[#266] Add functions for SHA cheksums for a file

Signed-off-by: Shikhar Soni <shikharish05@gmail.com>

src/include/security.h

@@ -96,7 +96,25 @@ pgmoneta_tls_valid(void);
  * @return 0 upon success, otherwise 1
  */
 int
-pgmoneta_generate_file_sha256_hash(char* filename, char** sha256);
+pgmoneta_create_sha256_file(char* filename, char** sha256);
+
+/**
+ * Generate SHA384 for a file
+ * @param filename The file path
+ * @param sha384 The hash value
+ * @return 0 upon success, otherwise 1
+ */
+int
+pgmoneta_create_sha384_file(char* filename, char** sha384);
+
+/**
+ * Generate SHA512 for a file
+ * @param filename The file path
+ * @param sha512 The hash value
+ * @return 0 upon success, otherwise 1
+ */
+int
+pgmoneta_create_sha512_file(char* filename, char** sha512);
 
 /**
  * Generate SHA256 for a string.

src/libpgmoneta/manifest.c

@@ -442,7 +442,7 @@ manifest_file_hash(char* algorithm, char* file_path, char** hash)
    int stat = 0;
    if (pgmoneta_compare_string(algorithm, "SHA256"))
    {
-      stat = pgmoneta_generate_file_sha256_hash(file_path, hash);
+      stat = pgmoneta_create_sha256_file(file_path, hash);
    }
    else if (pgmoneta_compare_string(algorithm, "CRC32C") || pgmoneta_compare_string(algorithm, "SHA224") ||
             pgmoneta_compare_string(algorithm, "SHA384") || pgmoneta_compare_string(algorithm, "SHA512"))

src/libpgmoneta/se_s3.c

@@ -234,7 +234,7 @@ s3_send_upload_request(char* local_root, char* s3_root, char* relative_path)
       goto error;
    }
 
-   pgmoneta_generate_file_sha256_hash(local_path, &file_sha256);
+   pgmoneta_create_sha256_file(local_path, &file_sha256);
 
    s3_host = s3_get_host();
 

src/libpgmoneta/se_ssh.c

@@ -603,7 +603,7 @@ sftp_copy_file(char* local_root, char* remote_root, char* relative_path)
    d = pgmoneta_append(d, remote_root);
    d = pgmoneta_append(d, relative_path);
 
-   pgmoneta_generate_file_sha256_hash(s, &sha256);
+   pgmoneta_create_sha256_file(s, &sha256);
 
    if (latest_remote_root != NULL)
    {

src/libpgmoneta/security.c

@@ -109,6 +109,8 @@ static int  create_ssl_ctx(bool client, SSL_CTX** ctx);
 static int  create_ssl_client(SSL_CTX* ctx, char* key, char* cert, char* root, int socket, SSL** ssl);
 static int  create_ssl_server(SSL_CTX* ctx, int socket, SSL** ssl);
 
+static int create_hash_file(char* filename, const char* algorithm, char** hash);
+
 int
 pgmoneta_remote_management_auth(int client_fd, char* address, SSL** client_ssl)
 {
@@ -2810,55 +2812,111 @@ create_ssl_server(SSL_CTX* ctx, int socket, SSL** ssl)
    return 1;
 }
 
-int
-pgmoneta_generate_file_sha256_hash(char* filename, char** sha256)
+static int
+create_hash_file(char* filename, const char* algorithm, char** hash)
 {
+   EVP_MD_CTX* md_ctx;
+   const EVP_MD* md;
+   unsigned char md_value[EVP_MAX_MD_SIZE];
+   unsigned int md_len;
+   FILE* file = NULL;
    char read_buf[16384];
    unsigned long read_bytes = 0;
    int i = 0;
-   FILE* file = NULL;
-   SHA256_CTX sha256_ctx;
-   unsigned char hash[SHA256_DIGEST_LENGTH];
-   char* sha256_buf;
+   char* hash_buf;
+   unsigned int hash_len;
 
