Add sha512 sum support to file resource (#652)

* Add sha512 sum support to file resource * Add test for sha512 Co-authored-by: Yury Bushmelev <yuryb@spgroup.com.sg> Co-authored-by: Ahmed Elsabbahy <aelsabbahy@users.noreply.github.com> Co-authored-by: Ahmed Elsabbahy <elsabbahyahmed@yahoo.com>
goss-org · Dec 8, 2020 · dbc4d2c · dbc4d2c
1 parent 8e7af4a
commit dbc4d2c
Show file tree

Hide file tree

Showing 5 changed files with 42 additions and 21 deletions.
diff --git a/docs/manual.md b/docs/manual.md
@@ -565,8 +565,9 @@ file:
     filetype: file # file, symlink, directory
     contains: [] # Check file content for these patterns
     md5: 7c9bb14b3bf178e82c00c2a4398c93cd # md5 checksum of file
-    # A stronger checksum alternative to md5 (recommended)
+    # A stronger checksum alternatives to md5 (recommended)
     sha256: 7f78ce27859049f725936f7b52c6e25d774012947d915e7b394402cfceb70c4c
+    sha512: cb71b1940dc879a3688bd502846bff6316dd537bbe917484964fe0f098e9245d80958258dc3bd6297bf42d5bd978cbe2c03d077d4ed45b2b1ed9cd831ceb1bd0
   /etc/alternatives/mta:
     # required attributes
     exists: true

diff --git a/integration-tests/goss/goss-shared.yaml b/integration-tests/goss/goss-shared.yaml
@@ -32,6 +32,7 @@ file:
     exists: true
     md5: 7c9bb14b3bf178e82c00c2a4398c93cd
     sha256: 7f78ce27859049f725936f7b52c6e25d774012947d915e7b394402cfceb70c4c
+    sha512: 372864ab83187de41ca57c5c77cd4a99220ccadc8b8ddb18367893fd3e58764193a599edbf63a48c0c44f1e923606a00929b46de3bda1744fd722b9d42829206
   "/tmp/goss/foobar":
     exists: false
     contains: []

diff --git a/integration-tests/test.sh b/integration-tests/test.sh
@@ -51,9 +51,9 @@ out=$(docker_exec "/goss/$os/goss-linux-$arch" --vars "/goss/vars.yaml" --vars-i
 echo "$out"
 
 if [[ $os == "arch" ]]; then
-    egrep -q 'Count: 96, Failed: 0, Skipped: 3' <<<"$out"
+    egrep -q 'Count: 97, Failed: 0, Skipped: 3' <<<"$out"
 else
-    egrep -q 'Count: 116, Failed: 0, Skipped: 5' <<<"$out"
+    egrep -q 'Count: 117, Failed: 0, Skipped: 5' <<<"$out"
 fi
 
 if [[ ! $os == "arch" ]]; then

diff --git a/resource/file.go b/resource/file.go
@@ -19,6 +19,7 @@ type File struct {
 	Contains []string `json:"contains" yaml:"contains"`
 	Md5      matcher  `json:"md5,omitempty" yaml:"md5,omitempty"`
 	Sha256   matcher  `json:"sha256,omitempty" yaml:"sha256,omitempty"`
+	Sha512   matcher  `json:"sha512,omitempty" yaml:"sha512,omitempty"`
 	Skip     bool     `json:"skip,omitempty" yaml:"skip,omitempty"`
 }
 
@@ -68,6 +69,9 @@ func (f *File) Validate(sys *system.System) []TestResult {
 	if f.Sha256 != nil {
 		results = append(results, ValidateValue(f, "sha256", f.Sha256, sysFile.Sha256, skip))
 	}
+	if f.Sha512 != nil {
+		results = append(results, ValidateValue(f, "sha512", f.Sha512, sysFile.Sha512, skip))
+	}
 	return results
 }
 

diff --git a/system/file.go b/system/file.go
@@ -3,7 +3,9 @@ package system
 import (
 	"crypto/md5"
 	"crypto/sha256"
+	"crypto/sha512"
 	"fmt"
+	"hash"
 	"io"
 	"os"
 	"path/filepath"
@@ -26,8 +28,17 @@ type File interface {
 	LinkedTo() (string, error)
 	Md5() (string, error)
 	Sha256() (string, error)
+	Sha512() (string, error)
 }
 
+type hashFuncType string
+
+const (
+	md5Hash    hashFuncType = "md5"
+	sha256Hash              = "sha256"
+	sha512Hash              = "sha512"
+)
+
 type DefFile struct {
 	path     string
 	realPath string
@@ -166,7 +177,7 @@ func realPath(path string) (string, error) {
 	return realPath, err
 }
 
-func (f *DefFile) Md5() (string, error) {
+func (f *DefFile) hash(hashFunc hashFuncType) (string, error) {
 
 	if err := f.setup(); err != nil {
 		return "", err
@@ -178,32 +189,36 @@ func (f *DefFile) Md5() (string, error) {
 	}
 	defer fh.Close()
 
-	hash := md5.New()
+	var hash hash.Hash
+
+	switch hashFunc {
+	case md5Hash:
+		hash = md5.New()
+	case sha256Hash:
+		hash = sha256.New()
+	case sha512Hash:
+		hash = sha512.New()
+	default:
+		return "", fmt.Errorf("Unsupported hash function %s", hashFunc)
+	}
+
 	if _, err := io.Copy(hash, fh); err != nil {
 		return "", err
 	}
 
 	return fmt.Sprintf("%x", hash.Sum(nil)), nil
 }
 
-func (f *DefFile) Sha256() (string, error) {
-
-	if err := f.setup(); err != nil {
-		return "", err
-	}
-
-	fh, err := os.Open(f.realPath)
-	if err != nil {
-		return "", err
-	}
-	defer fh.Close()
+func (f *DefFile) Md5() (string, error) {
+	return f.hash(md5Hash)
+}
 
-	hash := sha256.New()
-	if _, err := io.Copy(hash, fh); err != nil {
-		return "", err
-	}
+func (f *DefFile) Sha256() (string, error) {
+	return f.hash(sha256Hash)
+}
 
-	return fmt.Sprintf("%x", hash.Sum(nil)), nil
+func (f *DefFile) Sha512() (string, error) {
+	return f.hash(sha512Hash)
 }
 
 func getUserForUid(uid int) (string, error) {