Skip to content

fix: verify content checksum before trusting pack signature#17

Open
muhamedfazalps wants to merge 1 commit into
abhay-codes07:mainfrom
muhamedfazalps:fix/pack-signature-verify
Open

fix: verify content checksum before trusting pack signature#17
muhamedfazalps wants to merge 1 commit into
abhay-codes07:mainfrom
muhamedfazalps:fix/pack-signature-verify

Conversation

@muhamedfazalps

Copy link
Copy Markdown

Fixes #9

Problem

verify_pack_signature() trusted the manifest's self-reported checksum field and never recomputed content_checksum(pack.items). An attacker could:

  1. Sign a legitimate pack
  2. Swap pack.items for a malicious payload
  3. Leave manifest.checksum untouched
  4. The signature would still verify

The volo pack verify command calls verify_pack_signature without validate_pack, so it prints -> VALID on a swapped-payload pack.

Solution

Before verifying the signature, recompute content_checksum(pack.items) and reject the pack if it doesn't match manifest.checksum. This ensures the signature is bound to actual content, not just the self-reported checksum.

Changes

  • packages/volo-packs/src/volo_packs/signing.py: Added content checksum verification in verify_pack_signature()
  • packages/volo-packs/src/volo_packs/signing.py: Imported content_checksum from pack module

Security Impact

This is a security fix — pack signature verification was bypassable by swapping content while keeping the manifest checksum unchanged.

https://buymeacoffee.com/muhamedfazalps

…hay-codes07#9)

verify_pack_signature() trusted the manifest's self-reported checksum
and never recomputed content_checksum(pack.items). An attacker could
swap pack.items for a malicious payload while leaving manifest.checksum
untouched, and the signature would still verify.

Now verifies that content_checksum(pack.items) matches manifest.checksum
before trusting the signature, closing the bypass window.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Pack signature verifies a content-tampered pack as VALID (checksum not re-bound)

1 participant