clang-tools-manager 0.2.0

A utility for installing specific versions of clang-format and clang-tidy, used by cpp-linter.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147

use sha2::digest::{Digest, OutputSizeUser, generic_array::ArrayLength};

use super::DownloadError;
use crate::progress_bar::ProgressBar;

use std::{fs, io::Read, num::NonZero, path::Path};

/// Represents the supported hash algorithms for file integrity checking.
///
/// Each variant holds the expected checksum value as a string,
/// which is used for verification.
///
/// Note, MD5 is intentionally excluded due to security weaknesses.
/// As such, MD5 is not recommended for file integrity checks.
#[derive(Debug, Clone)]
pub enum HashAlgorithm {
    /// SHA-256 hash algorithm with the expected checksum value.
    Sha256(String),
    /// BLAKE2b-256 hash algorithm with the expected checksum value.
    Blake2b256(String),
    /// SHA-512 hash algorithm with the expected checksum value.
    Sha512(String),
}

impl HashAlgorithm {
    fn hash_file<H>(mut hasher: H, file_path: &Path, expected: &str) -> Result<(), DownloadError>
    where
        H: Digest + OutputSizeUser,
        <H as OutputSizeUser>::OutputSize: std::ops::Add,
        <<H as OutputSizeUser>::OutputSize as std::ops::Add>::Output: ArrayLength<u8>,
    {
        let mut file_reader = fs::OpenOptions::new().read(true).open(file_path)?;
        let file_size = file_reader.metadata()?.len();
        let mut progress_bar =
            ProgressBar::new(NonZero::new(file_size), "Verifying file integrity");
        let mut buf = [0u8; 1024];
        loop {
            let bytes_read = file_reader.read(&mut buf)?;
            if bytes_read == 0 {
                break;
            }
            progress_bar.inc(bytes_read as u64)?;
            hasher.update(&buf[..bytes_read]);
        }
        progress_bar.finish()?;
        let actual = format!("{:x}", hasher.finalize());
        if actual == expected.to_ascii_lowercase() {
            Ok(())
        } else {
            Err(DownloadError::HashMismatch {
                expected: expected.to_owned(),
                actual,
            })
        }
    }

    /// Verify a given file (located at `file_path`) against the expected checksum value.
    ///
    /// This method reads the file in chunks (of 1024 bytes) to compute the hash,
    /// thus no extraneous memory is allocated when reading the file's entire contents.
    ///
    /// Note, a progress bar is displayed to stdout.
    pub fn verify(&self, file_path: &Path) -> Result<(), DownloadError> {
        match self {
            HashAlgorithm::Sha256(expected) => {
                use sha2::{Digest, Sha256};

                let hasher = Sha256::new();
                Self::hash_file(hasher, file_path, expected)
            }
            HashAlgorithm::Blake2b256(expected) => {
                use blake2::{Blake2b, Digest, digest::consts::U32};

                let hasher = Blake2b::<U32>::new();
                Self::hash_file(hasher, file_path, expected)
            }
            HashAlgorithm::Sha512(expected) => {
                use sha2::{Digest, Sha512};

                let hasher = Sha512::new();
                Self::hash_file(hasher, file_path, expected)
            }
        }
    }
}

#[cfg(test)]
mod test {
    use std::fs;

    use super::HashAlgorithm;
    use tempfile::NamedTempFile;

    const CONTENT: &[u8] = b"hello world";
    const INVALID_CHECKSUM: &str = "deadbeef";

    #[test]
    fn sha256() {
        use sha2::Digest;

        let mut temp_file = NamedTempFile::new().unwrap();
        fs::write(&mut temp_file, CONTENT).unwrap();
        let hasher = sha2::Sha256::new().chain_update(CONTENT);
        let expected = format!("{:x}", hasher.finalize());
        let hash_algorithm = HashAlgorithm::Sha256(expected);
        assert!(hash_algorithm.verify(temp_file.path()).is_ok());
        assert!(
            HashAlgorithm::Sha256(INVALID_CHECKSUM.to_string())
                .verify(temp_file.path())
                .is_err()
        );
    }

    #[test]
    fn sha512() {
        use sha2::Digest;

        let mut temp_file = NamedTempFile::new().unwrap();
        fs::write(&mut temp_file, CONTENT).unwrap();
        let hasher = sha2::Sha512::new().chain_update(CONTENT);
        let expected = format!("{:x}", hasher.finalize());
        let hash_algorithm = HashAlgorithm::Sha512(expected);
        assert!(hash_algorithm.verify(temp_file.path()).is_ok());
        assert!(
            HashAlgorithm::Sha512(INVALID_CHECKSUM.to_string())
                .verify(temp_file.path())
                .is_err()
        );
    }

    #[test]
    fn blake2b256() {
        use blake2::{Blake2b, Digest, digest::consts::U32};

        let mut temp_file = NamedTempFile::new().unwrap();
        fs::write(&mut temp_file, CONTENT).unwrap();
        let hasher = Blake2b::<U32>::new().chain_update(CONTENT);
        let expected = format!("{:x}", hasher.finalize());
        let hash_algorithm = HashAlgorithm::Blake2b256(expected);
        assert!(hash_algorithm.verify(temp_file.path()).is_ok());
        assert!(
            HashAlgorithm::Blake2b256(INVALID_CHECKSUM.to_string())
                .verify(temp_file.path())
                .is_err()
        );
    }
}