sneak
213364bab5
- Add UUID field to both inner and outer manifest messages - Generate random v4 UUID when creating manifest - Hash compressed data (not uncompressed) for integrity check - Verify hash before decompression to prevent malicious payloads - Validate UUIDs are proper format and match between inner/outer - Sign string format: MAGIC-UUID-MULTIHASH
86 lines
2.0 KiB
Protocol Buffer
86 lines
2.0 KiB
Protocol Buffer
syntax = "proto3";
|
|
|
|
option go_package = "git.eeqj.de/sneak/mfer/mfer";
|
|
|
|
message Timestamp {
|
|
int64 seconds = 1;
|
|
int32 nanos = 2;
|
|
}
|
|
|
|
message MFFileOuter {
|
|
enum Version {
|
|
VERSION_NONE = 0;
|
|
VERSION_ONE = 1; // only one for now
|
|
}
|
|
|
|
// required mffile root attributes 1xx
|
|
Version version = 101;
|
|
|
|
enum CompressionType {
|
|
COMPRESSION_NONE = 0;
|
|
COMPRESSION_ZSTD = 1;
|
|
}
|
|
|
|
CompressionType compressionType = 102;
|
|
|
|
// these are used solely to detect corruption/truncation
|
|
// and not for cryptographic integrity.
|
|
int64 size = 103;
|
|
bytes sha256 = 104;
|
|
|
|
// uuid must match the uuid in the inner message
|
|
bytes uuid = 105;
|
|
|
|
bytes innerMessage = 199;
|
|
// 2xx for optional manifest root attributes
|
|
// think we might use gosignify instead of gpg:
|
|
// github.com/frankbraun/gosignify
|
|
|
|
//detached signature, ascii or binary
|
|
optional bytes signature = 201;
|
|
//full GPG key id
|
|
optional bytes signer = 202;
|
|
//full GPG signing public key, ascii or binary
|
|
optional bytes signingPubKey = 203;
|
|
}
|
|
|
|
message MFFilePath {
|
|
// required attributes:
|
|
string path = 1;
|
|
int64 size = 2;
|
|
|
|
// gotta have at least one:
|
|
repeated MFFileChecksum hashes = 3;
|
|
|
|
// optional per-file metadata
|
|
optional string mimeType = 301;
|
|
optional Timestamp mtime = 302;
|
|
optional Timestamp ctime = 303;
|
|
optional Timestamp atime = 304;
|
|
}
|
|
|
|
message MFFileChecksum {
|
|
// 1.0 golang implementation must write a multihash here
|
|
// it's ok to only ever use/verify sha256 multihash
|
|
bytes multiHash = 1;
|
|
}
|
|
|
|
message MFFile {
|
|
enum Version {
|
|
VERSION_NONE = 0;
|
|
VERSION_ONE = 1; // only one for now
|
|
}
|
|
Version version = 100;
|
|
|
|
// required manifest attributes:
|
|
repeated MFFilePath files = 101;
|
|
|
|
// uuid is a random v4 UUID generated when creating the manifest
|
|
// used as part of the signature to prevent replay attacks
|
|
bytes uuid = 102;
|
|
|
|
// optional manifest attributes 2xx:
|
|
optional Timestamp createdAt = 201;
|
|
}
|
|
|