feat: use Rust standard logging.

This commit removes all the "println" that were in the repository to use Rust's standard "log" crate instead (which is maitained by the Rust core team). All the library / infrastructure parts of the keybroker-demo repository only use the "log::error", "log::warn", "log::info", "log::debug" functions from the logging facade. The actual executables (keybroker-server, keybroker-app) instantiate and configure an implementation of a logger. The stderrlog is used here as it is simple minimal logger, but https://docs.rs/log/latest/log/ lists many more available logging implementations. The keybroker-server and keyborker-app do use the same command line options with respect to logging control (verbose / quiet). The verbose switch can be specified multiple times to increase verbosity. Signed-off-by: Arnaud de Grandmaison <[email protected]>
veraison · Oct 4, 2024 · 2c6a5a6 · 2c6a5a6
1 parent 6f96537
commit 2c6a5a6
Show file tree

Hide file tree

Showing 7 changed files with 58 additions and 51 deletions.
diff --git a/rust-keybroker/keybroker-app/Cargo.toml b/rust-keybroker/keybroker-app/Cargo.toml
@@ -12,4 +12,6 @@ categories = ["cryptography", "hardware-support"]
 
 [dependencies]
 keybroker-client = { path = "../keybroker-client" }
-clap = { version = "=4.3.24", features = ["derive", "std"] }
+clap = { version = "=4.3.24", features = ["derive", "std"] }
+log = { version = "0.4.22", features = ["std", "serde"] }
+stderrlog = "0.6.0"
diff --git a/rust-keybroker/keybroker-app/src/main.rs b/rust-keybroker/keybroker-app/src/main.rs
@@ -18,9 +18,13 @@ struct Args {
     #[arg(short, long, default_value_t = false)]
     mock_evidence: bool,
 
-    /// Set the application verbosity
+    /// Increase verbosity
+    #[arg(short, long, action = clap::ArgAction::Count)]
+    verbosity: u8,
+
+    /// Silence all output
     #[arg(short, long, default_value_t = false)]
-    verbose: bool,
+    quiet: bool,
 
     /// The key name to use
     key_name: String,
@@ -29,7 +33,13 @@ struct Args {
 fn main() {
     let args = Args::parse();
 
-    let client = KeyBrokerClient::new(&args.endpoint, args.verbose);
+    stderrlog::new()
+        .quiet(args.quiet)
+        .verbosity(1 + usize::from(args.verbosity))
+        .init()
+        .unwrap();
+
+    let client = KeyBrokerClient::new(&args.endpoint);
 
     let attestation_result = if args.mock_evidence {
         client.get_key(&args.key_name, &CcaExampleToken {})
@@ -43,16 +53,16 @@ fn main() {
     let code = match attestation_result {
         Ok(key) => {
             let plainstring_key = String::from_utf8(key).unwrap();
-            println!("Attestation success :-) ! The key returned from the keybroker is '{plainstring_key}'");
+            log::info!("Attestation success :-) ! The key returned from the keybroker is '{plainstring_key}'");
             0
         }
 
         Err(error) => {
             if let KeybrokerError::AttestationFailure(reason, details) = error {
-                println!("Attestation failure :-( ! {reason}: {details}");
+                log::info!("Attestation failure :-( ! {reason}: {details}");
                 1
             } else {
-                eprintln!("The key request failed with: {error:?}");
+                log::error!("The key request failed with: {error:?}");
                 2
             }
         }

