Store signatures in manifest (#65)

Author: casey

Cargo.lock

@@ -26,6 +26,7 @@ owo-colors = "4"
 rand = "0.8.5"
 serde = { version = "1.0.209", features = ["derive"] }
 serde_json = "1.0.127"
+serde_with = "3.11.0"
 serde_yaml = "0.9.34"
 snafu = "0.8.4"
 walkdir = "2.5.0"

Cargo.toml

@@ -129,39 +129,17 @@ pub(crate) enum Error {
   },
   #[snafu(display("root hash mismatch"))]
   RootHashMismatch { backtrace: Option<Backtrace> },
-  #[snafu(display("signature `{path}` already exists"))]
-  SignatureAlreadyExists {
-    backtrace: Option<Backtrace>,
-    path: DisplayPath,
-  },
-  #[snafu(display("invalid signature filename: `{path}`"))]
-  SignatureFilename {
-    backtrace: Option<Backtrace>,
-    path: DisplayPath,
-  },
-  #[snafu(display("invalid signature: `{path}`"))]
+  #[snafu(display("invalid signature for public key `{public_key}`"))]
   SignatureInvalid {
     backtrace: Option<Backtrace>,
-    path: DisplayPath,
+    public_key: PublicKey,
     source: SignatureError,
   },
-  #[snafu(display("malformed signature: `{path}`"))]
-  SignatureMalformed {
-    backtrace: Option<Backtrace>,
-    path: DisplayPath,
-    source: signature::Error,
-  },
   #[snafu(display("no signature found for key {key}"))]
   SignatureMissing {
     backtrace: Option<Backtrace>,
     key: PublicKey,
   },
-  #[snafu(display("invalid signature public key: `{path}`"))]
-  SignaturePublicKey {
-    backtrace: Option<Backtrace>,
-    path: DisplayPath,
-    source: public_key::Error,
-  },
   #[snafu(display("I/O error reading standard input"))]
   StandardInputIo {
     backtrace: Option<Backtrace>,

src/error.rs

@@ -14,12 +14,13 @@ use {
   lexiclean::Lexiclean,
   owo_colors::Styled,
   serde::{Deserialize, Deserializer, Serialize, Serializer},
+  serde_with::{DeserializeFromStr, SerializeDisplay},
   snafu::{ensure, ErrorCompat, OptionExt, ResultExt, Snafu},
   std::{
     array::TryFromSliceError,
     backtrace::{Backtrace, BacktraceStatus},
     cmp::Ordering,
-    collections::{BTreeMap, BTreeSet, HashMap},
+    collections::{BTreeMap, HashMap},
     env,
     fmt::{self, Display, Formatter},
     fs::{self, File},
@@ -63,7 +64,6 @@ type Result<T = (), E = Error> = std::result::Result<T, E>;
 
 const MASTER_PRIVATE_KEY: &str = "master.private";
 const MASTER_PUBLIC_KEY: &str = "master.public";
-const SIGNATURES: &str = "signatures";
 
 fn current_dir() -> Result<Utf8PathBuf> {
   Utf8PathBuf::from_path_buf(env::current_dir().context(error::CurrentDir)?)

src/main.rs

@@ -1,9 +1,12 @@
 use super::*;
 
-#[derive(Debug, Deserialize, Serialize)]
+#[derive(Debug, Deserialize, PartialEq, Serialize)]
 #[serde(deny_unknown_fields, rename_all = "kebab-case")]
 pub(crate) struct Manifest {
+  #[serde(default, skip_serializing_if = "BTreeMap::is_empty")]
   pub(crate) files: BTreeMap<RelativePath, Entry>,
+  #[serde(default, skip_serializing_if = "BTreeMap::is_empty")]
+  pub(crate) signatures: BTreeMap<PublicKey, Signature>,
 }
 
