Verifier: Refactor errors in cca module #326

kartikjoshi21 · 2024-02-15T06:42:29Z

Fixes: #231

Fixes: confidential-containers#231 Signed-off-by: Kartik Joshi <kartikjoshi@microsoft.com>

Xynnn007

Thanks for the great work of replacing anyhow to thiserror. I love this. Let's make it better

attestation-service/verifier/Cargo.toml

Xynnn007 · 2024-02-18T02:43:02Z

attestation-service/verifier/src/cca/mod.rs

+    #[error("Failed to discover the verification endpoint details")]
+    VerificationEndpoint(),
+    #[error("anyhow error: {0}")]
+    Anyhow(#[from] anyhow::Error),


I am worried about this kind of error. Other types have determined semantics while this not. Could you try to classify the source of this error as one of the above and use map_err?

attestation-service/verifier/src/cca/mod.rs

Xynnn007 · 2024-02-18T02:53:57Z

attestation-service/verifier/src/cca/mod.rs

@@ -80,13 +119,13 @@ impl Verifier for CCA {
        expected_init_data_hash: &InitDataHash,
    ) -> Result<TeeEvidenceParsedClaim> {
        let ReportData::Value(expected_report_data) = expected_report_data else {
-            bail!("CCA verifier must provide report data field!");
+            return Err(CCAError::ReportDataMissing.into());


I notice that severval .into() are used in this function to convert Result<_, CCAError> to Result<_, anyhow::Error>.

One way to avoid this is to have an inner non-pub function cca_evaluate() -> Result<_, CCAError> to be wrapped by this evaluate(). In cca_evaluate() can delete all the .into()s. And in evaluate() just call cca_evaluate() to finish the error conversion.

Another way is to add another overall error type VerifierError under verifier. One enum is named CCA. And change the signature of evaluate(..)->anyhow::Result<TeeEvidenceParsedClaim> to evaluate(..)->Result<TeeEvidenceParsedClaim, VerifierError>. In this function different CCAErrors will finally be mapped into VerifierError::CCA.

It's up to you : )

Xynnn007 · 2024-02-18T02:57:09Z

attestation-service/verifier/src/cca/mod.rs

+    #[error("Serde Json Error")]
+    SerdeJson(#[from] serde_json::Error),


Could we add some extra information to this kind of error? I mean if this error is raised, the user will only see Serde Json Error and he will not know what is serded

Adding error types with source as serde::json error and whole context for this.

Verifier: Refactor errors in cca module

a395ea7

Fixes: confidential-containers#231 Signed-off-by: Kartik Joshi <kartikjoshi@microsoft.com>

kartikjoshi21 requested a review from sameo as a code owner February 15, 2024 06:42

Xynnn007 reviewed Feb 18, 2024

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Verifier: Refactor errors in cca module #326

Verifier: Refactor errors in cca module #326

kartikjoshi21 commented Feb 15, 2024

Xynnn007 left a comment

Xynnn007 Feb 18, 2024

Xynnn007 Feb 18, 2024

Xynnn007 Feb 18, 2024

kartikjoshi21 Mar 18, 2024

		#[error("Serde Json Error")]
		SerdeJson(#[from] serde_json::Error),

Verifier: Refactor errors in cca module #326

Are you sure you want to change the base?

Verifier: Refactor errors in cca module #326

Conversation

kartikjoshi21 commented Feb 15, 2024

Xynnn007 left a comment

Choose a reason for hiding this comment

Xynnn007 Feb 18, 2024

Choose a reason for hiding this comment

Xynnn007 Feb 18, 2024

Choose a reason for hiding this comment

Xynnn007 Feb 18, 2024

Choose a reason for hiding this comment

kartikjoshi21 Mar 18, 2024

Choose a reason for hiding this comment