From de60358c02908c249f5fffaa624d3e82c4686226 Mon Sep 17 00:00:00 2001 From: Sammy Kerata Oina <44265300+SammyOina@users.noreply.github.com> Date: Sun, 25 Feb 2024 00:22:25 +0300 Subject: [PATCH] NOISSUE - Enforce 32-byte length check for hashes (#86) * Enforce 32-byte length check for hashes Introduced a validation step in the manager service to ensure both algorithm and dataset hashes are of byte length 32 before provisioning VMs, preventing runtime errors due to invalid hash lengths. The test manager-server now generates a valid 32-byte hash using SHA256 for mock data to align with the new validation requirement. Signed-off-by: SammyOina * use equal comparison Signed-off-by: SammyOina * use a constant Signed-off-by: SammyOina * use constants Signed-off-by: SammyOina --------- Signed-off-by: SammyOina --- manager/service.go | 16 ++++++++++++++-- test/manager-server/main.go | 6 ++++-- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/manager/service.go b/manager/service.go index 044c2896..4f6aa1ce 100644 --- a/manager/service.go +++ b/manager/service.go @@ -18,6 +18,8 @@ import ( "google.golang.org/protobuf/types/known/timestamppb" ) +const hashLength = 32 + var ( // ErrMalformedEntity indicates malformed entity specification (e.g. // invalid username or password). @@ -32,6 +34,8 @@ var ( // ErrFailedToAllocatePort indicates no free port was found on host. ErrFailedToAllocatePort = errors.New("failed to allocate free port on host") + + errInvalidHashLength = errors.New("hash must be of byte length 32") ) // Service specifies an API that must be fulfilled by the domain service @@ -81,10 +85,18 @@ func (ms *managerService) Run(ctx context.Context, c *manager.ComputationRunReq) }, } for _, algo := range c.Algorithms { - ac.Algorithms = append(ac.Algorithms, agent.Algorithm{ID: algo.Id, Provider: algo.Provider, Hash: [32]byte(algo.Hash)}) + if len(algo.Hash) != hashLength { + ms.publishEvent("vm-provision", c.Id, "failed", json.RawMessage{}) + return "", errInvalidHashLength + } + ac.Algorithms = append(ac.Algorithms, agent.Algorithm{ID: algo.Id, Provider: algo.Provider, Hash: [hashLength]byte(algo.Hash)}) } for _, data := range c.Datasets { - ac.Datasets = append(ac.Datasets, agent.Dataset{ID: data.Id, Provider: data.Provider, Hash: [32]byte(data.Hash)}) + if len(data.Hash) != hashLength { + ms.publishEvent("vm-provision", c.Id, "failed", json.RawMessage{}) + return "", errInvalidHashLength + } + ac.Datasets = append(ac.Datasets, agent.Dataset{ID: data.Id, Provider: data.Provider, Hash: [hashLength]byte(data.Hash)}) } agentPort, err := getFreePort() diff --git a/test/manager-server/main.go b/test/manager-server/main.go index f56fabb5..0104501e 100644 --- a/test/manager-server/main.go +++ b/test/manager-server/main.go @@ -4,6 +4,7 @@ package main import ( "context" + "crypto/sha256" "fmt" "log" "log/slog" @@ -33,12 +34,13 @@ type svc struct { func (s *svc) Run(ipAdress string, reqChan chan *manager.ComputationRunReq) { s.logger.Debug(fmt.Sprintf("received who am on ip address %s", ipAdress)) + hash := sha256.Sum256([]byte("test")) reqChan <- &manager.ComputationRunReq{ Id: "1", Name: "sample computation", Description: "sample descrption", - Datasets: []*manager.Dataset{{Id: "1", Provider: "provider1"}}, - Algorithms: []*manager.Algorithm{{Id: "1", Provider: "provider1"}}, + Datasets: []*manager.Dataset{{Id: "1", Provider: "provider1", Hash: hash[:]}}, + Algorithms: []*manager.Algorithm{{Id: "1", Provider: "provider1", Hash: hash[:]}}, ResultConsumers: []string{"consumer1"}, AgentConfig: &manager.AgentConfig{ Port: "7002",