NewTypes for clearer encoding types #474
Conversation
…to main added newtypes to _util
…to main added newtypes to verify/models.py
find_keywords.sh
Outdated
| #/bin/bash | ||
|
|
||
| grep -nr "b64\|base64\|cert_pem\|pem" sigstore/* test/* > key_lines.txt |
There was a problem hiding this comment.
Nit: fine for now, but this should be dropped from the changeset once it's ready for a final review 🙂
sigstore/_utils.py
Outdated
| @@ -32,6 +32,8 @@ | |||
| else: | |||
| from importlib import resources | |||
|
|
|||
| import newtype | |||
There was a problem hiding this comment.
Nonexistent module? I see you added newtypes.py so this should probably be import newtypes (but I'll leave a comment w/ thoughts about avoiding a new module).
sigstore/newtypes.py
Outdated
| Hexstr = NewType('hexstr', str) | ||
| B64str = NewType('b64str', str) | ||
| Pemcert = NewType("pemcert", str) | ||
| KeyID = NewType('keyID', bytes) |
There was a problem hiding this comment.
The NewType API expects the LHS of the expression and the first argument to match, so these should be:
| Hexstr = NewType('hexstr', str) | |
| B64str = NewType('b64str', str) | |
| Pemcert = NewType("pemcert", str) | |
| KeyID = NewType('keyID', bytes) | |
| hexstr = NewType('hexstr', str) | |
| b64str = NewType('b64str', str) | |
| pemcert = NewType("pemcert", str) | |
| keyid = NewType('keyid', bytes) |
(I made these all lowercase because they're all NewTypes of primitive types, but it might make sense to have them be PEMCert etc. instead. But we can think more about that in a later review.)
sigstore/newtypes.py
Outdated
| @@ -0,0 +1,6 @@ | |||
| from typing import NewType | |||
There was a problem hiding this comment.
My preference would be to avoid a new module here (especially a public one) -- IMO these newtypes should go in the existing _utils module, since that's where a lot of them get constructed anyways.
There was a problem hiding this comment.
Should we then import _utils instead of import newtypes in every file that needs changes? I am wondering if there is a way of putting all the needed newtypes in a function and doing from _utils import function instead.
There was a problem hiding this comment.
Should we then import _utils instead of import newtypes in every file that needs changes?
Yes, exactly (although you should use the fully qualified sigstore._utils path for consistency with the rest of the code).
I am wondering if there is a way of putting all the needed newtypes in a function and doing from _utils import function instead.
This is probably overkill -- having them at the top-level of _utils is idiomatic, and we can selectively import them as needed.
|
Thanks for opening this! Looks like a good first start; I left a couple of design nits and suggested changes. FYI: there are a couple of things that our QA tools would have caught -- if you run (You can also run |
sigstore/sign.py
Outdated
| @@ -73,6 +73,7 @@ | |||
| from sigstore._internal.tuf import TrustUpdater | |||
| from sigstore._utils import sha256_streaming | |||
| from sigstore.transparency import LogEntry | |||
| import newtypes | |||
There was a problem hiding this comment.
Nit: remove entirely and replace with imports from sigstore._utils.
sigstore/verify/models.py
Outdated
| @@ -31,6 +31,8 @@ | |||
| from sigstore._utils import base64_encode_pem_cert, sha256_streaming | |||
| from sigstore.transparency import LogEntry | |||
|
|
|||
| from sigstore import newtypes | |||
There was a problem hiding this comment.
sigstore/sign.py
Outdated
| from sigstore._utils import hexstr | ||
| from sigstore._utils import b64str | ||
| from sigstore._utils import pemcert | ||
| from sigstore._utils import keyid |
There was a problem hiding this comment.
These should be imported in a single line; make reformat should do this for you automatically.
