// Copyright 2015 CoreOS, Inc. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. package omaha import ( "crypto/sha1" "crypto/sha256" "encoding/base64" "errors" "io" "os" "path/filepath" ) var ( PackageHashMismatchError = errors.New("package hash is invalid") PackageSizeMismatchError = errors.New("package size is invalid") ) // Package represents a single downloadable file. The Sha256 attribute // is not a standard part of the Omaha protocol which only uses Sha1. type Package struct { Name string `xml:"name,attr"` Sha1 string `xml:"hash,attr"` Sha256 string `xml:"sha256,attr,omitempty"` Size uint64 `xml:"size,attr"` Required bool `xml:"required,attr"` } func (p *Package) FromPath(name string) error { f, err := os.Open(name) if err != nil { return err } defer f.Close() err = p.FromReader(f) if err != nil { return err } p.Name = filepath.Base(name) return nil } func (p *Package) FromReader(r io.Reader) error { sha1b64, sha256b64, n, err := multihash(r) if err != nil { return err } p.Sha1 = sha1b64 p.Sha256 = sha256b64 p.Size = uint64(n) return nil } func (p *Package) Verify(dir string) error { f, err := os.Open(filepath.Join(dir, p.Name)) if err != nil { return err } defer f.Close() return p.VerifyReader(f) } func (p *Package) VerifyReader(r io.Reader) error { sha1b64, sha256b64, n, err := multihash(r) if err != nil { return err } if p.Size != uint64(n) { return PackageSizeMismatchError } if p.Sha1 != sha1b64 { return PackageHashMismatchError } // Allow Sha256 to be empty since it is a protocol extension. if p.Sha256 != "" && p.Sha256 != sha256b64 { return PackageHashMismatchError } return nil } func multihash(r io.Reader) (sha1b64, sha256b64 string, n int64, err error) { h1 := sha1.New() h256 := sha256.New() if n, err = io.Copy(io.MultiWriter(h1, h256), r); err != nil { return } sha1b64 = base64.StdEncoding.EncodeToString(h1.Sum(nil)) sha256b64 = base64.StdEncoding.EncodeToString(h256.Sum(nil)) return }