 impl Manifest {
@@ -37,4 +40,15 @@ mod tests {
       serde_json::from_str::<Manifest>(&capture[1]).unwrap();
     }
   }
+
+  #[test]
+  fn empty_manifest_serialization() {
+    let manifest = Manifest {
+      files: BTreeMap::new(),
+      signatures: BTreeMap::new(),
+    };
+    let json = serde_json::to_string(&manifest).unwrap();
+    assert_eq!(json, "{}");
+    assert_eq!(serde_json::from_str::<Manifest>(&json).unwrap(), manifest);
+  }
 }

src/manifest.rs

@@ -3,11 +3,11 @@ use super::*;
 #[derive(Debug, Snafu)]
 #[snafu(context(suffix(Error)))]
 pub(crate) enum Error {
-  #[snafu(display("invalid hex"))]
+  #[snafu(display("invalid private key hex"))]
   Hex { source: hex::FromHexError },
-  #[snafu(display("invalid byte length {length}"))]
+  #[snafu(display("invalid private key byte length {length}"))]
   Length { length: usize },
-  #[snafu(display("weak key"))]
+  #[snafu(display("weak private key"))]
   Weak,
 }
 
@@ -141,15 +141,15 @@ mod tests {
   fn parse_hex_error() {
     assert_eq!(
       "xyz".parse::<PrivateKey>().unwrap_err().to_string(),
-      "invalid hex"
+      "invalid private key hex"
     );
   }
 
   #[test]
   fn parse_length_error() {
     assert_eq!(
       "0123".parse::<PrivateKey>().unwrap_err().to_string(),
-      "invalid byte length 2"
+      "invalid private key byte length 2"
     );
   }
 }

src/private_key.rs

@@ -3,24 +3,24 @@ use super::*;
 #[derive(Debug, Snafu)]
 #[snafu(context(suffix(Error)))]
 pub(crate) enum Error {
-  #[snafu(display("invalid hex: `{key}`"))]
+  #[snafu(display("invalid public key hex: `{key}`"))]
   Hex {
     key: String,
     source: hex::FromHexError,
   },
-  #[snafu(display("invalid key: `{key}`"))]
+  #[snafu(display("invalid public key: `{key}`"))]
   Key { key: String, source: SignatureError },
-  #[snafu(display("invalid byte length {length}: `{key}`"))]
+  #[snafu(display("invalid public key byte length {length}: `{key}`"))]
   Length {
     key: String,
     length: usize,
     source: TryFromSliceError,
   },
-  #[snafu(display("weak key: `{key}`"))]
+  #[snafu(display("weak public key: `{key}`"))]
   Weak { key: String },
 }
 
-#[derive(Clone, Debug, Eq, PartialEq)]
+#[derive(Clone, Debug, DeserializeFromStr, Eq, PartialEq, SerializeDisplay)]
 pub(crate) struct PublicKey(ed25519_dalek::VerifyingKey);
 
 impl PublicKey {
@@ -149,15 +149,15 @@ mod tests {
   fn parse_hex_error() {
     assert_eq!(
       "xyz".parse::<PublicKey>().unwrap_err().to_string(),
-      "invalid hex: `xyz`"
+      "invalid public key hex: `xyz`"
     );
   }
 
   #[test]
   fn parse_length_error() {
     assert_eq!(
       "0123".parse::<PublicKey>().unwrap_err().to_string(),
-      "invalid byte length 2: `0123`"
+      "invalid public key byte length 2: `0123`"
     );
   }
 

src/public_key.rs

@@ -3,20 +3,20 @@ use super::*;
 #[derive(Debug, Snafu)]
 #[snafu(context(suffix(Error)))]
 pub(crate) enum Error {
-  #[snafu(display("invalid public key hex: `{key}`"))]
+  #[snafu(display("invalid signature hex: `{signature}`"))]
   Hex {
-    key: String,
+    signature: String,
     source: hex::FromHexError,
   },
-  #[snafu(display("invalid public key length {length}: `{key}`"))]
+  #[snafu(display("invalid signature byte length {length}: `{signature}`"))]
   Length {
-    key: String,
+    signature: String,
     length: usize,
     source: TryFromSliceError,
   },
 }
 
