372 lines
12 KiB
Go
372 lines
12 KiB
Go
package fic
|
|
|
|
import (
|
|
"bufio"
|
|
"crypto"
|
|
_ "crypto/sha1"
|
|
"encoding/hex"
|
|
"errors"
|
|
"hash"
|
|
"io"
|
|
"os"
|
|
"path"
|
|
"strings"
|
|
|
|
_ "golang.org/x/crypto/blake2b"
|
|
)
|
|
|
|
// FilesDir stores the location where files to be served are stored.
|
|
var FilesDir string = "./FILES/"
|
|
|
|
// OptionalDigest permits to avoid importation failure if no digest are given.
|
|
var OptionalDigest bool = false
|
|
|
|
// StrongDigest forces the use of BLAKE2b hash in place of SHA1 (or mixed SHA1/BLAKE2b).
|
|
var StrongDigest bool = false
|
|
|
|
// Set PlainDigest if digest errors should contain the whole calculated hash, to be paste directly into DIGESTS file.
|
|
var PlainDigest bool = false
|
|
|
|
// EFile represents a challenge file.
|
|
type EFile struct {
|
|
Id int64 `json:"id,omitempty"`
|
|
// origin holds the import relative path of the file
|
|
origin string
|
|
// Path is the location where the file is stored, relatively to FilesDir
|
|
Path string `json:"path"`
|
|
// IdExercice is the identifier of the underlying challenge
|
|
IdExercice int64 `json:"idExercice,omitempty"`
|
|
// Name is the title displayed to players
|
|
Name string `json:"name"`
|
|
// Checksum stores the cached hash of the file
|
|
Checksum []byte `json:"checksum"`
|
|
// Size contains the cached size of the file
|
|
Size int64 `json:"size"`
|
|
}
|
|
|
|
// GetFiles returns a list of all files living in the database.
|
|
func GetFiles() ([]*EFile, error) {
|
|
if rows, err := DBQuery("SELECT id_file, id_exercice, origin, path, name, cksum, size FROM exercice_files"); err != nil {
|
|
return nil, err
|
|
} else {
|
|
defer rows.Close()
|
|
|
|
files := []*EFile{}
|
|
for rows.Next() {
|
|
f := &EFile{}
|
|
if err := rows.Scan(&f.Id, &f.IdExercice, &f.origin, &f.Path, &f.Name, &f.Checksum, &f.Size); err != nil {
|
|
return nil, err
|
|
}
|
|
files = append(files, f)
|
|
}
|
|
if err := rows.Err(); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return files, nil
|
|
}
|
|
}
|
|
|
|
// GetFile retrieves the file with the given id.
|
|
func GetFile(id int64) (f *EFile, err error) {
|
|
f = &EFile{}
|
|
err = DBQueryRow("SELECT id_file, origin, path, name, cksum, size FROM exercice_files WHERE id_file = ?", id).Scan(&f.Id, &f.origin, &f.Path, &f.Name, &f.Checksum, &f.Size)
|
|
return
|
|
}
|
|
|
|
// GetFileByPath retrieves the file that should be found at the given location.
|
|
func GetFileByPath(path string) (*EFile, error) {
|
|
path = strings.TrimPrefix(path, FilesDir)
|
|
|
|
f := &EFile{}
|
|
if err := DBQueryRow("SELECT id_file, origin, path, id_exercice, name, cksum, size FROM exercice_files WHERE path = ?", path).Scan(&f.Id, &f.origin, &f.Path, &f.IdExercice, &f.Name, &f.Checksum, &f.Size); err != nil {
|
|
return f, err
|
|
}
|
|
|
|
return f, nil
|
|
}
|
|
|
|
// GetFileByFilename retrieves the file that should be called so.
|
|
func (e *Exercice) GetFileByFilename(filename string) (f *EFile, err error) {
|
|
filename = path.Base(filename)
|
|
|
|
f = &EFile{}
|
|
err = DBQueryRow("SELECT id_file, origin, path, id_exercice, name, cksum, size FROM exercice_files WHERE id_exercice = ? AND origin LIKE ?", e.Id, "%/"+filename).Scan(&f.Id, &f.origin, &f.Path, &f.IdExercice, &f.Name, &f.Checksum, &f.Size)
|
|
|
|
return
|
|
}
|
|
|
|
// GetFiles returns a list of files coming with the challenge.
