diff --git a/preprocessor/folder/file.go b/preprocessor/folder/file.go index 3d20a06..ded6ae5 100644 --- a/preprocessor/folder/file.go +++ b/preprocessor/folder/file.go @@ -1,11 +1,7 @@ package folder import ( - "crypto/md5" - "crypto/sha256" - "encoding/hex" "fmt" - "io" "io/fs" "net/http" "os" @@ -15,7 +11,6 @@ import ( "github.com/starlinglab/integrity-v2/config" "github.com/starlinglab/integrity-v2/webhook" - "lukechampine.com/blake3" ) // getFileMetadata calculates and returns a map of attributes for a file @@ -41,22 +36,8 @@ func getFileMetadata(filePath string) (map[string]any, error) { return nil, err } - sha := sha256.New() - md := md5.New() - blake := blake3.New(32, nil) - - writers := io.MultiWriter(sha, md, blake) - _, err = io.Copy(writers, file) - if err != nil { - return nil, err - } - return map[string]any{ - "sha256": hex.EncodeToString(sha.Sum(nil)), - "md5": hex.EncodeToString(md.Sum(nil)), - "blake3": hex.EncodeToString(blake.Sum(nil)), "media_type": mediaType, - "file_size": fileInfo.Size(), "file_name": fileInfo.Name(), "last_modified": fileInfo.ModTime().UTC().Format(time.RFC3339), "time_created": fileInfo.ModTime().UTC().Format(time.RFC3339), diff --git a/webhook/attribute.go b/webhook/attribute.go index 99597e5..e5e8fe0 100644 --- a/webhook/attribute.go +++ b/webhook/attribute.go @@ -4,8 +4,9 @@ import ( "github.com/starlinglab/integrity-v2/aa" ) -// ParseJsonToAttributes parses a JSON map to a slice of attributes for POSTing to the AA server -func ParseJsonToAttributes(jsonMap map[string]any) []aa.PostKV { +// ParseJsonToAttributes parses a JSON map and a file stat map +// to a slice of attributes for POSTing to the AA server +func ParseJsonToAttributes(jsonMap map[string]any, fileAttributes map[string]any) []aa.PostKV { var attributes []aa.PostKV @@ -16,5 +17,9 @@ func ParseJsonToAttributes(jsonMap map[string]any) []aa.PostKV { } } + for k, v := range fileAttributes { + attributes = append(attributes, aa.PostKV{Key: k, Value: v}) + } + return attributes } diff --git a/webhook/webhook.go b/webhook/webhook.go index 36d3d89..3148f98 100644 --- a/webhook/webhook.go +++ b/webhook/webhook.go @@ -1,6 +1,9 @@ package webhook import ( + "crypto/md5" + "crypto/sha256" + "encoding/hex" "encoding/json" "fmt" "io" @@ -13,6 +16,7 @@ import ( "github.com/starlinglab/integrity-v2/aa" "github.com/starlinglab/integrity-v2/config" "github.com/starlinglab/integrity-v2/util" + "lukechampine.com/blake3" ) // Helper function to write http JSON response @@ -84,6 +88,7 @@ func handleGenericFileUpload(w http.ResponseWriter, r *http.Request) { defer tempFile.Close() defer os.Remove(tempFile.Name()) cid := "" + fileAttributes := map[string]any{} for { part, err := form.NextPart() if err == io.EOF { @@ -109,7 +114,13 @@ func handleGenericFileUpload(w http.ResponseWriter, r *http.Request) { cidChan <- cid errChan <- err }() - fileWriter := io.MultiWriter(tempFile, pw) + + sha := sha256.New() + md := md5.New() + blake := blake3.New(32, nil) + + fileWriter := io.MultiWriter(tempFile, pw, sha, md, blake) + _, err = io.Copy(fileWriter, part) defer part.Close() if err != nil { @@ -127,6 +138,17 @@ func handleGenericFileUpload(w http.ResponseWriter, r *http.Request) { writeJsonResponse(w, http.StatusInternalServerError, map[string]string{"error": err.Error()}) return } + tempFileState, err := tempFile.Stat() + if err != nil { + writeJsonResponse(w, http.StatusInternalServerError, map[string]string{"error": err.Error()}) + return + } + fileAttributes = map[string]any{ + "sha256": hex.EncodeToString(sha.Sum(nil)), + "md5": hex.EncodeToString(md.Sum(nil)), + "blake3": hex.EncodeToString(blake.Sum(nil)), + "file_size": tempFileState.Size(), + } } } if cid == "" { @@ -145,7 +167,7 @@ func handleGenericFileUpload(w http.ResponseWriter, r *http.Request) { writeJsonResponse(w, http.StatusBadRequest, map[string]string{"error": err.Error()}) return } - attributes := ParseJsonToAttributes(jsonMap) + attributes := ParseJsonToAttributes(jsonMap, fileAttributes) err = aa.SetAttestations(cid, false, attributes) if err != nil { fmt.Println("Error setting attestations:", err)