Sign and verify root hash instead of manifest hash (#64)

Author: casey

src/error.rs

@@ -70,8 +70,6 @@ pub(crate) enum Error {
     backtrace: Option<Backtrace>,
     path: DisplayPath,
   },
-  #[snafu(display("manifest hash mismatch"))]
-  ManifestHashMismatch { backtrace: Option<Backtrace> },
   #[snafu(display("manifest `{path}` not found"))]
   ManifestNotFound {
     backtrace: Option<Backtrace>,
@@ -129,6 +127,8 @@ pub(crate) enum Error {
     backtrace: Option<Backtrace>,
     path: DisplayPath,
   },
+  #[snafu(display("root hash mismatch"))]
+  RootHashMismatch { backtrace: Option<Backtrace> },
   #[snafu(display("signature `{path}` already exists"))]
   SignatureAlreadyExists {
     backtrace: Option<Backtrace>,

src/hash.rs

@@ -4,6 +4,13 @@ use super::*;
 pub(crate) struct Hash(blake3::Hash);
 
 impl Hash {
+  const LEN: usize = blake3::OUT_LEN;
+
+  pub(crate) fn as_bytes(&self) -> &[u8; Self::LEN] {
+    self.0.as_bytes()
+  }
+
+  #[cfg(test)]
   pub(crate) fn bytes(input: &[u8]) -> Self {
     Self(blake3::hash(input))
   }
@@ -15,7 +22,7 @@ impl From<blake3::Hash> for Hash {
   }
 }
 
-impl From<Hash> for [u8; 32] {
+impl From<Hash> for [u8; Hash::LEN] {
   fn from(hash: Hash) -> Self {
     hash.0.into()
   }

src/manifest.rs

@@ -8,6 +8,19 @@ pub(crate) struct Manifest {
 
 impl Manifest {
   pub(crate) const FILENAME: &'static str = "filepack.json";
+
+  pub(crate) fn root_hash(&self) -> Hash {
+    let mut hasher = blake3::Hasher::new();
+
+    for (path, entry) in &self.files {
+      hasher.update(&u64::try_from(path.len()).unwrap().to_le_bytes());
+      hasher.update(path.as_str().as_bytes());
+      hasher.update(&entry.size.to_le_bytes());
+      hasher.update(entry.hash.as_bytes());
+    }
+
+    hasher.finalize().into()
+  }
 }
 
 #[cfg(test)]

src/relative_path.rs

@@ -20,6 +20,14 @@ impl RelativePath {
 
   const JUNK_NAMES: [&'static str; 2] = [".DS_Store", ".localized"];
 
+  pub(crate) fn as_str(&self) -> &str {
+    self.0.as_str()
+  }
+
+  pub(crate) fn len(&self) -> usize {
+    self.0.len()
+  }
+
   pub(crate) fn lint(&self) -> Option<Lint> {
     for component in Utf8Path::new(&self.0).components() {
       let Utf8Component::Normal(component) = component else {

src/subcommand/create.rs

@@ -25,7 +25,7 @@ impl Create {
 
     let root = self.root.unwrap_or_else(|| current_dir.clone());
 
-    let manifest = if let Some(path) = self.manifest {
+    let manifest_path = if let Some(path) = self.manifest {
       path
     } else {
       root.join(Manifest::FILENAME)
@@ -45,7 +45,7 @@ impl Create {
       fs::write(&path, json).context(error::Io { path: &path })?;
     }
 
-    let cleaned_manifest = current_dir.join(&manifest).lexiclean();
+    let cleaned_manifest = current_dir.join(&manifest_path).lexiclean();
 
     let cleaned_metadata = self.metadata.map(|path| current_dir.join(path).lexiclean());
 
@@ -155,9 +155,9 @@ impl Create {
     }
 
     ensure! {
-      self.force || !manifest.try_exists().context(error::Io { path: &manifest })?,
+      self.force || !manifest_path.try_exists().context(error::Io { path: &manifest_path })?,
       error::ManifestAlreadyExists {
-        path: manifest,
+        path: manifest_path,
       },
     }
 
@@ -173,16 +173,20 @@ impl Create {
       bar.inc(entry.size);
     }
 
-    let json = serde_json::to_string(&Manifest { files }).unwrap();
+    let manifest = Manifest { files };
 
