From ed92ab61f0976057a4c1bb4239729ddab07cb725 Mon Sep 17 00:00:00 2001 From: pwgit-create Date: Sat, 23 May 2026 12:53:46 +0200 Subject: [PATCH 1/6] Upgrade algorithm-hash-extraction to 1.2.9 and implement parallel hash computation * Upgraded the dependency algorithm-hash-extraction from version 1.2.8 to 1.2.9 * Added ParallelFileHashHandler for parallel hash computation of large files * Updated FileHashComputer to use parallel processing when computing hashes * Modified ScanServiceImpl to initialize and shutdown parallel hash processors * Added debugging log level for lib.pwss.hash.file_hash_handler.parallel package This change improves performance by utilizing parallel processing for file hash computations, especially for larger files. --- File-Integrity-Scanner/pom.xml | 2 +- .../scan/FileHashComputer.java | 40 ++++++++++++++++--- .../scan/ScanServiceImpl.java | 7 ++-- .../src/main/resources/logback.xml | 1 + 4 files changed, 40 insertions(+), 10 deletions(-) diff --git a/File-Integrity-Scanner/pom.xml b/File-Integrity-Scanner/pom.xml index 66412d7..ba3753f 100644 --- a/File-Integrity-Scanner/pom.xml +++ b/File-Integrity-Scanner/pom.xml @@ -140,7 +140,7 @@ io.github.pwssorg algorithm-hash-extraction - 1.2.8 + 1.2.9 diff --git a/File-Integrity-Scanner/src/main/java/org/pwss/file_integrity_scanner/dsr/service/file_integrity_scanner/scan/FileHashComputer.java b/File-Integrity-Scanner/src/main/java/org/pwss/file_integrity_scanner/dsr/service/file_integrity_scanner/scan/FileHashComputer.java index ca1ad0f..83702f7 100644 --- a/File-Integrity-Scanner/src/main/java/org/pwss/file_integrity_scanner/dsr/service/file_integrity_scanner/scan/FileHashComputer.java +++ b/File-Integrity-Scanner/src/main/java/org/pwss/file_integrity_scanner/dsr/service/file_integrity_scanner/scan/FileHashComputer.java @@ -2,7 +2,9 @@ import lib.pwss.hash.file_hash_handler.BigFileHashHandler; import lib.pwss.hash.file_hash_handler.FileHashHandler; +import lib.pwss.hash.file_hash_handler.parallel.ParallelFileHashHandler; import lib.pwss.hash.FileHash; +import lib.pwss.hash.ParallelFileHash; import lib.pwss.hash.compare.util.HashCompareUtil; import lib.pwss.hash.model.HashForFilesOutput; @@ -29,12 +31,21 @@ final class FileHashComputer { private final org.slf4j.Logger log; - // Instance of FileHashHandler for computing hashes of smaller files + /** + * Instance of FileHashHandler for computing hashes of smaller files + */ private final FileHash fileHashHandler; - // Instance of BigFileHashHandler for computing hashes of larger files + /** + * Instance of BigFileHashHandler for computing hashes of larger files + */ private final BigFileHashHandler bigFileHashHandler; + /** + * Handles parallel hash computation for files during scans. + */ + private ParallelFileHashHandler parallelFileHashHandler; + FileHashComputer() { this.log = org.slf4j.LoggerFactory.getLogger(FileHashComputer.class); this.fileHashHandler = new FileHashHandler(); @@ -54,13 +65,13 @@ Optional computeHashes(File file) { try { if (file.length() > MEMORY_STRATEGY_LIMIT) - return Optional.of(bigFileHashHandler.GetAllHashes(file)); + return Optional.of(parallelFileHashHandler.GetAllHashesInParallel(file)); else return Optional.of(fileHashHandler.GetAllHashes(file)); } catch (OutOfMemoryError outOfMemoryError) { - log.debug("OutOfMemoryError occurred, switching to BigFileHashHandler for file: {}", file.getPath()); - return Optional.of(bigFileHashHandler.GetAllHashes(file)); + log.debug("OutOfMemoryError occurred, switching to ParallelFileHashHandler for file: {}", file.getPath()); + return Optional.of(parallelFileHashHandler.GetAllHashesInParallel(file)); } catch (NullPointerException nullPointerException) { @@ -101,7 +112,24 @@ boolean compareHashes(Checksum first, Checksum second) { * user. */ final void setUserDefinedMaxLimitInHashComputer(long userDefinedMaxLimit) { - bigFileHashHandler.setUserDefinedMaxLimit(userDefinedMaxLimit); + this.bigFileHashHandler.setUserDefinedMaxLimit(userDefinedMaxLimit); + } + + /** + * Shuts down resources used for parallel hash computation. + */ + final void shutdownParallelHashProcessor() { + + this.parallelFileHashHandler.shutdownThreadPool(); + } + + /** + * Initializes