github.com/v2fly/v2ray-core/v4@v4.45.2/common/platform/securedload/embeddedhash.go (about) 1 package securedload 2 3 import ( 4 "bytes" 5 "crypto/sha256" 6 "encoding/hex" 7 "path/filepath" 8 "strings" 9 10 "github.com/v2fly/VSign/insmgr" 11 "github.com/v2fly/VSign/signerVerify" 12 13 "github.com/v2fly/v2ray-core/v4/common/platform" 14 "github.com/v2fly/v2ray-core/v4/common/platform/filesystem" 15 ) 16 17 type EmbeddedHashProtectedLoader struct { 18 checkedFile map[string]string 19 } 20 21 func (e EmbeddedHashProtectedLoader) VerifyAndLoad(filename string) ([]byte, error) { 22 platformFileName := filepath.FromSlash(filename) 23 fileContent, err := filesystem.ReadFile(platform.GetAssetLocation(platformFileName)) 24 if err != nil { 25 return nil, newError("Cannot find file", filename).Base(err) 26 } 27 fileHash := sha256.Sum256(fileContent) 28 fileHashAsString := hex.EncodeToString(fileHash[:]) 29 if fileNameVerified, ok := e.checkedFile[fileHashAsString]; ok { 30 for _, filenameVerifiedIndividual := range strings.Split(fileNameVerified, ";") { 31 if strings.HasSuffix(filenameVerifiedIndividual, filename) { 32 return fileContent, nil 33 } 34 } 35 } 36 return nil, newError("Unrecognized file at ", filename, " can not be loaded for execution") 37 } 38 39 func NewEmbeddedHashProtectedLoader() *EmbeddedHashProtectedLoader { 40 instructions := insmgr.ReadAllIns(bytes.NewReader([]byte(allowedHashes))) 41 checkedFile, _, ok := signerVerify.CheckAsClient(instructions, "v2fly", true) 42 if !ok { 43 panic("Embedded Hash data is invalid") 44 } 45 return &EmbeddedHashProtectedLoader{checkedFile: checkedFile} 46 } 47 48 func init() { 49 RegisterProtectedLoader("embedded", NewEmbeddedHashProtectedLoader()) 50 }