zipsign_api/
constants.rs

1// "\x0c\x04\x01" -- form feed, end of text, start of header
2// "ed25519ph" -- used algorithm
3// "\x00\x00" -- version number in network byte order
4/// Bytes preceding signatures
5pub(crate) const MAGIC_HEADER: &[u8; 14] = b"\x0c\x04\x01ed25519ph\x00\x00";
6
7/// Total number of bytes in a [`MAGIC_HEADER`] + [`SignatureCountLeInt`]
8pub(crate) const HEADER_SIZE: usize = 16;
9
10/// Integer type to tell the number of signatures in a signed file, stored in little endian
11pub(crate) type SignatureCountLeInt = u16;
12
13/// Prefix of the signature block in a signed .tar.gz file
14///
15/// Followed by base64 encoded signatures string, the current stream position before this block
16/// encoded as zero-padded 16 bytes hexadecimal string, and [`GZIP_END`]
17/// [`GZIP_END`]
18#[cfg(any(feature = "sign-tar", feature = "unsign-tar", feature = "verify-tar"))]
19pub(crate) const GZIP_START: &[u8; 10] = {
20    const EPOCH: u32 = 978_307_200; // 2001-01-01 00:00:00 Z
21
22    let [m1, m2, m3, m4] = EPOCH.to_le_bytes();
23    &[
24        0x1f, 0x8b, // gzip: magic number
25        0x08, // gzip: compression method (deflate)
26        0x10, // gzip: flags (binary, no checksum, no extra fields, no name, has comment)
27        m1, m2, m3, m4,   // gzip: modification time
28        0x00, // gzip: extra flags (unset)
29        0xff, // gzip: Operating system ID: unknown
30    ]
31};
32
33/// Suffix of the signature block in a signed .tar.gz file
34#[cfg(any(feature = "sign-tar", feature = "unsign-tar", feature = "verify-tar"))]
35pub(crate) const GZIP_END: &[u8; 14] = &[
36    0x00, // deflate: NUL terminator, end of comments
37    0x01, // deflate: block header (final block, uncompressed)
38    0x00, 0x00, // deflate: length
39    0xff, 0xff, // deflate: negated length
40    0, 0, 0, 0, // gzip: crc32 of uncompressed data
41    0, 0, 0, 0, // gzip: total uncompressed size
42];
43
44/// Total overhead the signature block in a signed .tar.gz file excluding signature data
45#[cfg(feature = "sign-tar")]
46pub(crate) const GZIP_EXTRA: usize = GZIP_START.len() + GZIP_END.len() + u64::BITS as usize / 4;
47
48/// Maximum number of bytes the encoded signatures may have
49///
50/// This number equates to 1022 signatures in a `.zip` file, and 767 signatures in `.tar.gz` file.
51pub(crate) const BUF_LIMIT: usize = 1 << 16;