resources required for parallel hash computation + * before starting a scan operation. + */ + final void initializeParallelHashing() { + + this.parallelFileHashHandler = new ParallelFileHashHandler(bigFileHashHandler); } } diff --git a/File-Integrity-Scanner/src/main/java/org/pwss/file_integrity_scanner/dsr/service/file_integrity_scanner/scan/ScanServiceImpl.java b/File-Integrity-Scanner/src/main/java/org/pwss/file_integrity_scanner/dsr/service/file_integrity_scanner/scan/ScanServiceImpl.java index a7e3bdb..65485c7 100644 --- a/File-Integrity-Scanner/src/main/java/org/pwss/file_integrity_scanner/dsr/service/file_integrity_scanner/scan/ScanServiceImpl.java +++ b/File-Integrity-Scanner/src/main/java/org/pwss/file_integrity_scanner/dsr/service/file_integrity_scanner/scan/ScanServiceImpl.java @@ -268,7 +268,7 @@ public void scanAllDirectories(StartAllRequest request) Scan scan = new Scan(time, ScanStatus.IN_PROGRESS.toString(), dir, note, isBaseLineScan); repository.save(scan); - + fileHashComputer.initializeParallelHashing(); fileTraverser = new FileTraverserImpl(); Future> futureFiles; @@ -353,7 +353,7 @@ public void scanSingleDirectory(StartScanByIdRequest request) this.isScanRunning = true; log.debug("Scan is running - {}", isScanRunning); - + fileHashComputer.initializeParallelHashing(); fileTraverser = new FileTraverserImpl(); final Time time = new Time(OffsetDateTime.now(), OffsetDateTime.now()); @@ -594,7 +594,8 @@ private boolean finalizeScanTask(Scan scanInstance, List files) { // Shutdown the file traverser thread pool fileTraverser.shutdownThreadPool(); - + // Shutdown the parallel hash calculation thread pool + fileHashComputer.shutdownParallelHashProcessor(); // Set state boolean to false so this method can be ran again this.isScanRunning = false; } diff --git a/File-Integrity-Scanner/src/main/resources/logback.xml b/File-Integrity-Scanner/src/main/resources/logback.xml index bf3feae..d454954 100644 --- a/File-Integrity-Scanner/src/main/resources/logback.xml +++ b/File-Integrity-Scanner/src/main/resources/logback.xml @@ -17,6 +17,7 @@ + From cd4474d31b0155a48dabebb512b3e71c729491aa Mon Sep 17 00:00:00 2001 From: pwgit-create Date: Sat, 23 May 2026 13:05:13 +0200 Subject: [PATCH 2/6] Bump version to 1.9 and adjust logging levels * Updated project version from 1.8.5 to 1.9 in pom.xml * Changed log level for lib.pwss.hash.file_hash_handler.parallel package from DEBUG to ERROR in logback.xml This change prepares the project for a new release with improved logging configuration. --- File-Integrity-Scanner/pom.xml | 2 +- File-Integrity-Scanner/src/main/resources/logback.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/File-Integrity-Scanner/pom.xml b/File-Integrity-Scanner/pom.xml index ba3753f..ca40466 100644 --- a/File-Integrity-Scanner/pom.xml +++ b/File-Integrity-Scanner/pom.xml @@ -7,7 +7,7 @@ org.pwss File-Integrity-Scanner - 1.8.5 + 1.9 jar A File Integrity Scanner diff --git a/File-Integrity-Scanner/src/main/resources/logback.xml b/File-Integrity-Scanner/src/main/resources/logback.xml index d454954..ff4803e 100644 --- a/File-Integrity-Scanner/src/main/resources/logback.xml +++ b/File-Integrity-Scanner/src/main/resources/logback.xml @@ -17,7 +17,7 @@ - + From 40431d5b26f7b092f5a1a5e5122e56fced524b84 Mon Sep 17 00:00:00 2001 From: pwgit-create Date: Sat, 23 May 2026 13:08:01 +0200 Subject: [PATCH 3/6] Remove unnecessary ParallelFileHash import * Removed unused `import lib.pwss.hash.ParallelFileHash;` in FileHashComputer.java This cleanup removes an unnecessary import to keep the codebase tidy and improve maintainability. --- .../service/file_integrity_scanner/scan/FileHashComputer.java | 1 - 1 file changed, 1 deletion(-) diff --git a/File-Integrity-Scanner/src/main/java/org/pwss/file_integrity_scanner/dsr/service/file_integrity_scanner/scan/FileHashComputer.java b/File-Integrity-Scanner/src/main/java/org/pwss/file_integrity_scanner/dsr/service/file_integrity_scanner/scan/FileHashComputer.java index 83702f7..3331071 100644 --- a/File-Integrity-Scanner/src/main/java/org/pwss/file_integrity_scanner/dsr/service/file_integrity_scanner/scan/FileHashComputer.java +++ b/File-Integrity-Scanner/src/main/java/org/pwss/file_integrity_scanner/dsr/service/file_integrity_scanner/scan/FileHashComputer.java @@ -4,7 +4,6 @@ import lib.pwss.hash.file_hash_handler.FileHashHandler; import lib.pwss.hash.file_hash_handler.parallel.ParallelFileHashHandler; import lib.pwss.hash.FileHash; -import lib.pwss.hash.ParallelFileHash; import lib.pwss.hash.compare.util.HashCompareUtil; import lib.pwss.hash.model.HashForFilesOutput; From a272a197861b46b8db58bc541e112d8069838525 Mon Sep 17 00:00:00 2001 From: Peter Westin <83552499+pwgit-create@users.noreply.github.com> Date: Sat, 23 May 2026 23:10:14 +0200 Subject: [PATCH 4/6] docs: restructure backend README Improved README structure and clarity for the backend (FIM Engine). Focused on better architecture explanation, reduced redundancy, and clearer separation of system components. No functional changes. --- README.md | 80 +++++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 57 insertions(+), 23 deletions(-) diff --git a/README.md b/README.md index 94afd6d..4fd895b 100644 --- a/README.md +++ b/README.md @@ -1,30 +1,20 @@ -# File-Integrity Scanner -## Overview - -The **File-Integrity Scanner** is a powerful tool designed to ensure the integrity of files by using cryptographic -hash functions. This application provides peace of mind that files have not been tampered with, which is crucial -for security and data verification purposes. - - +# File-Integrity Scanner Backend (FIM Engine) +This repository contains the backend service for the File Integrity Scanner system. It provides file integrity verification using cryptographic hash functions and detects unauthorized modifications and file corruption, ensuring reliable integrity checks for local systems. ## What is a File Integrity Scanner? - -A file integrity scanner is a software utility that computes cryptographic hashes of files and monitors them for -changes. This process helps in detecting unauthorized modifications or corruption of critical files on a local -machine. - +A file integrity scanner computes cryptographic hashes of files and monitors them for changes over time. It detects tampering, corruption, or unauthorized modifications to critical system and user files. ## Key Features +Different hashing algorithms are supported to allow flexibility between performance and cryptographic strength depending on use case requirements. -- **Hashing Algorithms:** Supports three different hashing algorithms: +- **Hashing Algorithms:** - SHA-256 - SHA-3 (256-bit) - - BLAKE_2b (512-bit) + - BLAKE2b (512-bit) - **Database Storage:** Uses PostgreSQL to store file hashes along with the date of the scan and other relevant file metadata. -- **Local Operation:** The scanner runs exclusively on the user's local machine. No remote services are required -or desired, ensuring full control over data integrity for the end-user. +- **Local Operation:** The scanner runs exclusively on the user's local machine. No remote services are required, ensuring full local control over data and integrity verification. ![File Integrity Scanner Image](https://github.com/pwssOrg/File-Integrity-Scanner/blob/master/.github/assets/images/640x486.jpg?raw=true) @@ -33,7 +23,7 @@ or desired, ensuring full control over data integrity for the end-user. šŸ›”ļø **Zero spyware. Zero tracking. Full respect for your privacy.** -## Basic Setup Instructions +## Basic Setup Instructions (for developers) ### Requirements @@ -41,9 +31,10 @@ or desired, ensuring full control over data integrity for the end-user. - **SSL password** -### Spring Version +### Technology Stack -**Spring 4.0.6** +- Spring Framework 4.0.6 +- PostgreSQL ### Steps @@ -58,11 +49,54 @@ or desired, ensuring full control over data integrity for the end-user. ## Contact Information -For any questions or support, please reach out to: +For questions, support, or contributions: + +- **Peter** ā€” [@pwgit-create](https://github.com/pwgit-create) +- **Stefan** ā€” [@lilstiffy](https://github.com/lilstiffy) - @pwgit-create Peter pwgit-create - @lilstiffy Stefan lilstiffy ### Discussion Forum Please visit our discussion forum for project-related documentation and discussions: [Project Discussion Forum](https://github.com/orgs/pwssOrg/discussions/categories/file-integrity-scanner) + +--- + +## Related Repositories + +### [PWSS Release Repository](https://github.com/pwssOrg/PWSS-Release-File-Integrity-Scanner) + +User-focused distribution of the Integrity Hash platform for Windows and Linux systems. + +Designed for non-developers and system administrators who want a simplified installation and local file integrity monitoring experience without manually configuring backend services. +

