wip

Mr-Leshiy · Mr-Leshiy · commit cd4301c8b1bc · 2025-02-17T13:59:37.000+02:00
diff --git a/rust/signed_doc/src/doc_types/comment_document.rs b/rust/signed_doc/src/doc_types/comment_document.rs
@@ -32,11 +32,11 @@ pub struct CommentDocument {
 
 impl StatelessValidation for CommentDocument {
     const STATELESS_RULES: &[crate::validator::StatelessRule] = &[
-        type_check,
-        content_type_check,
-        content_encoding_check,
-        template_check,
-        reply_check,
+        type_stateless_check,
+        content_type_stateless_check,
+        content_encoding_stateless_check,
+        template_stateless_check,
+        reply_stateless_check,
     ];
 }
 
@@ -48,7 +48,7 @@ where DocProvider: 'static + Fn(&DocumentRef) -> Option<CatalystSignedDocument>
 }
 
 /// `type` field validation
-fn type_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
+fn type_stateless_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
     if doc.doc_type().uuid() != COMMENT_DOCUMENT_UUID_TYPE {
         report.invalid_value(
             "type",
@@ -62,7 +62,7 @@ fn type_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
 }
 
 /// `content-type` validation
-fn content_type_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
+fn content_type_stateless_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
     if doc.doc_content_type() != ContentType::Json {
         report.invalid_value(
             "content-type",
@@ -76,7 +76,7 @@ fn content_type_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> b
 }
 
 /// `content-encoding` validation
-fn content_encoding_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
+fn content_encoding_stateless_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
     if let Some(content_encoding) = doc.doc_content_encoding() {
         if content_encoding != ContentEncoding::Brotli {
             report.invalid_value(
@@ -98,7 +98,7 @@ fn content_encoding_check(doc: &CatalystSignedDocument, report: &ProblemReport)
 }
 
 /// `template` validation
-fn template_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
+fn template_stateless_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
     if doc.doc_meta().template().is_none() {
         report.missing_field("template", "Comment Document must have a template field");
         return false;
@@ -107,7 +107,7 @@ fn template_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool
 }
 
 /// `reply` validation
-fn reply_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
+fn reply_stateless_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
     if doc.doc_meta().doc_ref().is_none() {
         report.missing_field("ref", "Comment Document must have a ref field");
         return false;
diff --git a/rust/signed_doc/src/doc_types/proposal_document.rs b/rust/signed_doc/src/doc_types/proposal_document.rs
@@ -30,10 +30,10 @@ pub struct ProposalDocument {
 
 impl StatelessValidation for ProposalDocument {
     const STATELESS_RULES: &[StatelessRule] = &[
-        type_check,
-        content_type_check,
-        content_encoding_check,
-        template_check,
+        type_stateless_check,
+        content_type_stateless_check,
+        content_encoding_stateless_check,
+        template_stateless_check,
     ];
 }
 
@@ -45,7 +45,7 @@ where DocProvider: 'static + Fn(&DocumentRef) -> Option<CatalystSignedDocument>
 }
 
 /// `type` field validation
-fn type_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
+fn type_stateless_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
     if doc.doc_type().uuid() != PROPOSAL_DOCUMENT_UUID_TYPE {
         report.invalid_value(
             "type",
@@ -59,7 +59,7 @@ fn type_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
 }
 
 /// `content-type` validation
-fn content_type_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
+fn content_type_stateless_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
     if doc.doc_content_type() != ContentType::Json {
         report.invalid_value(
             "content-type",
@@ -73,7 +73,7 @@ fn content_type_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> b
 }
 
 /// `content-encoding` validation
-fn content_encoding_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
+fn content_encoding_stateless_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
     if let Some(content_encoding) = doc.doc_content_encoding() {
         if content_encoding != ContentEncoding::Brotli {
             report.invalid_value(
@@ -95,7 +95,7 @@ fn content_encoding_check(doc: &CatalystSignedDocument, report: &ProblemReport)
 }
 
 /// `template` validation
-fn template_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
+fn template_stateless_check(doc: &CatalystSignedDocument, report: &ProblemReport) -> bool {
     if doc.doc_meta().template().is_none() {
         report.missing_field("template", "Proposal Document must have a template field");
         return false;
diff --git a/rust/signed_doc/src/lib.rs b/rust/signed_doc/src/lib.rs
@@ -141,8 +141,10 @@ impl CatalystSignedDocument {
     /// # Errors
     ///
     /// Returns a report of verification failures and the source error.
-    pub fn verify<P>(&self, pk_getter: P) -> Result<(), CatalystSignedDocError>
-    where P: Fn(&IdUri) -> Option<VerifyingKey> {
+    /// If `provider` returns error, fails fast and placed this error into
+    /// `CatalystSignedDocError::error`.
+    pub fn verify<P>(&self, provider: P) -> Result<(), CatalystSignedDocError>
+    where P: Fn(&IdUri) -> anyhow::Result<Option<VerifyingKey>> {
         let report = ProblemReport::new("Catalyst Signed Document Verification");
 
         let cose_sign = match self.as_cose_sign() {
@@ -157,8 +159,8 @@ impl CatalystSignedDocument {
         };
 
