[webhook] calculate file hashes

preprocessor/folder/file.go

@@ -1,11 +1,7 @@
 package folder
 
 import (
-	"crypto/md5"
-	"crypto/sha256"
-	"encoding/hex"
 	"fmt"
-	"io"
 	"io/fs"
 	"net/http"
 	"os"
@@ -15,7 +11,6 @@ import (
 
 	"github.com/starlinglab/integrity-v2/config"
 	"github.com/starlinglab/integrity-v2/webhook"
-	"lukechampine.com/blake3"
 )
 
 // getFileMetadata calculates and returns a map of attributes for a file
@@ -41,22 +36,8 @@ func getFileMetadata(filePath string) (map[string]any, error) {
 		return nil, err
 	}
 
-	sha := sha256.New()
-	md := md5.New()
-	blake := blake3.New(32, nil)
-
-	writers := io.MultiWriter(sha, md, blake)
-	_, err = io.Copy(writers, file)
-	if err != nil {
-		return nil, err
-	}
-
 	return map[string]any{
-		"sha256":        hex.EncodeToString(sha.Sum(nil)),
-		"md5":           hex.EncodeToString(md.Sum(nil)),
-		"blake3":        hex.EncodeToString(blake.Sum(nil)),
 		"media_type":    mediaType,
-		"file_size":     fileInfo.Size(),
 		"file_name":     fileInfo.Name(),
 		"last_modified": fileInfo.ModTime().UTC().Format(time.RFC3339),
 		"time_created":  fileInfo.ModTime().UTC().Format(time.RFC3339),

webhook/attribute.go

@@ -4,8 +4,9 @@ import (
 	"github.com/starlinglab/integrity-v2/aa"
 )
 
-// ParseJsonToAttributes parses a JSON map to a slice of attributes for POSTing to the AA server
-func ParseJsonToAttributes(jsonMap map[string]any) []aa.PostKV {
+// ParseJsonToAttributes parses a JSON map and a file stat map
+// to a slice of attributes for POSTing to the AA server
+func ParseJsonToAttributes(jsonMap map[string]any, fileAttributes map[string]any) []aa.PostKV {
 
 	var attributes []aa.PostKV
 
@@ -16,5 +17,9 @@ func ParseJsonToAttributes(jsonMap map[string]any) []aa.PostKV {
 		}
 	}
 
+	for k, v := range fileAttributes {
+		attributes = append(attributes, aa.PostKV{Key: k, Value: v})
+	}
+
 	return attributes
 }

webhook/webhook.go

@@ -1,6 +1,9 @@
 package webhook
 
 import (
+	"crypto/md5"
+	"crypto/sha256"
+	"encoding/hex"
 	"encoding/json"
 	"fmt"
 	"io"
@@ -13,6 +16,7 @@ import (
 	"github.com/starlinglab/integrity-v2/aa"
 	"github.com/starlinglab/integrity-v2/config"
 	"github.com/starlinglab/integrity-v2/util"
+	"lukechampine.com/blake3"
 )
 
 // Helper function to write http JSON response
@@ -84,6 +88,7 @@ func handleGenericFileUpload(w http.ResponseWriter, r *http.Request) {
 	defer tempFile.Close()
 	defer os.Remove(tempFile.Name())
 	cid := ""
+	fileAttributes := map[string]any{}
 	for {
 		part, err := form.NextPart()
 		if err == io.EOF {
@@ -109,7 +114,13 @@ func handleGenericFileUpload(w http.ResponseWriter, r *http.Request) {
 				cidChan <- cid
 				errChan <- err
 			}()
-			fileWriter := io.MultiWriter(tempFile, pw)
+
+			sha := sha256.New()
+			md := md5.New()
+			blake := blake3.New(32, nil)
+
+			fileWriter := io.MultiWriter(tempFile, pw, sha, md, blake)
+
 			_, err = io.Copy(fileWriter, part)
 			defer part.Close()
 			if err != nil {
@@ -127,6 +138,17 @@ func handleGenericFileUpload(w http.ResponseWriter, r *http.Request) {
 				writeJsonResponse(w, http.StatusInternalServerError, map[string]string{"error": err.Error()})
 				return
 			}
+			tempFileState, err := tempFile.Stat()
+			if err != nil {
+				writeJsonResponse(w, http.StatusInternalServerError, map[string]string{"error": err.Error()})
+				return
+			}
+			fileAttributes = map[string]any{
+				"sha256":    hex.EncodeToString(sha.Sum(nil)),
+				"md5":       hex.EncodeToString(md.Sum(nil)),
+				"blake3":    hex.EncodeToString(blake.Sum(nil)),
+				"file_size": tempFileState.Size(),
+			}
 		}
 	}
 	if cid == "" {
@@ -145,7 +167,7 @@ func handleGenericFileUpload(w http.ResponseWriter, r *http.Request) {
 		writeJsonResponse(w, http.StatusBadRequest, map[string]string{"error": err.Error()})
 		return
 	}
-	attributes := ParseJsonToAttributes(jsonMap)
+	attributes := ParseJsonToAttributes(jsonMap, fileAttributes)
 	err = aa.SetAttestations(cid, false, attributes)
 	if err != nil {
 		fmt.Println("Error setting attestations:", err)