Beispiel #1
0
func (c *PolicyRuleRequires) SHA256Sum() (string, error) {
	sha := sha512.New512_256()
	if err := json.NewEncoder(sha).Encode(c); err != nil {
		return "", err
	}
	return fmt.Sprintf("%x", sha.Sum(nil)), nil
}
Beispiel #2
0
func NewVerifier(hashes map[string]string, size int64) (*Verifier, error) {
	if size <= 0 {
		return nil, &ErrInvalidSize{size}
	}
	v := &Verifier{
		hashes: make([]*Hash, 0, len(hashes)),
		size:   size,
	}
	for algorithm, value := range hashes {
		h := &Hash{algorithm: algorithm, expected: value}
		switch algorithm {
		case "sha256":
			h.hash = sha256.New()
		case "sha512":
			h.hash = sha512.New()
		case "sha512_256":
			h.hash = sha512.New512_256()
		default:
			continue
		}
		v.hashes = append(v.hashes, h)
	}
	if len(v.hashes) == 0 {
		return nil, ErrNoHashes
	}
	return v, nil
}
Beispiel #3
0
func (b *Builder) mksquashfs(dir string) (string, *ct.ImageLayer, error) {
	tmp, err := ioutil.TempFile("", "squashfs-")
	if err != nil {
		return "", nil, err
	}
	defer tmp.Close()

	if out, err := exec.Command("mksquashfs", dir, tmp.Name(), "-noappend").CombinedOutput(); err != nil {
		os.Remove(tmp.Name())
		return "", nil, fmt.Errorf("mksquashfs error: %s: %s", err, out)
	}

	h := sha512.New512_256()
	length, err := io.Copy(h, tmp)
	if err != nil {
		os.Remove(tmp.Name())
		return "", nil, err
	}

	sha := hex.EncodeToString(h.Sum(nil))

	return tmp.Name(), &ct.ImageLayer{
		ID:     sha,
		Type:   ct.ImageLayerTypeSquashfs,
		Length: length,
		Hashes: map[string]string{"sha512_256": sha},
	}, nil
}
Beispiel #4
0
// SHA256Sum calculates L3n4Addr's internal SHA256Sum.
func (l3n4Addr L3n4Addr) SHA256Sum() (string, error) {
	sha := sha512.New512_256()
	if err := json.NewEncoder(sha).Encode(l3n4Addr); err != nil {
		return "", err
	}
	return fmt.Sprintf("%x", sha.Sum(nil)), nil
}
Beispiel #5
0
// SHA256Sum calculates lbls' internal SHA256Sum. For a particular set of labels is
// guarantee that it will always have the same SHA256Sum.
func (lbls Labels) SHA256Sum() (string, error) {
	sha := sha512.New512_256()
	sortedMap := lbls.sortMap()
	if err := json.NewEncoder(sha).Encode(sortedMap); err != nil {
		return "", err
	}
	return fmt.Sprintf("%x", sha.Sum(nil)), nil
}
Beispiel #6
0
// KeyGenerator creates a cryptographically secure sha512 sum based on secure pseudorandom numbers
func KeyGenerator() string {
	baseKeyBytes := make([]byte, 512)
	rand.Read(baseKeyBytes) // Create 512 cryptographically secure pseudorandom numbers

	hasher := sha512.New512_256()                       // Create a new hash.Hash
	hashBytes := hasher.Sum(baseKeyBytes)               // Use sha512 hasher to hash to byte array
	key := base64.StdEncoding.EncodeToString(hashBytes) // Encode the hashBytes as a string

