             let client = intel_builder.build(reqwest_client());
             let qe_id = client.qe_identity(None).unwrap();
             assert_eq!(qe_id.enclave_type(), EnclaveIdentity::QE);
-            assert!(qe_id.write_to_file(OUTPUT_TEST_DIR).is_ok());
+            assert!(qe_id.write_to_file(OUTPUT_TEST_DIR, WriteOption { overwrite: true }).is_ok());
         }
     }
 
@@ -1107,7 +1108,7 @@ mod tests {
         let client = intel_builder.build(reqwest_client());
         let qe_id = client.tdqe_identity(None).unwrap();
         assert_eq!(qe_id.enclave_type(), EnclaveIdentity::TDQE);
-        assert!(qe_id.write_to_file(OUTPUT_TEST_DIR).is_ok());
+        assert!(qe_id.write_to_file(OUTPUT_TEST_DIR, WriteOption { overwrite: true }).is_ok());
     }
 
     #[test]

intel-sgx/dcap-artifact-retrieval/src/provisioning_client/pccs.rs

@@ -441,7 +441,7 @@ mod tests {
 
     use pcs::{
         EnclaveIdentity, Fmspc, PckID, Platform, RawTcbEvaluationDataNumbers,
-        TcbEvaluationDataNumbers,
+        TcbEvaluationDataNumbers, WriteOption,
     };
 
     use super::Client;
@@ -633,7 +633,7 @@ mod tests {
 
                 assert!(client
                     .tcbinfo(&pckcerts.fmspc().unwrap(), None)
-                    .and_then(|tcb| { Ok(tcb.store(OUTPUT_TEST_DIR).unwrap()) })
+                    .and_then(|tcb| { Ok(tcb.store(OUTPUT_TEST_DIR, WriteOption { overwrite: true }).unwrap()) })
                     .is_ok());
             }
         }
@@ -676,7 +676,7 @@ mod tests {
                     Err(super::Error::PCSError(status_code, _)) if status_code == super::StatusCode::Gone => continue,
                     res @Err(_) => res.unwrap(),
                 };
-                tcb.store(OUTPUT_TEST_DIR).unwrap();
+                tcb.store(OUTPUT_TEST_DIR, WriteOption { overwrite: true }).unwrap();
             }
         }
     }
@@ -731,11 +731,11 @@ mod tests {
             let client = make_client(api_version);
             assert!(client
                 .pckcrl(DcapArtifactIssuer::PCKProcessorCA)
-                .and_then(|crl| Ok(crl.write_to_file(OUTPUT_TEST_DIR).unwrap()))
+                .and_then(|crl| Ok(crl.write_to_file(OUTPUT_TEST_DIR, WriteOption { overwrite: true }).unwrap()))
                 .is_ok());
             assert!(client
                 .pckcrl(DcapArtifactIssuer::PCKPlatformCA)
-                .and_then(|crl| Ok(crl.write_to_file(OUTPUT_TEST_DIR).unwrap()))
+                .and_then(|crl| Ok(crl.write_to_file(OUTPUT_TEST_DIR, WriteOption { overwrite: true }).unwrap()))
                 .is_ok());
         }
     }
@@ -784,7 +784,7 @@ mod tests {
             let client = make_client(api_version);
             let qe_id = client.qe_identity(None);
             assert!(qe_id.is_ok());
-            assert!(qe_id.unwrap().write_to_file(OUTPUT_TEST_DIR).is_ok());
+            assert!(qe_id.unwrap().write_to_file(OUTPUT_TEST_DIR, WriteOption { overwrite: true }).is_ok());
         }
     }
 

intel-sgx/pcs/src/io.rs

@@ -13,30 +13,40 @@ use serde::de::DeserializeOwned;
 
 use crate::Error;
 
+pub struct WriteOption {
+    pub overwrite: bool
+}
+
 /// Write given object in json to given filename under given dir (override existing file).
-pub fn write_to_file<T: serde::ser::Serialize>(obj: &T, dir: &str, filename: &str) -> Result<(), Error> {
+pub fn write_to_file<T: serde::ser::Serialize>(obj: &T, dir: &str, filename: &str, options: WriteOption) -> Result<Option<PathBuf>, Error> {
     let path = Path::new(dir);
     let path = path.join(filename);
-    write_to_path(&path, obj)
+
+    if !options.overwrite && path.exists() {
+        return Ok(None)
+    }
+
+    write_to_path(&path, obj)?;
+    Ok(Some(path))
 }
 
