feat(challengeresponse): add StaticEvidenceBuilder

StaticEvidenceBuilder is a simple EvidenceBuilder that always returns
the same static evidence and media type.  This is can be used when the
evidence is already available and does not need to be dynamically
generated (RP mode) or for testing purposes.

Signed-off-by: Thomas Fossati <[email protected]>

Author: thomas-fossati

verification/challengeresponse_test.go

@@ -934,3 +934,21 @@ func TestChallengeResponseConfig_setters(t *testing.T) {
 	cfg.SetCerts(testCertPaths)
 	assert.EqualValues(t, testCertPaths, cfg.CACerts)
 }
+
+func TestStaticEvidenceBuilder_BuildEvidence_ok(t *testing.T) {
+	seb := NewStaticEvidenceBuilder(testEvidence, "application/my-evidence-media-type")
+
+	ev, mt, err := seb.BuildEvidence(testNonce, []string{"application/my-evidence-media-type", "application/other-media-type"})
+
+	assert.NoError(t, err)
+	assert.Equal(t, testEvidence, ev)
+	assert.Equal(t, "application/my-evidence-media-type", mt)
+}
+
+func TestStaticEvidenceBuilder_BuildEvidence_fail_media_type_not_accepted(t *testing.T) {
+	seb := NewStaticEvidenceBuilder(testEvidence, "application/my-evidence-media-type")
+
+	_, _, err := seb.BuildEvidence(testNonce, []string{"application/other-media-type"})
+
+	assert.ErrorContains(t, err, "no match for application/my-evidence-media-type")
+}

verification/evidencebuilder.go

@@ -3,10 +3,42 @@
 
 package verification
 
+import "fmt"
+
 // EvidenceBuilder is the interface between the challenge-response protocol FSM
 // and the user. The user is given a nonce and the list of acceptable Evidence
 // formats and is asked to return the serialized Evidence as a byte array
 // together with its media type - or an error if anything goes wrong.
 type EvidenceBuilder interface {
 	BuildEvidence(nonce []byte, accept []string) (evidence []byte, mediaType string, err error)
 }
+
+// StaticEvidenceBuilder is a simple EvidenceBuilder that always returns the
+// same static evidence and media type.
+// This is can be used when the evidence is already available and does not
+// need to be dynamically generated (RP mode) or for testing purposes.
+type StaticEvidenceBuilder struct {
+	evidence  []byte
+	mediaType string
+}
+
+// BuildEvidence returns the static evidence if the media type is in the list of
+// accepted media types; otherwise, it returns an error.
+// Note that the nonce parameter is ignored.
+func (s StaticEvidenceBuilder) BuildEvidence(_ []byte, accept []string) ([]byte, string, error) { // nolint: gocritic
+	for _, ct := range accept {
+		if ct == s.mediaType {
+			return s.evidence, s.mediaType, nil
+		}
+	}
+	return nil, "", fmt.Errorf("no match for %s on accepted media types %v", s.mediaType, accept)
+}
+
+// NewStaticEvidenceBuilder creates a new StaticEvidenceBuilder with the
+// specified evidence and media type.
+func NewStaticEvidenceBuilder(evidence []byte, mediaType string) EvidenceBuilder {
+	return &StaticEvidenceBuilder{
+		evidence:  evidence,
+		mediaType: mediaType,
+	}
+}