| package org.apache.archiva.checksum; |
| |
| /* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| */ |
| |
| import org.apache.commons.io.FileUtils; |
| import org.apache.commons.lang.StringUtils; |
| import org.slf4j.Logger; |
| import org.slf4j.LoggerFactory; |
| |
| import java.io.File; |
| import java.io.IOException; |
| import java.io.InputStream; |
| import java.nio.file.Files; |
| import java.nio.file.StandardOpenOption; |
| import java.util.ArrayList; |
| import java.util.List; |
| import java.util.regex.Matcher; |
| import java.util.regex.Pattern; |
| |
| /** |
| * ChecksummedFile |
| * <p>Terminology:</p> |
| * <dl> |
| * <dt>Checksum File</dt> |
| * <dd>The file that contains the previously calculated checksum value for the reference file. |
| * This is a text file with the extension ".sha1" or ".md5", and contains a single entry |
| * consisting of an optional reference filename, and a checksum string. |
| * </dd> |
| * <dt>Reference File</dt> |
| * <dd>The file that is being referenced in the checksum file.</dd> |
| * </dl> |
| */ |
| public class ChecksummedFile |
| { |
| private final Logger log = LoggerFactory.getLogger( ChecksummedFile.class ); |
| |
| private static final Pattern METADATA_PATTERN = Pattern.compile( "maven-metadata-\\S*.xml" ); |
| |
| private final File referenceFile; |
| |
| /** |
| * Construct a ChecksummedFile object. |
| * |
| * @param referenceFile |
| */ |
| public ChecksummedFile( final File referenceFile ) |
| { |
| this.referenceFile = referenceFile; |
| } |
| |
| /** |
| * Calculate the checksum based on a given checksum. |
| * |
| * @param checksumAlgorithm the algorithm to use. |
| * @return the checksum string for the file. |
| * @throws IOException if unable to calculate the checksum. |
| */ |
| public String calculateChecksum( ChecksumAlgorithm checksumAlgorithm ) |
| throws IOException |
| { |
| |
| try (InputStream fis = Files.newInputStream( referenceFile.toPath() )) |
| { |
| Checksum checksum = new Checksum( checksumAlgorithm ); |
| checksum.update( fis ); |
| return checksum.getChecksum(); |
| } |
| } |
| |
| /** |
| * Creates a checksum file of the provided referenceFile. |
| * |
| * @param checksumAlgorithm the hash to use. |
| * @return the checksum File that was created. |
| * @throws IOException if there was a problem either reading the referenceFile, or writing the checksum file. |
| */ |
| public File createChecksum( ChecksumAlgorithm checksumAlgorithm ) |
| throws IOException |
| { |
| File checksumFile = new File( referenceFile.getAbsolutePath() + "." + checksumAlgorithm.getExt() ); |
| Files.deleteIfExists( checksumFile.toPath() ); |
| String checksum = calculateChecksum( checksumAlgorithm ); |
| Files.write( checksumFile.toPath(), // |
| ( checksum + " " + referenceFile.getName() ).getBytes(), // |
| StandardOpenOption.CREATE_NEW ); |
| return checksumFile; |
| } |
| |
| /** |
| * Get the checksum file for the reference file and hash. |
| * |
| * @param checksumAlgorithm the hash that we are interested in. |
| * @return the checksum file to return |
| */ |
| public File getChecksumFile( ChecksumAlgorithm checksumAlgorithm ) |
| { |
| return new File( referenceFile.getAbsolutePath() + "." + checksumAlgorithm.getExt() ); |
| } |
| |
| /** |
| * <p> |
| * Given a checksum file, check to see if the file it represents is valid according to the checksum. |
| * </p> |
| * <p> |
| * NOTE: Only supports single file checksums of type MD5 or SHA1. |
| * </p> |
| * |
| * @param algorithm the algorithms to check for. |
| * @return true if the checksum is valid for the file it represents. or if the checksum file does not exist. |
| * @throws IOException if the reading of the checksumFile or the file it refers to fails. |
| */ |
| public boolean isValidChecksum( ChecksumAlgorithm algorithm ) |
| throws IOException |
| { |
| return isValidChecksums( new ChecksumAlgorithm[]{ algorithm } ); |
| } |
| |
| /** |
| * Of any checksum files present, validate that the reference file conforms |
| * the to the checksum. |
| * |
| * @param algorithms the algorithms to check for. |
| * @return true if the checksums report that the the reference file is valid, false if invalid. |
| */ |
| public boolean isValidChecksums( ChecksumAlgorithm algorithms[] ) |
| { |
| |
| try (InputStream fis = Files.newInputStream( referenceFile.toPath() )) |
| { |
| List<Checksum> checksums = new ArrayList<>( algorithms.length ); |
| // Create checksum object for each algorithm. |
| for ( ChecksumAlgorithm checksumAlgorithm : algorithms ) |
| { |
| File checksumFile = getChecksumFile( checksumAlgorithm ); |
| |
| // Only add algorithm if checksum file exists. |
| if ( checksumFile.exists() ) |
| { |
| checksums.add( new Checksum( checksumAlgorithm ) ); |
| } |
| } |
| |
| // Any checksums? |
| if ( checksums.isEmpty() ) |
| { |
| // No checksum objects, no checksum files, default to is invalid. |
| return false; |
| } |
| |
