Skip to content

Commit ca6c11c

Browse files
committed
Validate release hash on download
1 parent bd4eb69 commit ca6c11c

File tree

2 files changed

+12
-2
lines changed

2 files changed

+12
-2
lines changed

downloadCurrentVersion.js

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ var pkg = require('./package.json');
77
var fs = require('fs');
88
var https = require('https');
99
var MemoryStream = require('memorystream');
10+
var createHash = require('create-hash');
1011

1112
function getVersionList (cb) {
1213
console.log('Retrieving available version list...');
@@ -24,7 +25,7 @@ function getVersionList (cb) {
2425
});
2526
}
2627

27-
function downloadBinary (version) {
28+
function downloadBinary (version, expectedHash) {
2829
console.log('Downloading version', version);
2930

3031
var file = fs.createWriteStream('soljson.js');
@@ -36,6 +37,11 @@ function downloadBinary (version) {
3637
response.pipe(file);
3738
file.on('finish', function () {
3839
file.close(function () {
40+
var hash = createHash('sha256').update(fs.readFileSync('soljson.js')).digest().toString('hex')
41+
if (expectedHash !== hash) {
42+
console.log('Hash mismatch: ' + expectedHash + ' vs ' + hash);
43+
process.exit(1);
44+
}
3945
console.log('Done.');
4046
});
4147
});
@@ -47,5 +53,5 @@ console.log('Downloading correct solidity binary...');
4753
getVersionList(function (list) {
4854
list = JSON.parse(list);
4955
var wanted = pkg.version.match(/^(\d+\.\d+\.\d+)$/)[1];
50-
downloadBinary(list.releases[wanted]);
56+
downloadBinary(list.releases[wanted], pkg.solc["sha256"]);
5157
});

package.json

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,7 @@
4444
"yargs": "^4.7.1"
4545
},
4646
"devDependencies": {
47+
"create-hash": "^1.1.3",
4748
"semistandard": "^11.0.0",
4849
"tape": "^4.5.1",
4950
"tape-spawn": "^1.4.2"
@@ -52,5 +53,8 @@
5253
"ignore": [
5354
"soljson.js"
5455
]
56+
},
57+
"solc": {
58+
"sha256": "a52d6dddca6c3df5a6364cc11f93a6dd1c58e38e8c740f27e39f98e43cdaafce"
5559
}
5660
}

0 commit comments

Comments
 (0)