9 - Chunking and hashing

After introducing chunks in the previous exercise, we lost security because we no longer hashes each chunk. This exercise implents a new hashing scheme that makes it possile to verify each indiviual chunk instead of verifying the entire file at the end.

Let's build on the solution for problem 8 and add a handshake to it, where the server sends a list of hashes to the client, one hash for each chunk. Let's also modify the client so that it verifies each chunk as it receives it.

We'll also update the discovery-channel ID to be a hash of all the chunk hashes.

You can use the fixed-size-chunk-hashing module to get an array of hashes for each chunk in the file:

var fs = require('fs')
var crypto = require('crypto')
var hasher = require('fixed-size-chunk-hashing')

var CHUNK_SIZE = 1024
var file = fs.createReadStream(__filename)

file.pipe(hasher(CHUNK_SIZE, function (err, hashes) {
  if (err) throw err

  console.log(hashes)

  var id = crypto.createHash('sha256')
    .update(hashes.join('\n'))
    .digest()
    .toString('hex')

  console.log('The hash of all the hashes is:', id)
})

Assignment

Server:

• Send handshake containing the array of hashes when a client connects

Client:

• Expect the first message received from the server to be a handshake containing an array of chunk hashes
• Validate that the channel ID is equal to the hash of the hashes
• Try to request a single chunk and verify that the hash of the chunk matches the relevant hash in the array of hashes received in the handshake

Testing

Share a file using the server and try to download a couple of chunks using the client

When you are done click here to go to the next exercise