replace MD5_LEN by key_ln

inc/util.h

@@ -26,11 +26,6 @@ char *datestamp(void);
 /* Prints a "created" JSON element with the current datestamp */
 void print_datestamp(void);
 
-//void file_md5(char *filepath, uint8_t *md5_result);
-
-/* Returns a string with a hex representation of md5 */
-char *md5_hex(uint8_t *md5);
-
 /* Removes chr from str */
 void remove_char(char *str, char chr);
 

src/attributions.c

@@ -54,10 +54,10 @@
 bool notices_handler(uint8_t *key, uint8_t *subkey, int subkey_ln, \
 uint8_t *data, uint32_t datalen, int iteration, void *ptr)
 {
-	if (datalen != 2 * MD5_LEN) return false;
-	char hexkey[MD5_LEN * 2 + 1];
-	memcpy(hexkey, data, MD5_LEN * 2);
-	hexkey[MD5_LEN * 2] = 0;
+	if (datalen != 2 * oss_attribution.key_ln) return false;
+	char hexkey[oss_attribution.key_ln * 2 + 1];
+	memcpy(hexkey, data, oss_attribution.key_ln * 2);
+	hexkey[oss_attribution.key_ln * 2] = 0;
 
 	/* Print attribution notice header */
 	char *component = (char *) ptr;
@@ -86,11 +86,11 @@ uint8_t *data, uint32_t datalen, int iteration, void *ptr)
 {
 	bool *valid = (bool *) ptr;
 
-	if (datalen != MD5_LEN) return false;
+	if (datalen != oss_attribution.key_ln) return false;
 
 	/* Convert key */
 	uint8_t attr_id[16];
-	ldb_hex_to_bin((char *) data, MD5_LEN * 2, attr_id);
+	ldb_hex_to_bin((char *) data, oss_attribution.key_ln * 2, attr_id);
 
 	/* Define mz_job values */
 	struct mz_job job;
@@ -100,7 +100,7 @@ uint8_t *data, uint32_t datalen, int iteration, void *ptr)
 	job.mz_ln = 0;
 	job.id = NULL;
 	job.ln = 0;
-	job.md5[MD5_LEN] = 0;
+	job.md5[oss_attribution.key_ln] = 0;
 	job.key = NULL;
 
 	/* If file does not exist, exit with valid = false */
@@ -288,7 +288,7 @@ int attribution_notices(char * components)
 	char * licenses_json = notices_load_file();
 	/* Validate SBOM */
 	declared_components = get_components(components);
-	if (check_purl_attributions(oss_attribution, licenses_json) && !debug_on)
+	if (check_purl_attributions(oss_attribution, licenses_json))
 		/* Print attribution notices */
 		print_purl_attribution_notices(oss_attribution, licenses_json);
 

src/binary_scan.c

@@ -68,7 +68,7 @@ static bool add_purl_from_urlid(uint8_t *key, uint8_t *subkey, int subkey_ln, ui
 	if (iteration > MAX_URLS)
 		return true;
 	/* Ignore path lengths over the limit */
-	if (!datalen || datalen >= (MD5_LEN + MAX_FILE_PATH)) return false;
+	if (!datalen || datalen >= (oss_file.key_ln + MAX_FILE_PATH)) return false;
 
 	/* Decrypt data */
 	char * decrypted = decrypt_data(raw_data, datalen, oss_file, key, subkey);
@@ -77,8 +77,8 @@ static bool add_purl_from_urlid(uint8_t *key, uint8_t *subkey, int subkey_ln, ui
 
 	component_list_t * component_list = (component_list_t*) ptr;
 	/* Copy data to memory */
-	uint8_t url_id[MD5_LEN];
-	memcpy(url_id, raw_data, MD5_LEN);
+	uint8_t url_id[oss_url.key_ln];
+	memcpy(url_id, raw_data, oss_url.key_ln);
 	char path[MAX_FILE_PATH+1];
 	strncpy(path, decrypted, MAX_FILE_PATH);
 
