/*
 * Copyright (C) 2021 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

use anyhow::{bail, Result};
use libc::getxattr;
use std::ffi::CString;
use std::io;
use std::os::unix::io::{AsRawFd, BorrowedFd};

const SHA256_HASH_SIZE: usize = 32;

/// Bytes of SHA256 digest
pub type Sha256Digest = [u8; SHA256_HASH_SIZE];

/// Returns the fs-verity measurement/digest. Currently only SHA256 is supported.
pub fn measure(fd: BorrowedFd) -> Result<Sha256Digest> {
    // TODO(b/196635431): Unfortunately, the FUSE API doesn't allow authfs to implement the standard
    // fs-verity ioctls. Until the kernel allows, use the alternative xattr that authfs provides.
    let path = CString::new(format!("/proc/self/fd/{}", fd.as_raw_fd()).as_str()).unwrap();
    let name = CString::new("authfs.fsverity.digest").unwrap();
    let mut buf = [0u8; SHA256_HASH_SIZE];
    // SAFETY: getxattr should not write beyond the given buffer size.
    let size = unsafe {
        getxattr(path.as_ptr(), name.as_ptr(), buf.as_mut_ptr() as *mut libc::c_void, buf.len())
    };
    if size < 0 {
        bail!("Failed to getxattr: {}", io::Error::last_os_error());
    } else if size != SHA256_HASH_SIZE as isize {
        bail!("Unexpected hash size: {}", size);
    } else {
        Ok(buf)
    }
}