…igstore#466) Updates the requirements on [ruff](https://github.com/charliermarsh/ruff) to permit the latest version. - [Release notes](https://github.com/charliermarsh/ruff/releases) - [Changelog](https://github.com/charliermarsh/ruff/blob/main/BREAKING_CHANGES.md) - [Commits](astral-sh/ruff@v0.0.18...v0.0.228) --- updated-dependencies: - dependency-name: ruff dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: emboman13 <embo1013@yahoo.com>
…igstore#468) Updates the requirements on [ruff](https://github.com/charliermarsh/ruff) to permit the latest version. - [Release notes](https://github.com/charliermarsh/ruff/releases) - [Changelog](https://github.com/charliermarsh/ruff/blob/main/BREAKING_CHANGES.md) - [Commits](astral-sh/ruff@v0.0.18...v0.0.230) --- updated-dependencies: - dependency-name: ruff dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: emboman13 <embo1013@yahoo.com>
…igstore#469) Updates the requirements on [ruff](https://github.com/charliermarsh/ruff) to permit the latest version. - [Release notes](https://github.com/charliermarsh/ruff/releases) - [Changelog](https://github.com/charliermarsh/ruff/blob/main/BREAKING_CHANGES.md) - [Commits](astral-sh/ruff@v0.0.18...v0.0.231) --- updated-dependencies: - dependency-name: ruff dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: emboman13 <embo1013@yahoo.com>
* Initial Sigstore bundle support Signed-off-by: William Woodruff <william@trailofbits.com> * README: update `--help` texts Signed-off-by: William Woodruff <william@trailofbits.com> * sign: fix bundle generation Certs are base64'd DER, not PEM, and the canonicalized_body is the log entry body, not the canonicalized contents that the SET is signed over. Signed-off-by: William Woodruff <william@trailofbits.com> * sign: remove TODO Signed-off-by: William Woodruff <william@trailofbits.com> * sign: update TODO Signed-off-by: William Woodruff <william@trailofbits.com> * _cli: Make `--bundle` refer to a path and create a `--no-bundle` flag to control whether Sigstore bundles are emitted by default Signed-off-by: Alex Cameron <asc@tetsuo.sh> * _cli: Move variable to correct scope Signed-off-by: Alex Cameron <asc@tetsuo.sh> * _cli: Reword warnings for bundle flags Signed-off-by: Alex Cameron <asc@tetsuo.sh> * README: Fix sign example Signed-off-by: Alex Cameron <asc@tetsuo.sh> * README: Update verify invocations Signed-off-by: Alex Cameron <asc@tetsuo.sh> * README: Fix line breaks Signed-off-by: Alex Cameron <asc@tetsuo.sh> * _cli: fix sig output Signed-off-by: William Woodruff <william@trailofbits.com> * _cli: fix sig check, take 2 Signed-off-by: William Woodruff <william@trailofbits.com> Signed-off-by: William Woodruff <william@trailofbits.com> Signed-off-by: Alex Cameron <asc@tetsuo.sh> Co-authored-by: Alex Cameron <asc@tetsuo.sh> Signed-off-by: emboman13 <embo1013@yahoo.com>
Signed-off-by: omartounsi7 <otounsi@purdue.edu>
Signed-off-by: omartounsi7 <otounsi@purdue.edu>
Signed-off-by: omartounsi7 <otounsi@purdue.edu>
|
@woodruffw Hello William, we have pushed all of our changes. But there is a conflict with _internal/rekor/client.py which we don't know how to resolve. There is a class RekorBundle that exists on our branch but not on the main branch. Other than that, we think we are ready for a code review. |
You can remove that class and anything related to it from your branch -- that's part of an old internal API that we've removed. |
sigstore/_internal/ctfe.py
Outdated
| @@ -25,7 +25,7 @@ | |||
| from cryptography.hazmat.primitives import hashes | |||
| from cryptography.hazmat.primitives.asymmetric import ec, rsa | |||
|
|
|||
| from sigstore._utils import key_id, load_pem_public_key | |||
| from sigstore._utils import key_id, keyid, load_pem_public_key | |||
There was a problem hiding this comment.
Hmm, having both key_id (a function) and keyid (a type) is definitely a little confusing.
Let's go with CamelCase for these types after all:
keyid -> KeyIDhexstr -> HexStrb64str -> B64Strpemcert -> PEMCertdercert -> DERCert
sigstore/_utils.py
Outdated
| PublicKey = Union[rsa.RSAPublicKey, ec.EllipticCurvePublicKey] | ||
|
|
||
| hexstr = NewType("hexstr", str) |
There was a problem hiding this comment.
These won't be public APIs, but let's add docstrings for them anyways, e.g.:
| hexstr = NewType("hexstr", str) | |
| hexstr = NewType("hexstr", str) | |
| """ | |
| A newtype for `str` objects that contain hexadecimal strings (e.g. `ffabcd00ff`). | |
| """ |
Signed-off-by: omartounsi7 <62721212+omartounsi7@users.noreply.github.com>
Signed-off-by: omartounsi7 <otounsi@purdue.edu>
Signed-off-by: omartounsi7 <otounsi@purdue.edu>
Signed-off-by: omartounsi7 <otounsi@purdue.edu>
Signed-off-by: omartounsi7 <otounsi@purdue.edu>
Signed-off-by: omartounsi7 <otounsi@purdue.edu>
Signed-off-by: omartounsi7 <otounsi@purdue.edu>
|
We've implemented the requested changes. Are the docstrings good? |
Two small errors that I've made suggestions for, otherwise looks good! Once you get those fixed feel free to remove the draft status and we'll do a final review. |
Co-authored-by: William Woodruff <william@yossarian.net> Signed-off-by: omartounsi7 <62721212+omartounsi7@users.noreply.github.com>
Co-authored-by: William Woodruff <william@yossarian.net> Signed-off-by: omartounsi7 <62721212+omartounsi7@users.noreply.github.com>
|
/gcbrun |
|
Thanks all! Great work. |
Summary
Using newtype for certain parameters that were previously only str will make the API more misuse-resistantRelease Note
NONEDocumentation
NewTypes can be documented so that users can verify that return types are of expected types