feat: update HPCR functions to calculate checksums

Sashwat-K · May 26, 2024 · f2a3712 · f2a3712
1 parent 9e26686
commit f2a3712
Show file tree

Hide file tree

Showing 3 changed files with 108 additions and 70 deletions.
diff --git a/contract/contract.go b/contract/contract.go
@@ -14,128 +14,149 @@ const (
 )
 
 // HpcrText - function to generate base64 data and checksum from string
-func HpcrText(plainText string) (string, string, error) {
+func HpcrText(plainText string) (string, string, string, error) {
 	if gen.CheckIfEmpty(plainText) {
-		return "", "", fmt.Errorf(emptyParameterErrStatement)
+		return "", "", "", fmt.Errorf(emptyParameterErrStatement)
 	}
 
-	return gen.EncodeToBase64(plainText), gen.GenerateSha256(plainText), nil
+	hpcrTextStr := gen.EncodeToBase64(plainText)
+
+	return hpcrTextStr, gen.GenerateSha256(plainText), gen.GenerateSha256(hpcrTextStr), nil
 }
 
 // HpcrJson - function to generate base64 data and checksum from JSON string
-func HpcrJson(plainJson string) (string, string, error) {
+func HpcrJson(plainJson string) (string, string, string, error) {
 	if !gen.IsJSON(plainJson) {
-		return "", "", fmt.Errorf("not a JSON data")
+		return "", "", "", fmt.Errorf("not a JSON data")
 	}
-	return gen.EncodeToBase64(plainJson), gen.GenerateSha256(plainJson), nil
+
+	hpcrJsonStr := gen.EncodeToBase64(plainJson)
+
+	return hpcrJsonStr, gen.GenerateSha256(plainJson), gen.GenerateSha256(hpcrJsonStr), nil
 }
 
 // HpcrTextEncrypted - function to generate encrypted Hyper protect data and SHA256 from plain text
-func HpcrTextEncrypted(plainText, encryptionCertificate string) (string, string, error) {
+func HpcrTextEncrypted(plainText, encryptionCertificate string) (string, string, string, error) {
 	if gen.CheckIfEmpty(plainText) {
-		return "", "", fmt.Errorf(emptyParameterErrStatement)
+		return "", "", "", fmt.Errorf(emptyParameterErrStatement)
 	}
 
-	return Encrypter(plainText, encryptionCertificate)
+	hpcrTextEncryptedStr, err := Encrypter(plainText, encryptionCertificate)
+	if err != nil {
+		return "", "", "", fmt.Errorf("failed to generate encrypted string - %v", err)
+	}
+
+	return hpcrTextEncryptedStr, gen.GenerateSha256(plainText), gen.GenerateSha256(hpcrTextEncryptedStr), nil
 }
 
 // HpcrJsonEncrypted - function to generate encrypted hyper protect data and SHA256 from plain JSON data
-func HpcrJsonEncrypted(plainJson, encryptionCertificate string) (string, string, error) {
+func HpcrJsonEncrypted(plainJson, encryptionCertificate string) (string, string, string, error) {
 	if !gen.IsJSON(plainJson) {
-		return "", "", fmt.Errorf("contract is not a JSON data")
+		return "", "", "", fmt.Errorf("contract is not a JSON data")
+	}
+
+	hpcrJsonEncrypted, err := Encrypter(plainJson, encryptionCertificate)
+	if err != nil {
+		return "", "", "", fmt.Errorf("failed to generate encrypted JSON - %v", err)
 	}
-	return Encrypter(plainJson, encryptionCertificate)
+
+	return hpcrJsonEncrypted, gen.GenerateSha256(plainJson), gen.GenerateSha256(hpcrJsonEncrypted), nil
 }
 
