I'm thinking of storing files in couch. I would probably create a document like
{
    _id : "aaaaaaaaaabbbbbbbbbbccccccccccdddddddddd",
    md5  : "aaaaaaaaaabbbbbbbbbbccccccccccdd",
    size : 10345662,
}
to store the basic metadata about the file. The _id would be the SHA-1 checksum of the file and the MD5 and size in bytes would be the other fields in the document.

Then I would attach the actual file as an attachment to this document.

What I'm wondering if if there is any way to valid the checksums are correct. Ideally couch would run a validation function which would checksum the attachment and refuse the upload if it doesn't match the recorded md5, sha1 and size. Is there any way to achieve this?

I'm thinking that a fallback measure which might be almost as good would be to have a daemon which watches _changes and checks any new attachment to make sure they are correct. If they aren't it could flag it up somehow and a human can take some action. I'm only trying to protect against system bugs, not malicious intent.

Any thoughts would be gratefully received.
________________________________
Sophos Limited, The Pentagon, Abingdon Science Park, Abingdon, OX14 3YP, United Kingdom.
Company Reg No 2096520. VAT Reg No GB 991 2418 08.