diff --git a/rust-keybroker/keybroker-client/Cargo.toml b/rust-keybroker/keybroker-client/Cargo.toml
@@ -13,8 +13,10 @@ categories = ["cryptography", "hardware-support"]
 [dependencies]
 keybroker-common = { path = "../keybroker-common" }
 base64 = "0.22.1"
+log = { version = "0.4.22", features = ["std", "serde"] }
 rand = "0.8.5"
 reqwest = { version = "0.12.5", features = ["json", "rustls-tls", "blocking"] }
 rsa = "0.9.6"
+stderrlog = "0.6.0"
 thiserror = "1.0"
-tsm_report = { git = "https://github.com/veracruz-project/cca-utils-rs.git", rev = "cb88b76da722f2991365b159e3d575249dfbbe7d"}
+tsm_report = { git = "https://github.com/veracruz-project/cca-utils-rs.git", rev = "cb88b76da722f2991365b159e3d575249dfbbe7d"}
diff --git a/rust-keybroker/keybroker-client/src/lib.rs b/rust-keybroker/keybroker-client/src/lib.rs
@@ -18,7 +18,7 @@ use crate::error::RuntimeErrorKind;
 /// The trait that must be implemented so a KeybrokerClient can retrieve the evidence it has
 /// to submit to the Keybroker server.
 pub trait EvidenceProvider {
-    fn get_evidence(&self, challenge: &str, verbose: bool) -> Result<Vec<u8>>;
+    fn get_evidence(&self, challenge: &str) -> Result<Vec<u8>>;
 }
 
 /// The CCA example token.
@@ -164,7 +164,7 @@ const CCA_EXAMPLE_TOKEN: &[u8] = &[
 pub struct CcaExampleToken {}
 
 impl EvidenceProvider for CcaExampleToken {
-    fn get_evidence(&self, _challenge: &str, _verbose: bool) -> Result<Vec<u8>> {
+    fn get_evidence(&self, _challenge: &str) -> Result<Vec<u8>> {
         Ok(CCA_EXAMPLE_TOKEN.to_vec())
     }
 }
@@ -177,13 +177,11 @@ impl EvidenceProvider for CcaExampleToken {
 pub struct TsmAttestationReport {}
 
 impl EvidenceProvider for TsmAttestationReport {
-    fn get_evidence(&self, challenge: &str, verbose: bool) -> Result<Vec<u8>> {
+    fn get_evidence(&self, challenge: &str) -> Result<Vec<u8>> {
         match TsmReportPath::new(TsmReportProvider::Cca) {
             Ok(tsm_report_path) => match URL_SAFE_NO_PAD.decode(challenge) {
                 Ok(challenge) => {
-                    if verbose {
-                        println!("Challenge ({} bytes) = {:02x?}", challenge.len(), challenge);
-                    }
+                    log::info!("Challenge ({} bytes) = {:02x?}", challenge.len(), challenge);
                     if challenge.len() != 64 {
                         return Err(KeybrokerError::RuntimeError(
                             RuntimeErrorKind::ChallengeLength(64, challenge.len()),
@@ -225,22 +223,14 @@ pub struct KeyBrokerClient {
 
     /// The keybroker URL base address.
     keybroker_url_base: String,
-
-    /// The session verbosity.
-    ///
-    /// The verbose flag serves 2 purposes: help the developer when diagnosing some
-    /// issue, but also the new comer to the code base when understanding the overall
-    /// flow is intended.
-    verbose: bool,
 }
 
 impl KeyBrokerClient {
     /// Create a session to the keybroker server located at addr:port.
-    pub fn new(endpoint: &str, verbose: bool) -> KeyBrokerClient {
+    pub fn new(endpoint: &str) -> KeyBrokerClient {
         KeyBrokerClient {
             client: reqwest::blocking::Client::new(),
             keybroker_url_base: endpoint.to_string(),
-            verbose,
         }
     }
 
@@ -269,11 +259,9 @@ impl KeyBrokerClient {
         // Construct the URL to request the key.
         let key_request_url = format!("{}/keys/v1/key/{}", self.keybroker_url_base, key_name);
 
-        if self.verbose {
-            println!(
-                "Requesting key named '{key_name}' from the keybroker server with URL {key_request_url}"
-            );
-        }
+        log::info!(
+            "Requesting key named '{key_name}' from the keybroker server with URL {key_request_url}"
+        );
 
         // Make the first API call to request the key.
         match self.client.post(&key_request_url).json(&key_request).send() {
@@ -318,9 +306,7 @@ impl KeyBrokerClient {
         evidence_submission_url: &str,
         evidence: &[u8],
     ) -> Result<Vec<u8>> {
-        if self.verbose {
-            println!("Submitting evidence to URL {evidence_submission_url}")
-        }
+        log::info!("Submitting evidence to URL {evidence_submission_url}");
 