	return key
}
Beispiel #7
0
func makeHash(name string) hash.Hash {
	switch strings.ToLower(name) {
	case "ripemd160":
		return ripemd160.New()
	case "md4":
		return md4.New()
	case "md5":
		return md5.New()
	case "sha1":
		return sha1.New()
	case "sha256":
		return sha256.New()
	case "sha384":
		return sha512.New384()
	case "sha3-224":
		return sha3.New224()
	case "sha3-256":
		return sha3.New256()
	case "sha3-384":
		return sha3.New384()
	case "sha3-512":
		return sha3.New512()
	case "sha512":
		return sha512.New()
	case "sha512-224":
		return sha512.New512_224()
	case "sha512-256":
		return sha512.New512_256()
	case "crc32-ieee":
		return crc32.NewIEEE()
	case "crc64-iso":
		return crc64.New(crc64.MakeTable(crc64.ISO))
	case "crc64-ecma":
		return crc64.New(crc64.MakeTable(crc64.ECMA))
	case "adler32":
		return adler32.New()
	case "fnv32":
		return fnv.New32()
	case "fnv32a":
		return fnv.New32a()
	case "fnv64":
		return fnv.New64()
	case "fnv64a":
		return fnv.New64a()
	case "xor8":
		return new(xor8)
	case "fletch16":
		return &fletch16{}
	}
	return nil
}
Beispiel #8
0
func calculateDigest(files []string, algorithm string) {
	var hasher hash.Hash
	switch algorithm {
	case "md5":
		hasher = md5.New()
	case "sha1":
		hasher = sha1.New()
	case "sha224":
		hasher = sha256.New224()
	case "sha256":
		hasher = sha256.New()
	case "sha384":
		hasher = sha512.New384()
	case "sha512":
		hasher = sha512.New()
	case "sha512224":
		hasher = sha512.New512_224()
	case "sha512256":
		hasher = sha512.New512_256()
	case "ripemd160":
		hasher = ripemd160.New()
	default:
		fmt.Printf("Algorithm %s not implemented yet\n", algorithm)
		os.Exit(1)
	}
	for _, fn := range files {
		hasher.Reset()
		file, err := os.Open(fn)
		if err != nil {
			panic(err.Error())
		}
		if _, err := io.Copy(hasher, file); err != nil {
			panic(err.Error())
		}
		fmt.Printf("%x  %s\n", hasher.Sum(nil), fn)
		file.Close()
	}
}
Beispiel #9
0
func (this HashFile) Exec(input types.Value) (out types.Value, err error) {
	var inputMap types.Map
	if i, ok := input.(types.Map); ok {
		inputMap = i
	} else {
		err = errors.New(fmt.Sprintf("expected a map as input, got a %T", input))
		return
	}

	var hashName string
	var hashNameElement = inputMap[types.Keyword("hash")]
	if hashNameElement == nil {
		hashName = "sha256"
	} else if h, ok := hashNameElement.(types.String); ok {
		hashName = string(h)
	} else if k, ok := hashNameElement.(types.Keyword); ok {
		hashName = string(k)
	} else if s, ok := hashNameElement.(types.Symbol); ok {
		hashName = string(s)
	} else {
		err = errors.New(":hash must be a string, keyword, or symbol if specified")
		return
	}
	hashName = strings.ToLower(hashName)

	var hash hash.Hash
	if hashName == "md5" {
		hash = md5.New()
	} else if hashName == "sha" || hashName == "sha1" || hashName == "sha-1" {
		hash = sha1.New()
	} else if hashName == "sha224" || hashName == "sha-224" {
		hash = sha256.New224()
	} else if hashName == "sha256" || hashName == "sha-256" {
		hash = sha256.New()
	} else if hashName == "sha384" || hashName == "sha-384" {
		hash = sha512.New384()
	} else if hashName == "sha512/224" || hashName == "sha-512/224" {
		hash = sha512.New512_224()
	} else if hashName == "sha512/256" || hashName == "sha-512/256" {
		hash = sha512.New512_256()
	} else if hashName == "sha512" || hashName == "sha-512" {
		hash = sha512.New()
	} else {
		err = errors.New(fmt.Sprint("unknown hash name: ", hashName))
		return
	}

	var fileName string
	var fileElem = inputMap[types.Keyword("file")]
	if fileElem == nil {
		err = errors.New(":file argument is required")
		return
	} else if f, ok := fileElem.(types.String); ok {
		fileName = string(f)
	} else {
		err = errors.New(":file argument must be a string")
		return
	}

