Simplify data verification with HashReader. (#5071)

Verify() was being called by caller after the data
has been successfully read after io.EOF. This disconnection
opens a race under concurrent access to such an object.
Verification is not necessary outside of Read() call,
we can simply just do checksum verification right inside
Read() call at io.EOF.

This approach simplifies the usage.

pkg/hash/errors.go

@@ -0,0 +1,37 @@
+/*
+ * Minio Cloud Storage, (C) 2017 Minio, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package hash
+
+// SHA256Mismatch - when content sha256 does not match with what was sent from client.
+type SHA256Mismatch struct {
+	ExpectedSHA256   string
+	CalculatedSHA256 string
+}
+
+func (e SHA256Mismatch) Error() string {
+	return "Bad sha256: Expected " + e.ExpectedSHA256 + " is not valid with what we calculated " + e.CalculatedSHA256
+}
+
+// BadDigest - Content-MD5 you specified did not match what we received.
+type BadDigest struct {
+	ExpectedMD5   string
+	CalculatedMD5 string
+}
+
+func (e BadDigest) Error() string {
+	return "Bad digest: Expected " + e.ExpectedMD5 + " is not valid with what we calculated " + e.CalculatedMD5
+}

pkg/hash/reader.go

@@ -0,0 +1,136 @@
+/*
+ * Minio Cloud Storage, (C) 2017 Minio, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package hash
+
+import (
+	"bytes"
+	"crypto/md5"
+	"crypto/sha256"
+	"encoding/hex"
+	"errors"
+	"hash"
+	"io"
+)
+
+// Reader writes what it reads from an io.Reader to an MD5 and SHA256 hash.Hash.
+// Reader verifies that the content of the io.Reader matches the expected checksums.
+type Reader struct {
+	src  io.Reader
+	size int64
+
+	md5sum, sha256sum   []byte // Byte values of md5sum, sha256sum of client sent values.
+	md5Hash, sha256Hash hash.Hash
+}
+
+// NewReader returns a new hash Reader which computes the MD5 sum and
+// SHA256 sum (if set) of the provided io.Reader at EOF.
+func NewReader(src io.Reader, size int64, md5Hex, sha256Hex string) (*Reader, error) {
+	if _, ok := src.(*Reader); ok {
+		return nil, errors.New("Nesting of Reader detected, not allowed")
+	}
+
+	sha256sum, err := hex.DecodeString(sha256Hex)
+	if err != nil {
+		return nil, err
+	}
+
+	md5sum, err := hex.DecodeString(md5Hex)
+	if err != nil {
+		return nil, err
+	}
+	var (
+		md5Hash    hash.Hash
+		sha256Hash hash.Hash
+	)
+	if len(md5sum) != 0 {
+		md5Hash = md5.New()
+	}
+	if len(sha256sum) != 0 {
+		sha256Hash = sha256.New()
+	}
+
+	return &Reader{
+		md5sum:     md5sum,
+		sha256sum:  sha256sum,
+		src:        io.LimitReader(src, size),
+		size:       size,
+		md5Hash:    md5Hash,
+		sha256Hash: sha256Hash,
+	}, nil
+}
+
+func (r *Reader) Read(p []byte) (n int, err error) {
+	n, err = r.src.Read(p)
+	if n > 0 {
+		if r.md5Hash != nil {
+			r.md5Hash.Write(p[:n])
+		}
+		if r.sha256Hash != nil {
+			r.sha256Hash.Write(p[:n])
+		}
+	}
+
+	// At io.EOF verify if the checksums are right.
+	if err == io.EOF {
+		if cerr := r.Verify(); cerr != nil {
+			return 0, cerr
+		}
+	}
+
+	return
+}
+
+// Size returns the absolute number of bytes the Reader
+// will return during reading. It returns -1 for unlimited
+// data.
+func (r *Reader) Size() int64 { return r.size }
+
+// MD5 - returns byte md5 value
+func (r *Reader) MD5() []byte {
+	return r.md5sum
+}
+
+// SHA256 - returns byte sha256 value
+func (r *Reader) SHA256() []byte {
+	return r.sha256sum
+}
+
+// MD5HexString returns hex md5 value.
+func (r *Reader) MD5HexString() string {
+	return hex.EncodeToString(r.md5sum)
+}
+
+// SHA256HexString returns hex sha256 value.
+func (r *Reader) SHA256HexString() string {
+	return hex.EncodeToString(r.sha256sum)
+}
+
+// Verify verifies if the computed MD5 sum and SHA256 sum are
+// equal to the ones specified when creating the Reader.
+func (r *Reader) Verify() error {
+	if r.sha256Hash != nil {
+		if sum := r.sha256Hash.Sum(nil); !bytes.Equal(r.sha256sum, sum) {
+			return SHA256Mismatch{hex.EncodeToString(r.sha256sum), hex.EncodeToString(sum)}
+		}
+	}
+	if r.md5Hash != nil {
+		if sum := r.md5Hash.Sum(nil); !bytes.Equal(r.md5sum, sum) {
+			return BadDigest{hex.EncodeToString(r.md5sum), hex.EncodeToString(sum)}
+		}
+	}
+	return nil
+}