@@ -138,7 +138,7 @@ static bool get_all_file_ids(uint8_t *key, uint8_t *subkey, int subkey_ln, uint8
 	{
 		if (iteration < max_files_to_process * 2)
 		{
-			memcpy(files[iteration].url_id, data, MD5_LEN);
+			memcpy(files[iteration].url_id, data, oss_url.key_ln);
 			return false;
 		} 
 		return true;
@@ -255,16 +255,16 @@ extern bool first_file;
 int binary_scan(char * input)
 {
 	/* Get file MD5 */
-	char * hexmd5 = strndup(input, MD5_LEN * 2);
+	char * hexmd5 = strndup(input, oss_file.key_ln * 2);
 	scanlog("Bin File md5 to be scanned: %s\n", hexmd5);
-	uint8_t bin_md5[MD5_LEN];
-	ldb_hex_to_bin(hexmd5, MD5_LEN * 2, bin_md5);
+	uint8_t bin_md5[oss_file.key_ln];
+	ldb_hex_to_bin(hexmd5, oss_file.key_ln * 2, bin_md5);
 	free(hexmd5);
 
-	uint8_t zero_md5[MD5_LEN] = {0xd4,0x1d,0x8c,0xd9,0x8f,0x00,0xb2,0x04,0xe9,0x80,0x09,0x98,0xec,0xf8,0x42,0x7e}; //empty string md5
+	/*uint8_t zero_md5[oss_file.key_ln] = {0xd4,0x1d,0x8c,0xd9,0x8f,0x00,0xb2,0x04,0xe9,0x80,0x09,0x98,0xec,0xf8,0x42,0x7e}; //empty string md5
 	
 	if (!memcmp(zero_md5,bin_md5, MD5_LEN)) //the md5 key of an empty string must be skipped.
-		return -1;
+		return -1;*/
 
 	if (ldb_key_exists(oss_file, bin_md5))
 	{
@@ -274,7 +274,7 @@ int binary_scan(char * input)
 		char * target = strndup(file_name, target_len);
 		scan_data_t * scan =  scan_data_init(target, 1, 1);
 		free(target);
-		memcpy(scan->md5, bin_md5, MD5_LEN);
+		memcpy(scan->md5, bin_md5, oss_file.key_ln);
 		scan->match_type = MATCH_FILE;
 		compile_matches(scan);
 

src/component.c

@@ -92,7 +92,7 @@ component_data_t *component_data_copy(component_data_t *in)
     out->latest_version = strdup(in->latest_version);
     out->license = strdup(in->license);
     out->url_match = in->url_match;
-    memcpy(out->url_md5, in->url_md5, MD5_LEN);
+    memcpy(out->url_md5, in->url_md5, oss_url.key_ln);
     if (in->main_url)
         out->main_url = strdup(in->main_url);
     out->url = strdup(in->url);
@@ -106,8 +106,8 @@ component_data_t *component_data_copy(component_data_t *in)
 
         if (in->purls_md5[i])
         {
-            out->purls_md5[i] = malloc(MD5_LEN);
-            memcpy(out->purls_md5[i], in->purls_md5[i], MD5_LEN);
+            out->purls_md5[i] = malloc(oss_purl.key_ln);
+            memcpy(out->purls_md5[i], in->purls_md5[i], oss_purl.key_ln);
         }
     }
 
@@ -226,7 +226,7 @@ bool fill_component(component_data_t *component, uint8_t *url_key, char *file_pa
 	/* Extract fields from file record */
 	if (url_key)
 	{
-		memcpy(component->url_md5, url_key, MD5_LEN);
+		memcpy(component->url_md5, url_key, oss_url.key_ln);
 		if (file_path)
 		{
 			component->file = strdup(look_for_version(file_path));
@@ -291,14 +291,14 @@ bool component_date_comparation(component_data_t *a, component_data_t *b)
 
 	if (!a->purls_md5[0] && a->purls[0])
 	{
-		a->purls_md5[0] = malloc(MD5_LEN);
+		a->purls_md5[0] = malloc(oss_url.key_ln);
 		MD5((uint8_t *)a->purls[0], strlen(a->purls[0]), a->purls_md5[0]);
 		a->age = get_component_age(a->purls_md5[0]);
 	}
 
 	if (!b->purls_md5[0] && b->purls[0])
 	{
-		b->purls_md5[0] = malloc(MD5_LEN);
+		b->purls_md5[0] = malloc(oss_purl.key_ln);
 		MD5((uint8_t *)b->purls[0], strlen(b->purls[0]), b->purls_md5[0]);
 		b->age = get_component_age(b->purls_md5[0]);
 	}

src/debug.c

@@ -162,7 +162,7 @@ void map_dump(scan_data_t *scan)
 
