rafaelweingartner commented on a change in pull request #2902: Add checksum
sanity validation on template registration
URL: https://github.com/apache/cloudstack/pull/2902#discussion_r225188724
##########
File path:
utils/src/main/java/org/apache/cloudstack/utils/security/DigestHelper.java
##########
@@ -93,4 +95,33 @@ public static boolean isAlgorithmSupported(String checksum)
{
}
return true;
}
+
+ /**
+ * Checks if the algorithm prefix is provided on the checksum
+ */
+ public static void checksumSanity(String checksum) {
+ if(StringUtils.isNotEmpty(checksum)) {
+ if (checksum.contains("{") && checksum.contains("}")) {
+ int s = checksum.indexOf('{');
+ int e = checksum.indexOf('}');
+ if (s == 0 && e > s+1) { // we have an algorithm name of at
least 1 char
+ String algorithm = checksum.substring(s + 1, e);
+ Map<String, Integer> map = creatPaddingLengths();
Review comment:
Can you please rename the method `creatPaddingLengths`? It is misleading (at
least to me).
This method actually returns a map between hashing methods and their
respective hash size. What about `getMapHashTypeBySize` or
`getMapHashByDigestSize`, or something that can express more clearly what the
method is doing.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
