Add source-checksum option

[tsimonq2]

This adds an optional source-checksum tag to ensure download integrity by checking the checksum.

Features

• It supports the following source-types:
  • source-type: tar
  • source-type: zip
• It supports the following checksums:
  • md5
  • sha1
  • sha224
  • sha256
  • sha384
  • sha512
• You can use it in the following ways:
  • source-checksum: HASH - raw hash
  • source-checksum: checksum.txt - local file
  • source-checksum: http(s)://example.com/checksum - remote URL

Failsafes

It has the following failsafes to ensure the code always works as intended:

• Special exception for a checksum that doesn't match
• Raises an exception for a checksum that is invalid, or incompatible with the checksums supported

Testing coverage

I have the following testing in place:

• Unit tests:
  • Testing of each checksum in raw form with a created file (tar/zip) that has a static checksum
  • Creation of a checksum file and checking the checksum with that local file
  • Pulling http://tsimonq2.net/misc/snapcraft-checksum-tar and http://tsimonq2.net/misc/snapcraft-checksum-zip respectively and checking the checksum of the static file with those
  • Checking for an invalid checksum
• Integration tests:
  • Testing of each checksum in raw form with a created file (tar/zip) that has a static checksum in the snapcraft.yaml files for simple-tar and simple-zip

Discrepancies between this specification and the source

If you find any difference between the code in this PR and the specification above, please comment, as that wasn't intended.

[snappy-m-o]

Can one of the admins verify this patch?

[snappy-m-o]

Can one of the admins verify this patch?

[sergiusens]

why this change?

[sergiusens]

this should be done after the download

[sergiusens]

which is https://github.com/snapcore/snapcraft/pull/619/files#diff-e6205a80af76b4faec1d9241dc3b3b7cR119

[sergiusens]

this looks like duplicate code, please consider adding it to FileBase (which also needs its init updated)

[sergiusens]

Please merge with master or rebase

[sergiusens]

you also need to update https://github.com/snapcore/snapcraft/pull/619/files#diff-e6205a80af76b4faec1d9241dc3b3b7cR455

[tsimonq2]

@sergiusens Thanks for taking the time to look at this. I updated my code with your suggestions. Let me know what you think.

@elopio Can you please take a look?

[sergiusens]

From a quick look at the test failures it seems you still need to update all constructors for the sources used in the unit tests.

[tsimonq2]

So right now, the Travis build has passed. My goal now is to do some more local testing and to get an integration test ready. I'll change the description accordingly.

[snappy-m-o]

Can one of the admins verify this patch?

[snappy-m-o]

Can one of the admins verify this patch?

[snappy-m-o]

Can one of the admins verify this patch?

[snappy-m-o]

Can one of the admins verify this patch?

[snappy-m-o]

Can one of the admins verify this patch?

[snappy-m-o]

Can one of the admins verify this patch?

[tsimonq2]

I believe that all the intended testing and code is in place for this PR. Could this be evaluated please?

[tsimonq2]

I also added sort of a specification to refer to in my initial comment.

[tsimonq2]

Bump

[sergiusens]

this should use a fakeserver, check snapcraft/tests/fake_servers.py

[tsimonq2]

@sergiusens I'm a little confused as to the usage of this, where can I find an example of a test case that uses it?

[sergiusens]

why the abreviation?

[tsimonq2]

I didn't have any specific reason, I'll change it

[sergiusens]

Hi, looks good

One general comment is to use checksum instead of chksum

[sergiusens]

what are you testing here, or in other words, what are your assertions to know it all worked as expected?

[sergiusens]

maybe I am confused by check_checksum_determine_format and a better method name is needed here.

[tsimonq2]

@sergiusens this function uses the various supported checksum formats and checks the checksum with them. This ensures that the checksum can be successfully checked with the raw checksums.

I know this works because if it doesn't, the built-in errors will catch it. That's why I'm not doing a try/fail here.

The only reason why I had to split it into separate functions was because the static tests were complaining about check_checksum being too complex. This is now corrected to be in one function.

[sergiusens]

ditto on assertions

[sergiusens]

if this is only used by check_checksum_determine_format then prefix the method name with _

[sergiusens]

This could be a dictionary instead

_HASH_FUNCTIONS = {
    32: hashlib.md5,
    40: hashlib.sha1,
    ...
    ...
}

try:
     checksumer = _HASH_FUNCTIONS[len(source_checksum)]()
except KeyError:
    raise IncompatibleOptionsError("Invalid checksum format")

[sergiusens]

Another general comment,

you should name the method the sources classes verify_checksum; verify_checksum should call _get_checksum and return the checksum doing the http, file or checksum dance you do.

With that returned value, if you use the dict, just do the check there and finally check if they are a match or raise the exception.

This IMHO would read much simpler.

[tsimonq2]

@sergiusens I made some changes that addresses your comments, let me know if you have more.

[sergiusens]

use single quotes here

[sergiusens]

this should be an error, shouldn't it?

[tsimonq2]

@sergiusens do you think it's always the case that the checksum file has a filename? If so, I'll correct it.

[sergiusens]

these two lines certainly fit in one line, right?

[sergiusens]

please use a different name than zip, zip is a python keyword and it might get confusing.

[tsimonq2]

@sergiusens This is applicable to the original source as well and should be dealt with in a separate PR, I'm just using what has already been given to me for variable names.

[sergiusens]

quotes

[sergiusens]

should probably be an error.

[sergiusens]

can we stick to using format and single quotes? (no +)

[tsimonq2]

I'm not sure what you mean here, @sergiusens

[sergiusens]

Should be something like

raise ChecksumDoesNotMatch(
   'the checksum {!r} doesn't match the file'.format(source_checksum)

[tsimonq2]

I can't use single quotes because doesn't has a quote.

[sergiusens]

single quotes please

[sergiusens]

these statements fit in the same line

[tsimonq2]

Pushing a fix to a bunch of lines that can be fixed by this, thanks for pointing this out.

[sergiusens]

OK, one final checkup, in the bug sabdfl mentions we should support sha-3-384; how do we differentiate sha-2 and sha-3 with the autodetection?

[kyrofa]

@tsimonq2 did you see @sergiusens's question?

[sergiusens]

Closing due to inactivity