         for (signature, kid) in self.signatures().cose_signatures_with_kids() {
-            match pk_getter(kid) {
-                Some(pk) => {
+            match provider(kid) {
+                Ok(Some(pk)) => {
                     let tbs_data = cose_sign.tbs_data(&[], signature);
                     match signature.signature.as_slice().try_into() {
                         Ok(signature_bytes) => {
@@ -182,19 +184,22 @@ impl CatalystSignedDocument {
                         },
                     }
                 },
-                None => {
+                Ok(None) => {
                     report.other(
                         &format!("Missing public key for {kid}."),
                         "During public key extraction",
                     );
                 },
+                Err(e) => {
+                    return Err(CatalystSignedDocError::new(report, e));
+                },
             }
         }
 
         if report.is_problematic() {
             return Err(CatalystSignedDocError::new(
                 report,
-                anyhow::anyhow!("Verification failed for Catalyst Signed Document"),
+                anyhow::anyhow!("Signature validation for Catalyst Signed Document fails"),
             ));
         }
 
@@ -426,8 +431,10 @@ mod tests {
             .build()
             .unwrap();
 
-        assert!(signed_doc.verify(|_| Some(pk)).is_ok());
-
-        assert!(signed_doc.verify(|_| None).is_err());
+        assert!(signed_doc.verify(|_| Ok(Some(pk))).is_ok());
+        assert!(signed_doc.verify(|_| Ok(None)).is_err());
+        assert!(signed_doc
+            .verify(|_| Err(anyhow::anyhow!("some error")))
+            .is_err());
     }
 }
diff --git a/rust/signed_doc/src/validator/mod.rs b/rust/signed_doc/src/validator/mod.rs
@@ -42,11 +42,15 @@ where
     const STATEFULL_RULES: &[StatefullRule<Self, DocProvider>];
 
     /// Perform a statefull validation, collecting a problem report
-    fn validate(&self, provider: &DocProvider, report: &ProblemReport) -> bool {
-        Self::STATEFULL_RULES
+    ///
+    /// # Errors
+    /// Returns an error if `provider` will return an error, fails fast in this case.
+    fn validate(&self, provider: &DocProvider, report: &ProblemReport) -> anyhow::Result<bool> {
+        let res = Self::STATEFULL_RULES
             .iter()
             .map(|rule| rule(self, provider, report))
-            .all(|res| res)
+            .all(|res| res);
+        Ok(res)
     }
 }
 
@@ -56,6 +60,8 @@ where
 /// # Errors
 ///
 /// Returns a report of validation failures and the source error.
+/// If `provider` returns error, fails fast and placed this error into
+/// `CatalystSignedDocError::error`.
 pub fn validate<DocProvider>(
     doc: &CatalystSignedDocument, provider: &DocProvider,
 ) -> Result<(), CatalystSignedDocError>
@@ -73,23 +79,47 @@ where DocProvider: 'static + Fn(&DocumentRef) -> Option<CatalystSignedDocument>
             );
             return Err(CatalystSignedDocError::new(
                 report,
-                anyhow::anyhow!("Validation of the Catalyst Signed Document failed"),
+                anyhow::anyhow!("Validation of the Catalyst Signed Document failed, {e}"),
             ));
         },
     };
 
+    match validate_inner(doc_type, doc, provider, &report) {
+        Ok(()) if report.is_problematic() => {
+            Err(CatalystSignedDocError::new(
+                report,
+                anyhow::anyhow!("Validation of the Catalyst Signed Document failed"),
+            ))
+        },
+        Err(e) => Err(CatalystSignedDocError::new(report, e)),
+        Ok(()) => Ok(()),
+    }
+}
+
+/// A comprehensive type based validation of the `CatalystSignedDocument`, collecting a
+/// `report`.
+///
+/// # Errors
+///
+/// If `provider` returns error, fails fast and placed this error into
+/// `CatalystSignedDocError::error`.
+fn validate_inner<DocProvider>(
+    doc_type: DocumentType, doc: &CatalystSignedDocument, provider: &DocProvider,
+    report: &ProblemReport,
+) -> anyhow::Result<()>
+where
+    DocProvider: 'static + Fn(&DocumentRef) -> Option<CatalystSignedDocument>,
+{
     #[allow(clippy::match_same_arms)]
     match doc_type {
         DocumentType::ProposalDocument => {
-            if let Ok(proposal_doc) = ProposalDocument::from_signed_doc(doc, &report) {
-                proposal_doc.validate(provider, &report);
-            }
+            let doc = ProposalDocument::from_signed_doc(doc, report)?;
+            doc.validate(provider, report)?;
         },
         DocumentType::ProposalTemplate => {},
         DocumentType::CommentDocument => {
-            if let Ok(comment_doc) = CommentDocument::from_signed_doc(doc, &report) {
-                comment_doc.validate(provider, &report);
-            }
+            let doc = CommentDocument::from_signed_doc(doc, report)?;
+            doc.validate(provider, report)?;
         },
         DocumentType::CommentTemplate => {},
         DocumentType::ReviewDocument => {},
@@ -105,13 +135,5 @@ where DocProvider: 'static + Fn(&DocumentRef) -> Option<CatalystSignedDocument>
         DocumentType::PrivateVoteTxV2 => {},
         DocumentType::ImmutableLedgerBlock => {},
     }
-
-    if report.is_problematic() {
-        return Err(CatalystSignedDocError::new(
-            report,
-            anyhow::anyhow!("Validation of the Catalyst Signed Document failed"),
-        ));
-    }
-
     Ok(())
 }
