Docker-in-Docker (DinD) capabilities of public runners deactivated. More info

digest.go 4.75 KB
Newer Older
Wang Yan's avatar
Wang Yan committed
1
// Copyright 2019, 2020 OCI Contributors
Tan Jiang's avatar
Tan Jiang committed
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48
// Copyright 2017 Docker, Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package digest

import (
	"fmt"
	"hash"
	"io"
	"regexp"
	"strings"
)

// Digest allows simple protection of hex formatted digest strings, prefixed
// by their algorithm. Strings of type Digest have some guarantee of being in
// the correct format and it provides quick access to the components of a
// digest string.
//
// The following is an example of the contents of Digest types:
//
// 	sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc
//
// This allows to abstract the digest behind this type and work only in those
// terms.
type Digest string

// NewDigest returns a Digest from alg and a hash.Hash object.
func NewDigest(alg Algorithm, h hash.Hash) Digest {
	return NewDigestFromBytes(alg, h.Sum(nil))
}

// NewDigestFromBytes returns a new digest from the byte contents of p.
// Typically, this can come from hash.Hash.Sum(...) or xxx.SumXXX(...)
// functions. This is also useful for rebuilding digests from binary
// serializations.
func NewDigestFromBytes(alg Algorithm, p []byte) Digest {
Wang Yan's avatar
Wang Yan committed
49
	return NewDigestFromEncoded(alg, alg.Encode(p))
Tan Jiang's avatar
Tan Jiang committed
50 51
}

Wang Yan's avatar
Wang Yan committed
52
// NewDigestFromHex is deprecated. Please use NewDigestFromEncoded.
Tan Jiang's avatar
Tan Jiang committed
53
func NewDigestFromHex(alg, hex string) Digest {
Wang Yan's avatar
Wang Yan committed
54 55 56 57 58 59
	return NewDigestFromEncoded(Algorithm(alg), hex)
}

// NewDigestFromEncoded returns a Digest from alg and the encoded digest.
func NewDigestFromEncoded(alg Algorithm, encoded string) Digest {
	return Digest(fmt.Sprintf("%s:%s", alg, encoded))
Tan Jiang's avatar
Tan Jiang committed
60 61 62
}

// DigestRegexp matches valid digest types.
Wang Yan's avatar
Wang Yan committed
63
var DigestRegexp = regexp.MustCompile(`[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+`)
Tan Jiang's avatar
Tan Jiang committed
64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105

// DigestRegexpAnchored matches valid digest types, anchored to the start and end of the match.
var DigestRegexpAnchored = regexp.MustCompile(`^` + DigestRegexp.String() + `$`)

var (
	// ErrDigestInvalidFormat returned when digest format invalid.
	ErrDigestInvalidFormat = fmt.Errorf("invalid checksum digest format")

	// ErrDigestInvalidLength returned when digest has invalid length.
	ErrDigestInvalidLength = fmt.Errorf("invalid checksum digest length")

	// ErrDigestUnsupported returned when the digest algorithm is unsupported.
	ErrDigestUnsupported = fmt.Errorf("unsupported digest algorithm")
)

// Parse parses s and returns the validated digest object. An error will
// be returned if the format is invalid.
func Parse(s string) (Digest, error) {
	d := Digest(s)
	return d, d.Validate()
}

// FromReader consumes the content of rd until io.EOF, returning canonical digest.
func FromReader(rd io.Reader) (Digest, error) {
	return Canonical.FromReader(rd)
}

// FromBytes digests the input and returns a Digest.
func FromBytes(p []byte) Digest {
	return Canonical.FromBytes(p)
}

// FromString digests the input and returns a Digest.
func FromString(s string) Digest {
	return Canonical.FromString(s)
}

// Validate checks that the contents of d is a valid digest, returning an
// error if not.
func (d Digest) Validate() error {
	s := string(d)
	i := strings.Index(s, ":")
Wang Yan's avatar
Wang Yan committed
106
	if i <= 0 || i+1 == len(s) {
Tan Jiang's avatar
Tan Jiang committed
107 108
		return ErrDigestInvalidFormat
	}
Wang Yan's avatar
Wang Yan committed
109
	algorithm, encoded := Algorithm(s[:i]), s[i+1:]
Tan Jiang's avatar
Tan Jiang committed
110
	if !algorithm.Available() {
Wang Yan's avatar
Wang Yan committed
111 112 113
		if !DigestRegexpAnchored.MatchString(s) {
			return ErrDigestInvalidFormat
		}
Tan Jiang's avatar
Tan Jiang committed
114 115
		return ErrDigestUnsupported
	}
Wang Yan's avatar
Wang Yan committed
116
	return algorithm.Validate(encoded)
Tan Jiang's avatar
Tan Jiang committed
117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133
}

// Algorithm returns the algorithm portion of the digest. This will panic if
// the underlying digest is not in a valid format.
func (d Digest) Algorithm() Algorithm {
	return Algorithm(d[:d.sepIndex()])
}

// Verifier returns a writer object that can be used to verify a stream of
// content against the digest. If the digest is invalid, the method will panic.
func (d Digest) Verifier() Verifier {
	return hashVerifier{
		hash:   d.Algorithm().Hash(),
		digest: d,
	}
}

Wang Yan's avatar
Wang Yan committed
134
// Encoded returns the encoded portion of the digest. This will panic if the
Tan Jiang's avatar
Tan Jiang committed
135
// underlying digest is not in a valid format.
Wang Yan's avatar
Wang Yan committed
136
func (d Digest) Encoded() string {
Tan Jiang's avatar
Tan Jiang committed
137 138 139
	return string(d[d.sepIndex()+1:])
}

Wang Yan's avatar
Wang Yan committed
140 141 142 143 144
// Hex is deprecated. Please use Digest.Encoded.
func (d Digest) Hex() string {
	return d.Encoded()
}

Tan Jiang's avatar
Tan Jiang committed
145 146 147 148 149 150 151 152 153 154 155 156 157
func (d Digest) String() string {
	return string(d)
}

func (d Digest) sepIndex() int {
	i := strings.Index(string(d), ":")

	if i < 0 {
		panic(fmt.Sprintf("no ':' separator in digest %q", d))
	}

	return i
}