slowly transitioning to a more efficient way of interacting with sealed packages

modules/verify/include/checksum_memory.hpp

@@ -0,0 +1,75 @@
+/**
+* @file checksum_memory.hpp
+ * @brief In-memory package checksum verification functions
+ *
+ * Defines functions for verifying checksums of DPM package components in memory
+ * without requiring them to be extracted to disk first.
+ *
+ * @copyright Copyright (c) 2025 SILO GROUP LLC
+ * @author Chris Punches <chris.punches@silogroup.org>
+ *
+ * Part of the Dark Horse Linux Package Manager (DPM)
+ */
+#pragma once
+
+#include <string>
+#include <dpmdk/include/CommonModuleAPI.hpp>
+#include "package_operations.hpp"
+#include <filesystem>
+#include <dlfcn.h>
+
+/**
+ * @brief Verifies the package digest from in-memory metadata
+ *
+ * Calculates the package digest from in-memory CONTENTS_MANIFEST_DIGEST and
+ * HOOKS_DIGEST files and compares it to the value in PACKAGE_DIGEST.
+ *
+ * @param data Pointer to the metadata file data
+ * @param data_size Size of the metadata file data
+ * @param build_module Handle to the loaded build module
+ * @return 0 on successful verification, non-zero on failure
+ */
+int checksum_verify_package_digest_memory(
+    const unsigned char* data,
+    size_t data_size,
+    void* build_module);
+
+/**
+ * @brief Verifies the contents manifest digest from in-memory data
+ *
+ * Compares checksums in the contents manifest with actual file checksums
+ * using in-memory data rather than extracting files to disk.
+ *
+ * @param contents_data Pointer to the contents component data
+ * @param contents_data_size Size of the contents component data
+ * @param metadata_data Pointer to the metadata component data
+ * @param metadata_data_size Size of the metadata component data
+ * @param build_module Handle to the loaded build module
+ * @return 0 on successful verification, non-zero on failure
+ */
+int checksum_verify_contents_digest_memory(
+    const unsigned char* contents_data,
+    size_t contents_data_size,
+    const unsigned char* metadata_data,
+    size_t metadata_data_size,
+    void* build_module);
+
+/**
+ * @brief Verifies the hooks digest from in-memory data
+ *
+ * Calculates the digest of the hooks archive and compares it with the
+ * value stored in HOOKS_DIGEST metadata file.
+ *
+ * @param hooks_data Pointer to the hooks component data
+ * @param hooks_data_size Size of the hooks component data
+ * @param metadata_data Pointer to the metadata component data
+ * @param metadata_data_size Size of the metadata component data
+ * @param build_module Handle to the loaded build module
+ * @return 0 on successful verification, non-zero on failure
+ */
+int checksum_verify_hooks_digest_memory(
+    const unsigned char* hooks_data,
+    size_t hooks_data_size,
+    const unsigned char* metadata_data,
+    size_t metadata_data_size,
+    void* build_module);

modules/verify/include/commands.hpp

@@ -18,6 +18,8 @@
 #include <dlfcn.h>
 #include <sys/stat.h>
 #include <filesystem>
+#include "checksum_memory.hpp"
+#include "package_operations.hpp"
 
 /**
  * @brief Handler for the checksum command
@@ -157,4 +159,27 @@ int verify_signature_package(const std::string& package_path);
  * @param stage_dir Path to the stage directory
  * @return 0 on success, non-zero on failure
  */
-int verify_signature_stage(const std::string& stage_dir);
+int verify_signature_stage(const std::string& stage_dir);
+
+/**
+ * @brief Verifies checksums of a package file in memory
+ *
+ * Loads the components of a package file into memory and verifies their checksums
+ * without extracting them to disk.
+ *
+ * @param package_path Path to the package file
+ * @return 0 on success, non-zero on failure
+ */
+int verify_checksums_package_memory(const std::string& package_path);
+
+/**
+ * @brief Converts binary data to a C++ string
+ *
+ * Takes a buffer of binary data and its size, creates a properly
+ * null-terminated string, and returns it as an std::string.
+ *
+ * @param data Pointer to the binary data
+ * @param data_size Size of the binary data
+ * @return std::string containing the data, or empty string on error
+ */
+std::string binary_to_string(const unsigned char* data, size_t data_size);

modules/verify/include/package_operations.hpp

@@ -0,0 +1,53 @@
+/**
+ * @file package_operations.hpp
+ * @brief Functions for operating on DPM packages
+ *
+ * Defines functions for extracting and verifying components from DPM packages.
+ *
+ * @copyright Copyright (c) 2025 SILO GROUP LLC
+ * @author Chris Punches <chris.punches@silogroup.org>
+ *
+ * Part of the Dark Horse Linux Package Manager (DPM)
+ */
+#pragma once
+
+#include <string>
+#include <dpmdk/include/CommonModuleAPI.hpp>
+#include "commands.hpp"
+#include <filesystem>
+
+/**
+ * @brief Extracts a component from a package file
+ *
+ * Loads a component (metadata, contents, hooks, signatures) from a package file
+ * by calling into the build module's get_file_from_package_file function.
+ *
+ * @param package_path Path to the package file
+ * @param component_name Name of the component to extract (metadata, contents, hooks, signatures)
+ * @param data Pointer to a pointer that will be populated with the component data
+ * @param data_size Pointer to a size_t that will be populated with the size of the component data
+ * @return 0 on success, non-zero on failure
+ */
+int get_component_from_package(const std::string& package_path,
+                              const std::string& component_name,
+                              unsigned char** data,
+                              size_t* data_size);
+
+/**
+ * @brief Extracts a file from a component archive
+ *
+ * Extracts a specific file from a component archive that has already been loaded into memory.
+ * Uses the build module's get_file_from_memory_loaded_archive function.
+ *
+ * @param component_data Pointer to the component archive data in memory
+ * @param component_size Size of the component archive in memory
+ * @param filename Name of the file to extract from the component
+ * @param data Pointer to a pointer that will be populated with the file data
+ * @param data_size Pointer to a size_t that will be populated with the size of the file data
+ * @return 0 on success, non-zero on failure
+ */
+int get_file_from_component(const unsigned char* component_data,
+                           size_t component_size,
+                           const std::string& filename,
+                           unsigned char** data,
+                           size_t* data_size);