Add/remove/replace/info commands added to wbn-sign CLI#913
Conversation
rferens
force-pushed
the
new_commands
branch
5 times, most recently
from
39100e9 to
a126c8c
Compare
| /** @internal */ | ||
| async signInternal(): Promise<IntegrityBlock> { |
There was a problem hiding this comment.
So, essentially this whole class, including the normal .sign() is @internal, isn't it? (I mean, if the constructor is...)
I'd argue that this class should provide a clear interface to the callers: you create it using whatever arguments and then call sign(). But here we have SignedWebBundle calling .signInternal() (which looks like it should only be used from inside this class (and probably should be marked private)), why?
There was a problem hiding this comment.
I'd like to have this class internal, but for backward compatiblity(BC) it cannot be at least now (however I think about making it @deprecated now and @internal some day later, when almost no one uses old API.)
Regarding SignedWebBundle using .signInternal - yeah, I though 'internal' for package-internal, not class-internal, but perhaps its just my mistake. as the convention is probably what you suggested. I just created signInternal to be used by SignedWebBundle, which do not do not necessary step like forming Cbor or concatenating to create singeWebBundle.
Again, BC make things harder - the sign method should just return a new integrity block, but because of BC cannot. What do you think about deprecating sign (to change output format one day, when its internal) and renaming this method returning IntegrityBlock (that should be named 'sign')) sth like ' signAndGetIntegrityBlock()'
| return new Uint8Array(buffer); | ||
| } | ||
|
|
||
| /** @deprecated Very general function; moved to utils */ |
There was a problem hiding this comment.
Why then leave this here? The whole class has been removed from exports, so removing things from here instead of deprecating will not break anything (more).
There was a problem hiding this comment.
The class was not removed from exports. It's kept for backward compatibilty. @deprecated is not a perfect tool for what I want to achieve, but good enough. I want to :
-use some methods still internally
-discourage users from using it externally, but
- do not break their current code, but introduce unpleasant warnings
zgroza
left a comment
zgroza
left a comment
There was a problem hiding this comment.
This looks good overall, just PTAL at a few last comments.
| this.pureWebBundle, | ||
| this.integrityBlock, | ||
| [signingStrategy] | ||
| ).signAndGetIntegrityBlock(); |
There was a problem hiding this comment.
I am not really a fan of re-signing every time a new signature is added. Can You sign lazily only when the actual bytes are requested?
There was a problem hiding this comment.
We do not resign anything with the same key - creating a signer and signing is still mostly 'additive' and requires mostly O(m) (m-number of new signatures). The only redundant operations, the same every time, are: calculating hash, and formatting stripped IngerityBlock as CBOR and validating it. I believe improving thet to be computed once should be sufficient , is it?
Having SignedWebBundle in the 'lazy state' that does not include new signetures may involve some difficulties and introduce some error-proneness for further implementations. For example when sb. first add singature and later removes same - it would require special implementation for such cases.
I propose then sth else. When Signer finally is depracated we can move out calculating web_bundle hash and cache getting stripped cbor in IntegrityBlock to be calculcated once if not change. WDYT? Would it be ok?
| this.signingStrategies = signingStrategies; | ||
| } | ||
|
|
||
| /** @deprecated This class is only internal, use SignedWebBundle instead. Sign() is going to change interface in next releases. */ |
There was a problem hiding this comment.
Nit: Line length consistency doesn't look in line with the above. Can you verify that everything here passes the same prettier checks?
There was a problem hiding this comment.
I think it's how prettier works - It's not maximal length, but just suggested and it sometimes misses long lines. See: this
There was a problem hiding this comment.
I'll make sure that those comments are well line-broken anyway.
| this.signingStrategies = signingStrategies; | ||
| } | ||
|
|
||
| /** @deprecated This class is only internal, use SignedWebBundle instead. Sign() is going to change interface in next releases. */ |
There was a problem hiding this comment.
I'm not sure if it's necessary to put those notices on every method if they're already on the constructor.
There was a problem hiding this comment.
Okay, I'll replace it with the shorter comment you suggested below: /** @deprecated This class will become only internal in a future release, use SignedWebBundle instead*/
There was a problem hiding this comment.
However I'll leave a comment next to @deprecated to explain it anyway
| } | ||
|
|
||
| // TODO: Move this method to SignedWebBundle/WebBundle class, signer do not need this, especially externally | ||
| /** @deprecated This class is only internal, use SignedWebBundle instead*/ |
There was a problem hiding this comment.
Like above: it's not internal yet
There was a problem hiding this comment.
Yeah, I meant it to be internal for external users but still allowed to used, so marked with @deprecated. But maybe it's not clear enough. Changed.
Apply suggestions from code review Co-authored-by: Zgroza (Luke) Klimek <zgroza@google.com>
This PR expands the CLI with new commands for managing integrity blocks. CLI Improvements: Updated the wbn-sign CLI with a new command-based interface (sign, add-signature, remove-signature, replace-signature, and info), see README for more info. Added colored console output for better readability using the colors package. This is a continuation of #913, which was split into API(original PR) and CLI(this PR) parts. --------- Co-authored-by: Zgroza (Luke) Klimek <zgroza@google.com>
2 participants
Summary
This change refactors the core signing logic into a new high-level SignedWebBundle API, introduces support for multiple signatures
Key Changes
New SignedWebBundle API: Introduced a central class in src/core/signed-web-bundle.ts that provides a simplified, high-level interface for creating, loading, and modifying signed web bundles. It supports:
Enhanced Integrity Block Management:
Infrastructure & Utilities: