relay/src/repo/mod.rs

use std::collections::BTreeMap;

use anyhow::{bail, Context, Result};
use atrium_api::com::atproto::sync::subscribe_repos::CommitData;
use bytes::Bytes;
use ecdsa::signature::Verifier;
use ipld_core::cid::Cid;
use iroh_car::CarReader;
use serde::{Deserialize, Serialize};
use sha2::{Digest, Sha256};

use crate::user::User;

#[derive(Debug, Serialize, Deserialize)]
pub struct UnsignedCommitNode {
    pub did: String,
    pub version: u8,
    pub prev: Option<Cid>,
    pub rev: String,
    pub data: Cid,
}

#[derive(Debug, Serialize, Deserialize)]
pub struct SignedCommitNode {
    #[serde(flatten)]
    pub node: UnsignedCommitNode,
    pub sig: Bytes,
}

pub async fn validate_commit(user: &User, commit: &CommitData) -> Result<()> {
    let mut car_reader = CarReader::new(commit.blocks.as_slice()).await?;
    let car_header = car_reader.header().clone();

    let mut blocks = BTreeMap::new();
    while let Some((cid, cbor)) = car_reader.next_block().await? {
        let (hash_type, hash_digest, hash_len) = cid.hash().into_inner();
        if hash_type != 0x12 || hash_len != 32 {
            bail!(
                "unexpected cid type {:?} (expected sha-256 [id 18] with 32 bytes)",
                cid
            )
        }

        let cid_display = cid.to_string_of_base(multibase::Base::Base32Lower)?;

        let record_hash = Sha256::digest(&cbor);
        if &hash_digest[..32] != record_hash.as_slice() {
            bail!("cid doesn't match cbor hash: {}", &cid_display)
        }

        blocks.insert(cid, cbor);
    }

    /*
    let block_cids = blocks
        .keys()
        .filter_map(|cid| cid.to_string_of_base(multibase::Base::Base32Lower).ok())
        .collect::<Vec<_>>();
    dbg!(block_cids);
    let root_cids = car_header
        .roots()
        .iter()
        .filter_map(|cid| cid.to_string_of_base(multibase::Base::Base32Lower).ok())
        .collect::<Vec<_>>();
    dbg!(root_cids);
     */

    let signing_key = user
        .signing_key()
        .context("couldn't find signing key for user")?;
    let (_, signing_key) = multibase::decode(signing_key).unwrap();

    for root in car_header.roots() {
        let cid_display = root.to_string_of_base(multibase::Base::Base32Lower)?;

        let Some(block) = blocks.get(root) else {
            bail!("block did not exist: {}", &cid_display)
        };
        let commit: SignedCommitNode = serde_ipld_dagcbor::from_slice(block)
            .context("couldn't deserialize signed commit object")?;

        if commit.node.did != user.did {
            bail!("did in car doesn't match repo did {}", &cid_display)
        }

        let unsigned_data = serde_ipld_dagcbor::to_vec(&commit.node)?;
        if commit.sig.len() != 64 {
            bail!(
                "unexpected signature length {} (expected 64)",
                commit.sig.len()
            );
        }
        let r: [u8; 32] = commit.sig[..32].try_into().unwrap();
        let s: [u8; 32] = commit.sig[32..].try_into().unwrap();

        match signing_key[..2] {
            [0xe7, 0x01] => {
                let key = k256::ecdsa::VerifyingKey::from_sec1_bytes(&signing_key[2..]).unwrap();
                let sig = k256::ecdsa::Signature::from_scalars(r, s).unwrap();
                key.verify(&unsigned_data, &sig)
                    .context("failed to verify k256")
            }
            [0x80, 0x24] => {
                let key = p256::ecdsa::VerifyingKey::from_sec1_bytes(&signing_key[2..]).unwrap();
                let sig = p256::ecdsa::Signature::from_scalars(r, s).unwrap();
                key.verify(&unsigned_data, &sig)
                    .context("failed to verify p256")
            }
            _ => Err(anyhow::anyhow!(
                "unknown signing key format {:?}",
                &signing_key[..2]
            )),
        }?;

        // TODO: dfs for cid from commit.node.data, error if cid is not in any signed root
    }

    Ok(())
}
[wip] do a little validation of commit event blocks 2024-12-02 09:17:18 +00:00			`use std::collections::BTreeMap;`

			`use anyhow::{bail, Context, Result};`
			`use atrium_api::com::atproto::sync::subscribe_repos::CommitData;`
			`use bytes::Bytes;`
			`use ecdsa::signature::Verifier;`
			`use ipld_core::cid::Cid;`
			`use iroh_car::CarReader;`
			`use serde::{Deserialize, Serialize};`
			`use sha2::{Digest, Sha256};`

			`use crate::user::User;`

			`#[derive(Debug, Serialize, Deserialize)]`
			`pub struct UnsignedCommitNode {`
			`pub did: String,`
			`pub version: u8,`
			`pub prev: Option<Cid>,`
			`pub rev: String,`
			`pub data: Cid,`
			`}`

			`#[derive(Debug, Serialize, Deserialize)]`
			`pub struct SignedCommitNode {`
			`#[serde(flatten)]`
			`pub node: UnsignedCommitNode,`
			`pub sig: Bytes,`
			`}`

			`pub async fn validate_commit(user: &User, commit: &CommitData) -> Result<()> {`
			`let mut car_reader = CarReader::new(commit.blocks.as_slice()).await?;`
			`let car_header = car_reader.header().clone();`

			`let mut blocks = BTreeMap::new();`
			`while let Some((cid, cbor)) = car_reader.next_block().await? {`
			`let (hash_type, hash_digest, hash_len) = cid.hash().into_inner();`
			`if hash_type != 0x12 \|\| hash_len != 32 {`
			`bail!(`
			`"unexpected cid type {:?} (expected sha-256 [id 18] with 32 bytes)",`
			`cid`
			`)`
			`}`

			`let cid_display = cid.to_string_of_base(multibase::Base::Base32Lower)?;`

			`let record_hash = Sha256::digest(&cbor);`
			`if &hash_digest[..32] != record_hash.as_slice() {`
			`bail!("cid doesn't match cbor hash: {}", &cid_display)`
			`}`

			`blocks.insert(cid, cbor);`
			`}`

			`/*`
			`let block_cids = blocks`
			`.keys()`
			`.filter_map(\|cid\| cid.to_string_of_base(multibase::Base::Base32Lower).ok())`
			`.collect::<Vec<_>>();`
			`dbg!(block_cids);`
			`let root_cids = car_header`
			`.roots()`
			`.iter()`
			`.filter_map(\|cid\| cid.to_string_of_base(multibase::Base::Base32Lower).ok())`
			`.collect::<Vec<_>>();`
			`dbg!(root_cids);`
			`*/`

			`let signing_key = user`
			`.signing_key()`
			`.context("couldn't find signing key for user")?;`
			`let (_, signing_key) = multibase::decode(signing_key).unwrap();`

			`for root in car_header.roots() {`
			`let cid_display = root.to_string_of_base(multibase::Base::Base32Lower)?;`

			`let Some(block) = blocks.get(root) else {`
			`bail!("block did not exist: {}", &cid_display)`
			`};`
			`let commit: SignedCommitNode = serde_ipld_dagcbor::from_slice(block)`
			`.context("couldn't deserialize signed commit object")?;`

			`if commit.node.did != user.did {`
			`bail!("did in car doesn't match repo did {}", &cid_display)`
			`}`

			`let unsigned_data = serde_ipld_dagcbor::to_vec(&commit.node)?;`
			`if commit.sig.len() != 64 {`
			`bail!(`
			`"unexpected signature length {} (expected 64)",`
			`commit.sig.len()`
			`);`
			`}`
			`let r: [u8; 32] = commit.sig[..32].try_into().unwrap();`
			`let s: [u8; 32] = commit.sig[32..].try_into().unwrap();`

			`match signing_key[..2] {`
			`[0xe7, 0x01] => {`
			`let key = k256::ecdsa::VerifyingKey::from_sec1_bytes(&signing_key[2..]).unwrap();`
			`let sig = k256::ecdsa::Signature::from_scalars(r, s).unwrap();`
			`key.verify(&unsigned_data, &sig)`
			`.context("failed to verify k256")`
			`}`
			`[0x80, 0x24] => {`
			`let key = p256::ecdsa::VerifyingKey::from_sec1_bytes(&signing_key[2..]).unwrap();`
			`let sig = p256::ecdsa::Signature::from_scalars(r, s).unwrap();`
			`key.verify(&unsigned_data, &sig)`
			`.context("failed to verify p256")`
			`}`
			`_ => Err(anyhow::anyhow!(`
			`"unknown signing key format {:?}",`
			`&signing_key[..2]`
			`)),`
			`}?;`

			`// TODO: dfs for cid from commit.node.data, error if cid is not in any signed root`
			`}`

			`Ok(())`
			`}`
No results found.