Skip to content

Commit

Permalink
Remove ring dependency
Browse files Browse the repository at this point in the history
  • Loading branch information
xfbs committed Nov 15, 2023
1 parent 7774884 commit 7cd372d
Show file tree
Hide file tree
Showing 5 changed files with 105 additions and 74 deletions.
114 changes: 79 additions & 35 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 1 addition & 2 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,6 @@ protobuf = { version = "3.3.0", optional = true }
protobuf-parse = { version = "3.3.0", optional = true }
protoc-bin-vendored = { version = "3.0.0", optional = true }
reqwest = { version = "0.11", features = ["rustls-tls-native-roots"], default-features = false }
ring = "0.16"
semver = { version = "1", features = ["serde"] }
serde = { version = "1", features = ["derive"] }
serde_typename = "0.1"
Expand All @@ -56,6 +55,7 @@ tracing = "0.1"
tracing-subscriber = "0.3"
url = { version = "2.4", features = ["serde"] }
walkdir = "2"
sha2 = "0.10.8"

[dev-dependencies]
assert_cmd = "2.0"
Expand All @@ -65,7 +65,6 @@ hex = "0.4.3"
paste = "1.0.14"
predicates = "3.0"
pretty_assertions = "1.4"
ring = "0.16.20"
serde_json = { version = "1.0.107" }
serde_test = "1.0.176"
similar-asserts = "1.5.0"
13 changes: 3 additions & 10 deletions src/lock.rs
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@

use std::collections::HashMap;

use miette::{ensure, miette, Context, IntoDiagnostic};
use miette::{ensure, Context, IntoDiagnostic};
use semver::Version;
use serde::{Deserialize, Serialize};
use thiserror::Error;
Expand Down Expand Up @@ -66,16 +66,11 @@ impl LockedPackage {
repository: String,
dependants: usize,
) -> miette::Result<Self> {
let digest = ring::digest::digest(&ring::digest::SHA256, &package.tgz)
.try_into()
.into_diagnostic()
.wrap_err(miette!("unexpected error: only SHA256 is supported"))?;

Ok(Self {
name: package.name().to_owned(),
registry,
repository,
digest,
digest: DigestAlgorithm::SHA256.digest(&package.tgz),
version: package.version().to_owned(),
dependencies: package
.manifest
Expand All @@ -89,9 +84,7 @@ impl LockedPackage {

/// Validates if another LockedPackage matches this one
pub fn validate(&self, package: &Package) -> miette::Result<()> {
let digest: Digest = ring::digest::digest(&ring::digest::SHA256, &package.tgz)
.try_into()
.unwrap();
let digest: Digest = DigestAlgorithm::SHA256.digest(&package.tgz);

#[derive(Error, Debug)]
#[error("{property} mismatch - expected {expected}, actual {actual}")]
Expand Down
38 changes: 16 additions & 22 deletions src/lock/digest.rs
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
use std::{fmt, str::FromStr};

use serde::{de::Visitor, Deserialize, Serialize};
use sha2::Digest as _;
use thiserror::Error;

/// Supported types of digest algorithms.
Expand All @@ -26,6 +27,20 @@ pub enum DigestAlgorithm {
SHA256,
}

impl DigestAlgorithm {
/// Create a digest of some data using this algorithm.
pub fn digest(&self, data: &[u8]) -> Digest {
let digest = match self {
DigestAlgorithm::SHA256 => sha2::Sha256::new().chain_update(data).finalize().to_vec(),
};

Digest {
algorithm: *self,
digest,
}
}
}

/// Error parsing a [`DigestAlgorithm`].
#[derive(Error, Debug)]
pub enum DigestAlgorithmError {
Expand Down Expand Up @@ -87,26 +102,6 @@ impl Digest {
}
}

impl TryFrom<ring::digest::Digest> for Digest {
type Error = DigestAlgorithmError;

fn try_from(value: ring::digest::Digest) -> Result<Self, Self::Error> {
let algorithm = if value.algorithm() == &ring::digest::SHA256 {
DigestAlgorithm::SHA256
} else {
return Err(DigestAlgorithmError::UnsupportedAlgorithm(format!(
"{:?}",
value.algorithm()
)));
};

Ok(Self {
digest: value.as_ref().to_vec(),
algorithm,
})
}
}

/// Error parsing a [`DigestAlgorithm`].
#[derive(Error, Debug)]
#[allow(missing_docs)]
Expand Down Expand Up @@ -196,8 +191,7 @@ mod tests {

#[test]
fn can_convert_digest() {
let digest = ring::digest::digest(&ring::digest::SHA256, "hello".as_bytes());
let digest: Digest = digest.try_into().unwrap();
let digest = DigestAlgorithm::SHA256.digest("hello".as_bytes());
assert_eq!(digest.to_string(), HELLO_DIGEST);
}

Expand Down
11 changes: 6 additions & 5 deletions tests/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ use std::{
use assert_fs::TempDir;
use fs_extra::dir::{get_dir_content, CopyOptions};
use pretty_assertions::{assert_eq, assert_str_eq};
use ring::digest;
use sha2::Digest;

mod cmd;

Expand Down Expand Up @@ -150,10 +150,11 @@ impl VirtualFileSystem {
}
FileType::Binary => {
let hash_file = |path| {
hex::encode(digest::digest(
&digest::SHA256,
fs::read(path).expect("file cannot be read").as_slice(),
))
let contents = fs::read(path).expect("file cannot be read");
let digest = sha2::Sha256::new()
.chain_update(contents.as_slice())
.finalize();
hex::encode(digest)
};

let expected_hash = hash_file(expected);
Expand Down

0 comments on commit 7cd372d

Please sign in to comment.