Merge pull request #108 from lud0v1c/main

Cryptography module, integrity checking commands and small fixes
Open-CMSIS-Pack · Jul 26, 2022 · d8e084f · d8e084f
2 parents 85b3528 + 1826ddf
commit d8e084f
Show file tree

Hide file tree

Showing 12 changed files with 362 additions and 11 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,7 +1,10 @@
+# App related
 build/
 testing.log
 *.out
 *.exe
 .cpackget*
 tmp/
 .vagrant/
+# IDEs
+.vscode/
diff --git a/cmd/commands/checksum.go b/cmd/commands/checksum.go
@@ -0,0 +1,63 @@
+/* SPDX-License-Identifier: Apache-2.0 */
+/* Copyright Contributors to the cpackget project. */
+
+package commands
+
+import (
+	"github.com/open-cmsis-pack/cpackget/cmd/cryptography"
+	"github.com/spf13/cobra"
+)
+
+var checksumCreateCmdFlags struct {
+	// hashAlgorithm is the cryptographic hash function to be used
+	hashAlgorithm string
+
+	// outputDir is the target directory where the checksum file is written to
+	outputDir string
+}
+
+func init() {
+	ChecksumCreateCmd.Flags().StringVarP(&checksumCreateCmdFlags.hashAlgorithm, "hash-function", "a", cryptography.Hashes[0], "specifies the hash function to be used")
+	ChecksumCreateCmd.Flags().StringVarP(&checksumCreateCmdFlags.outputDir, "output-dir", "o", "", "specifies output directory for the checksum file")
+}
+
+var ChecksumCreateCmd = &cobra.Command{
+	Use:   "checksum-create [<local .path pack>]",
+	Short: "Generates a .checksum file containing the digests of a pack",
+	Long: `
+Creates a .checksum file of a local pack. This is file contains the digests
+of the contents of the pack. Example <Vendor.Pack.1.2.3.sha256.checksum> file:
+
+  "6f95628e4e0824b0ff4a9f49dad1c3eb073b27c2dd84de3b985f0ef3405ca9ca Vendor.Pack.1.2.3.pdsc
+  435fsdf..."
+
+  The referenced pack must be in its original/compressed form (.pack), and be present locally:
+
+  $ cpackget checksum-create Vendor.Pack.1.2.3.pack
+
+The default Cryptographic Hash Function used is "` + cryptography.Hashes[0] + `". In the future other hash functions
+might be supported. The used function will be prefixed to the ".checksum" extension.
+
+By default the checksum file will be created in the same directory as the provided pack.`,
+	Args: cobra.ExactArgs(1),
+	RunE: func(cmd *cobra.Command, args []string) error {
+		return cryptography.GenerateChecksum(args[0], checksumCreateCmdFlags.outputDir, checksumCreateCmdFlags.hashAlgorithm)
+	},
+}
+
+var ChecksumVerifyCmd = &cobra.Command{
+	Use:   "checksum-verify [<local .path pack>] [<local .checksum path>]",
+	Short: "Verifies the integrity of a pack using its .checksum file",
+	Long: `
+Verifies the contents of a pack, checking its integrity against its .checksum file (created
+with "checksum-create"):
+
+  $ cpackget checksum-verify Vendor.Pack.1.2.3.pack Vendor.Pack.1.2.3.sha256.checksum
+
+The used hash function is inferred from the checksum filename, and if any of the digests
+computed doesn't match the one provided in the checksum file an error will be thrown.`,
+	Args: cobra.ExactArgs(2),
+	RunE: func(cmd *cobra.Command, args []string) error {
+		return cryptography.VerifyChecksum(args[0], args[1])
+	},
+}
diff --git a/cmd/commands/checksum_test.go b/cmd/commands/checksum_test.go
@@ -0,0 +1,77 @@
+/* SPDX-License-Identifier: Apache-2.0 */
+/* Copyright Contributors to the cpackget project. */
+
+package commands_test
+
+import (
+	"errors"
+	"os"
+	"testing"
+
+	errs "github.com/open-cmsis-pack/cpackget/cmd/errors"
+)
+
+var checksumCreateCmdTests = []TestCase{
+	{
+		name:        "test different number of parameters",
+		args:        []string{"checksum-create"},
+		expectedErr: errors.New("accepts 1 arg(s), received 0"),
+	},
+	{
+		name:        "test creating checksum of unexisting pack",
+		args:        []string{"checksum-create", "DoesNotExist.Pack.1.2.3.pack"},
+		expectedErr: errs.ErrFileNotFound,
+	},
+	{
+		name:        "test using unexisting hash function",
+		args:        []string{"checksum-create", "Pack.1.2.3.pack", "-a", "sha1"},
+		expectedErr: errs.ErrInvalidHashFunction,
+		setUpFunc: func(t *TestCase) {
+			f, _ := os.Create("Pack.1.2.3.pack.sha256.checksum")
+			f.Close()
+		},
+		tearDownFunc: func() {
+			os.Remove("Pack.1.2.3.pack.sha256.checksum")
+		},
+	},
+}
+
+var checksumVerifyCmdTests = []TestCase{
+	{
+		name:        "test different number of parameters",
+		args:        []string{"checksum-verify"},
+		expectedErr: errors.New("accepts 2 arg(s), received 0"),
+	},
+	{
+		name:        "test verifying checksum of unexisting pack",
+		args:        []string{"checksum-verify", "DoesNotExist.Pack.1.2.3.pack", "DoesNotExist.Pack.1.2.3.pack.sha256.checksum"},
+		expectedErr: errs.ErrFileNotFound,
+		setUpFunc: func(t *TestCase) {
+			f, _ := os.Create("DoesNotExist.Pack.1.2.3.pack.sha256.checksum")
+			f.Close()
+		},
+		tearDownFunc: func() {
+			os.Remove("DoesNotExist.Pack.1.2.3.pack.sha256.checksum")
+		},
+	},
+	{
+		name:        "test verifying checksum of unexisting checksum file",
+		args:        []string{"checksum-verify", "Pack.1.2.3.pack", "DoesNotExist.Pack.1.2.3.pack.sha256.checksum"},
+		expectedErr: errs.ErrFileNotFound,
+		setUpFunc: func(t *TestCase) {
+			f, _ := os.Create("Pack.1.2.3.pack.sha256.checksum")
+			f.Close()
+		},
+		tearDownFunc: func() {
+			os.Remove("Pack.1.2.3.pack.sha256.checksum")
+		},
+	},
+}
+
+func TestChecksumCreateCmd(t *testing.T) {
+	runTests(t, checksumCreateCmdTests)
+}
+
+func TestChecksumVerifyCmd(t *testing.T) {
+	runTests(t, checksumVerifyCmdTests)
+}
diff --git a/cmd/commands/index.go b/cmd/commands/index.go
@@ -4,6 +4,9 @@
 package commands
 
