actr-pack 0.3.1

ACTR package format: ZIP STORE-based .actr file reading, writing, signing and verification
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139

use std::io::Cursor;

use crate::error::PackError;
use crate::manifest::PackageManifest;
use crate::util::read_zip_entry;

/// Read the manifest from an .actr package without full verification.
pub fn read_manifest(actr_bytes: &[u8]) -> Result<PackageManifest, PackError> {
    let manifest_str = read_manifest_raw(actr_bytes)?;
    PackageManifest::from_toml(&manifest_str)
}

/// Read the raw manifest TOML string from an .actr package.
///
/// Returns the exact bytes stored in the package as a UTF-8 string,
/// preserving the original text for signing purposes.
pub fn read_manifest_raw(actr_bytes: &[u8]) -> Result<String, PackError> {
    let cursor = Cursor::new(actr_bytes);
    let mut archive = zip::ZipArchive::new(cursor)?;

    let manifest_bytes =
        read_zip_entry(&mut archive, "manifest.toml").map_err(|_| PackError::ManifestNotFound)?;

    String::from_utf8(manifest_bytes)
        .map_err(|e| PackError::ManifestParseError(format!("manifest is not valid UTF-8: {e}")))
}

/// Load the binary bytes from an .actr package.
///
/// Reads the manifest to determine the binary path, then extracts the binary.
pub fn load_binary(actr_bytes: &[u8]) -> Result<Vec<u8>, PackError> {
    let cursor = Cursor::new(actr_bytes);
    let mut archive = zip::ZipArchive::new(cursor)?;

    // Read manifest to get binary path
    let manifest_bytes =
        read_zip_entry(&mut archive, "manifest.toml").map_err(|_| PackError::ManifestNotFound)?;
    let manifest_str = std::str::from_utf8(&manifest_bytes)
        .map_err(|e| PackError::ManifestParseError(format!("manifest is not valid UTF-8: {e}")))?;
    let manifest = PackageManifest::from_toml(manifest_str)?;

    read_zip_entry(&mut archive, &manifest.binary.path)
        .map_err(|_| PackError::BinaryNotFound(manifest.binary.path.clone()))
}

/// Read the raw 64-byte Ed25519 signature from an .actr package.
pub fn read_signature(actr_bytes: &[u8]) -> Result<Vec<u8>, PackError> {
    let cursor = Cursor::new(actr_bytes);
    let mut archive = zip::ZipArchive::new(cursor)?;
    let sig =
        read_zip_entry(&mut archive, "manifest.sig").map_err(|_| PackError::SignatureNotFound)?;
    if sig.len() != 64 {
        return Err(PackError::SignatureVerificationFailed(format!(
            "manifest.sig must be exactly 64 bytes, got {}",
            sig.len()
        )));
    }
    Ok(sig)
}

/// Read manifest.lock.toml from an .actr package (if present).
///
/// Returns None if the package does not contain a lock file.
pub fn read_lock_file(actr_bytes: &[u8]) -> Result<Option<Vec<u8>>, PackError> {
    let cursor = Cursor::new(actr_bytes);
    let mut archive = zip::ZipArchive::new(cursor)?;
    match read_zip_entry(&mut archive, "manifest.lock.toml") {
        Ok(bytes) => Ok(Some(bytes)),
        Err(_) => Ok(None),
    }
}

/// Read a single JS glue file from the `resources/` directory in an .actr package.
///
/// Returns the first `.js` file under `resources/` that is NOT named
/// `actor.sw.js` (which is the Service Worker runtime itself, not guest
/// wasm-bindgen glue). Returns `Ok(None)` when the package has no eligible
/// glue script.
///
/// Used by the Web runtime to extract wasm-bindgen glue after signature
/// verification.
pub fn read_glue_js(actr_bytes: &[u8]) -> Result<Option<String>, PackError> {
    use std::io::Read;

    let cursor = Cursor::new(actr_bytes);
    let mut archive = zip::ZipArchive::new(cursor)?;

    let target = archive
        .file_names()
        .find(|name| {
            name.starts_with("resources/")
                && name.ends_with(".js")
                && !name.ends_with("actor.sw.js")
        })
        .map(|s| s.to_string());

    let Some(name) = target else {
        return Ok(None);
    };

    let mut file = archive
        .by_name(&name)
        .map_err(|e| PackError::InvalidPackage(format!("open {}: {}", name, e)))?;
    let mut content = String::new();
    file.read_to_string(&mut content)
        .map_err(|e| PackError::InvalidPackage(format!("read {}: {}", name, e)))?;
    Ok(Some(content))
}

/// Read all proto files from the `proto/` directory in an .actr package.
///
/// Returns a list of (filename, content) pairs.
/// Returns an empty vec if the package has no proto files.
pub fn read_proto_files(actr_bytes: &[u8]) -> Result<Vec<(String, Vec<u8>)>, PackError> {
    let cursor = Cursor::new(actr_bytes);
    let archive = zip::ZipArchive::new(cursor)?;

    let proto_names: Vec<String> = archive
        .file_names()
        .filter(|name| name.starts_with("proto/") && name.len() > "proto/".len())
        .map(|s| s.to_string())
        .collect();

    let mut result = Vec::new();
    // Re-open archive for reading (can't borrow mutably while iterating names)
    let cursor2 = Cursor::new(actr_bytes);
    let mut archive2 = zip::ZipArchive::new(cursor2)?;

    for full_path in proto_names {
        let filename = full_path
            .strip_prefix("proto/")
            .unwrap_or(&full_path)
            .to_string();
        let content = read_zip_entry(&mut archive2, &full_path)?;
        result.push((filename, content));
    }

    Ok(result)
}