void_core/collab/manifest/

verify.rs

//! Commit signature verification against contributor manifests.
//!
//! Verifies that commits are:
//! 1. Properly signed with Ed25519
//! 2. Signed by an authorized contributor
//! 3. Pushing to an allowed ref path

use crate::collab::Identity;
use crate::metadata::Commit;

use super::keys::SigningPubKey;
#[cfg(test)]
use super::keys::CommitSignature;
use super::policy::{check_write_access, AuthResult};
use super::types::Manifest;

// ============================================================================
// VerifyResult — Result of commit verification
// ============================================================================

/// Result of verifying a commit against a manifest.
#[derive(Debug, Clone, PartialEq, Eq)]
pub enum VerifyResult {
    /// Commit signature is valid and signer is authorized.
    Ok,
    /// Commit signature is cryptographically invalid.
    InvalidSignature,
    /// Commit is not signed (no author/signature fields).
    Unsigned,
    /// Commit is signed but signer is not authorized for this ref.
    Unauthorized {
        /// The signing key that was used.
        signer: SigningPubKey,
        /// The ref path that was denied.
        ref_path: String,
    },
}

impl VerifyResult {
    /// Returns true if the commit passed verification.
    pub fn is_ok(&self) -> bool {
        matches!(self, VerifyResult::Ok)
    }

    /// Returns true if the commit is unsigned (not an error in legacy mode).
    pub fn is_unsigned(&self) -> bool {
        matches!(self, VerifyResult::Unsigned)
    }
}

// ============================================================================
// Verification functions
// ============================================================================

/// Verify a single commit against a manifest.
///
/// # Arguments
/// * `commit` - The commit to verify.
/// * `ref_path` - The ref path being pushed to.
/// * `manifest` - Optional manifest. If None, only signature validity is checked.
///
/// # Returns
/// * `VerifyResult::Ok` — Commit is valid and authorized (or no manifest).
/// * `VerifyResult::InvalidSignature` — Ed25519 signature failed verification.
/// * `VerifyResult::Unsigned` — Commit has no signature.
/// * `VerifyResult::Unauthorized` — Signer not allowed to push to this ref.
pub fn verify_commit(
    commit: &Commit,
    ref_path: &str,
    manifest: Option<&Manifest>,
) -> VerifyResult {
    // First, verify the cryptographic signature
    let signer = match verify_commit_signature(commit) {
        SignatureResult::Valid(signer) => signer,
        SignatureResult::Invalid => return VerifyResult::InvalidSignature,
        SignatureResult::Unsigned => return VerifyResult::Unsigned,
    };

    // If no manifest, signature validity is sufficient
    let Some(manifest) = manifest else {
        return VerifyResult::Ok;
    };

    // Check write authorization
    match check_write_access(manifest, &signer, ref_path) {
        AuthResult::Allowed | AuthResult::Delegated { .. } => VerifyResult::Ok,
        AuthResult::Denied => VerifyResult::Unauthorized {
            signer,
            ref_path: ref_path.to_string(),
        },
    }
}

/// Verify multiple commits against a manifest.
///
/// Returns the first failure encountered, or `VerifyResult::Ok` if all pass.
///
/// # Arguments
/// * `commits` - Iterator over commits to verify.
/// * `ref_path` - The ref path being pushed to.
/// * `manifest` - Optional manifest for authorization checking.
pub fn verify_commits<'a>(
    commits: impl Iterator<Item = &'a Commit>,
    ref_path: &str,
    manifest: Option<&Manifest>,
) -> VerifyResult {
    for commit in commits {
        let result = verify_commit(commit, ref_path, manifest);
        if !result.is_ok() {
            return result;
        }
    }
    VerifyResult::Ok
}

/// Verify only the cryptographic signature of a commit.
///
/// Does not check authorization. Useful for verifying commits
/// where the manifest is not available.
pub fn verify_signature_only(commit: &Commit) -> VerifyResult {
    match verify_commit_signature(commit) {
        SignatureResult::Valid(_) => VerifyResult::Ok,
        SignatureResult::Invalid => VerifyResult::InvalidSignature,
        SignatureResult::Unsigned => VerifyResult::Unsigned,
    }
}

// ============================================================================
// Internal signature verification
// ============================================================================

/// Internal result of signature verification.
enum SignatureResult {
    /// Signature is valid, returns the signer's key.
    Valid(SigningPubKey),
    /// Signature is cryptographically invalid.
    Invalid,
    /// Commit is unsigned.
    Unsigned,
}

/// Verify the Ed25519 signature on a commit.
fn verify_commit_signature(commit: &Commit) -> SignatureResult {
    let (author, signature) = match (&commit.author, &commit.signature) {
        (Some(a), Some(s)) => (a, s),
        (None, None) => return SignatureResult::Unsigned,
        // Partial signature (one field set, other missing) is invalid
        _ => return SignatureResult::Invalid,
    };

    // Get the signable bytes
    let signable = commit.signable_bytes();

    // Verify using Identity::verify (static method)
    if Identity::verify(author, &signable, signature.as_bytes()) {
        SignatureResult::Valid(*author)
    } else {
        SignatureResult::Invalid
    }
}

/// Extract the signer's public key from a signed commit.
///
/// Returns `None` if the commit is unsigned or has invalid signature fields.
pub fn extract_signer(commit: &Commit) -> Option<SigningPubKey> {
    commit.author
}

// ============================================================================
// Tests
// ============================================================================

