werunplugged/unplugged-system
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
unplugged-system/external/spdx-tools/utils/verification.go

134 lines
3.7 KiB
Go
Raw Permalink Blame History

// Package utils contains various utility functions to support the
// main tools-golang packages.
// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
package utils
import (
"crypto/sha1"
"fmt"
"sort"
"strings"
"github.com/spdx/tools-golang/spdx/common"
"github.com/spdx/tools-golang/spdx/v2_1"
"github.com/spdx/tools-golang/spdx/v2_2"
"github.com/spdx/tools-golang/spdx/v2_3"
)
// GetVerificationCode2_1 takes a slice of files and an optional filename
// for an "excludes" file, and returns a Package Verification Code calculated
// according to SPDX spec version 2.1, section 3.9.4.
func GetVerificationCode2_1(files []*v2_1.File, excludeFile string) (common.PackageVerificationCode, error) {
// create slice of strings - unsorted SHA1s for all files
shas := []string{}
for i, f := range files {
if f == nil {
return common.PackageVerificationCode{}, fmt.Errorf("got nil file for identifier %v", i)
}
if f.FileName != excludeFile {
// find the SHA1 hash, if present
for _, checksum := range f.Checksums {
if checksum.Algorithm == common.SHA1 {
shas = append(shas, checksum.Value)
}
}
}
}
// sort the strings
sort.Strings(shas)
// concatenate them into one string, with no trailing separators
shasConcat := strings.Join(shas, "")
// and get its SHA1 value
hsha1 := sha1.New()
hsha1.Write([]byte(shasConcat))
bs := hsha1.Sum(nil)
code := common.PackageVerificationCode{
Value: fmt.Sprintf("%x", bs),
ExcludedFiles: []string{excludeFile},
}
return code, nil
}
// GetVerificationCode2_2 takes a slice of files and an optional filename
// for an "excludes" file, and returns a Package Verification Code calculated
// according to SPDX spec version 2.2, section 3.9.4.
func GetVerificationCode2_2(files []*v2_2.File, excludeFile string) (common.PackageVerificationCode, error) {
// create slice of strings - unsorted SHA1s for all files
shas := []string{}
for i, f := range files {
if f == nil {
return common.PackageVerificationCode{}, fmt.Errorf("got nil file for identifier %v", i)
}
if f.FileName != excludeFile {
// find the SHA1 hash, if present
for _, checksum := range f.Checksums {
if checksum.Algorithm == common.SHA1 {
shas = append(shas, checksum.Value)
}
}
}
}
// sort the strings
sort.Strings(shas)
// concatenate them into one string, with no trailing separators
shasConcat := strings.Join(shas, "")
// and get its SHA1 value
hsha1 := sha1.New()
hsha1.Write([]byte(shasConcat))
bs := hsha1.Sum(nil)
code := common.PackageVerificationCode{
Value: fmt.Sprintf("%x", bs),
ExcludedFiles: []string{excludeFile},
}
return code, nil
}
// GetVerificationCode2_3 takes a slice of files and an optional filename
// for an "excludes" file, and returns a Package Verification Code calculated
// according to SPDX spec version 2.3, section 3.9.4.
func GetVerificationCode2_3(files []*v2_3.File, excludeFile string) (common.PackageVerificationCode, error) {
// create slice of strings - unsorted SHA1s for all files
shas := []string{}
for i, f := range files {
if f == nil {
return common.PackageVerificationCode{}, fmt.Errorf("got nil file for identifier %v", i)
}
if f.FileName != excludeFile {
// find the SHA1 hash, if present
for _, checksum := range f.Checksums {
if checksum.Algorithm == common.SHA1 {
shas = append(shas, checksum.Value)
}
}
}
}
// sort the strings
sort.Strings(shas)
// concatenate them into one string, with no trailing separators
shasConcat := strings.Join(shas, "")
// and get its SHA1 value
hsha1 := sha1.New()
hsha1.Write([]byte(shasConcat))
bs := hsha1.Sum(nil)
code := common.PackageVerificationCode{
Value: fmt.Sprintf("%x", bs),
ExcludedFiles: []string{excludeFile},
}
return code, nil
}
Reference in New Issue View Git Blame Copy Permalink