[gitmo/MooseX-Storage.git] / lib / MooseX / Storage / Base / WithChecksum.pm


package MooseX::Storage::Base::WithChecksum;
use Moose::Role;

use Digest       ();
use Data::Dumper ();

use MooseX::Storage::Engine;

our $VERSION   = '0.18';
our $AUTHORITY = 'cpan:STEVAN';

our $DIGEST_MARKER = '__DIGEST__';

sub pack {
    my ($self, @args ) = @_;

    my $e = MooseX::Storage::Engine->new( object => $self );

    my $collapsed = $e->collapse_object(@args);
    
    $collapsed->{$DIGEST_MARKER} = $self->_digest_packed($collapsed, @args);
    
    return $collapsed;
}

sub unpack {
    my ($class, $data, @args) = @_;

    # check checksum on data
    
    my $old_checksum = delete $data->{$DIGEST_MARKER};
    
    my $checksum = $class->_digest_packed($data, @args);

    ($checksum eq $old_checksum)
        || confess "Bad Checksum got=($checksum) expected=($old_checksum)";    

    my $e = MooseX::Storage::Engine->new(class => $class);
    $class->new($e->expand_object($data, @args));
}


sub _digest_packed {
    my ( $self, $collapsed, @args ) = @_;

    my $d = $self->_digest_object(@args);

    {
        local $Data::Dumper::Indent   = 0;
        local $Data::Dumper::Sortkeys = 1;
        local $Data::Dumper::Terse    = 1;
        local $Data::Dumper::Useqq    = 0;
        local $Data::Dumper::Deparse  = 0; # FIXME?
        my $str = Data::Dumper::Dumper($collapsed);
        # NOTE:
        # Canonicalize numbers to strings even if it 
        # mangles numbers inside strings. It really 
        # does not matter since its just the checksum
        # anyway.
        # - YK/SL
        $str =~ s/(?<! ['"] ) \b (\d+) \b (?! ['"] )/'$1'/gx; 
        $d->add( $str );
    }

    return $d->hexdigest;
}

sub _digest_object {
    my ( $self, %options ) = @_;
    my $digest_opts = $options{digest};
    
    $digest_opts = [ $digest_opts ] 
        if !ref($digest_opts) or ref($digest_opts) ne 'ARRAY';
        
    my ( $d, @args ) = @$digest_opts;

    if ( ref $d ) {
        if ( $d->can("clone") ) {
            return $d->clone;
        } 
        elsif ( $d->can("reset") ) {
            $d->reset;
            return $d;
        } 
        else {
            die "Can't clone or reset digest object: $d";
        }
    } 
    else {
        return Digest->new($d || "SHA1", @args);
    }
}

1;

__END__

=pod

=head1 NAME

MooseX::Storage::Base::WithChecksum - A more secure serialization role

=head1 DESCRIPTION

This is an early implementation of a more secure Storage role, 
which does integrity checks on the data. It is still being 
developed so I recommend using it with caution. 

Any thoughts, ideas or suggestions on improving our technique 
are very welcome.

=head1 METHODS

=over 4

=item B<pack (?$salt)>

=item B<unpack ($data, ?$salt)>

=back

=head2 Introspection

=over 4

=item B<meta>

=back

=head1 BUGS

All complex software has bugs lurking in it, and this module is no 
exception. If you find a bug please either email me, or add the bug
to cpan-RT.

=head1 AUTHOR

Stevan Little E<lt>stevan.little@iinteractive.comE<gt>

Yuval Kogman

=head1 COPYRIGHT AND LICENSE

Copyright 2007-2008 by Infinity Interactive, Inc.

L<http://www.iinteractive.com>

This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself.

