Merge pull request #15 from theseus-rs/refactor-archive-integrity-checks

refactor!: remove archive hash from the public interface and always calculate/verify the has when requesting an archive

Author: brianheineman

Cargo.lock

@@ -2,7 +2,7 @@ use postgresql_archive::{extract, get_archive, Result, LATEST};
 
 #[tokio::main]
 async fn main() -> Result<()> {
-    let (archive_version, archive, _hash) = get_archive(&LATEST).await?;
+    let (archive_version, archive) = get_archive(&LATEST).await?;
     let out_dir = tempfile::tempdir()?.into_path();
     extract(&archive, &out_dir).await?;
     println!(

examples/archive_async/src/main.rs

@@ -2,7 +2,7 @@ use postgresql_archive::blocking::{extract, get_archive};
 use postgresql_archive::{Result, LATEST};
 
 fn main() -> Result<()> {
-    let (archive_version, archive, _hash) = get_archive(&LATEST)?;
+    let (archive_version, archive) = get_archive(&LATEST)?;
     let out_dir = tempfile::tempdir()?.into_path();
     extract(&archive, &out_dir)?;
     println!(

examples/archive_sync/src/main.rs

@@ -13,6 +13,7 @@ version.workspace = true
 anyhow = { workspace = true }
 bytes = { workspace = true }
 flate2 = { workspace = true }
+hex = { workspace = true }
 human_bytes = { workspace = true }
 lazy_static = { workspace = true }
 num-format = { workspace = true }

postgresql_archive/Cargo.toml

@@ -19,7 +19,7 @@ use postgresql_archive::{extract, get_archive, Result, LATEST};
 
 #[tokio::main]
 async fn main() -> Result<()> {
-    let (archive_version, archive, hash) = get_archive(&LATEST).await?;
+    let (archive_version, archive) = get_archive(&LATEST).await?;
     let out_dir = std::env::temp_dir();
     extract(&archive, &out_dir).await
 }
@@ -31,7 +31,7 @@ use postgresql_archive::{Result, LATEST};
 use postgresql_archive::blocking::{extract, get_archive};
 
 fn main() -> Result<()> {
-    let (archive_version, archive, hash) = get_archive(&LATEST)?;
+    let (archive_version, archive) = get_archive(&LATEST)?;
     let out_dir = std::env::temp_dir();
     extract(&archive, &out_dir)
 }

postgresql_archive/README.md

@@ -4,13 +4,15 @@ use crate::error::Error::{AssetHashNotFound, AssetNotFound, ReleaseNotFound, Une
 use crate::error::Result;
 use crate::github::{Asset, Release};
 use crate::version::Version;
+use crate::Error::ArchiveHashMismatch;
 use bytes::Bytes;
 use flate2::bufread::GzDecoder;
 use human_bytes::human_bytes;
 use num_format::{Locale, ToFormattedString};
 use regex::Regex;
 use reqwest::header::HeaderMap;
 use reqwest::{header, RequestBuilder};
+use sha2::{Digest, Sha256};
 use std::fs::{create_dir_all, File};
 use std::io::{copy, BufReader, Cursor};
 use std::path::Path;
@@ -179,8 +181,8 @@ async fn get_asset<S: AsRef<str>>(version: &Version, target: S) -> Result<(Versi
 /// If the [version](Version) is not found for this target, then an
 /// [error](crate::error::Error) is returned.
 ///
-/// Returns the archive bytes and the archive hash.
-pub async fn get_archive(version: &Version) -> Result<(Version, Bytes, String)> {
+/// Returns the archive version and bytes.
+pub async fn get_archive(version: &Version) -> Result<(Version, Bytes)> {
     get_archive_for_target(version, target_triple::TARGET).await
 }
 
@@ -189,11 +191,11 @@ pub async fn get_archive(version: &Version) -> Result<(Version, Bytes, String)>
 /// If the [version](Version) or [target](https://doc.rust-lang.org/nightly/rustc/platform-support.html)
 /// is not found, then an [error](crate::error::Error) is returned.
 ///
-/// Returns the archive bytes and the archive hash.
+/// Returns the archive version and bytes.
 pub async fn get_archive_for_target<S: AsRef<str>>(
     version: &Version,
     target: S,
-) -> Result<(Version, Bytes, String)> {
+) -> Result<(Version, Bytes)> {
     let (asset_version, asset, asset_hash) = get_asset(version, target).await?;
 
     debug!(
@@ -229,7 +231,15 @@ pub async fn get_archive_for_target<S: AsRef<str>>(
         human_bytes(archive.len() as f64)
     );
 
-    Ok((asset_version, archive, hash))
+    let mut hasher = Sha256::new();
+    hasher.update(&archive);
+    let archive_hash = hex::encode(hasher.finalize());
+
+    if archive_hash != hash {
+        return Err(ArchiveHashMismatch { archive_hash, hash });
+    }
+
+    Ok((asset_version, archive))
 }
 
 /// Extracts the compressed tar [bytes](Bytes) to the [out_dir](Path).

