Refactor specification of supported digests

To make the definition of supported digests more clear, we have refactored the digest package to have a special Algorithm type. This represents the digest's prefix and we associated various supported hash implementations through function calls. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-05-21 18:44:08 -07:00 · 2015-05-21 18:44:08 -07:00 · 44da954565
commit 44da954565
parent eee6cad2cf
14 changed files with 109 additions and 66 deletions
--- a/digest/digester.go
+++ b/digest/digester.go
@ -1,6 +1,76 @@
 package digest

-import "hash"
+import (
+	"crypto"
+	"hash"
+)
+
+// Algorithm identifies and implementation of a digester by an identifier.
+// Note the that this defines both the hash algorithm used and the string
+// encoding.
+type Algorithm string
+
+// supported digest types
+const (
+	SHA256         Algorithm = "sha256"           // sha256 with hex encoding
+	SHA384         Algorithm = "sha384"           // sha384 with hex encoding
+	SHA512         Algorithm = "sha512"           // sha512 with hex encoding
+	TarsumV1SHA256 Algorithm = "tarsum+v1+sha256" // supported tarsum version, verification only
+
+	// Canonical is the primary digest algorithm used with the distribution
+	// project. Other digests may be used but this one is the primary storage
+	// digest.
+	Canonical = SHA256
+)
+
+var (
+	// TODO(stevvooe): Follow the pattern of the standard crypto package for
+	// registration of digests. Effectively, we are a registerable set and
+	// common symbol access.
+
+	// algorithms maps values to hash.Hash implementations. Other algorithms
+	// may be available but they cannot be calculated by the digest package.
+	algorithms = map[Algorithm]crypto.Hash{
+		SHA256: crypto.SHA256,
+		SHA384: crypto.SHA384,
+		SHA512: crypto.SHA512,
+	}
+)
+
+// Available returns true if the digest type is available for use. If this
+// returns false, New and Hash will return nil.
+func (a Algorithm) Available() bool {
+	h, ok := algorithms[a]
+	if !ok {
+		return false
+	}
+
+	// check availability of the hash, as well
+	return h.Available()
+}
+
+// New returns a new digester for the specified algorithm. If the algorithm
+// does not have a digester implementation, nil will be returned. This can be
+// checked by calling Available before calling New.
+func (a Algorithm) New() Digester {
+	return &digester{
+		alg:  a,
+		hash: a.Hash(),
+	}
+}
+
+// Hash returns a new hash as used by the algorithm. If not available, nil is
+// returned. Make sure to check Available before calling.
+func (a Algorithm) Hash() hash.Hash {
+	if !a.Available() {
+		return nil
+	}
+
+	return algorithms[a].New()
+}
+
+// TODO(stevvooe): Allow resolution of verifiers using the digest type and
+// this registration system.

 // Digester calculates the digest of written data. Writes should go directly
 // to the return value of Hash, while calling Digest will return the current
@ -10,24 +80,9 @@ type Digester interface {
 	Digest() Digest
 }

-// NewDigester create a new Digester with the given hashing algorithm and
-// instance of that algo's hasher.
-func NewDigester(alg string, h hash.Hash) Digester {
-	return &digester{
-		alg:  alg,
-		hash: h,
-	}
-}
-
-// NewCanonicalDigester is a convenience function to create a new Digester with
-// our default settings.
-func NewCanonicalDigester() Digester {
-	return NewDigester(CanonicalAlgorithm, CanonicalHash.New())
-}
-
 // digester provides a simple digester definition that embeds a hasher.
 type digester struct {
-	alg  string
+	alg  Algorithm
 	hash hash.Hash
 }

@ -36,5 +91,5 @@ func (d *digester) Hash() hash.Hash {
 }

 func (d *digester) Digest() Digest {
-	return NewDigest(d.alg, d.Hash())
+	return NewDigest(d.alg, d.hash)
 }