integrity.go | 80 ++++++++++++++++++++++++++++++++++++++--------------- diff --git a/integrity.go b/integrity.go index 300cf3f09205a06efbfdc9ae3badcab852a3314d993bfb23158ca8f2ef8895f6..73d2a6044bd2a82429f73ec785db23f5f26974eb4e7b73789b26e29ad9491e3a 100644 --- a/integrity.go +++ b/integrity.go @@ -18,25 +18,61 @@ package main import ( + "bufio" "bytes" "crypto/sha256" "fmt" + "hash" + "io" "io/ioutil" "log" "os" "path/filepath" "strings" + + "golang.org/x/crypto/blake2b" ) +func checkFile( + pkgName, fn, fnHash, hasherName string, + hasher hash.Hash, digest []byte, +) bool { + expected, err := ioutil.ReadFile(fnHash) + if err != nil { + log.Fatal(err) + } + fd, err := os.Open(fn) + if err != nil { + if os.IsNotExist(err) { + return true + } + log.Fatal(err) + } + _, err = io.Copy(hasher, bufio.NewReader(fd)) + fd.Close() + if err != nil { + log.Fatal(err) + } + isEqual := bytes.Compare(hasher.Sum(digest[:0]), expected) == 0 + hasher.Reset() + if isEqual { + fmt.Println("GOOD", hasherName, pkgName) + return true + } + fmt.Println("BAD", hasherName, pkgName) + return false +} + func goodIntegrity() bool { dirs, err := ioutil.ReadDir(*Root) if err != nil { log.Fatal(err) } - hasher := sha256.New() - digest := make([]byte, sha256.Size) + hasherSHA256 := sha256.New() + hasherBLAKE2b256 := blake2b256New() + digestSHA256 := make([]byte, sha256.Size) + digestBLAKE2b256 := make([]byte, blake2b.Size256) isGood := true - var data []byte var pkgName string for _, dir := range dirs { files, err := ioutil.ReadDir(filepath.Join(*Root, dir.Name())) @@ -44,29 +80,29 @@ if err != nil { log.Fatal(err) } for _, file := range files { - if !strings.HasSuffix(file.Name(), "."+HashAlgoSHA256) { + if strings.HasSuffix(file.Name(), "."+HashAlgoSHA256) { + pkgName = strings.TrimSuffix(file.Name(), "."+HashAlgoSHA256) + if !checkFile( + pkgName, + filepath.Join(*Root, dir.Name(), pkgName), + filepath.Join(*Root, dir.Name(), file.Name()), + "SHA256", hasherSHA256, digestSHA256, + ) { + isGood = false + } continue } - pkgName = strings.TrimSuffix(file.Name(), "."+HashAlgoSHA256) - data, err = ioutil.ReadFile(filepath.Join(*Root, dir.Name(), pkgName)) - if err != nil { - if os.IsNotExist(err) { - continue + if strings.HasSuffix(file.Name(), "."+HashAlgoBLAKE2b256) { + pkgName = strings.TrimSuffix(file.Name(), "."+HashAlgoBLAKE2b256) + if !checkFile( + pkgName, + filepath.Join(*Root, dir.Name(), pkgName), + filepath.Join(*Root, dir.Name(), file.Name()), + "BLAKE2b-256", hasherBLAKE2b256, digestBLAKE2b256, + ) { + isGood = false } - log.Fatal(err) } - hasher.Write(data) - data, err = ioutil.ReadFile(filepath.Join(*Root, dir.Name(), file.Name())) - if err != nil { - log.Fatal(err) - } - if bytes.Compare(hasher.Sum(digest[:0]), data) == 0 { - fmt.Println("GOOD", pkgName) - } else { - isGood = false - fmt.Println("BAD", pkgName) - } - hasher.Reset() } } return isGood