forked from cloudfoundry-attic/bosh-ext-cli
-
Notifications
You must be signed in to change notification settings - Fork 0
/
digest_verifiable_blobstore.go
89 lines (71 loc) · 2.35 KB
/
digest_verifiable_blobstore.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
package blobstore
import (
"os"
boshcrypto "github.com/cloudfoundry/bosh-utils/crypto"
bosherr "github.com/cloudfoundry/bosh-utils/errors"
boshsys "github.com/cloudfoundry/bosh-utils/system"
)
type digestVerifiableBlobstore struct {
blobstore Blobstore
fs boshsys.FileSystem
createAlgorithms []boshcrypto.Algorithm
}
func NewDigestVerifiableBlobstore(blobstore Blobstore, fs boshsys.FileSystem, createAlgorithms []boshcrypto.Algorithm) DigestBlobstore {
return digestVerifiableBlobstore{
blobstore: blobstore,
fs: fs,
createAlgorithms: createAlgorithms,
}
}
func (b digestVerifiableBlobstore) Get(blobID string, digest boshcrypto.Digest) (string, error) {
fileName, err := b.blobstore.Get(blobID)
if err != nil {
return "", bosherr.WrapError(err, "Getting blob from inner blobstore")
}
file, err := b.fs.OpenFile(fileName, os.O_RDONLY, 0)
if err != nil {
return "", err
}
defer file.Close()
err = digest.Verify(file)
if err != nil {
return "", bosherr.WrapErrorf(err, "Checking downloaded blob '%s'", blobID)
}
return fileName, nil
}
func (b digestVerifiableBlobstore) Delete(blobId string) error {
return b.blobstore.Delete(blobId)
}
func (b digestVerifiableBlobstore) CleanUp(fileName string) error {
return b.blobstore.CleanUp(fileName)
}
func (b digestVerifiableBlobstore) Create(fileName string) (string, boshcrypto.MultipleDigest, error) {
multipleDigest, err := b.createDigest(fileName)
if err != nil {
return "", boshcrypto.MultipleDigest{}, err
}
blobID, err := b.blobstore.Create(fileName)
return blobID, multipleDigest, err
}
func (b digestVerifiableBlobstore) Validate() error {
return b.blobstore.Validate()
}
func (b digestVerifiableBlobstore) createDigest(fileName string) (boshcrypto.MultipleDigest, error) {
digests := []boshcrypto.Digest{}
for _, algo := range b.createAlgorithms {
digest, err := b.computeDigest(algo, fileName)
if err != nil {
return boshcrypto.MultipleDigest{}, err
}
digests = append(digests, digest)
}
return boshcrypto.MustNewMultipleDigest(digests...), nil
}
func (b digestVerifiableBlobstore) computeDigest(algo boshcrypto.Algorithm, fileName string) (boshcrypto.Digest, error) {
file, err := b.fs.OpenFile(fileName, os.O_RDONLY, 0)
if err != nil {
return boshcrypto.MultipleDigest{}, err
}
defer file.Close()
return algo.CreateDigest(file)
}