|
|
func (e *Exercice) GetFiles() ([]*EFile, error) {
|
|
if rows, err := DBQuery("SELECT id_file, origin, path, name, cksum, size FROM exercice_files WHERE id_exercice = ?", e.Id); err != nil {
|
|
return nil, err
|
|
} else {
|
|
defer rows.Close()
|
|
|
|
files := []*EFile{}
|
|
for rows.Next() {
|
|
f := &EFile{}
|
|
f.IdExercice = e.Id
|
|
if err := rows.Scan(&f.Id, &f.origin, &f.Path, &f.Name, &f.Checksum, &f.Size); err != nil {
|
|
return nil, err
|
|
}
|
|
files = append(files, f)
|
|
}
|
|
if err := rows.Err(); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return files, nil
|
|
}
|
|
}
|
|
|
|
// GetFileByPath retrieves the file that should be found at the given location, limited to the challenge files.
|
|
func (e *Exercice) GetFileByPath(path string) (*EFile, error) {
|
|
path = strings.TrimPrefix(path, FilesDir)
|
|
|
|
f := &EFile{}
|
|
if err := DBQueryRow("SELECT id_file, origin, path, name, cksum, size FROM exercice_files WHERE id_exercice = ? AND path = ?", e.Id, path).Scan(&f.Id, &f.origin, &f.Path, &f.Name, &f.Checksum, &f.Size); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return f, nil
|
|
}
|
|
|
|
// minifyHash returns only the begining and the end of the given hash.
|
|
// Use this function to ensure people doesn't fill their file with our calculated hash.
|
|
func minifyHash(hash string) string {
|
|
if PlainDigest {
|
|
return hash
|
|
} else {
|
|
return hash[0:len(hash)/3] + "..." + hash[len(hash)/2:]
|
|
}
|
|
}
|
|
|
|
// CheckBufferHash checks if the bufio has the given digest.
|
|
func CreateHashBuffers() (io.Writer, *hash.Hash, *hash.Hash) {
|
|
hash160 := crypto.SHA1.New()
|
|
hash512 := crypto.BLAKE2b_512.New()
|
|
|
|
w := io.MultiWriter(hash160, hash512)
|
|
|
|
return w, &hash160, &hash512
|
|
}
|
|
|
|
// CheckBufferHash checks if the bufio has the given digest.
|
|
func CheckBufferHash(hash160 *hash.Hash, hash512 *hash.Hash, digest []byte) ([]byte, error) {
|
|
result160 := (*hash160).Sum(nil)
|
|
result512 := (*hash512).Sum(nil)
|
|
|
|
if len(digest) != len(result512) {
|
|
if len(digest) != len(result160) {
|
|
return []byte{}, errors.New("Digests doesn't match: calculated: sha1:" + minifyHash(hex.EncodeToString(result160)) + " & blake2b:" + minifyHash(hex.EncodeToString(result512)) + " vs. given: " + hex.EncodeToString(digest))
|
|
} else if StrongDigest {
|
|
return []byte{}, errors.New("Invalid digests: SHA-1 checksums are no more accepted. Calculated sha1:" + minifyHash(hex.EncodeToString(result160)) + " & blake2b:" + minifyHash(hex.EncodeToString(result512)) + " vs. given: " + hex.EncodeToString(digest))
|
|
}
|
|
|
|
for k := range result160 {
|
|
if result160[k] != digest[k] {
|
|
return []byte{}, errors.New("Digests doesn't match: calculated: sha1:" + minifyHash(hex.EncodeToString(result160)) + " & blake2b:" + minifyHash(hex.EncodeToString(result512)) + " vs. given: " + hex.EncodeToString(digest))
|
|
}
|
|
}
|
|
} else {
|
|
for k := range result512 {
|
|
if result512[k] != digest[k] {
|
|
return []byte{}, errors.New("Digests doesn't match: calculated: " + minifyHash(hex.EncodeToString(result512)) + " vs. given: " + hex.EncodeToString(digest))
|
|
}
|
|
}
|
|
}
|
|
|
|
return result512, nil
|
|
}
|
|
|
|
// checkFileHash checks if the file at the given filePath has the given digest.
