CC-KBC Fix: Add default value for get_resource param.

In order to be compatible with the current simplest resource request scheme, when the optional field in the resource description is empty, we need to use the default field to fill in, instead of throwing an error. Signed-off-by: Jiale Zhang <[email protected]>
jialez0 · Feb 21, 2023 · 61d8dd5 · 61d8dd5
1 parent 37a6769
commit 61d8dd5
Showing 1 changed file with 17 additions and 9 deletions.
diff --git a/src/kbc_modules/cc_kbc/mod.rs b/src/kbc_modules/cc_kbc/mod.rs
@@ -19,9 +19,10 @@ use core::time::Duration;
 use crypto::{hash_chunks, TeeKey};
 use kbs_protocol::message::*;
 use kbs_types::ErrorInformation;
+use std::str::FromStr;
 use zeroize::Zeroizing;
 
-use super::AnnotationPacket;
+use super::{AnnotationPacket, ResourceName};
 
 const KBS_REQ_TIMEOUT_SEC: u64 = 60;
 const KBS_GET_RESOURCE_MAX_ATTEMPT: u64 = 3;
@@ -81,14 +82,21 @@ impl KbcInterface for Kbc {
     async fn get_resource(&mut self, description: &str) -> Result<Vec<u8>> {
         let desc: ResourceDescription = serde_json::from_str::<ResourceDescription>(description)?;
         let mut resource_url = String::default();
-        let resource_type = desc
-            .optional
-            .get("type")
-            .ok_or_else(|| anyhow!("Invalid Resource description: Missing `type` field"))?;
-        let resource_tag = desc
-            .optional
-            .get("tag")
-            .ok_or_else(|| anyhow!("Invalid Resource description: Missing `tag` field"))?;
+        let resource_type: String = match desc.optional.get("type") {
+            Some(t) => t.clone(),
+            None => match ResourceName::from_str(&desc.name) {
+                Result::Ok(ResourceName::Policy) => "image_policy".to_string(),
+                Result::Ok(ResourceName::SigstoreConfig) => "sigstore_config".to_string(),
+                Result::Ok(ResourceName::GPGPublicKey) => "gpg_pubkey".to_string(),
+                Result::Ok(ResourceName::CosignVerificationKey) => "cosign_key".to_string(),
+                Result::Ok(ResourceName::Credential) => "image_repo_credential".to_string(),
+                _ => bail!("Unsupported Resource Name"),
+            },
+        };
+        let resource_tag: String = match desc.optional.get("tag") {
+            Some(t) => t.clone(),
+            None => "latest".to_string(),
+        };
         if let Some(resource_repo) = desc.optional.get("repository") {
             resource_url = format!(
                 "{}/resource/{resource_repo}/{resource_type}/{resource_tag}",