 /// Write given object in json to given filename under given dir if file is not exist.
 ///
 /// - Returns `Ok(None)` if file already exist.
 /// - Returns `Ok(Some(filename))` if succeed to write to new file.
-pub fn write_to_file_if_not_exist<T: serde::ser::Serialize>(
-    obj: &T,
-    dir: &str,
-    filename: &str,
-) -> Result<Option<PathBuf>, Error> {
-    let path = Path::new(dir);
-    let path = path.join(filename);
-    if path.exists() {
-        return Ok(None);
-    }
-    write_to_path(&path, obj)?;
-    Ok(Some(path))
-}
+// pub fn write_to_file_if_not_exist<T: serde::ser::Serialize>(
+//     obj: &T,
+//     dir: &str,
+//     filename: &str,
+// ) -> Result<Option<PathBuf>, Error> {
+//     let path = Path::new(dir);
+//     let path = path.join(filename);
+//     if path.exists() {
+//         return Ok(None);
+//     }
+//     write_to_path(&path, obj)?;
+//     Ok(Some(path))
+// }
 
 fn write_to_path<T: serde::ser::Serialize>(path: &PathBuf, obj: &T) -> Result<(), Error> {
     let mut fp = File::create(&path)?;

intel-sgx/pcs/src/lib.rs

@@ -32,6 +32,7 @@ pub use crate::pckcrt::{PckCert, PckCerts, SGXPCKCertificateExtension, SGXType,
 pub use crate::qe_identity::{EnclaveIdentity, QeIdentity, QeIdentitySigned};
 pub use crate::tcb_info::{AdvisoryID, Fmspc, TcbInfo, TcbData, TcbLevel, TdxModule, TdxModuleIdentity, TdxModuleTcbLevel, TdxModuleTcbLevelIsvSvn, PlatformTypeForTcbInfo};
 pub use crate::tcb_evaluation_data_numbers::{RawTcbEvaluationDataNumbers, TcbEvalNumber, TcbEvaluationDataNumbers, TcbPolicy};
+pub use crate::io::WriteOption;
 
 mod io;
 mod iso8601;

intel-sgx/pcs/src/pckcrl.rs

@@ -4,12 +4,11 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
  */
-
-use std::path::PathBuf;
-
 use pkix::pem::PEM_CRL;
 use serde::{Deserialize, Deserializer, Serialize};
 use std::marker::PhantomData;
+use std::path::PathBuf;
+
 #[cfg(feature = "verify")]
 use {
     mbedtls::alloc::List as MbedtlsList,
@@ -19,6 +18,8 @@ use {
     std::ops::Deref,
 };
 
+#[cfg(feature = "verify")]
+use crate::io::WriteOption;
 use crate::io::{self};
 use crate::{DcapArtifactIssuer, Error, Unverified, VerificationType, Verified};
 
@@ -117,27 +118,14 @@ impl<V: VerificationType> PckCrl<V> {
     }
 
     #[cfg(feature = "verify")]
-    pub fn write_to_file(&self, output_dir: &str) -> Result<String, Error> {
-        let filename = self.filename()?;
-        io::write_to_file(&self, output_dir, &filename)?;
-        Ok(filename)
-    }
-
-    pub fn write_to_file_as(&self, output_dir: &str, ca: DcapArtifactIssuer) -> Result<String, Error> {
-        let filename = Self::filename_from_ca(ca);
-        io::write_to_file(&self, output_dir, &filename)?;
-        Ok(filename)
-    }
-
-    #[cfg(feature = "verify")]
-    pub fn write_to_file_if_not_exist(&self, output_dir: &str) -> Result<Option<PathBuf>, Error> {
+    pub fn write_to_file(&self, output_dir: &str, option: WriteOption) -> Result<Option<PathBuf>, Error> {
         let filename = self.filename()?;
-        io::write_to_file_if_not_exist(&self, output_dir, &filename)
+        io::write_to_file(&self, output_dir, &filename, option)
     }
 
