package fic import ( "bufio" "crypto" _ "crypto/sha1" "encoding/hex" "errors" "io" "os" "path" "strings" _ "" ) // FilesDir stores the location where files to be served are stored. var FilesDir string = "./FILES/" // OptionalDigest permits to avoid importation failure if no digest are given. var OptionalDigest bool = false // StrongDigest forces the use of BLAKE2b hash in place of SHA1 (or mixed SHA1/BLAKE2b). var StrongDigest bool = false // Set PlainDigest if digest errors should contain the whole calculated hash, to be paste directly into DIGESTS file. var PlainDigest bool = false // EFile represents a challenge file. type EFile struct { Id int64 `json:"id"` // origin holds the import relative path of the file origin string // Path is the location where the file is stored, relatively to FilesDir Path string `json:"path"` // IdExercice is the identifier of the underlying challenge IdExercice int64 `json:"idExercice"` // Name is the title displayed to players Name string `json:"name"` // Checksum stores the cached hash of the file Checksum []byte `json:"checksum"` // Size contains the cached size of the file Size int64 `json:"size"` } // GetFiles returns a list of all files living in the database. func GetFiles() ([]EFile, error) { if rows, err := DBQuery("SELECT id_file, id_exercice, origin, path, name, cksum, size FROM exercice_files"); err != nil { return nil, err } else { defer rows.Close() var files = make([]EFile, 0) for rows.Next() { var f EFile if err := rows.Scan(&f.Id, &f.IdExercice, &f.origin, &f.Path, &f.Name, &f.Checksum, &f.Size); err != nil { return nil, err } files = append(files, f) } if err := rows.Err(); err != nil { return nil, err } return files, nil } } // GetFile retrieves the file with the given id. func GetFile(id int) (f EFile, err error) { err = DBQueryRow("SELECT id_file, origin, path, name, cksum, size FROM exercice_files WHERE id_file = ?", id).Scan(&f.Id, &f.origin, &f.Path, &f.Name, &f.Checksum, &f.Size) return f, err } // GetFileByPath retrieves the file that should be found at the given location. func GetFileByPath(path string) (EFile, error) { path = strings.TrimPrefix(path, FilesDir) var f EFile if err := DBQueryRow("SELECT id_file, origin, path, id_exercice, name, cksum, size FROM exercice_files WHERE path = ?", path).Scan(&f.Id, &f.origin, &f.Path, &f.IdExercice, &f.Name, &f.Checksum, &f.Size); err != nil { return f, err } return f, nil } // GetFileByFilename retrieves the file that should be called so. func (e Exercice) GetFileByFilename(filename string) (f EFile, err error) { filename = path.Base(filename) err = DBQueryRow("SELECT id_file, origin, path, id_exercice, name, cksum, size FROM exercice_files WHERE id_exercice = ? AND origin LIKE ?", e.Id, "%/" + filename).Scan(&f.Id, &f.origin, &f.Path, &f.IdExercice, &f.Name, &f.Checksum, &f.Size) return } // GetFiles returns a list of files coming with the challenge. func (e Exercice) GetFiles() ([]EFile, error) { if rows, err := DBQuery("SELECT id_file, origin, path, name, cksum, size FROM exercice_files WHERE id_exercice = ?", e.Id); err != nil { return nil, err } else { defer rows.Close() var files = make([]EFile, 0) for rows.Next() { var f EFile f.IdExercice = e.Id if err := rows.Scan(&f.Id, &f.origin, &f.Path, &f.Name, &f.Checksum, &f.Size); err != nil { return nil, err } files = append(files, f) } if err := rows.Err(); err != nil { return nil, err } return files, nil } } // GetFileByPath retrieves the file that should be found at the given location, limited to the challenge files. func (e Exercice) GetFileByPath(path string) (EFile, error) { path = strings.TrimPrefix(path, FilesDir) var f EFile if err := DBQueryRow("SELECT id_file, origin, path, name, cksum, size FROM exercice_files WHERE id_exercice = ? AND path = ?", e.Id, path).Scan(&f.Id, &f.origin, &f.Path, &f.Name, &f.Checksum, &f.Size); err != nil { return f, err } return f, nil } // minifyHash returns only the begining and the end of the given hash. // Use this function to ensure people doesn't fill their file with our calculated hash. func minifyHash(hash string) string { if PlainDigest { return hash } else { return hash[0:len(hash)/3] + "..." + hash[len(hash)/2:] } } // checkFileHash checks if the file at the given filePath has the given digest. // It also returns the file's size. func checkFileHash(filePath string, digest []byte) ([]byte, int64, error) { if digest == nil { return []byte{}, 0, errors.New("No digest given.") } else if fi, err := os.Stat(filePath); err != nil { return []byte{}, 0, err } else if fd, err := os.Open(filePath); err != nil { return []byte{}, fi.Size(), err } else { defer fd.Close() reader := bufio.NewReader(fd) hash160 := crypto.SHA1.New() hash512 := crypto.BLAKE2b_512.New() w := io.MultiWriter(hash160, hash512) if _, err := io.Copy(w, reader); err != nil { return []byte{}, fi.Size(), err } result160 := hash160.Sum(nil) result512 := hash512.Sum(nil) if len(digest) != len(result512) { if len(digest) != len(result160) { return []byte{}, fi.Size(), errors.New("Digests doesn't match: calculated: sha1:" + minifyHash(hex.EncodeToString(result160)) + " & blake2b:" + minifyHash(hex.EncodeToString(result512)) + " vs. given: " + hex.EncodeToString(digest)) } else if StrongDigest { return []byte{}, fi.Size(), errors.New("Invalid digests: SHA-1 checksums are no more accepted. Calculated sha1:" + minifyHash(hex.EncodeToString(result160)) + " & blake2b:" + minifyHash(hex.EncodeToString(result512)) + " vs. given: " + hex.EncodeToString(digest)) } for k := range result160 { if result160[k] != digest[k] { return []byte{}, fi.Size(), errors.New("Digests doesn't match: calculated: sha1:" + minifyHash(hex.EncodeToString(result160)) + " & blake2b:" + minifyHash(hex.EncodeToString(result512)) + " vs. given: " + hex.EncodeToString(digest)) } } } else { for k := range result512 { if result512[k] != digest[k] { return []byte{}, fi.Size(), errors.New("Digests doesn't match: calculated: " + minifyHash(hex.EncodeToString(result512)) + " vs. given: " + hex.EncodeToString(digest)) } } } return result512, fi.Size(), nil } } // ImportFile registers (ou updates if it already exists in database) the file in database. func (e Exercice) ImportFile(filePath string, origin string, digest []byte) (interface{}, error) { if result512, size, err := checkFileHash(filePath, digest); !OptionalDigest && err != nil { return EFile{}, err } else { dPath := strings.TrimPrefix(filePath, FilesDir) if f, err := e.GetFileByPath(dPath); err != nil { return e.AddFile(dPath, origin, path.Base(filePath), result512, size) } else { // Don't need to update Path and Name, because they are related to dPath f.IdExercice = e.Id f.origin = origin f.Checksum = result512 f.Size = size if _, err := f.Update(); err != nil { return nil, err } else { return f, nil } } } } // AddFile creates and fills a new struct File and registers it into the database. func (e Exercice) AddFile(path string, origin string, name string, checksum []byte, size int64) (EFile, error) { if res, err := DBExec("INSERT INTO exercice_files (id_exercice, origin, path, name, cksum, size) VALUES (?, ?, ?, ?, ?, ?)", e.Id, origin, path, name, checksum, size); err != nil { return EFile{}, err } else if fid, err := res.LastInsertId(); err != nil { return EFile{}, err } else { return EFile{fid, origin, path, e.Id, name, checksum, size}, nil } } // Update applies modifications back to the database. func (f EFile) Update() (int64, error) { if res, err := DBExec("UPDATE exercice_files SET id_exercice = ?, origin = ?, path = ?, name = ?, cksum = ?, size = ? WHERE id_file = ?", f.IdExercice, f.origin, f.Path, f.Name, f.Checksum, f.Size, f.Id); err != nil { return 0, err } else if nb, err := res.RowsAffected(); err != nil { return 0, err } else { return nb, err } } // Delete the file from the database. func (f EFile) Delete() (int64, error) { if res, err := DBExec("DELETE FROM exercice_files WHERE id_file = ?", f.Id); err != nil { return 0, err } else if nb, err := res.RowsAffected(); err != nil { return 0, err } else { return nb, err } } // WipeFiles deletes (only in the database, not on disk) files coming with the challenge. func (e Exercice) WipeFiles() (int64, error) { if res, err := DBExec("DELETE FROM exercice_files WHERE id_exercice = ?", e.Id); err != nil { return 0, err } else if nb, err := res.RowsAffected(); err != nil { return 0, err } else { return nb, err } } // ClearFiles removes all certificates from database (but not files on disks). func ClearFiles() (int64, error) { if res, err := DBExec("DELETE FROM exercice_files"); err != nil { return 0, err } else if nb, err := res.RowsAffected(); err != nil { return 0, err } else { return nb, err } } // GetOrigin access the private field origin of the file. func (f EFile) GetOrigin() string { return f.origin } // AddDepend insert a new dependency to a given flag. func (f EFile) AddDepend(k Key) (err error) { _, err = DBExec("INSERT INTO exercice_files_deps (id_file, id_key) VALUES (?, ?)", f.Id, k.Id) return } // GetDepends retrieve the flag's dependency list. func (f EFile) GetDepends() ([]Key, error) { if rows, err := DBQuery("SELECT id_key FROM exercice_files_deps WHERE id_file = ?", f.Id); err != nil { return nil, err } else { defer rows.Close() var deps = make([]Key, 0) for rows.Next() { var d int64 if err := rows.Scan(&d); err != nil { return nil, err } deps = append(deps, Key{d, f.IdExercice, "", []byte{}}) } if err := rows.Err(); err != nil { return nil, err } return deps, nil } } // CheckFileOnDisk recalculates the hash of the file on disk. func (f EFile) CheckFileOnDisk() error { if _, size, err := checkFileHash(path.Join(FilesDir, f.Path), f.Checksum); err != nil { return err } else if size == 0 { return errors.New("Empty file!") } else { return nil } }