-   *sha256 = NULL;
+   md = EVP_get_digestbyname(algorithm);
+   if (md == NULL)
+   {
+      pgmoneta_log_error("Invalid message digest: %s", algorithm);
+      return 1;
+   }
 
-   file = fopen(filename, "rb");
+   if (strcmp("SHA256", algorithm) == 0)
+   {
+      hash_len = 65;
+   }
+   else if (strcmp("SHA384", algorithm) == 0)
+   {
+      hash_len = 97;
+   }
+   else
+   {
+      hash_len = 129;
+   }
 
-   if (file == NULL)
+   hash_buf = malloc(hash_len);
+
+   memset(hash_buf, 0, hash_len);
+
+   md_ctx = EVP_MD_CTX_new();
+
+   if (!EVP_DigestInit_ex2(md_ctx, md, NULL))
    {
+      pgmoneta_log_error("Message digest initialization failed");
+      EVP_MD_CTX_free(md_ctx);
       return 1;
    }
 
-   sha256_buf = malloc(65);
-
-   memset(sha256_buf, 0, 65);
+   file = fopen(filename, "rb");
+   if (file == NULL)
+   {
+      return 1;
+   }
 
    memset(read_buf, 0, sizeof(read_buf));
 
-   SHA256_Init(&sha256_ctx);
-
    while ((read_bytes = fread(read_buf, 1, sizeof(read_buf), file)) > 0)
    {
-      SHA256_Update(&sha256_ctx, read_buf, read_bytes);
+      if (!EVP_DigestUpdate(md_ctx, read_buf, read_bytes))
+      {
+         pgmoneta_log_error("Message digest update failed");
+         EVP_MD_CTX_free(md_ctx);
+         return 1;
+      }
    }
 
-   SHA256_Final(hash, &sha256_ctx);
-
-   for (i = 0; i < SHA256_DIGEST_LENGTH; i++)
+   if (!EVP_DigestFinal_ex(md_ctx, md_value, &md_len))
    {
-      sprintf(&sha256_buf[i * 2], "%02x", hash[i]);
+      pgmoneta_log_error("Message digest finalization failed");
+      EVP_MD_CTX_free(md_ctx);
+      return 1;
    }
 
-   sha256_buf[64] = 0;
+   EVP_MD_CTX_free(md_ctx);
 
-   *sha256 = sha256_buf;
+   for (i = 0; i < md_len; i++)
+   {
+      sprintf(&hash_buf[i * 2], "%02x", md_value[i]);
+   }
+
+   hash_buf[hash_len - 1] = 0;
+   *hash = hash_buf;
 
    fclose(file);
 
    return 0;
 }
 
+int
+pgmoneta_create_sha256_file(char* filename, char** sha256)
+{
+   return create_hash_file(filename, "SHA256", sha256);
+}
+
+int
+pgmoneta_create_sha384_file(char* filename, char** sha384)
+{
+   return create_hash_file(filename, "SHA384", sha384);
+}
+
+int
+pgmoneta_create_sha512_file(char* filename, char** sha512)
+{
+   return create_hash_file(filename, "SHA512", sha512);
+}
+
 int
 pgmoneta_generate_string_sha256_hash(char* string, char** sha256)
 {

src/libpgmoneta/wf_sha256.c

@@ -170,7 +170,7 @@ write_backup_sha256(char* root, char* relative_path)
          absolute_file_path = pgmoneta_append(absolute_file_path, "/");
          absolute_file_path = pgmoneta_append(absolute_file_path, relative_file_path);
 
-         pgmoneta_generate_file_sha256_hash(absolute_file_path, &sha256);
+         pgmoneta_create_sha256_file(absolute_file_path, &sha256);
 
          buffer = pgmoneta_append(buffer, relative_file_path);
          buffer = pgmoneta_append(buffer, ":");