mirror/Proton-API-Bridge
1
0
Fork 0
mirror of https://github.com/henrybear327/Proton-API-Bridge.git synced 2026-05-19 12:26:01 -04:00
Code Issues Packages Projects Releases Wiki Activity

Add downloaded block hash verification

Browse Source
This commit is contained in:
Chun-Hung Tseng
2023-06-28 22:28:49 +02:00
parent 89beb44c28
commit ac838dd5e1
4 changed files with 17 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -57,8 +57,8 @@ Currently, the development are split into 2 versions. V1 supports the features [
- [x] Download empty file
- [x] Properly handle large files and empty files (check iOS codebase)
- esp. large files, where buffering in-memory will screw up the runtime
- [x] Check signature and hash
- [ ] Improve large file handling
- [ ] Check signature and hash
- [x] Delete
- [x] Upload
- [x] Handle empty file

14
crypto.go
View File

@@ -1,6 +1,7 @@
package proton_api_bridge
import (
"crypto/sha256"
"encoding/base64"
"io"
@@ -126,7 +127,7 @@ func getKeyRing(kr, addrKR *crypto.KeyRing, key, passphrase, passphraseSignature
return crypto.NewKeyRing(unlockedKey)
}
func decryptBlockIntoBuffer(sessionKey *crypto.SessionKey, addrKR, nodeKR *crypto.KeyRing, encSignature string, buffer io.ReaderFrom, block io.ReadCloser) error {
func decryptBlockIntoBuffer(sessionKey *crypto.SessionKey, addrKR, nodeKR *crypto.KeyRing, originalHash, encSignature string, buffer io.ReaderFrom, block io.ReadCloser) error {
data, err := io.ReadAll(block)
if err != nil {
return err
@@ -152,5 +153,16 @@ func decryptBlockIntoBuffer(sessionKey *crypto.SessionKey, addrKR, nodeKR *crypt
return err
}
h := sha256.New()
h.Write(data)
hash := h.Sum(nil)
base64Hash := base64.StdEncoding.EncodeToString(hash)
if err != nil {
return err
}
if base64Hash != originalHash {
return ErrDownloadedBlockHashVerificationFailed
}
return nil
}

3
error.go
View File

@@ -10,6 +10,7 @@ var (
ErrFolderIsNotEmpty = errors.New("folder can't be deleted becuase it is not empty")
ErrInternalErrorOnFileUpload = errors.New("either link or createFileResp must be not nil")
ErrMissingInputUploadAndCollectBlockData = errors.New("missing either session key or key ring")
ErrLinkMustNotBeNil = errors.New("Missing input proton link")
ErrLinkMustNotBeNil = errors.New("missing input proton link")
ErrLinkMustBeActive = errors.New("can not operate on link state other than active")
ErrDownloadedBlockHashVerificationFailed = errors.New("the hash of the downloaded block doesn't match the original hash")
)

2
file.go
View File

@@ -121,7 +121,7 @@ func (protonDrive *ProtonDrive) DownloadFile(ctx context.Context, link *proton.L
}
defer blockReader.Close()
err = decryptBlockIntoBuffer(sessionKey, protonDrive.AddrKR, nodeKR, revision.Blocks[i].EncSignature, buffer, blockReader)
err = decryptBlockIntoBuffer(sessionKey, protonDrive.AddrKR, nodeKR, revision.Blocks[i].Hash, revision.Blocks[i].EncSignature, buffer, blockReader)
if err != nil {
return nil, nil, err
}