 // HpcrTgz - function to generate base64 of tar.tgz which was prepared from docker compose/podman files
-func HpcrTgz(folderPath string) (string, error) {
+func HpcrTgz(folderPath string) (string, string, string, error) {
 	if gen.CheckIfEmpty(folderPath) {
-		return "", fmt.Errorf(emptyParameterErrStatement)
+		return "", "", "", fmt.Errorf(emptyParameterErrStatement)
 	}
 
 	if !gen.CheckFileFolderExists(folderPath) {
-		return "", fmt.Errorf("folder doesn't exists - %s", folderPath)
+		return "", "", "", fmt.Errorf("folder doesn't exists - %s", folderPath)
 	}
 
 	filesFoldersList, err := gen.ListFoldersAndFiles(folderPath)
 	if err != nil {
-		return "", fmt.Errorf("failed to get files and folder under path - %v", err)
+		return "", "", "", fmt.Errorf("failed to get files and folder under path - %v", err)
 	}
 
 	tgzBase64, err := gen.GenerateTgzBase64(filesFoldersList)
 	if err != nil {
-		return "", fmt.Errorf("failed to get base64 tgz - %v", err)
+		return "", "", "", fmt.Errorf("failed to get base64 tgz - %v", err)
 	}
 
-	return tgzBase64, nil
+	return tgzBase64, gen.GenerateSha256(folderPath), gen.GenerateSha256(tgzBase64), nil
 }
 
 // HpcrTgzEncrypted - function to generate encrypted tgz
-func HpcrTgzEncrypted(folderPath, encryptionCertificate string) (string, string, error) {
+func HpcrTgzEncrypted(folderPath, encryptionCertificate string) (string, string, string, error) {
 	if gen.CheckIfEmpty(folderPath) {
-		return "", "", fmt.Errorf(emptyParameterErrStatement)
+		return "", "", "", fmt.Errorf(emptyParameterErrStatement)
+	}
+
+	tgzBase64, _, _, err := HpcrTgz(folderPath)
+	if err != nil {
+		return "", "", "", err
 	}
 
-	tgzBase64, err := HpcrTgz(folderPath)
+	hpcrTgzEncryptedStr, err := Encrypter(tgzBase64, encryptionCertificate)
 	if err != nil {
-		return "", "", err
+		return "", "", "", fmt.Errorf("failed to generate encrypted tgz - %v", err)
 	}
 
-	return Encrypter(tgzBase64, encryptionCertificate)
+	return hpcrTgzEncryptedStr, gen.GenerateSha256(folderPath), gen.GenerateSha256(hpcrTgzEncryptedStr), nil
 }
 
 // HpcrContractSignedEncrypted - function to generate Signed and Encrypted contract
-func HpcrContractSignedEncrypted(contract, encryptionCertificate, privateKey string) (string, error) {
+func HpcrContractSignedEncrypted(contract, encryptionCertificate, privateKey string) (string, string, string, error) {
 	err := gen.VerifyContractWithSchema(contract)
 	if err != nil {
-		return "", fmt.Errorf("schema verification failed - %v", err)
+		return "", "", "", fmt.Errorf("schema verification failed - %v", err)
 	}
 
 	if gen.CheckIfEmpty(contract, privateKey) {
-		return "", fmt.Errorf(emptyParameterErrStatement)
+		return "", "", "", fmt.Errorf(emptyParameterErrStatement)
 	}
 
 	encryptCertificate := gen.FetchEncryptionCertificate(encryptionCertificate)
 
 	publicKey, err := enc.GeneratePublicKey(privateKey)
 	if err != nil {
-		return "", fmt.Errorf("failed to generate public key - %v", err)
+		return "", "", "", fmt.Errorf("failed to generate public key - %v", err)
 	}
 
 	signedEncryptContract, err := EncryptWrapper(contract, encryptCertificate, privateKey, publicKey)
 	if err != nil {
-		return "", fmt.Errorf("failed to sign and encrypt contract - %v", err)
+		return "", "", "", fmt.Errorf("failed to sign and encrypt contract - %v", err)
 	}
 
-	return signedEncryptContract, nil
+	return signedEncryptContract, gen.GenerateSha256(contract), gen.GenerateSha256(signedEncryptContract), nil
 }
 
 // HpcrContractSignedEncryptedContractExpiry - function to generate sign with contract expiry enabled and encrypt contract (with CSR parameters and CSR file)
-func HpcrContractSignedEncryptedContractExpiry(contract, encryptionCertificate, privateKey, cacert, caKey, csrDataStr, csrPemData string, expiryDays int) (string, error) {
+func HpcrContractSignedEncryptedContractExpiry(contract, encryptionCertificate, privateKey, cacert, caKey, csrDataStr, csrPemData string, expiryDays int) (string, string, string, error) {
 	err := gen.VerifyContractWithSchema(contract)
 	if err != nil {
-		return "", fmt.Errorf("schema verification failed - %v", err)
+		return "", "", "", fmt.Errorf("schema verification failed - %v", err)
 	}
 