-    pub fn write_to_file_if_not_exist_as(&self, output_dir: &str, ca: DcapArtifactIssuer) -> Result<Option<PathBuf>, Error> {
+    pub fn write_to_file_as(&self, output_dir: &str, ca: DcapArtifactIssuer, option: WriteOption) -> Result<Option<PathBuf>, Error> {
         let filename = Self::filename_from_ca(ca);
-        io::write_to_file_if_not_exist(&self, output_dir, &filename)
+        io::write_to_file(&self, output_dir, &filename, option)
     }
 
     pub fn crl_as_pem(&self) -> &String {

intel-sgx/pcs/src/pckcrt.rs

@@ -32,7 +32,7 @@ use {
     super::{DcapArtifactIssuer, PckCrl},
 };
 
-use crate::io::{self};
+use crate::io::{self, WriteOption};
 use crate::tcb_info::{Fmspc, TcbData, TcbLevel};
 use crate::{CpuSvn, Error, Unverified, VerificationType, Verified, platform};
 
@@ -502,15 +502,9 @@ impl PckCerts {
         format!("{}.certs", base16::encode_lower(qe_id))
     }
 
-    pub fn store(&self, output_dir: &str, qe_id: &[u8]) -> Result<String, Error> {
+    pub fn store(&self, output_dir: &str, qe_id: &[u8], option: WriteOption) -> Result<Option<PathBuf>, Error> {
         let filename = PckCerts::filename(qe_id);
-        io::write_to_file(&self, output_dir, &filename)?;
-        Ok(filename)
-    }
-
-    pub fn store_if_not_exist(&self, output_dir: &str, qe_id: &[u8]) -> Result<Option<PathBuf>, Error> {
-        let filename = PckCerts::filename(qe_id);
-        io::write_to_file_if_not_exist(&self, output_dir, &filename)
+        io::write_to_file(&self, output_dir, &filename, option)
     }
 
     pub fn restore(input_dir: &str, qe_id: &[u8]) -> Result<Self, Error> {
@@ -730,8 +724,8 @@ impl<V: VerificationType> PckCert<V> {
         &self.cert
     }
 
-    pub fn write_to_file(&self, output_dir: &str, filename: &str) -> Result<(), Error> {
-        Ok(io::write_to_file(&self, output_dir, &filename)?)
+    pub fn write_to_file(&self, output_dir: &str, filename: &str, option: WriteOption) -> Result<Option<PathBuf>, Error> {
+        io::write_to_file(&self, output_dir, &filename, option)
     }
 
     pub fn sgx_extension(&self) -> Result<SGXPCKCertificateExtension, ASN1Error> {

intel-sgx/pcs/src/qe_identity.rs

@@ -20,7 +20,7 @@ use {
     pkix::pem::PEM_CERTIFICATE, pkix::x509::GenericCertificate, pkix::FromBer, std::ops::Deref,
 };
 
-use crate::io::{self};
+use crate::io::{self, WriteOption};
 use crate::{Error, TcbStatus, Unverified, VerificationType, Verified};
 
 #[derive(Serialize, Default, Deserialize, Clone, Debug, PartialEq, Eq)]
@@ -374,17 +374,10 @@ impl QeIdentitySigned {
         io::compose_filename(Self::filename_prefix(enclave_type), Self::FILENAME_EXTENSION, evaluation_data_number)
     }
 
-    pub fn write_to_file(&self, output_dir: &str) -> Result<String, Error> {
+    pub fn write_to_file(&self, output_dir: &str, option: WriteOption) -> Result<Option<PathBuf>, Error> {
         let id = QeIdentity::<Unverified>::try_from(self)?;
         let filename = Self::create_filename(&self.enclave_type, Some(id.tcb_evaluation_data_number));
-        io::write_to_file(&self, output_dir, &filename)?;
-        Ok(filename)
-    }
-
-    pub fn write_to_file_if_not_exist(&self, output_dir: &str) -> Result<Option<PathBuf>, Error> {
-        let id = QeIdentity::<Unverified>::try_from(self)?;
-        let filename = Self::create_filename(&self.enclave_type, Some(id.tcb_evaluation_data_number));
-        io::write_to_file_if_not_exist(&self, output_dir, &filename)
+        io::write_to_file(&self, output_dir, &filename, option)
     }
 
     pub fn read_from_file(input_dir: &str, enclave_type: EnclaveIdentity, evaluation_data_number: Option<u64>) -> Result<Self, Error> {