-    fs::write(&manifest, &json).context(error::Io { path: manifest })?;
+    let json = serde_json::to_string(&manifest).unwrap();
+
+    fs::write(&manifest_path, &json).context(error::Io {
+      path: manifest_path,
+    })?;
 
     if self.sign {
       let private_key_path = options.key_dir()?.join(MASTER_PRIVATE_KEY);
 
       let private_key = PrivateKey::load(&private_key_path)?;
 
-      let signature = private_key.sign(json.as_bytes());
+      let signature = private_key.sign(manifest.root_hash().as_bytes());
 
       let public_key = private_key.public_key();
 

src/subcommand/verify.rs

@@ -2,7 +2,7 @@ use super::*;
 
 #[derive(Parser)]
 pub(crate) struct Verify {
-  #[arg(help = "Verify that BLAKE3 hash of manifest manifest is <HASH>", long)]
+  #[arg(help = "Verify manifest root hash is <HASH>", long)]
   hash: Option<Hash>,
   #[arg(help = "Ignore missing files", long)]
   ignore_missing: bool,
@@ -46,26 +46,27 @@ impl Verify {
       result => result.context(error::Io { path: &source })?,
     };
 
+    let manifest = serde_json::from_str::<Manifest>(&json).context(error::DeserializeManifest {
+      path: Manifest::FILENAME,
+    })?;
+
+    let root_hash = manifest.root_hash();
+
     if let Some(expected) = self.hash {
-      let actual = Hash::bytes(json.as_bytes());
-      if actual != expected {
+      if root_hash != expected {
         let style = Style::stderr();
         eprintln!(
           "\
-manifest hash mismatch: `{source}`
-              expected: {}
-                actual: {}",
+root hash mismatch: `{source}`
+          expected: {}
+            actual: {}",
           expected.style(style.good()),
-          actual.style(style.bad()),
+          root_hash.style(style.bad()),
         );
-        return Err(error::ManifestHashMismatch.build());
+        return Err(error::RootHashMismatch.build());
       }
     }
 
-    let manifest = serde_json::from_str::<Manifest>(&json).context(error::DeserializeManifest {
-      path: Manifest::FILENAME,
-    })?;
-
     let bar = progress_bar::new(manifest.files.values().map(|entry| entry.size).sum());
 
     let mut mismatches = BTreeMap::new();
@@ -180,7 +181,7 @@ mismatched file: `{path}`
           .context(error::SignatureMalformed { path })?;
 
         pubkey
-          .verify(json.as_bytes(), &signature)
+          .verify(root_hash.as_bytes(), &signature)
           .context(error::SignatureInvalid { path })?;
 
         signatures.insert(pubkey);

tests/create.rs

@@ -586,10 +586,17 @@ fn sign_creates_valid_signature() {
     ed25519_dalek::VerifyingKey::from_bytes(&hex::decode(public_key).unwrap().try_into().unwrap())
       .unwrap();
 
-  let manifest = fs::read_to_string(dir.child("foo/filepack.json")).unwrap();
+  let mut hasher = blake3::Hasher::new();
+
+  hasher.update(&3u64.to_le_bytes());
+  hasher.update("bar".as_bytes());
+  hasher.update(&0u64.to_le_bytes());
+  hasher.update(blake3::hash(&[]).as_bytes());
+
+  let root_hash = hasher.finalize();
 
   public_key
-    .verify_strict(manifest.as_bytes(), &signature)
+    .verify_strict(root_hash.as_bytes(), &signature)
     .unwrap();
 
   Command::cargo_bin("filepack")

tests/verify.rs

@@ -737,7 +737,7 @@ fn verify_hash() {
     .args([
       "verify",
       "--hash",
-      "74ddbe0dcf48c634aca1d90f37defd60b230fc52857ffa4b6c956583e8a4daaf",
+      "409a47939fea6278f60d878fd85d57fe753fa7d87c0dba8e4e4a2b61c81077fb",
     ])
     .current_dir(&dir)
     .assert()
@@ -754,10 +754,10 @@ fn verify_hash() {
     .assert()
     .stderr(is_match(
       "\
-manifest hash mismatch: `.*filepack\\.json`
-              expected: 0000000000000000000000000000000000000000000000000000000000000000
-                actual: 74ddbe0dcf48c634aca1d90f37defd60b230fc52857ffa4b6c956583e8a4daaf
-error: manifest hash mismatch\n",
+root hash mismatch: `.*filepack\\.json`
+          expected: 0000000000000000000000000000000000000000000000000000000000000000
+            actual: 409a47939fea6278f60d878fd85d57fe753fa7d87c0dba8e4e4a2b61c81077fb
+error: root hash mismatch\n",
     ))
     .failure();
 }