diff --git a/api/src/main/java/com/redhat/insights/jars/JarAnalyzer.java b/api/src/main/java/com/redhat/insights/jars/JarAnalyzer.java index 8ab5b29..3c43681 100644 --- a/api/src/main/java/com/redhat/insights/jars/JarAnalyzer.java +++ b/api/src/main/java/com/redhat/insights/jars/JarAnalyzer.java @@ -17,6 +17,7 @@ * jars and obtain more detail from manifests. */ public final class JarAnalyzer { + public static final String SHA1_CHECKSUM_KEY = "sha1Checksum"; public static final String SHA256_CHECKSUM_KEY = "sha256Checksum"; public static final String SHA512_CHECKSUM_KEY = "sha512Checksum"; @@ -105,26 +106,7 @@ static boolean isTempFile(File fileParam) { JarInfo getJarInfoSafe(String jarFile, URL url) { Map attributes = new HashMap<>(); - try { - String sha1Checksum = JarUtils.computeSha1(url); - attributes.put(SHA1_CHECKSUM_KEY, sha1Checksum); - } catch (Exception ex) { - logger.error(url + " Error getting jar file sha1 checksum", ex); - } - - try { - String sha256Checksum = JarUtils.computeSha256(url); - attributes.put(SHA256_CHECKSUM_KEY, sha256Checksum); - } catch (Exception ex) { - logger.error(url + " Error getting jar file sha256 checksum", ex); - } - - try { - String sha512Checksum = JarUtils.computeSha512(url); - attributes.put(SHA512_CHECKSUM_KEY, sha512Checksum); - } catch (Exception ex) { - logger.error(url + " Error getting jar file sha512 checksum", ex); - } + setChecksumsPerf(attributes, url); JarInfo jarInfo; try { @@ -137,6 +119,18 @@ JarInfo getJarInfoSafe(String jarFile, URL url) { return jarInfo; } + void setChecksumsPerf(Map attributes, URL url) { + + try { + String[] shaChecksums = JarUtils.computeSha(url); + attributes.put(SHA1_CHECKSUM_KEY, shaChecksums[0]); + attributes.put(SHA256_CHECKSUM_KEY, shaChecksums[1]); + attributes.put(SHA512_CHECKSUM_KEY, shaChecksums[2]); + } catch (Exception ex) { + logger.error(url + " Error getting jar file sha checksum", ex); + } + } + private JarInfo getJarInfo(String jarFilename, URL url, Map attributes) throws IOException { try (JarInputStream jarInputStream = JarUtils.getJarInputStream(url)) { diff --git a/api/src/main/java/com/redhat/insights/jars/JarUtils.java b/api/src/main/java/com/redhat/insights/jars/JarUtils.java index 34ebc44..2f85d70 100644 --- a/api/src/main/java/com/redhat/insights/jars/JarUtils.java +++ b/api/src/main/java/com/redhat/insights/jars/JarUtils.java @@ -3,8 +3,10 @@ import java.io.IOException; import java.io.InputStream; +import java.io.OutputStream; import java.net.URL; import java.security.DigestInputStream; +import java.security.DigestOutputStream; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.HashMap; @@ -162,23 +164,74 @@ public static String computeSha(InputStream inputStream, String algorithm) final byte[] readBytes = new byte[readLen]; while (dis.read(readBytes) != -1) {} } - byte[] bytes = md.digest(); - StringBuilder sb = new StringBuilder(); - for (int i = 0; i < bytes.length; i++) { - sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1)); - } - return sb.toString(); + return toHex(md.digest()); } public static String computeSha(byte[] buffer, String algorithm) throws NoSuchAlgorithmException { final MessageDigest md = MessageDigest.getInstance(algorithm); + return toHex(md.digest(buffer)); + } - byte[] bytes = md.digest(buffer); + private static String toHex(byte[] bytes) { StringBuilder sb = new StringBuilder(); for (int i = 0; i < bytes.length; i++) { sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1)); } - return sb.toString(); } + + public static String[] computeSha(URL url) throws NoSuchAlgorithmException, IOException { + try (final InputStream inputStream = JarUtils.getInputStream(url)) { + return computeSha(inputStream); + } + } + + public static final String[] computeSha(InputStream inputStream) + throws NoSuchAlgorithmException, IOException { + final MessageDigest mdSha1 = MessageDigest.getInstance("SHA1"); + final MessageDigest mdSha256 = MessageDigest.getInstance("SHA-256"); + final MessageDigest mdSha512 = MessageDigest.getInstance("SHA-512"); + + try (final DigestOutputStream outSha1 = new DigestOutputStream(nullOutputStream(), mdSha1); + final DigestOutputStream outSha256 = new DigestOutputStream(nullOutputStream(), mdSha256); + final DigestOutputStream outSha512 = new DigestOutputStream(nullOutputStream(), mdSha512)) { + int nRead; + byte[] data = new byte[4096]; + while ((nRead = inputStream.read(data, 0, data.length)) != -1) { + outSha1.write(data, 0, nRead); + outSha256.write(data, 0, nRead); + outSha512.write(data, 0, nRead); + } + } + return new String[] { + toHex(mdSha1.digest()), toHex(mdSha256.digest()), toHex(mdSha512.digest()) + }; + } + + public static OutputStream nullOutputStream() { + return new OutputStream() { + private volatile boolean closed; + + private void ensureOpen() throws IOException { + if (closed) { + throw new IOException("Stream closed"); + } + } + + @Override + public void write(int b) throws IOException { + ensureOpen(); + } + + @Override + public void write(byte b[], int off, int len) throws IOException { + ensureOpen(); + } + + @Override + public void close() { + closed = true; + } + }; + } }