commit 72efd7548930e052e3cd536d11933b8c6eda0294
author Scott Baker <smbaker@gmail.com> Wed May 15 13:12:20 2019 -0700
committer Scott Baker <smbaker@gmail.com> Wed May 15 13:12:20 2019 -0700
tree cbe3b09811a621e2250b015c1a30ea1ef3701c43
parent 63ce82e3fdd4721f89daf975d51e70610f47e3a1

SEBA-666 Use sha-256 instead of sha-1; verify checksums

Change-Id: I3036b50fa97f898948bb3ec94ff9665bb3fc9752

commands/transfer_handler.go

diff --git a/commands/transfer_handler.go b/commands/transfer_handler.go
index 0fce0f6..91e46d3 100644
--- a/commands/transfer_handler.go
+++ b/commands/transfer_handler.go
@@ -18,7 +18,8 @@
 
 import (
 	"context"
-	"crypto/sha1"
+	"crypto/sha256"
+	"fmt"
 	"github.com/fullstorydev/grpcurl"
 	"github.com/golang/protobuf/proto"
 	"github.com/jhump/protoreflect/dynamic"
@@ -44,6 +45,7 @@
 	chunksize int
 	f         *os.File
 	uri       string
+	hash      hash.Hash
 }
 
 func (h *DownloadHandler) OnReceiveResponse(m proto.Message) {
@@ -60,6 +62,10 @@
 	h.bytes += len(chunk)
 }
 
+func (h *DownloadHandler) GetChecksum() string {
+	return fmt.Sprintf("sha256:%x", h.hash.Sum(nil))
+}
+
 func (h *UploadHandler) GetParams(msg proto.Message) error {
 	dmsg, err := dynamic.AsDynamicMessage(msg)
 	if err != nil {
@@ -82,13 +88,20 @@
 		return err
 	}
 
+	chunk := string(block[:bytes_read])
+	io.WriteString(h.hash, chunk)
+
 	dmsg.TrySetFieldByName("uri", h.uri)
-	dmsg.TrySetFieldByName("chunk", string(block[:bytes_read]))
+	dmsg.TrySetFieldByName("chunk", chunk)
 
 	return nil
 }
 
-func UploadFile(conn *grpc.ClientConn, descriptor grpcurl.DescriptorSource, local_name string, uri string, chunkSize int) (*dynamic.Message, error) {
+func (h *UploadHandler) GetChecksum() string {
+	return fmt.Sprintf("sha256:%x", h.hash.Sum(nil))
+}
+
+func UploadFile(conn *grpc.ClientConn, descriptor grpcurl.DescriptorSource, local_name string, uri string, chunkSize int) (*UploadHandler, *dynamic.Message, error) {
 	ctx, cancel := context.WithTimeout(context.Background(), GlobalConfig.Grpc.Timeout)
 	defer cancel()
 
@@ -96,21 +109,24 @@
 
 	f, err := os.Open(local_name)
 	if err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 
-	h := &UploadHandler{uri: uri, f: f, chunksize: chunkSize}
+	h := &UploadHandler{uri: uri,
+		f:         f,
+		chunksize: chunkSize,
+		hash:      sha256.New()}
 
 	err = grpcurl.InvokeRPC(ctx, descriptor, conn, "xos.filetransfer/Upload", headers, h, h.GetParams)
 	if err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 	d, err := dynamic.AsDynamicMessage(h.Response)
 	if err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 
-	return d, err
+	return h, d, err
 }
 
 func DownloadFile(conn *grpc.ClientConn, descriptor grpcurl.DescriptorSource, uri string, local_name string) (*DownloadHandler, error) {
@@ -132,7 +148,7 @@
 			Fields: map[string]map[string]interface{}{"xos.FileRequest": dm},
 		},
 		f:      f,
-		hash:   sha1.New(),
+		hash:   sha256.New(),
 		status: "SUCCESS"}
 
 	err = grpcurl.InvokeRPC(ctx, descriptor, conn, "xos.filetransfer/Download", headers, h, h.GetParams)