Closed dave-tucker closed 1 week ago
I like the idea, I'm in favor of implementing this change.
The code looks good, but I have some suggestions. These might be a matter of personal taste, hence I'm open to have a discussion about how to proceed.
My proposal would be to change the
StringVerifier
from being a trait to be a simple enum. We could have something likeStringVerifier::ExactMatch(String)
andStringVerifier::Regex(Regex)
. This would make the code easier to understand for our end consumers and we could get rid of the dynamic dispatch introduced by the usage of the trait.What do you think?
Makes sense to me. I've updated the patch with your proposal.
@Xynnn007 can you please give me an approval? I had to fix the conflicts with the main
branch, but I didn't do any change to the original code submitted by @dave-tucker
@Xynnn007 thanks!
@dave-tucker sorry about the delay!
Summary
This allows for either an exact match [StringVerifier::ExactMatch] or it allows for a regular expression [StringVerifier::Regex]
This supports the use case of trusting signatures from a collection of email addresses e.g .*@redhat.com and or from a collection of issuers.
Fixes: #299
Release Note
CertSubjectEmailVerifier
is now constructed using either aStringVerifer
enum. This supports exact string matches or regular expressions.Documentation
Docstrings and examples are updated to show how this is used.