	file, err := os.Open(fileName)
	if err != nil {
		return
	}
	hashOut := bufio.NewWriterSize(hash, hash.BlockSize())
	wrote, err := io.Copy(hashOut, file)
	hashOut.Flush()
	if err != nil {
		return
	}
	out = types.Map{
		types.Keyword("success"): types.Bool(true),
		types.Keyword("size"):    types.Int(wrote),
		types.Keyword("file"):    types.String(fileName),
		types.Keyword("hash"):    types.Keyword(hashName),
		types.Keyword("digest"):  types.String(fmt.Sprintf("%x", hash.Sum(nil))),
	}
	return
}
Beispiel #10
0
func run(dir string, uid, gid int) error {
	client, err := controller.NewClient("", os.Getenv("CONTROLLER_KEY"))
	if err != nil {
		return err
	}

	// create a squashfs layer
	layer, err := ioutil.TempFile("", "squashfs-")
	if err != nil {
		return err
	}
	defer os.Remove(layer.Name())
	defer layer.Close()

	if out, err := exec.Command("mksquashfs", dir, layer.Name(), "-noappend").CombinedOutput(); err != nil {
		return fmt.Errorf("mksquashfs error: %s: %s", err, out)
	}

	h := sha512.New512_256()
	length, err := io.Copy(h, layer)
	if err != nil {
		return err
	}
	layerSHA := hex.EncodeToString(h.Sum(nil))

	// upload the layer to the blobstore
	if _, err := layer.Seek(0, os.SEEK_SET); err != nil {
		return err
	}
	layerURL := fmt.Sprintf("http://blobstore.discoverd/slugs/layers/%s.squashfs", layerSHA)
	if err := upload(layer, layerURL); err != nil {
		return err
	}

	manifest := &ct.ImageManifest{
		Type: ct.ImageManifestTypeV1,

		// TODO: parse Procfile / .release and add to manifest.Entrypoints
		Entrypoints: map[string]*ct.ImageEntrypoint{
			"_default": {
				Env: map[string]string{
					"PATH": "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
					"TERM": "xterm",
					"HOME": "/app",
				},
				WorkingDir: "/app",
				Args:       []string{"/runner/init", "bash"},
				Uid:        typeconv.Uint32Ptr(uint32(uid)),
				Gid:        typeconv.Uint32Ptr(uint32(gid)),
			},
		},

		Rootfs: []*ct.ImageRootfs{{
			Platform: ct.DefaultImagePlatform,
			Layers: []*ct.ImageLayer{{
				ID:     layerSHA,
				Type:   ct.ImageLayerTypeSquashfs,
				Length: length,
				Hashes: map[string]string{"sha512_256": layerSHA},
			}},
		}},
	}

	rawManifest := manifest.RawManifest()
	manifestURL := fmt.Sprintf("http://blobstore.discoverd/slugs/images/%s.json", manifest.ID())
	if err := upload(bytes.NewReader(rawManifest), manifestURL); err != nil {
		return err
	}

	artifact := &ct.Artifact{
		ID:   os.Getenv("SLUG_IMAGE_ID"),
		Type: ct.ArtifactTypeFlynn,
		URI:  manifestURL,
		Meta: map[string]string{
			"blobstore": "true",
		},
		RawManifest:      rawManifest,
		Hashes:           manifest.Hashes(),
		Size:             int64(len(rawManifest)),
		LayerURLTemplate: "http://blobstore.discoverd/slugs/layers/{id}.squashfs",
	}

	// create artifact
	if err := client.CreateArtifact(artifact); err != nil {
		return err
	}

	fmt.Printf("-----> Compiled slug size is %s\n", units.BytesSize(float64(length)))
	return nil
}
Beispiel #11
0
func EncryptData(data string) string {
	EncrypHash := sha512.New512_256()
	EncrypData := EncrypHash.Sum([]byte(data))
	return hex.EncodeToString(EncrypData)
}