+ + Titta pƄ videon + +

+Features: + +* Easy setup +* Local-only operation +* PostgreSQL integration +* Multi-algorithm hashing support +* Privacy-focused design +--- + +## System Architecture + +The system is split into backend services, a GUI client, shared PWSS libraries, and an end-user distribution package. This modular architecture enables independent development of core security logic, user interface components, and deployment tooling for both technical and non-technical users. Each component can be developed and deployed independently while maintaining a shared security and hashing standard through the PWSS libraries. + +### Components + +- **Core Backend (FIM Engine)** ā€“ Handles hashing, integrity verification, and monitoring logic +- **GUI Application** ā€“ User interface for managing scans and viewing results +- **PWSS Libraries** ā€“ Shared components used across all PWSS projects +- **PWSS Release Repository** ā€“ End-user distribution for Windows and Linux + +### Architecture diagram +This repository represents the backend layer of the File Integrity Scanner system and implements the core FIM engine. +``` +GUI ā†’ Local Backend ā†’ PostgreSQL + ā†“ + PWSS Libraries (dependency) +``` From 64b1f62ef56bff31a02793892d10c37f4780040d Mon Sep 17 00:00:00 2001 From: Peter Westin <83552499+pwgit-create@users.noreply.github.com> Date: Sat, 23 May 2026 23:16:20 +0200 Subject: [PATCH 5/6] Add explanation of cryptographic hashes to README Added a section explaining cryptographic hashes and their importance in file integrity. --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 4fd895b..376b6dd 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,9 @@ This repository contains the backend service for the File Integrity Scanner syst ## What is a File Integrity Scanner? A file integrity scanner computes cryptographic hashes of files and monitors them for changes over time. It detects tampering, corruption, or unauthorized modifications to critical system and user files. +## What is a Cryptographic Hash? +A cryptographic hash is a one-way mathematical function that converts data into a fixed-size value known as a hash or digest. Even the smallest change to a file results in a completely different hash value, making hashes useful for integrity verification and tamper detection. + ## Key Features Different hashing algorithms are supported to allow flexibility between performance and cryptographic strength depending on use case requirements. From fded0c30e025b7dd1ff37739302681f98531f342 Mon Sep 17 00:00:00 2001 From: pwgit-create Date: Sun, 24 May 2026 00:35:04 +0200 Subject: [PATCH 6/6] =?UTF-8?q?Fix=20security=20vulnerabilities=20reported?= =?UTF-8?q?=20by=20Snyk=20in=20Tomcat=20(11.0.21=20=E2=86=92=2011.0.22)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- File-Integrity-Scanner/pom.xml | 45 +++++++++++++++++++++++++--------- 1 file changed, 33 insertions(+), 12 deletions(-) diff --git a/File-Integrity-Scanner/pom.xml b/File-Integrity-Scanner/pom.xml index ca40466..fa0c98e 100644 --- a/File-Integrity-Scanner/pom.xml +++ b/File-Integrity-Scanner/pom.xml @@ -44,6 +44,7 @@ UTF-8 4.0.6 42.7.11 + 11.0.22 @@ -170,20 +171,40 @@ - - - - - org.springframework.boot - spring-boot-dependencies - ${spring-boot.version} - pom - import - - + + + + + + org.springframework.boot + spring-boot-dependencies + ${spring-boot.version} + pom + import + + + + + org.apache.tomcat.embed + tomcat-embed-core + 11.0.22 + + + + org.apache.tomcat.embed + tomcat-embed-websocket + 11.0.22 + + + + org.apache.tomcat.embed + tomcat-embed-el + 11.0.22 + + + -