 		/* Print matching MD5 */
 		uint8_t *md5 = scan->matchmap[i].md5;
-		for (int j = 0; j < MD5_LEN; j++) fprintf(map, "%02x", md5[j]);
+		for (int j = 0; j < oss_file.key_ln; j++) fprintf(map, "%02x", md5[j]);
 
 		/* Print hits */
 		fprintf(map, " %04x ", scan->matchmap[i].hits);
@@ -198,7 +198,7 @@ void scan_benchmark()
 	{
 		scan_data_t * scan = scan_data_init("pseudo_file", 0, 0);
 		scan->preload = true;
-		memcpy(scan->md5, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", MD5_LEN);
+		memset(scan->md5, 0, oss_file.key_ln);
 		strcpy(scan->file_size, "1024");
 
 		progress ("Scanning: ", f + 1, total_files, false);

src/dependency.c

@@ -125,10 +125,10 @@ int print_dependencies(component_data_t * comp)
 	if (!records)
 		for (int i = 0; i < MAX_PURLS && comp->purls[i]; i++)
 		{
-			uint8_t md5[MD5_LEN];
-			purl_version_md5(md5, comp->purls[i], comp->version);
+			uint8_t hash[oss_purl.key_ln];
+			purl_version_md5(hash, comp->purls[i], comp->version);
 
-			records = ldb_fetch_recordset(NULL, oss_dependency, md5, false, print_dependencies_item, comp);
+			records = ldb_fetch_recordset(NULL, oss_dependency, hash, false, print_dependencies_item, comp);
 			if (records)
 			{
 				scanlog("Dependency matches (%d) reported for %s@%s\n", records, comp->purls[i],comp->version);
@@ -141,10 +141,10 @@ int print_dependencies(component_data_t * comp)
 	if (!records)
 		for (int i = 0; i < MAX_PURLS && comp->purls[i]; i++)
 		{
-			uint8_t md5[MD5_LEN];
-			purl_version_md5(md5, comp->purls[i], comp->latest_version);
+			uint8_t hash[oss_purl.key_ln];
+			purl_version_md5(hash, comp->purls[i], comp->latest_version);
 
-			records = ldb_fetch_recordset(NULL, oss_dependency, md5, false, print_dependencies_item, comp);
+			records = ldb_fetch_recordset(NULL, oss_dependency, hash, false, print_dependencies_item, comp);
 			if (records)
 			{
 				scanlog("Dependency matches (%d) reported for %s@%s\n", records, comp->purls[i],comp->latest_version);

src/file.c

@@ -196,7 +196,7 @@ bool collect_all_files(uint8_t *key, uint8_t *subkey, int subkey_ln, uint8_t *ra
 	if (iteration >= FETCH_MAX_FILES) return true;
 
 	/* Ignore path lengths over the limit */
-	if (!datalen || datalen >= (MD5_LEN + MAX_FILE_PATH)) return false;
+	if (!datalen || datalen >= (oss_file.key_ln + MAX_FILE_PATH)) return false;
 
 	/* Decrypt data */
 	char * decrypted = decrypt_data(raw_data, datalen, oss_file, key, subkey);
@@ -205,7 +205,7 @@ bool collect_all_files(uint8_t *key, uint8_t *subkey, int subkey_ln, uint8_t *ra
 	/* Copy data to memory */
 	file_recordset *files = ptr;
 
-	memcpy(files[iteration].url_id, raw_data, MD5_LEN);
+	memcpy(files[iteration].url_id, raw_data, oss_url.key_ln);
 	strncpy(files[iteration].path, decrypted, MAX_FILE_PATH);
 	free(decrypted);
 
@@ -229,7 +229,7 @@ bool collect_all_files(uint8_t *key, uint8_t *subkey, int subkey_ln, uint8_t *ra
 bool count_all_files(uint8_t *key, uint8_t *subkey, int subkey_ln, uint8_t *raw_data, uint32_t datalen, int iteration, void *ptr)
 {
 	/* Ignore path lengths over the limit */
-	if (!datalen || datalen >= (MD5_LEN + MAX_FILE_PATH)) return false;
+	if (!datalen || datalen >= (oss_file.key_ln + MAX_FILE_PATH)) return false;
 
 	int * count = ptr;
 	*count = iteration;
@@ -275,7 +275,7 @@ bool get_first_file(uint8_t *key, uint8_t *subkey, int subkey_ln, uint8_t *data,
 		return false;
 