pkg/hash/reader_test.go

@@ -0,0 +1,152 @@
+/*
+ * Minio Cloud Storage, (C) 2017 Minio, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package hash
+
+import (
+	"bytes"
+	"encoding/hex"
+	"io"
+	"io/ioutil"
+	"testing"
+)
+
+// Tests functions like Size(), MD5*(), SHA256*()
+func TestHashReaderHelperMethods(t *testing.T) {
+	r, err := NewReader(bytes.NewReader([]byte("abcd")), 4, "e2fc714c4727ee9395f324cd2e7f331f", "88d4266fd4e6338d13b845fcf289579d209c897823b9217da3e161936f031589")
+	if err != nil {
+		t.Fatal(err)
+	}
+	_, err = io.Copy(ioutil.Discard, r)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if r.MD5HexString() != "e2fc714c4727ee9395f324cd2e7f331f" {
+		t.Errorf("Expected md5hex \"e2fc714c4727ee9395f324cd2e7f331f\", got %s", r.MD5HexString())
+	}
+	if r.SHA256HexString() != "88d4266fd4e6338d13b845fcf289579d209c897823b9217da3e161936f031589" {
+		t.Errorf("Expected sha256hex \"88d4266fd4e6338d13b845fcf289579d209c897823b9217da3e161936f031589\", got %s", r.SHA256HexString())
+	}
+	if r.Size() != 4 {
+		t.Errorf("Expected size 4, got %d", r.Size())
+	}
+	expectedMD5, err := hex.DecodeString("e2fc714c4727ee9395f324cd2e7f331f")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !bytes.Equal(r.MD5(), expectedMD5) {
+		t.Errorf("Expected md5hex \"e2fc714c4727ee9395f324cd2e7f331f\", got %s", r.MD5HexString())
+	}
+	expectedSHA256, err := hex.DecodeString("88d4266fd4e6338d13b845fcf289579d209c897823b9217da3e161936f031589")
+	if !bytes.Equal(r.SHA256(), expectedSHA256) {
+		t.Errorf("Expected md5hex \"88d4266fd4e6338d13b845fcf289579d209c897823b9217da3e161936f031589\", got %s", r.SHA256HexString())
+	}
+}
+
+// Tests hash reader checksum verification.
+func TestHashReaderVerification(t *testing.T) {
+	testCases := []struct {
+		src               io.Reader
+		size              int64
+		md5hex, sha256hex string
+		err               error
+	}{
+		// Success, no checksum verification provided.
+		{
+			src:  bytes.NewReader([]byte("abcd")),
+			size: 4,
+		},
+		// Failure md5 mismatch.
+		{
+			src:    bytes.NewReader([]byte("abcd")),
+			size:   4,
+			md5hex: "d41d8cd98f00b204e9800998ecf8427f",
+			err: BadDigest{
+				"d41d8cd98f00b204e9800998ecf8427f",
+				"e2fc714c4727ee9395f324cd2e7f331f",
+			},
+		},
+		// Failure sha256 mismatch.
+		{
+			src:       bytes.NewReader([]byte("abcd")),
+			size:      4,
+			sha256hex: "88d4266fd4e6338d13b845fcf289579d209c897823b9217da3e161936f031580",
+			err: SHA256Mismatch{
+				"88d4266fd4e6338d13b845fcf289579d209c897823b9217da3e161936f031580",
+				"88d4266fd4e6338d13b845fcf289579d209c897823b9217da3e161936f031589",
+			},
+		},
+	}
+	for i, testCase := range testCases {
+		r, err := NewReader(testCase.src, testCase.size, testCase.md5hex, testCase.sha256hex)
+		if err != nil {
+			t.Fatalf("Test %d: Initializing reader failed %s", i+1, err)
+		}
+		_, err = io.Copy(ioutil.Discard, r)
+		if err != nil {
+			if err.Error() != testCase.err.Error() {
+				t.Errorf("Test %d: Expected error %s, got error %s", i+1, testCase.err, err)
+			}
+		}
+	}
+}
+
+// Tests NewReader() constructor with invalid arguments.
+func TestHashReaderInvalidArguments(t *testing.T) {
+	testCases := []struct {
+		src               io.Reader
+		size              int64
+		md5hex, sha256hex string
+		success           bool
+	}{
+		// Invalid md5sum NewReader() will fail.
+		{
+			src:     bytes.NewReader([]byte("abcd")),
+			size:    4,
+			md5hex:  "invalid-md5",
+			success: false,
+		},
+		// Invalid sha256 NewReader() will fail.
+		{
+			src:       bytes.NewReader([]byte("abcd")),
+			size:      4,
+			sha256hex: "invalid-sha256",
+			success:   false,
+		},
+		// Nested hash reader NewReader() will fail.
+		{
+			src:     &Reader{src: bytes.NewReader([]byte("abcd"))},
+			size:    4,
+			success: false,
+		},
+		// Expected inputs, NewReader() will succeed.
+		{
+			src:     bytes.NewReader([]byte("abcd")),
+			size:    4,
+			success: true,
+		},
+	}
+
+	for i, testCase := range testCases {
+		_, err := NewReader(testCase.src, testCase.size, testCase.md5hex, testCase.sha256hex)
+		if err != nil && testCase.success {
+			t.Errorf("Test %d: Expected success, but got error %s instead", i+1, err)
+		}
+		if err == nil && !testCase.success {
+			t.Errorf("Test %d: Expected error, but got success", i+1)
+		}
+	}
+}