[elbe-devel] [PATCH v2 3/6] hashes: add elbepack.hashes including HashValidator and validate_sha256()

Manuel Traut manut at linutronix.de
Fri Oct 12 17:06:01 CEST 2018 

On Wed, Sep 26, 2018 at 12:13:49PM +0200, Torben Hohn wrote:
> HashValidator is a Baseclass to implement downloading and validating
> files against a list of hashes.
> 
> this is used later for debian Release and SHA256SUMS files.
> 

autopep8 reports some minor issues, please apply

> Signed-off-by: Torben Hohn <torben.hohn at linutronix.de>
> ---
>  elbepack/hashes.py | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++++
>  1 file changed, 53 insertions(+)
>  create mode 100644 elbepack/hashes.py

please add it also to a debian/*.install file
`
> diff --git a/elbepack/hashes.py b/elbepack/hashes.py
> new file mode 100644
> index 00000000..092be97f
> --- /dev/null
> +++ b/elbepack/hashes.py

[..]

> +from urllib2 import urlopen

please don't produce any python2 only code anymore:

$ python3 elbepack/hashes.py
Traceback (most recent call last):
  File "elbepack/hashes.py", line 7, in <module>
    from urllib2 import urlopen
ImportError: No module named 'urllib2'

> +from shutil import copyfileobj
> +
> +
> +class HashValidationFailed(Exception):
> +    pass
> +
> +def validate_sha256(fname, expected_hash):
> +    m = hashlib.sha256()
> +    with open(fname, "rb") as f:
> +        buf = f.read(65536)
> +        while buf:
> +            m.update(buf)
> +            buf = f.read(65536)
> +    if m.hexdigest() != expected_hash:
> +        raise HashValidationFailed(
> +                'file "%s" failed to verify ! got: "%s" expected: "%s"' %
> +                (fname, m.hexdigest(), expected_hash))
> +
> +
> +class HashValidator(object):
> +    def __init__(self, base_url):
> +        self.hashes = {}
> +        self.base_url = base_url
> +
> +    def insert_fname_hash(self, algo, fname, hash_val):
> +        if not algo in self.hashes:
> +            self.hashes[algo] = {}
> +
> +        self.hashes[algo][fname] = hash_val
> +
> +    def validate_file(self, upstream_fname, local_fname):
> +        if upstream_fname not in self.hashes['SHA256']:
> +            raise HashValidationFailed('Value to expect for "%s" is not known')
> +
> +        validate_sha256(local_fname, self.hashes['SHA256'][upstream_fname])
> +
> +    def download_and_validate_file(self, upstream_fname, local_fname):
> +        url = self.base_url + upstream_fname
> +        try:
> +            rf = urlopen(url, None, 10)
> +            with open(local_fname, "w") as wf:
> +                copyfileobj(rf, wf)
> +        finally:
> +            rf.close()
> +
> +        self.validate_file(upstream_fname, local_fname)
> -- 
> 2.11.0
> 
> 
> _______________________________________________
> elbe-devel mailing list
> elbe-devel at linutronix.de
> https://lists.linutronix.de/mailman/listinfo/elbe-devel

More information about the elbe-devel mailing list