 	*(char *)ptr = 0;
-	char *ext = file_extension((char *)file_data + MD5_LEN);
+	char *ext = file_extension((char *)file_data + oss_file.key_ln);
 
 	if (ext)
 		strcpy((char *) ptr, ext);

src/hpsm.c

@@ -105,9 +105,9 @@ struct ranges hpsm_calc(uint8_t *file_md5)
         return r;
     }
     scanlog("Running HPSM\n");
-    char *file = md5_hex(file_md5);
-    struct ranges result = hpsm(hpsm_crc_lines, file);
-    free(file);
+    char file_hex[oss_file.key_ln * 2 + 1];
+    ldb_bin_to_hex(file_md5, oss_file.key_ln, file_hex);
+    struct ranges result = hpsm(hpsm_crc_lines, file_hex);
     return result;
 }
 

src/license.c

@@ -372,7 +372,7 @@ void print_licenses(component_data_t *comp)
 	for (int i = 0; i < MAX_PURLS && comp->purls[i]; i++)
 	{
 		/* Calculate purl@version md5 */
-		uint8_t purlversion_md5[MD5_LEN];
+		uint8_t purlversion_md5[oss_purl.key_ln];
 		purl_version_md5(purlversion_md5, comp->purls[i], comp->version);
 
 		records = ldb_fetch_recordset(NULL, oss_license, purlversion_md5, false, print_licenses_item, comp);

src/match.c

@@ -84,7 +84,7 @@ void match_data_free(match_data_t *data)
 match_data_t * match_data_copy(match_data_t * in)
 {
     match_data_t * out = calloc(1, sizeof(*out));
-    memcpy(out->file_md5,in->file_md5,MD5_LEN);
+    memcpy(out->file_md5,in->file_md5,oss_file.key_ln);
     out->hits = in->hits;
     out->type = in->type;
     out->line_ranges = strdup(in->line_ranges);
@@ -319,14 +319,14 @@ static bool component_hint_date_comparation(component_data_t *a, component_data_
 	{
 		if (!a->purls_md5[0] && a->purls[0])
 		{
-			a->purls_md5[0] = malloc(MD5_LEN);
+			a->purls_md5[0] = malloc(oss_purl.key_ln);
 			MD5((uint8_t *)a->purls[0], strlen(a->purls[0]), a->purls_md5[0]);
 			a->age = get_component_age(a->purls_md5[0]);
 		}
 
 		if (!b->purls_md5[0] && b->purls[0])
 		{
-			b->purls_md5[0] = malloc(MD5_LEN);
+			b->purls_md5[0] = malloc(oss_purl.key_ln);
 			MD5((uint8_t *)b->purls[0], strlen(b->purls[0]), b->purls_md5[0]);
 			b->age = get_component_age(b->purls_md5[0]);
 		}
@@ -427,14 +427,14 @@ bool component_from_file(uint8_t *key, uint8_t *subkey, int subkey_ln, uint8_t *
 	/* Leave if FETCH_MAX_FILES is reached */
 	if (iteration < iteration_max && files)
 	{
-		memcpy(files[iteration].url_id, raw_data, MD5_LEN);
+		memcpy(files[iteration].url_id, raw_data, oss_url.key_ln);
 	} 
 	/*Return we high accuracy it is not enabled*/
 	if (iteration > iteration_max * 2 && !(engine_flags & ENABLE_HIGH_ACCURACY))
 		return true;
 
 	/* Ignore path lengths over the limit */
-	if (!datalen || datalen >= (MD5_LEN + MAX_FILE_PATH)) return false;
+	if (!datalen || datalen >= (oss_file.key_ln + MAX_FILE_PATH)) return false;
 
 	/* Decrypt data */
 	char * decrypted = decrypt_data(raw_data, datalen, oss_file, key, subkey);
@@ -444,12 +444,12 @@ bool component_from_file(uint8_t *key, uint8_t *subkey, int subkey_ln, uint8_t *
 	component_list_t * component_list = (component_list_t*) ptr;
 	/* Copy data to memory */
 