-#[derive(PartialEq)]
+#[derive(DeserializeFromStr, PartialEq, SerializeDisplay)]
 pub(crate) struct Signature(ed25519_dalek::Signature);
 
 impl Signature {
@@ -59,11 +59,11 @@ impl fmt::Debug for Signature {
 impl FromStr for Signature {
   type Err = Error;
 
-  fn from_str(key: &str) -> Result<Self, Self::Err> {
-    let bytes = hex::decode(key).context(HexError { key })?;
+  fn from_str(signature: &str) -> Result<Self, Self::Err> {
+    let bytes = hex::decode(signature).context(HexError { signature })?;
 
     let array: [u8; Self::LEN] = bytes.as_slice().try_into().context(LengthError {
-      key,
+      signature,
       length: bytes.len(),
     })?;
 

src/signature.rs

@@ -173,13 +173,10 @@ impl Create {
       bar.inc(entry.size);
     }
 
-    let manifest = Manifest { files };
-
-    let json = serde_json::to_string(&manifest).unwrap();
-
-    fs::write(&manifest_path, &json).context(error::Io {
-      path: manifest_path,
-    })?;
+    let mut manifest = Manifest {
+      files,
+      signatures: BTreeMap::new(),
+    };
 
     if self.sign {
       let private_key_path = options.key_dir()?.join(MASTER_PRIVATE_KEY);
@@ -190,23 +187,14 @@ impl Create {
 
       let public_key = private_key.public_key();
 
-      let signature_dir = root.join(SIGNATURES);
-
-      let signature_path = signature_dir.join(format!("{public_key}.signature"));
-
-      ensure! {
-        !signature_path.try_exists().context(error::Io { path: &signature_path, })?,
-        error::SignatureAlreadyExists { path: signature_path },
-      }
+      manifest.signatures.insert(public_key, signature);
+    }
 
-      fs::create_dir_all(&signature_dir).context(error::Io {
-        path: &signature_dir,
-      })?;
+    let json = serde_json::to_string(&manifest).unwrap();
 
-      fs::write(&signature_path, signature.to_string()).context(error::Io {
-        path: signature_path,
-      })?;
-    }
+    fs::write(&manifest_path, &json).context(error::Io {
+      path: manifest_path,
+    })?;
 
     Ok(())
   }

src/subcommand/create.rs

@@ -128,8 +128,6 @@ mismatched file: `{path}`
 
     let mut dirs = Vec::new();
 
-    let mut signatures = BTreeSet::new();
-
     for entry in WalkDir::new(&root) {
       let entry = entry?;
 
@@ -158,37 +156,6 @@ mismatched file: `{path}`
 
       let path = path.strip_prefix(&root).unwrap();
 
-      if path == SIGNATURES {
-        continue;
-      }
-
-      if path.starts_with(SIGNATURES) {
-        ensure! {
-          path.extension() == Some("signature"),
-          error::SignatureFilename { path },
-        }
-
-        let pubkey = path
-          .file_stem()
-          .context(error::SignatureFilename { path })?
-          .parse::<PublicKey>()
-          .context(error::SignaturePublicKey { path })?;
-
-        let signature = fs::read_to_string(entry.path()).context(error::Io { path })?;
-
-        let signature = signature
-          .parse::<Signature>()
-          .context(error::SignatureMalformed { path })?;
-
-        pubkey
-          .verify(root_hash.as_bytes(), &signature)
-          .context(error::SignatureInvalid { path })?;
-
-        signatures.insert(pubkey);
-
-        continue;
-      }
-
       let path = RelativePath::try_from(path).context(error::Path { path })?;
 
       ensure! {
@@ -209,9 +176,17 @@ mismatched file: `{path}`
       }
     }
 
+    for (public_key, signature) in &manifest.signatures {
+      public_key
+        .verify(root_hash.as_bytes(), signature)
+        .context(error::SignatureInvalid {
+          public_key: public_key.clone(),
+        })?;
+    }
+
     if let Some(key) = self.key {
       ensure! {
-        signatures.contains(&key),
+        manifest.signatures.contains_key(&key),
         error::SignatureMissing { key },
       }
     }