#[cfg(test)]
mod tests {
    use super::*;
    use ed25519_dalek::SigningKey;

    fn test_signing_key(val: u8) -> SigningPubKey {
        SigningPubKey::from_bytes([val; 32])
    }

    fn create_unsigned_commit() -> Commit {
        Commit {
            parents: vec![],
            metadata_bundle: void_crypto::MetadataCid::from_bytes(vec![1, 2, 3]),
            timestamp: 12345,
            message: "test commit".to_string(),
            author: None,
            signature: None,
            manifest_cid: None,
            stats: None,
            repo_manifest_cid: None,
        }
    }

    fn create_signed_commit(signing_key: &SigningKey) -> Commit {
        let mut commit = create_unsigned_commit();
        commit.sign(signing_key);
        commit
    }

    fn create_invalid_signed_commit() -> Commit {
        let mut commit = create_unsigned_commit();
        commit.author = Some(SigningPubKey::from_bytes([0xaa; 32]));
        commit.signature = Some(CommitSignature::from_bytes([0xbb; 64])); // Invalid signature
        commit
    }

    #[test]
    fn verify_unsigned_commit() {
        let commit = create_unsigned_commit();
        let result = verify_commit(&commit, "refs/heads/main", None);
        assert_eq!(result, VerifyResult::Unsigned);
        assert!(result.is_unsigned());
    }

    #[test]
    fn verify_valid_signature_no_manifest() {
        let signing_key = SigningKey::from_bytes(&[0x42; 32]);
        let commit = create_signed_commit(&signing_key);

        let result = verify_commit(&commit, "refs/heads/main", None);
        assert_eq!(result, VerifyResult::Ok);
        assert!(result.is_ok());
    }

    #[test]
    fn verify_invalid_signature() {
        let commit = create_invalid_signed_commit();
        let result = verify_commit(&commit, "refs/heads/main", None);
        assert_eq!(result, VerifyResult::InvalidSignature);
    }

    #[test]
    fn verify_authorized_signer() {
        let signing_key = SigningKey::from_bytes(&[0x42; 32]);
        let pubkey = SigningPubKey::from_bytes(signing_key.verifying_key().to_bytes());
        let commit = create_signed_commit(&signing_key);

        // Signer is the owner
        let manifest = Manifest::new(pubkey, None);

        let result = verify_commit(&commit, "refs/heads/main", Some(&manifest));
        assert_eq!(result, VerifyResult::Ok);
    }

    #[test]
    fn verify_unauthorized_signer() {
        let signing_key = SigningKey::from_bytes(&[0x42; 32]);
        let commit = create_signed_commit(&signing_key);

        // Different owner
        let manifest = Manifest::new(test_signing_key(0xaa), None);

        let result = verify_commit(&commit, "refs/heads/main", Some(&manifest));
        assert!(matches!(result, VerifyResult::Unauthorized { .. }));
    }

    #[test]
    fn verify_commits_all_valid() {
        let signing_key = SigningKey::from_bytes(&[0x42; 32]);
        let commit1 = create_signed_commit(&signing_key);
        let commit2 = create_signed_commit(&signing_key);
        let commits = vec![commit1, commit2];

        let result = verify_commits(commits.iter(), "refs/heads/main", None);
        assert_eq!(result, VerifyResult::Ok);
    }

    #[test]
    fn verify_commits_first_failure() {
        let signing_key = SigningKey::from_bytes(&[0x42; 32]);
        let valid_commit = create_signed_commit(&signing_key);
        let invalid_commit = create_invalid_signed_commit();
        let commits = vec![valid_commit, invalid_commit];

        let result = verify_commits(commits.iter(), "refs/heads/main", None);
        // Should return first failure (invalid signature on second commit)
        assert_eq!(result, VerifyResult::InvalidSignature);
    }

    #[test]
    fn extract_signer_from_signed() {
        let signing_key = SigningKey::from_bytes(&[0x42; 32]);
        let commit = create_signed_commit(&signing_key);

        let signer = extract_signer(&commit);
        assert!(signer.is_some());
        assert_eq!(
            signer.unwrap().as_bytes(),
            &signing_key.verifying_key().to_bytes()
        );
    }

    #[test]
    fn extract_signer_from_unsigned() {
        let commit = create_unsigned_commit();
        let signer = extract_signer(&commit);
        assert!(signer.is_none());
    }

    #[test]
    fn verify_signature_only_valid() {
        let signing_key = SigningKey::from_bytes(&[0x42; 32]);
        let commit = create_signed_commit(&signing_key);

        let result = verify_signature_only(&commit);
        assert_eq!(result, VerifyResult::Ok);
    }

    #[test]
    fn verify_signature_only_unsigned() {
        let commit = create_unsigned_commit();
        let result = verify_signature_only(&commit);
        assert_eq!(result, VerifyResult::Unsigned);
    }

    #[test]
    fn partial_signature_is_invalid() {
        // Only author, no signature
        let mut commit = create_unsigned_commit();
        commit.author = Some(SigningPubKey::from_bytes([0xaa; 32]));
        let result = verify_signature_only(&commit);
        assert_eq!(result, VerifyResult::InvalidSignature);

        // Only signature, no author
        let mut commit = create_unsigned_commit();
        commit.signature = Some(CommitSignature::from_bytes([0xbb; 64]));
        let result = verify_signature_only(&commit);
        assert_eq!(result, VerifyResult::InvalidSignature);
    }

    #[test]
    fn verify_result_methods() {
        assert!(VerifyResult::Ok.is_ok());
        assert!(!VerifyResult::InvalidSignature.is_ok());
        assert!(!VerifyResult::Unsigned.is_ok());

        assert!(!VerifyResult::Ok.is_unsigned());
        assert!(VerifyResult::Unsigned.is_unsigned());
    }
}