Hashing parcels: Should we bump this up a layer?

[technosophos]

Right now, when Bindle loads a parcel off of the file system it checks the hash. But this is done in the storage driver. Really, this should be done a layer higher so that storage drivers merely load the bindle.

[thomastaylor312]

Yeah, I think the server logic should handle this rather than the storage providers. However, are you talking about just reading it off the storage layer (which we don't validate again, correct?) or the writing part as well?

[thomastaylor312]

Now that we have moved to providers instead of plain storage drivers, is this something we want to require in provider implementations or should we provide some sort of common way of doing this?

[thomastaylor312]

Oops, fat finger close

[technosophos]

It might make sense to have a default trait implementation of this on the provider trait, and then allow implementations to override. I mean... what we really want is "near side" verification that the hash computes. Trusting an external source is probably not a good practice.

Worst case, we could implement it outside the provider altogether, and have the code in the webserver portion check this.

I'm not sure what the best design is.

[thomastaylor312]

I think a default trait implementation is probably the best idea. Not every type of application will necessarily use a bindle server, so it makes sense for the provider to do it

[thomastaylor312]

I was just checking and we don't currently check the hash of the data when fetching the parcel, but we do validate it when writing it to storage. Should we be validating it when pulling it out of storage as well?