 	if gen.CheckIfEmpty(contract, privateKey, cacert, caKey) {
-		return "", fmt.Errorf(emptyParameterErrStatement)
+		return "", "", "", fmt.Errorf(emptyParameterErrStatement)
 	}
 
 	if csrPemData == "" && csrDataStr == "" || len(csrPemData) > 0 && len(csrDataStr) > 0 {
-		return "", fmt.Errorf("the CSR parameters and CSR PEM file are parsed together or both are nil")
+		return "", "", "", fmt.Errorf("the CSR parameters and CSR PEM file are parsed together or both are nil")
 	}
 
 	signingCert, err := enc.CreateSigningCert(privateKey, cacert, caKey, csrDataStr, csrPemData, expiryDays)
 	if err != nil {
-		return "", fmt.Errorf("failed to generate signing certificate - %v", err)
+		return "", "", "", fmt.Errorf("failed to generate signing certificate - %v", err)
 	}
 
 	finalContract, err := EncryptWrapper(contract, encryptionCertificate, privateKey, signingCert)
 	if err != nil {
-		return "", fmt.Errorf("failed to generate signed and encrypted contract - %v", err)
+		return "", "", "", fmt.Errorf("failed to generate signed and encrypted contract - %v", err)
 	}
 
-	return finalContract, nil
+	return finalContract, gen.GenerateSha256(contract), gen.GenerateSha256(finalContract), nil
 }
 
 // EncryptWrapper - wrapper function to sign (with and without contract expiry) and encrypt contract
@@ -158,7 +179,7 @@ func EncryptWrapper(contract, encryptionCertificate, privateKey, publicKey strin
 		return "", fmt.Errorf("failed to convert MAP to YAML - %v", err)
 	}
 
-	encryptedWorkload, _, err := Encrypter(workloadData, encryptCertificate)
+	encryptedWorkload, err := Encrypter(workloadData, encryptCertificate)
 	if err != nil {
 		return "", fmt.Errorf("failed to encrypt workload - %v", err)
 	}
@@ -168,7 +189,7 @@ func EncryptWrapper(contract, encryptionCertificate, privateKey, publicKey strin
 		return "", fmt.Errorf("failed to inject signingKey to env - %v", err)
 	}
 
-	encryptedEnv, _, err := Encrypter(updatedEnv, encryptCertificate)
+	encryptedEnv, err := Encrypter(updatedEnv, encryptCertificate)
 	if err != nil {
 		return "", fmt.Errorf("failed to encrypt env - %v", err)
 	}
@@ -187,27 +208,27 @@ func EncryptWrapper(contract, encryptionCertificate, privateKey, publicKey strin
 }
 
 // Encrypter - function to generate encrypted hyper protect data from plain string
-func Encrypter(stringText, encryptionCertificate string) (string, string, error) {
+func Encrypter(stringText, encryptionCertificate string) (string, error) {
 	if gen.CheckIfEmpty(stringText) {
-		return "", "", fmt.Errorf(emptyParameterErrStatement)
+		return "", fmt.Errorf(emptyParameterErrStatement)
 	}
 
 	encCert := gen.FetchEncryptionCertificate(encryptionCertificate)
 
 	password, err := enc.RandomPasswordGenerator()
 	if err != nil {
-		return "", "", fmt.Errorf("failed to generate random password - %v", err)
+		return "", fmt.Errorf("failed to generate random password - %v", err)
 	}
 
 	encodedEncryptedPassword, err := enc.EncryptPassword(password, encCert)
 	if err != nil {
-		return "", "", fmt.Errorf("failed to encrypt password - %v", err)
+		return "", fmt.Errorf("failed to encrypt password - %v", err)
 	}
 
 	encryptedString, err := enc.EncryptString(password, stringText)
 	if err != nil {
-		return "", "", fmt.Errorf("failed to encrypt key - %v", err)
+		return "", fmt.Errorf("failed to encrypt key - %v", err)
 	}
 
-	return enc.EncryptFinalStr(encodedEncryptedPassword, encryptedString), gen.GenerateSha256(stringText), nil
+	return enc.EncryptFinalStr(encodedEncryptedPassword, encryptedString), nil
 }