|
|
// It also returns the file's size.
|
|
func checkFileHash(filePath string, digest []byte) (dgst []byte, size int64, err error) {
|
|
if digest == nil {
|
|
return []byte{}, 0, errors.New("no digest given")
|
|
} else if fi, errr := os.Stat(filePath); errr != nil {
|
|
return []byte{}, 0, errr
|
|
} else if fd, errr := os.Open(filePath); errr != nil {
|
|
return []byte{}, fi.Size(), errr
|
|
} else {
|
|
defer fd.Close()
|
|
size = fi.Size()
|
|
|
|
w, hash160, hash512 := CreateHashBuffers()
|
|
|
|
if _, err = io.Copy(w, bufio.NewReader(fd)); err != nil {
|
|
return
|
|
}
|
|
|
|
dgst, err = CheckBufferHash(hash160, hash512, digest)
|
|
|
|
return
|
|
}
|
|
}
|
|
|
|
// ImportFile registers (ou updates if it already exists in database) the file in database.
|
|
func (e *Exercice) ImportFile(filePath string, origin string, digest []byte) (interface{}, error) {
|
|
if result512, size, err := checkFileHash(filePath, digest); !OptionalDigest && err != nil {
|
|
return EFile{}, err
|
|
} else {
|
|
dPath := strings.TrimPrefix(filePath, FilesDir)
|
|
if f, err := e.GetFileByPath(dPath); err != nil {
|
|
return e.AddFile(dPath, origin, path.Base(filePath), result512, size)
|
|
} else {
|
|
// Don't need to update Path and Name, because they are related to dPath
|
|
|
|
f.IdExercice = e.Id
|
|
f.origin = origin
|
|
f.Checksum = result512
|
|
f.Size = size
|
|
|
|
if _, err := f.Update(); err != nil {
|
|
return nil, err
|
|
} else {
|
|
return f, nil
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
// AddFile creates and fills a new struct File and registers it into the database.
|
|
func (e *Exercice) AddFile(path string, origin string, name string, checksum []byte, size int64) (*EFile, error) {
|
|
if res, err := DBExec("INSERT INTO exercice_files (id_exercice, origin, path, name, cksum, size) VALUES (?, ?, ?, ?, ?, ?)", e.Id, origin, path, name, checksum, size); err != nil {
|
|
return nil, err
|
|
} else if fid, err := res.LastInsertId(); err != nil {
|
|
return nil, err
|
|
} else {
|
|
return &EFile{fid, origin, path, e.Id, name, checksum, size}, nil
|
|
}
|
|
}
|
|
|
|
// Update applies modifications back to the database.
|
|
func (f *EFile) Update() (int64, error) {
|
|
if res, err := DBExec("UPDATE exercice_files SET id_exercice = ?, origin = ?, path = ?, name = ?, cksum = ?, size = ? WHERE id_file = ?", f.IdExercice, f.origin, f.Path, f.Name, f.Checksum, f.Size, f.Id); err != nil {
|
|
return 0, err
|
|
} else if nb, err := res.RowsAffected(); err != nil {
|
|
return 0, err
|
|
} else {
|
|
return nb, err
|
|
}
|
|
}
|
|
|
|
// Delete the file from the database.
|
|
func (f EFile) Delete() (int64, error) {
|
|
if res, err := DBExec("DELETE FROM exercice_files WHERE id_file = ?", f.Id); err != nil {
|
|
return 0, err
|
|
} else if nb, err := res.RowsAffected(); err != nil {
|
|
return 0, err
|
|
} else {
|
|
return nb, err
|
|
}
|
|
}
|
|
|
|
// WipeFiles deletes (only in the database, not on disk) files coming with the challenge.
|
|
func (e Exercice) WipeFiles() (int64, error) {
|
|
if _, err := DBExec("DELETE FROM exercice_files_okey_deps WHERE id_flag IN (SELECT id_flag FROM exercice_flags WHERE id_exercice = ?)", e.Id); err != nil {
|
|
return 0, err
|
|
} else if _, err := DBExec("DELETE FROM exercice_files_omcq_deps WHERE id_mcq IN (SELECT id_mcq FROM exercice_mcq WHERE id_exercice = ?)", e.Id); err != nil {
|
|
return 0, err
|
|
} else if res, err := DBExec("DELETE FROM exercice_files WHERE id_exercice = ?", e.Id); err != nil {
|
|
return 0, err
|
|
} else if nb, err := res.RowsAffected(); err != nil {
|
|
return 0, err
|
|
} else {
|
|
return nb, err
|
|
}
|
|
}
|
|
|
|
// ClearFiles removes all certificates from database (but not files on disks).