         // Make the second API call to submit the evidence.
         match self
@@ -411,7 +397,7 @@ impl KeyBrokerClient {
         };
 
         // Produce the evidence.
-        let evidence = match evidence_provider.get_evidence(&data.challenge, self.verbose) {
+        let evidence = match evidence_provider.get_evidence(&data.challenge) {
             Ok(evidence) => evidence,
             Err(error) => {
                 // TODO: we may want to notify the keybroker server that something went wrong on our side and that it

diff --git a/rust-keybroker/keybroker-server/Cargo.toml b/rust-keybroker/keybroker-server/Cargo.toml
@@ -26,3 +26,5 @@ regorus = "0.2.5"
 serde_json = "1.0.128"
 anyhow = "1.0.89"
 phf = "0.11.2"
+log = { version = "0.4.22", features = ["std", "serde"] }
+stderrlog = "0.6.0"
diff --git a/rust-keybroker/keybroker-server/src/challenge.rs b/rust-keybroker/keybroker-server/src/challenge.rs
@@ -45,7 +45,6 @@ pub struct Challenge {
 pub struct Challenger {
     challenge_table: HashMap<u32, Challenge>,
     rng: StdRng,
-    pub verbose: bool,
 }
 
 // This is the challenge value from from https://git.trustedfirmware.org/TF-M/tf-m-tools/+/refs/heads/main/iat-verifier/tests/data/cca_example_token.cbor
@@ -63,7 +62,6 @@ impl Challenger {
         Challenger {
             challenge_table: HashMap::new(),
             rng: StdRng::from_entropy(),
-            verbose: false,
         }
     }
 
@@ -101,16 +99,16 @@ impl Challenger {
 
         self.challenge_table.insert(challenge_id, challenge.clone());
 
-        if self.verbose {
-            println!("Created challenge:");
-            println!(" - challenge_id: {}", challenge_id);
-            println!(" - key_id: {}", challenge.key_id);
-            println!(
-                " - challenge value ({} bytes): {:02x?}",
-                challenge.challenge_value.len(),
-                challenge.challenge_value
-            );
-        }
+        log::info!(
+            "Created challenge:\n\
+              - challenge_id: {}\n\
+              - key_id: {}\n\
+              - challenge value ({} bytes): {:02x?}",
+            challenge_id,
+            challenge.key_id,
+            challenge.challenge_value.len(),
+            challenge.challenge_value
+        );
 
         challenge
     }

diff --git a/rust-keybroker/keybroker-server/src/main.rs b/rust-keybroker/keybroker-server/src/main.rs
@@ -42,9 +42,7 @@ async fn request_key(
         data.endpoint, challenge.challenge_id
     );
 
-    if data.args.verbose {
-        println!("Created attestation challenge at {}", location);
-    }
+    log::info!("Created attestation challenge at {}", location);
 
     HttpResponse::Created()
         .append_header((http::header::LOCATION, location))
@@ -168,9 +166,13 @@ struct Args {
     #[arg(short, long, default_value_t = false)]
     mock_challenge: bool,
 
-    /// Set the server verbosity
+    /// Increase verbosity
+    #[arg(short, long, action = clap::ArgAction::Count)]
+    verbosity: u8,
+
+    /// Silence all output
     #[arg(short, long, default_value_t = false)]
-    verbose: bool,
+    quiet: bool,
 
     /// File containing a JSON array with base64-encoded known-good RIM values
     #[arg(long, default_value = "reference-values.json")]
@@ -188,9 +190,14 @@ struct ServerState {
 async fn main() -> std::io::Result<()> {
     let args = Args::parse();
 
+    stderrlog::new()
+        .quiet(args.quiet)
+        .verbosity(1 + usize::from(args.verbosity))
+        .init()
+        .unwrap();
+
     let mut keystore = KeyStore::new();
-    let mut challenger = Challenger::new();
-    challenger.verbose = args.verbose;
+    let challenger = Challenger::new();
 
     // TODO: Just storing one hard-coded item in the store. Would be better to read from an input file.
     keystore.store_key(