src/deb822/mod.rs

   1 mod release_file;
   2 use anyhow::{bail, Error};
   3 pub use release_file::{CompressionType, FileReference, FileReferenceType, ReleaseFile};
   4
   5 mod packages_file;
   6 pub use packages_file::PackagesFile;
   7
   8 #[derive(Copy, Clone, Debug, Default, PartialEq, Eq, PartialOrd, Ord)]
   9 pub struct CheckSums {
  10     pub md5: Option<[u8; 16]>,
  11     pub sha1: Option<[u8; 20]>,
  12     pub sha256: Option<[u8; 32]>,
  13     pub sha512: Option<[u8; 64]>,
  14 }
  15
  16 impl CheckSums {
  17     pub fn is_secure(&self) -> bool {
  18         self.sha256.is_some() || self.sha512.is_some()
  19     }
  20
  21     pub fn verify(&self, input: &[u8]) -> Result<(), Error> {
  22         if !self.is_secure() {
  23             bail!("No SHA256/SHA512 checksum specified.");
  24         }
  25
  26         if let Some(expected) = self.sha512 {
  27             let digest = openssl::sha::sha512(input);
  28             if digest != expected {
  29                 bail!(
  30                     "Hashsum mismatch: {} != {}",
  31                     hex::encode(expected),
  32                     hex::encode(digest)
  33                 );
  34             }
  35
  36             Ok(())
  37         } else if let Some(expected) = self.sha256 {
  38             let digest = openssl::sha::sha256(input);
  39             if digest != expected {
  40                 bail!(
  41                     "Hashsum mismatch: {} != {}",
  42                     hex::encode(expected),
  43                     hex::encode(digest)
  44                 );
  45             }
  46
  47             Ok(())
  48         } else {
  49             bail!("No trusted checksum found - verification not possible.");
  50         }
  51     }
  52
  53     /// Merge two instances of `CheckSums`.
  54     pub fn merge(&mut self, rhs: &CheckSums) -> Result<(), Error> {
  55         match (self.sha512, rhs.sha512) {
  56             (_, None) => {}
  57             (None, Some(sha512)) => self.sha512 = Some(sha512),
  58             (Some(left), Some(right)) => {
  59                 if left != right {
  60                     bail!(
  61                         "sha512 mismatch: {} != {}",
  62                         hex::encode(left),
  63                         hex::encode(right)
  64                     );
  65                 }
  66             }
  67         };
  68         match (self.sha256, rhs.sha256) {
  69             (_, None) => {}
  70             (None, Some(sha256)) => self.sha256 = Some(sha256),
  71             (Some(left), Some(right)) => {
  72                 if left != right {
  73                     bail!(
  74                         "sha256 mismatch: {} != {}",
  75                         hex::encode(left),
  76                         hex::encode(right)
  77                     );
  78                 }
  79             }
  80         };
  81         match (self.sha1, rhs.sha1) {
  82             (_, None) => {}
  83             (None, Some(sha1)) => self.sha1 = Some(sha1),
  84             (Some(left), Some(right)) => {
  85                 if left != right {
  86                     bail!(
  87                         "sha1 mismatch: {} != {}",
  88                         hex::encode(left),
  89                         hex::encode(right)
  90                     );
  91                 }
  92             }
  93         };
  94         match (self.md5, rhs.md5) {
  95             (_, None) => {}
  96             (None, Some(md5)) => self.md5 = Some(md5),
  97             (Some(left), Some(right)) => {
  98                 if left != right {
  99                     bail!(
 100                         "md5 mismatch: {} != {}",
 101                         hex::encode(left),
 102                         hex::encode(right)
 103                     );
 104                 }
 105             }
 106         };
 107
 108         Ok(())
 109     }
 110 }