Verify SHA-256 checksum and size when downloading translation files

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: frett

gradle/libs.versions.toml

@@ -21,7 +21,7 @@ facebook = "18.2.3"
 facebook-flipper = "0.273.0"
 firebase-crashlytics = "20.0.6"
 firebase-perf = "22.0.5"
-godtoolsShared = "1.3.3-SNAPSHOT"
+godtoolsShared = "1.4.0-SNAPSHOT"
 gtoSupport = "4.5.1-SNAPSHOT"
 kotlin = "2.3.21"
 kotlinCoroutines = "1.11.0"

library/download-manager/src/main/kotlin/org/cru/godtools/downloadmanager/GodToolsDownloadManager.kt

@@ -43,6 +43,10 @@ import kotlinx.coroutines.flow.transformLatest
 import kotlinx.coroutines.launch
 import kotlinx.coroutines.sync.withLock
 import kotlinx.coroutines.withContext
+import okio.ByteString.Companion.decodeHex
+import okio.HashingSource.Companion.sha256
+import okio.buffer
+import okio.sink
 import org.ccci.gto.android.common.kotlin.coroutines.MutexMap
 import org.ccci.gto.android.common.kotlin.coroutines.ReadWriteMutex
 import org.ccci.gto.android.common.kotlin.coroutines.flow.EmptyStateFlow
@@ -294,9 +298,10 @@ class GodToolsDownloadManager @VisibleForTesting internal constructor(
         val relatedFiles = manifest.relatedFiles
         val completedFiles = AtomicLong(0)
         val successful = coroutineScope {
-            relatedFiles.map {
+            relatedFiles.map { file ->
                 async {
-                    downloadTranslationFileIfNecessary(it).also {
+                    val src = file.src ?: return@async true
+                    downloadTranslationFileIfNecessary(src, sha256 = file.checksumSha256, size = file.size).also {
                         do {
                             val completed = completedFiles.get()
                             updateProgress(key, completed + 1, relatedFiles.size.toLong())
@@ -309,22 +314,42 @@ class GodToolsDownloadManager @VisibleForTesting internal constructor(
 
         // record the translation as downloaded
         downloadedFilesRepository.insertOrIgnore(DownloadedTranslationFile(translation, manifestFileName))
-        relatedFiles.forEach { downloadedFilesRepository.insertOrIgnore(DownloadedTranslationFile(translation, it)) }
+        relatedFiles.mapNotNull { it.src }.forEach {
+            downloadedFilesRepository.insertOrIgnore(DownloadedTranslationFile(translation, it))
+        }
         translationsRepository.markTranslationDownloaded(translation.id, true)
 
         return true
     }
 
-    private suspend fun downloadTranslationFileIfNecessary(fileName: String): Boolean = filesMutex.withLock(fileName) {
+    private suspend fun downloadTranslationFileIfNecessary(
+        fileName: String,
+        sha256: String? = null,
+        size: Long? = null,
+    ): Boolean = filesMutex.withLock(fileName) {
         if (downloadedFilesRepository.findDownloadedFile(fileName) != null) return true
-        try {
-            val body = translationsApi.downloadFile(fileName).takeIf { it.isSuccessful }?.body() ?: return false
-            val downloadedFile = DownloadedFile(fileName)
-            withContext(Dispatchers.IO) { body.byteStream().copyTo(downloadedFile) }
-            downloadedFilesRepository.insertOrIgnore(downloadedFile)
-            return true
-        } catch (e: IOException) {
-            return false
+
+        return withContext(Dispatchers.IO) {
+            try {
+                val body = translationsApi.downloadFile(fileName).takeIf { it.isSuccessful }?.body()
+                    ?: return@withContext false
+
+                val downloadedFile = DownloadedFile(fileName)
+                downloadedFile.bufferedSink().use { sink ->
+                    body.source().use { source ->
+                        val digest = sha256(source)
+                        val bytesWritten = sink.writeAll(digest)
+
+                        if (size != null && size != bytesWritten) return@withContext false
+                        if (sha256 != null && sha256.decodeHex() != digest.hash) return@withContext false
+                    }
+                }
+
+                downloadedFilesRepository.insertOrIgnore(downloadedFile)
+                true
+            } catch (_: IOException) {
+                false
+            }
         }
     }
 
@@ -450,6 +475,8 @@ class GodToolsDownloadManager @VisibleForTesting internal constructor(
     }
     // endregion Cleanup
 
+    private suspend fun DownloadedFile.bufferedSink() = withContext(Dispatchers.IO) { getFile(fs).sink().buffer() }
+
     private suspend fun InputStream.copyTo(file: DownloadedFile) = withContext(Dispatchers.IO) {
         file.getFile(fs).outputStream().use { copyTo(it) }
     }

library/download-manager/src/test/kotlin/org/cru/godtools/downloadmanager/GodToolsDownloadManagerTest.kt

@@ -60,6 +60,8 @@ import org.cru.godtools.model.randomTranslation
 import org.cru.godtools.shared.tool.parser.ManifestParser
 import org.cru.godtools.shared.tool.parser.ParserConfig
 import org.cru.godtools.shared.tool.parser.ParserResult
+import org.cru.godtools.shared.tool.parser.model.Manifest
+import org.cru.godtools.shared.tool.parser.model.Manifest.XmlFile
 import retrofit2.Response
 
 private const val TOOL = "tool"
@@ -318,8 +320,9 @@ class GodToolsDownloadManagerTest {
         } returns translation
         coEvery { translationsRepository.markTranslationDownloaded(any(), any()) } just Runs
         val config = slot<ParserConfig>()
-        coEvery { manifestParser.parseManifest(translation.manifestFileName!!, capture(config)) } returns
-            ParserResult.Data(mockk { every { relatedFiles } returns setOf("a.txt", "b.txt") })
+        val manifest = Manifest(pageXmlFiles = listOf(XmlFile("a.txt", "a.txt"), XmlFile("b.txt", "b.txt")))
+        coEvery { manifestParser.parseManifest(translation.manifestFileName!!, capture(config)) }
+            .returns(ParserResult.Data(manifest))
         coEvery { translationsApi.downloadFile(translation.manifestFileName!!) } returns
             Response.success(RealResponseBody(null, 0, Buffer().writeUtf8("manifest")))
         coEvery { translationsApi.downloadFile("a.txt") } returns