postgresql_archive/src/archive.rs

@@ -20,8 +20,8 @@ pub fn get_version(version: &Version) -> crate::Result<Version> {
 /// If the [version](Version) is not found for this target, then an
 /// [error](crate::Error) is returned.
 ///
-/// Returns the archive bytes and the archive hash.
-pub fn get_archive(version: &Version) -> crate::Result<(Version, Bytes, String)> {
+/// Returns the archive version and bytes.
+pub fn get_archive(version: &Version) -> crate::Result<(Version, Bytes)> {
     RUNTIME
         .handle()
         .block_on(async move { crate::get_archive(version).await })
@@ -32,11 +32,11 @@ pub fn get_archive(version: &Version) -> crate::Result<(Version, Bytes, String)>
 /// If the [version](Version) or [target](https://doc.rust-lang.org/nightly/rustc/platform-support.html)
 /// is not found, then an [error](crate::error::Error) is returned.
 ///
-/// Returns the archive bytes and the archive hash.
+/// Returns the archive version and bytes.
 pub fn get_archive_for_target<S: AsRef<str>>(
     version: &Version,
     target: S,
-) -> crate::Result<(Version, Bytes, String)> {
+) -> crate::Result<(Version, Bytes)> {
     RUNTIME
         .handle()
         .block_on(async move { crate::get_archive_for_target(version, target).await })

postgresql_archive/src/blocking/mod.rs

@@ -10,6 +10,9 @@ pub enum Error {
     /// Asset hash not found
     #[error("asset hash not found for asset [{0}]")]
     AssetHashNotFound(String),
+    /// Error when the hash of the archive does not match the expected hash
+    #[error("Archive hash [{archive_hash}] does not match expected hash [{hash}]")]
+    ArchiveHashMismatch { archive_hash: String, hash: String },
     /// Invalid version
     #[error("version [{0}] is invalid")]
     InvalidVersion(String),

postgresql_archive/src/error.rs

@@ -24,7 +24,7 @@
 //!
 //! #[tokio::main]
 //! async fn main() -> Result<()> {
-//!     let (archive_version, archive, hash) = get_archive(&LATEST).await?;
+//!     let (archive_version, archive) = get_archive(&LATEST).await?;
 //!     let out_dir = std::env::temp_dir();
 //!     extract(&archive, &out_dir).await
 //! }
@@ -36,7 +36,7 @@
 //! use postgresql_archive::LATEST;
 //! use postgresql_archive::blocking::{extract, get_archive};
 //!
-//! let (archive_version, archive, hash) = get_archive(&LATEST).unwrap();
+//! let (archive_version, archive) = get_archive(&LATEST).unwrap();
 //! let out_dir = std::env::temp_dir();
 //! let result = extract(&archive, &out_dir).unwrap();
 //! }

postgresql_archive/src/lib.rs

@@ -1,18 +1,11 @@
 #[allow(deprecated)]
 use postgresql_archive::{extract, Version, LATEST, V12, V13, V14, V15, V16};
 use postgresql_archive::{get_archive, get_archive_for_target, get_version};
-use sha2::{Digest, Sha256};
 use std::fs::{create_dir_all, remove_dir_all};
 use test_log::test;
 
 async fn test_get_archive_for_version_constant(version: Version) -> anyhow::Result<()> {
-    let (_, archive, hash) = get_archive(&version).await?;
-
-    let mut hasher = Sha256::new();
-    hasher.update(&archive);
-    let archive_hash = hex::encode(&hasher.finalize());
-
-    assert_eq!(archive_hash, hash);
+    let (_archive_version, _archive) = get_archive(&version).await?;
     Ok(())
 }
 
@@ -69,13 +62,8 @@ async fn test_get_version() -> anyhow::Result<()> {
 #[test(tokio::test)]
 async fn test_get_archive_and_extract() -> anyhow::Result<()> {
     let version = &LATEST;
-    let (archive_version, archive, hash) = get_archive(version).await?;
+    let (archive_version, archive) = get_archive(version).await?;
 
-    let mut hasher = Sha256::new();
-    hasher.update(&archive);
-    let archive_hash = hex::encode(&hasher.finalize());
-
-    assert_eq!(archive_hash, hash);
     assert!(archive_version.matches(version));
 
     let out_dir = tempfile::tempdir()?.path().to_path_buf();
@@ -112,14 +100,9 @@ async fn test_get_archive_for_target_target_not_found() -> postgresql_archive::R
 #[test(tokio::test)]
 async fn test_get_archive_for_target() -> anyhow::Result<()> {
     let version = &LATEST;
-    let (archive_version, archive, hash) =
+    let (archive_version, _archive) =
         get_archive_for_target(version, target_triple::TARGET).await?;
 
-    let mut hasher = Sha256::new();
-    hasher.update(&archive);
-    let archive_hash = hex::encode(&hasher.finalize());
-
-    assert_eq!(archive_hash, hash);
     assert!(archive_version.matches(version));
 
     Ok(())