This repository was archived by the owner on Nov 10, 2022. It is now read-only.
forked from ipfs/go-verifcid
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvalidate.go
64 lines (53 loc) · 1.52 KB
/
validate.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
package verifcid
import (
"fmt"
cid "github.com/ipfs/go-cid"
mh "github.com/multiformats/go-multihash"
)
var ErrPossiblyInsecureHashFunction = fmt.Errorf("potentially insecure hash functions not allowed")
var ErrBelowMinimumHashLength = fmt.Errorf("hashes must be at %d least bytes long", minimumHashLength)
const minimumHashLength = 20
var goodset = map[uint64]bool{
mh.SHA2_256: true,
mh.SHA2_512: true,
mh.SHA3_224: true,
mh.SHA3_256: true,
mh.SHA3_384: true,
mh.SHA3_512: true,
mh.SHAKE_256: true,
mh.DBL_SHA2_256: true,
mh.KECCAK_224: true,
mh.KECCAK_256: true,
mh.KECCAK_384: true,
mh.KECCAK_512: true,
mh.ID: true,
mh.SHA1: true, // not really secure but still useful
}
func IsGoodHash(code uint64) bool {
good, found := goodset[code]
if good {
return true
}
if !found {
if code >= mh.BLAKE2B_MIN+19 && code <= mh.BLAKE2B_MAX {
return true
}
if code >= mh.BLAKE2S_MIN+19 && code <= mh.BLAKE2S_MAX {
return true
}
}
// XXX: This has to be on par with what the LazyLedger IPLD plugin registers as a multihash
// namely, Sha256Namespace8Flagged. We simply repeat the constant here instead of
// importing the corresponding package from lazyledger-core as this would be overkill.
return code == 0x7701
}
func ValidateCid(c cid.Cid) error {
pref := c.Prefix()
if !IsGoodHash(pref.MhType) {
return ErrPossiblyInsecureHashFunction
}
if pref.MhType != mh.ID && pref.MhLength < minimumHashLength {
return ErrBelowMinimumHashLength
}
return nil
}