|
|
func ClearFiles() (int64, error) {
|
|
if res, err := DBExec("DELETE FROM exercice_files"); err != nil {
|
|
return 0, err
|
|
} else if nb, err := res.RowsAffected(); err != nil {
|
|
return 0, err
|
|
} else {
|
|
return nb, err
|
|
}
|
|
}
|
|
|
|
// GetOrigin access the private field origin of the file.
|
|
func (f *EFile) GetOrigin() string {
|
|
return f.origin
|
|
}
|
|
|
|
// AddDepend insert a new dependency to a given flag.
|
|
func (f *EFile) AddDepend(j Flag) (err error) {
|
|
if k, ok := j.(*FlagKey); ok {
|
|
_, err = DBExec("INSERT INTO exercice_files_okey_deps (id_file, id_flag) VALUES (?, ?)", f.Id, k.Id)
|
|
} else if m, ok := j.(*MCQ); ok {
|
|
_, err = DBExec("INSERT INTO exercice_files_omcq_deps (id_file, id_mcq) VALUES (?, ?)", f.Id, m.Id)
|
|
} else {
|
|
err = errors.New("dependancy type not implemented for this file")
|
|
}
|
|
return
|
|
}
|
|
|
|
// DeleteDepend insert a new dependency to a given flag.
|
|
func (f *EFile) DeleteDepend(j Flag) (err error) {
|
|
if k, ok := j.(*FlagKey); ok {
|
|
_, err = DBExec("DELETE FROM exercice_files_okey_deps WHERE id_file = ? AND id_flag = ?", f.Id, k.Id)
|
|
} else if m, ok := j.(*MCQ); ok {
|
|
_, err = DBExec("DELETE FROM exercice_files_omcq_deps WHERE id_file = ? AND id_mcq = ?", f.Id, m.Id)
|
|
} else {
|
|
err = errors.New("dependancy type not implemented for this file")
|
|
}
|
|
return
|
|
}
|
|
|
|
// GetDepends retrieve the flag's dependency list.
|
|
func (f *EFile) GetDepends() ([]Flag, error) {
|
|
var deps = make([]Flag, 0)
|
|
|
|
if rows, err := DBQuery("SELECT id_flag FROM exercice_files_okey_deps WHERE id_file = ?", f.Id); err != nil {
|
|
return nil, err
|
|
} else {
|
|
defer rows.Close()
|
|
|
|
for rows.Next() {
|
|
var d int
|
|
if err := rows.Scan(&d); err != nil {
|
|
return nil, err
|
|
}
|
|
deps = append(deps, &FlagKey{d, f.IdExercice, 0, "", "", "", "", "", false, false, false, nil, false, []byte{}, 0})
|
|
}
|
|
if err := rows.Err(); err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
if rows, err := DBQuery("SELECT id_mcq FROM exercice_files_omcq_deps WHERE id_file = ?", f.Id); err != nil {
|
|
return nil, err
|
|
} else {
|
|
defer rows.Close()
|
|
|
|
for rows.Next() {
|
|
var d int
|
|
if err := rows.Scan(&d); err != nil {
|
|
return nil, err
|
|
}
|
|
deps = append(deps, &MCQ{d, f.IdExercice, 0, "", []*MCQ_entry{}})
|
|
}
|
|
if err := rows.Err(); err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
return deps, nil
|
|
}
|
|
|
|
// CheckFileOnDisk recalculates the hash of the file on disk.
|
|
func (f *EFile) CheckFileOnDisk() error {
|
|
if _, size, err := checkFileHash(path.Join(FilesDir, f.Path), f.Checksum); err != nil {
|
|
return err
|
|
} else if size == 0 {
|
|
return errors.New("empty file")
|
|
} else {
|
|
return nil
|
|
}
|
|
}
|