-	uint8_t url_id[MD5_LEN] = {0xd4,0x1d,0x8c,0xd9,0x8f,0x00,0xb2,0x04,0xe9,0x80,0x09,0x98,0xec,0xf8,0x42,0x7e}; //empty string md5
+	uint8_t url_id[oss_url.key_ln]; /*= {0xd4,0x1d,0x8c,0xd9,0x8f,0x00,0xb2,0x04,0xe9,0x80,0x09,0x98,0xec,0xf8,0x42,0x7e}; //empty string md5
 	
 	if (!memcmp(raw_data,url_id, MD5_LEN)) //the md5 key of an empty string must be skipped.
-		return false;
+		return false;*/
 
-	memcpy(url_id, raw_data, MD5_LEN);
+	memcpy(url_id, raw_data, oss_url.key_ln);
 	char path[MAX_FILE_PATH+1];
 	strncpy(path, decrypted, MAX_FILE_PATH);
 	//check the ignore list only if the match type is MATCH_SNIPPET. TODO: remove this after remine everything.
@@ -814,7 +814,7 @@ void compile_matches(scan_data_t *scan)
 		match_data_t *match_new = calloc(1, sizeof(match_data_t));
 		match_new->type = scan->match_type;
 		strcpy(match_new->source_md5, scan->source_md5);
-		memcpy(match_new->file_md5, scan->match_ptr, MD5_LEN);
+		memcpy(match_new->file_md5, scan->match_ptr, oss_file.key_ln);
 		match_new->scan_ower = scan;
 		if (!match_list_add(scan->matches_list_array[0], match_new, NULL, false))
 		{

src/match_list.c

@@ -360,8 +360,8 @@ void match_list_debug(match_list_t *list)
     scanlog("Print list\n");
     for (struct entry *np = list->headp.lh_first; np != NULL; np = np->entries.le_next)
     {
-        char md5_hex[MD5_LEN * 2 + 1];
-        ldb_bin_to_hex(np->match->matchmap_reg->md5, MD5_LEN, md5_hex);
+        char md5_hex[oss_file.key_ln * 2 + 1];
+        ldb_bin_to_hex(np->match->matchmap_reg->md5, oss_file.key_ln, md5_hex);
         //   printf("Item: %d - hits: %d - md5: %s - file: %s - release_date: %s - ranges: %s - purl:%s\n",
         // i, np->match->hits, md5_hex, np->match->file, np->match->release_date, np->match->line_ranges, np->match->purls[0]);
         printf("\nItem: %d - hits: %d - md5: %s - release: %s \n", i, np->match->hits, md5_hex, np->match->component_list.headp.lh_first->component->release_date);

src/mz.c

@@ -47,7 +47,7 @@
 void mz_get_key(struct ldb_table kb, char *key)
 {
 	/* Calculate mz file path */
-	char mz_path[LDB_MAX_PATH + MD5_LEN] = "\0";
+	char mz_path[LDB_MAX_PATH + kb.key_ln];
 	char mz_file_id[5] = "\0\0\0\0\0";
 	struct mz_job job;
 	memcpy(mz_file_id, key, 4);
@@ -66,8 +66,8 @@ void mz_get_key(struct ldb_table kb, char *key)
 	scanlog("MZ path: %s \n", mz_path);
 
 	/* Save path and key on job */
-	job.key = calloc(MD5_LEN, 1);
-	ldb_hex_to_bin(key, MD5_LEN * 2, job.key);	
+	job.key = calloc(kb.key_ln, 1);
+	ldb_hex_to_bin(key, kb.key_ln * 2, job.key);	
 
 	/* Read source mz file into memory */
 	job.mz = file_read(mz_path, &job.mz_ln);

src/query.c

@@ -47,8 +47,8 @@
 char *get_filename(char *md5)
 {
 	/* Convert md5 to bin */
-	uint8_t md5bin[MD5_LEN];
-	ldb_hex_to_bin(md5, MD5_LEN * 2, md5bin);
+	uint8_t md5bin[oss_file.key_ln];
+	ldb_hex_to_bin(md5, oss_file.key_ln * 2, md5bin);
 
 	/* Init record */
 	uint8_t *record = calloc(LDB_MAX_REC_LN + 1, 1);