 import (
+	"os"
+	"runtime"
+
 	"github.com/open-cmsis-pack/cpackget/cmd/installer"
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
@@ -13,11 +16,10 @@ import (
 var overwrite bool
 
 var IndexCmd = &cobra.Command{
-	Deprecated: "Consider running `cpackget update-index` instead",
-	Use:        "index <index url>",
-	Short:      "Updates public index",
-	Long: `Updates the public index in CMSIS_PACK_ROOT/.Web/index.pidx using the file specified by the given url.
-If there's already an index file, cpackget won't overwrite it. Use "-f" to do so.`,
+	Deprecated:        "Consider running `cpackget update-index` instead",
+	Use:               "index <index url>",
+	Short:             "Updates public index",
+	Long:              getLongIndexDescription(),
 	PersistentPreRunE: configureInstaller,
 	Args:              cobra.ExactArgs(1),
 	RunE: func(cmd *cobra.Command, args []string) error {
@@ -27,6 +29,18 @@ If there's already an index file, cpackget won't overwrite it. Use "-f" to do so
 	},
 }
 
+// getLongIndexDescription prints a "Windows friendly" long description,
+// using the correct path slashes
+func getLongIndexDescription() string {
+	if runtime.GOOS == "windows" {
+		return `Updates the public index in ` + os.Getenv("CMSIS_PACK_ROOT") + `\.Web\index.pidx using the file specified by the given url.
+If there's already an index file, cpackget won't overwrite it. Use "-f" to do so.`
+	} else {
+		return `Updates the public index in ` + os.Getenv("CMSIS_PACK_ROOT") + `/.Web/index.pidx using the file specified by the given url.
+If there's already an index file, cpackget won't overwrite it. Use "-f" to do so.`
+	}
+}
+
 func init() {
 	IndexCmd.Flags().BoolVarP(&overwrite, "force", "f", false, "forces cpackget to overwrite an existing public index file")
 }
diff --git a/cmd/commands/root.go b/cmd/commands/root.go
@@ -26,6 +26,8 @@ var AllCommands = []*cobra.Command{
 	RmCmd,
 	ListCmd,
 	UpdateIndexCmd,
+	ChecksumCreateCmd,
+	ChecksumVerifyCmd,
 }
 
 // createPackRoot is a flag that determines if the pack root should be created or not

diff --git a/cmd/commands/update_index.go b/cmd/commands/update_index.go
@@ -4,6 +4,9 @@
 package commands
 
 import (
+	"os"
+	"runtime"
+
 	"github.com/open-cmsis-pack/cpackget/cmd/installer"
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
@@ -15,10 +18,9 @@ var updateIndexCmdFlags struct {
 }
 
 var UpdateIndexCmd = &cobra.Command{
-	Use:   "update-index",
-	Short: "Update the public index",
-	Long: `Update the public index in CMSIS_PACK_ROOT/.Web/index.pidx using the URL in <url> tag inside index.pidx.
-By default it will also check if all PDSC files under .Web/ need update as well. This can be disabled via the "--sparse" flag.`,
+	Use:               "update-index",
+	Short:             "Update the public index",
+	Long:              getLongUpdateDescription(),
 	PersistentPreRunE: configureInstaller,
 	Args:              cobra.ExactArgs(0),
 	RunE: func(cmd *cobra.Command, args []string) error {
@@ -27,6 +29,18 @@ By default it will also check if all PDSC files under .Web/ need update as well.
 	},
 }
 
+// getLongUpdateDescription prints a "Windows friendly" long description,
+// using the correct path slashes
+func getLongUpdateDescription() string {
+	if runtime.GOOS == "windows" {
+		return `Updates the public index in ` + os.Getenv("CMSIS_PACK_ROOT") + `\.Web\index.pidx using the URL in <url> tag inside index.pidx.
+By default it will also check if all PDSC files under .Web/ need update as well. This can be disabled via the "--sparse" flag.`
+	} else {
+		return `Updates the public index in ` + os.Getenv("CMSIS_PACK_ROOT") + `/.Web/index.pidx using the URL in <url> tag inside index.pidx.
+By default it will also check if all PDSC files under .Web/ need update as well. This can be disabled via the "--sparse" flag.`
+	}
+}
+
 func init() {
 	UpdateIndexCmd.Flags().BoolVarP(&updateIndexCmdFlags.sparse, "sparse", "s", false, "avoid updating the pdsc files within .Web/ folder")
 }