| // Parse file once, for all checksums. |
| try |
| { |
| Checksum.update( checksums, fis ); |
| } |
| catch ( IOException e ) |
| { |
| log.warn( "Unable to update checksum:{}", e.getMessage() ); |
| return false; |
| } |
| |
| boolean valid = true; |
| |
| // check the checksum files |
| try |
| { |
| for ( Checksum checksum : checksums ) |
| { |
| ChecksumAlgorithm checksumAlgorithm = checksum.getAlgorithm(); |
| File checksumFile = getChecksumFile( checksumAlgorithm ); |
| |
| String rawChecksum = FileUtils.readFileToString( checksumFile ); |
| String expectedChecksum = parseChecksum( rawChecksum, checksumAlgorithm, referenceFile.getName() ); |
| |
| if ( !StringUtils.equalsIgnoreCase( expectedChecksum, checksum.getChecksum() ) ) |
| { |
| valid = false; |
| } |
| } |
| } |
| catch ( IOException e ) |
| { |
| log.warn( "Unable to read / parse checksum: {}", e.getMessage() ); |
| return false; |
| } |
| |
| return valid; |
| } |
| catch ( IOException e ) |
| { |
| log.warn( "Unable to read / parse checksum: {}", e.getMessage() ); |
| return false; |
| } |
| } |
| |
| /** |
| * Fix or create checksum files for the reference file. |
| * |
| * @param algorithms the hashes to check for. |
| * @return true if checksums were created successfully. |
| */ |
| public boolean fixChecksums( ChecksumAlgorithm[] algorithms ) |
| { |
| List<Checksum> checksums = new ArrayList<>( algorithms.length ); |
| // Create checksum object for each algorithm. |
| for ( ChecksumAlgorithm checksumAlgorithm : algorithms ) |
| { |
| checksums.add( new Checksum( checksumAlgorithm ) ); |
| } |
| |
| // Any checksums? |
| if ( checksums.isEmpty() ) |
| { |
| // No checksum objects, no checksum files, default to is valid. |
| return true; |
| } |
| |
| try (InputStream fis = Files.newInputStream( referenceFile.toPath() )) |
| { |
| // Parse file once, for all checksums. |
| Checksum.update( checksums, fis ); |
| } |
| catch ( IOException e ) |
| { |
| log.warn( e.getMessage(), e ); |
| return false; |
| } |
| |
| boolean valid = true; |
| |
| // check the hash files |
| for ( Checksum checksum : checksums ) |
| { |
| ChecksumAlgorithm checksumAlgorithm = checksum.getAlgorithm(); |
| try |
| { |
| File checksumFile = getChecksumFile( checksumAlgorithm ); |
| String actualChecksum = checksum.getChecksum(); |
| |
| if ( checksumFile.exists() ) |
| { |
| String rawChecksum = FileUtils.readFileToString( checksumFile ); |
| String expectedChecksum = parseChecksum( rawChecksum, checksumAlgorithm, referenceFile.getName() ); |
| |
| if ( !StringUtils.equalsIgnoreCase( expectedChecksum, actualChecksum ) ) |
| { |
| // create checksum (again) |
| FileUtils.writeStringToFile( checksumFile, actualChecksum + " " + referenceFile.getName() ); |
| } |
| } |
| else |
| { |
| FileUtils.writeStringToFile( checksumFile, actualChecksum + " " + referenceFile.getName() ); |
| } |
| } |
| catch ( IOException e ) |
| { |
| log.warn( e.getMessage(), e ); |
| valid = false; |
| } |
| } |
| |
| return valid; |
| |
| } |
| |
| private boolean isValidChecksumPattern( String filename, String path ) |
| { |
| // check if it is a remote metadata file |
| |
| Matcher m = METADATA_PATTERN.matcher( path ); |
| if ( m.matches() ) |
| { |
| return filename.endsWith( path ) || ( "-".equals( filename ) ) || filename.endsWith( "maven-metadata.xml" ); |
| } |
| |
| return filename.endsWith( path ) || ( "-".equals( filename ) ); |
| } |
| |
| /** |
| * Parse a checksum string. |
| * <p> |
| * Validate the expected path, and expected checksum algorithm, then return |
| * the trimmed checksum hex string. |
| * </p> |
| * |
| * @param rawChecksumString |
| * @param expectedHash |
| * @param expectedPath |
| * @return |
| * @throws IOException |
| */ |
| public String parseChecksum( String rawChecksumString, ChecksumAlgorithm expectedHash, String expectedPath ) |
| throws IOException |
| { |
| String trimmedChecksum = rawChecksumString.replace( '\n', ' ' ).trim(); |
| |
| // Free-BSD / openssl |
| String regex = expectedHash.getType() + "\\s*\\(([^)]*)\\)\\s*=\\s*([a-fA-F0-9]+)"; |
| Matcher m = Pattern.compile( regex ).matcher( trimmedChecksum ); |
| if ( m.matches() ) |
| { |
| String filename = m.group( 1 ); |
| if ( !isValidChecksumPattern( filename, expectedPath ) ) |
| { |
| throw new IOException( |
| "Supplied checksum file '" + filename + "' does not match expected file: '" + expectedPath + "'" ); |
| } |
| trimmedChecksum = m.group( 2 ); |
| } |
| else |
| { |
| // GNU tools |
| m = Pattern.compile( "([a-fA-F0-9]+)\\s+\\*?(.+)" ).matcher( trimmedChecksum ); |
| if ( m.matches() ) |
| { |
| String filename = m.group( 2 ); |
| if ( !isValidChecksumPattern( filename, expectedPath ) ) |
| { |
| throw new IOException( |
| "Supplied checksum file '" + filename + "' does not match expected file: '" + expectedPath |
| + "'" ); |
| } |
| trimmedChecksum = m.group( 1 ); |
| } |
| } |
| return trimmedChecksum; |
| } |
| } |