couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Hirst <paul.hi...@sophos.com>
Subject SHA-1 checksum validation on attachments
Date Thu, 03 Feb 2011 15:24:50 GMT
I'm thinking of storing files in couch. I would probably create a document like
{
    _id : "aaaaaaaaaabbbbbbbbbbccccccccccdddddddddd",
    md5  : "aaaaaaaaaabbbbbbbbbbccccccccccdd",
    size : 10345662,
}
to store the basic metadata about the file. The _id would be the SHA-1 checksum of the file
and the MD5 and size in bytes would be the other fields in the document.

Then I would attach the actual file as an attachment to this document.

What I'm wondering if if there is any way to valid the checksums are correct. Ideally couch
would run a validation function which would checksum the attachment and refuse the upload
if it doesn't match the recorded md5, sha1 and size. Is there any way to achieve this?

I'm thinking that a fallback measure which might be almost as good would be to have a daemon
which watches _changes and checks any new attachment to make sure they are correct. If they
aren't it could flag it up somehow and a human can take some action. I'm only trying to protect
against system bugs, not malicious intent.

Any thoughts would be gratefully received.
________________________________
Sophos Limited, The Pentagon, Abingdon Science Park, Abingdon, OX14 3YP, United Kingdom.
Company Reg No 2096520. VAT Reg No GB 991 2418 08.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message