From 1cd43c7ed4e5ce815ba26ffd0315316d7ce12d18 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philipp=20Kr=C3=BCger?= Date: Fri, 25 Aug 2023 11:48:51 +0200 Subject: [PATCH] Check the block hash prior to storing the block --- car-mirror/src/incremental_verification.rs | 23 ++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/car-mirror/src/incremental_verification.rs b/car-mirror/src/incremental_verification.rs index 506c0c7..0960699 100644 --- a/car-mirror/src/incremental_verification.rs +++ b/car-mirror/src/incremental_verification.rs @@ -1,7 +1,10 @@ use crate::dag_walk::DagWalk; -use anyhow::{bail, Result}; +use anyhow::{anyhow, bail, Result}; use bytes::Bytes; -use libipld_core::cid::Cid; +use libipld_core::{ + cid::Cid, + multihash::{Code, MultihashDigest}, +}; use std::{collections::HashSet, matches}; use wnfs_common::{BlockStore, BlockStoreError}; @@ -109,13 +112,25 @@ impl IncrementalDagVerification { bail!("Incremental verification failed. Block state is: {block_state:?}, expected BlockState::Want"); } - // TODO(matheus23): Verify hash before putting it into the blockstore. + let hash_func: Code = cid + .hash() + .code() + .try_into() + .map_err(|_| anyhow!("Unsupported hash code in CID {cid}"))?; + + let hash = hash_func.digest(bytes.as_ref()); + + if &hash != cid.hash() { + let result_cid = Cid::new_v1(cid.codec(), hash); + bail!("Digest mismatch in CAR file: expected {cid}, got {result_cid}"); + } + let result_cid = store.put_block(bytes, cid.codec()).await?; // TODO(matheus23): The BlockStore chooses the hashing function, // so it may choose a different hashing function, causing a mismatch if result_cid != cid { - bail!("Digest mismatch in CAR file: expected {cid}, got {result_cid}"); + bail!("BlockStore uses an incompatible hashing function: CID mismatched, expected {cid}, got {result_cid}"); } self.update_have_cids(store).await?;