=cut
Commit	Line	Data
c4a322ec	1
	2	package MooseX::Storage::Base::WithChecksum;
	3	use Moose::Role;
	4
06a66732	5	use Digest ();
34dcaa5d	6	use Data::Dumper ();
34dcaa5d	7
06a66732	8	use MooseX::Storage::Engine;
06a66732	9
5ca52230	10	our $VERSION = '0.18';
69b45b7d	11	our $AUTHORITY = 'cpan:STEVAN';
c4a322ec	12
72a40e08	13	our $DIGEST_MARKER = '__DIGEST__';
88651e76	14
c4a322ec	15	sub pack {
98ae09f0	16	my ($self, @args ) = @_;
98ae09f0	17
c4a322ec	18	my $e = MooseX::Storage::Engine->new( object => $self );
c4a322ec	19
a6ebb4c8	20	my $collapsed = $e->collapse_object(@args);
c4a322ec	21
88651e76	22	$collapsed->{$DIGEST_MARKER} = $self->_digest_packed($collapsed, @args);
c4a322ec	23
	24	return $collapsed;
	25	}
	26
	27	sub unpack {
98ae09f0	28	my ($class, $data, @args) = @_;
c4a322ec	29
	30	# check checksum on data
	31
34dcaa5d	32	my $old_checksum = delete $data->{$DIGEST_MARKER};
c4a322ec	33
98ae09f0	34	my $checksum = $class->_digest_packed($data, @args);
98ae09f0	35
c4a322ec	36	($checksum eq $old_checksum)
98ae09f0	37	\|\| confess "Bad Checksum got=($checksum) expected=($old_checksum)";
c4a322ec	38
c4a322ec	39	my $e = MooseX::Storage::Engine->new(class => $class);
a6ebb4c8	40	$class->new($e->expand_object($data, @args));
c4a322ec	41	}
c4a322ec	42
98ae09f0	43
	44	sub _digest_packed {
	45	my ( $self, $collapsed, @args ) = @_;
	46
a6ebb4c8	47	my $d = $self->_digest_object(@args);
a6ebb4c8	48
a6ebb4c8	49	{
06a66732	50	local $Data::Dumper::Indent = 0;
34dcaa5d	51	local $Data::Dumper::Sortkeys = 1;
b7e2e91b	52	local $Data::Dumper::Terse = 1;
	53	local $Data::Dumper::Useqq = 0;
	54	local $Data::Dumper::Deparse = 0; # FIXME?
	55	my $str = Data::Dumper::Dumper($collapsed);
a7f358fb	56	# NOTE:
	57	# Canonicalize numbers to strings even if it
	58	# mangles numbers inside strings. It really
	59	# does not matter since its just the checksum
	60	# anyway.
	61	# - YK/SL
	62	$str =~ s/(?<! ['"] ) \b (\d+) \b (?! ['"] )/'$1'/gx;
b7e2e91b	63	$d->add( $str );
a6ebb4c8	64	}
	65
	66	return $d->hexdigest;
	67	}
	68
	69	sub _digest_object {
	70	my ( $self, %options ) = @_;
	71	my $digest_opts = $options{digest};
06a66732	72
	73	$digest_opts = [ $digest_opts ]
	74	if !ref($digest_opts) or ref($digest_opts) ne 'ARRAY';
	75
a6ebb4c8	76	my ( $d, @args ) = @$digest_opts;
98ae09f0	77
	78	if ( ref $d ) {
	79	if ( $d->can("clone") ) {
a6ebb4c8	80	return $d->clone;
06a66732	81	}
06a66732	82	elsif ( $d->can("reset") ) {
98ae09f0	83	$d->reset;
a6ebb4c8	84	return $d;
06a66732	85	}
06a66732	86	else {
98ae09f0	87	die "Can't clone or reset digest object: $d";
98ae09f0	88	}
06a66732	89	}
06a66732	90	else {
a6ebb4c8	91	return Digest->new($d \|\| "SHA1", @args);
98ae09f0	92	}
98ae09f0	93	}
98ae09f0	94
c4a322ec	95	1;
	96
	97	__END__
	98
	99	=pod
	100
	101	=head1 NAME
	102
4fa64e86	103	MooseX::Storage::Base::WithChecksum - A more secure serialization role
c4a322ec	104
	105	=head1 DESCRIPTION
	106
c86a46cc	107	This is an early implementation of a more secure Storage role,
	108	which does integrity checks on the data. It is still being
	109	developed so I recommend using it with caution.
	110
	111	Any thoughts, ideas or suggestions on improving our technique
	112	are very welcome.
	113
c4a322ec	114	=head1 METHODS
	115
	116	=over 4
	117
	118	=item B<pack (?$salt)>
	119
	120	=item B<unpack ($data, ?$salt)>
	121
	122	=back
	123
	124	=head2 Introspection
	125
	126	=over 4
	127
	128	=item B<meta>
	129
	130	=back
	131
	132	=head1 BUGS
	133
	134	All complex software has bugs lurking in it, and this module is no
	135	exception. If you find a bug please either email me, or add the bug
	136	to cpan-RT.
	137
	138	=head1 AUTHOR
	139
	140	Stevan Little E<lt>stevan.little@iinteractive.comE<gt>
	141
06a66732	142	Yuval Kogman
06a66732	143
c4a322ec	144	=head1 COPYRIGHT AND LICENSE
c4a322ec	145
1f3074ea	146	Copyright 2007-2008 by Infinity Interactive, Inc.
c4a322ec	147
	148	L<http://www.iinteractive.com>
	149
	150	This library is free software; you can redistribute it and/or modify
	151	it under the same terms as Perl itself.
	152
	153	=cut