Parallel Hashing Performance Upgrade

File-Integrity-Scanner/pom.xml

@@ -7,7 +7,7 @@
 
     <groupId>org.pwss</groupId>
     <artifactId>File-Integrity-Scanner</artifactId>
-    <version>1.8.5</version>
+    <version>1.9</version>
     <packaging>jar</packaging>
     <description>A File Integrity Scanner</description>
     <licenses>
@@ -44,6 +44,7 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <spring-boot.version>4.0.6</spring-boot.version>
         <postgresql.JDBC-Driver.version>42.7.11</postgresql.JDBC-Driver.version>
+        <tomcat.version>11.0.22</tomcat.version>
     </properties>
 
 
@@ -140,7 +141,7 @@
         <dependency>
             <groupId>io.github.pwssorg</groupId>
             <artifactId>algorithm-hash-extraction</artifactId>
-            <version>1.2.8</version>
+            <version>1.2.9</version>
         </dependency>
 
 
@@ -170,20 +171,40 @@
 
     </dependencies>
 
-    <dependencyManagement>
-    <dependencies>
-        <!-- Make sure all Spring Boot components are using the same version -->
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-dependencies</artifactId>
-            <version>${spring-boot.version}</version>
-            <type>pom</type>
-            <scope>import</scope>
-        </dependency>
-    </dependencies>
+<dependencyManagement>
+  <dependencies>
+
+    <!-- Spring Boot BOM -->
+    <dependency>
+      <groupId>org.springframework.boot</groupId>
+      <artifactId>spring-boot-dependencies</artifactId>
+      <version>${spring-boot.version}</version>
+      <type>pom</type>
+      <scope>import</scope>
+    </dependency>
+
+    <!-- Force patched Tomcat (fixes Snyk CVEs) -->
+    <dependency>
+      <groupId>org.apache.tomcat.embed</groupId>
+      <artifactId>tomcat-embed-core</artifactId>
+      <version>11.0.22</version>
+    </dependency>
+
+    <dependency>
+      <groupId>org.apache.tomcat.embed</groupId>
+      <artifactId>tomcat-embed-websocket</artifactId>
+      <version>11.0.22</version>
+    </dependency>
+
+    <dependency>
+      <groupId>org.apache.tomcat.embed</groupId>
+      <artifactId>tomcat-embed-el</artifactId>
+      <version>11.0.22</version>
+    </dependency>
+
+  </dependencies>
 </dependencyManagement>
 
-
     <build>
         <plugins>
             <!--

File-Integrity-Scanner/src/main/java/org/pwss/file_integrity_scanner/dsr/service/file_integrity_scanner/scan/FileHashComputer.java

@@ -2,6 +2,7 @@
 
 import lib.pwss.hash.file_hash_handler.BigFileHashHandler;
 import lib.pwss.hash.file_hash_handler.FileHashHandler;
+import lib.pwss.hash.file_hash_handler.parallel.ParallelFileHashHandler;
 import lib.pwss.hash.FileHash;
 import lib.pwss.hash.compare.util.HashCompareUtil;
 import lib.pwss.hash.model.HashForFilesOutput;
@@ -29,12 +30,21 @@ final class FileHashComputer {
 
     private final org.slf4j.Logger log;
 
-    // Instance of FileHashHandler for computing hashes of smaller files
+    /**
+     * Instance of FileHashHandler for computing hashes of smaller files
+     */
     private final FileHash fileHashHandler;
 
-    // Instance of BigFileHashHandler for computing hashes of larger files
+    /**
+     * Instance of BigFileHashHandler for computing hashes of larger files
+     */
     private final BigFileHashHandler bigFileHashHandler;
 
+    /**
+     * Handles parallel hash computation for files during scans.
+     */
+    private ParallelFileHashHandler parallelFileHashHandler;
+
     FileHashComputer() {
         this.log = org.slf4j.LoggerFactory.getLogger(FileHashComputer.class);
         this.fileHashHandler = new FileHashHandler();
@@ -54,13 +64,13 @@ Optional<HashForFilesOutput> computeHashes(File file) {
         try {
 
             if (file.length() > MEMORY_STRATEGY_LIMIT)
-                return Optional.of(bigFileHashHandler.GetAllHashes(file));
+                return Optional.of(parallelFileHashHandler.GetAllHashesInParallel(file));
             else
                 return Optional.of(fileHashHandler.GetAllHashes(file));
 
         } catch (OutOfMemoryError outOfMemoryError) {
-            log.debug("OutOfMemoryError occurred, switching to BigFileHashHandler for file: {}", file.getPath());
-            return Optional.of(bigFileHashHandler.GetAllHashes(file));
+            log.debug("OutOfMemoryError occurred, switching to ParallelFileHashHandler for file: {}", file.getPath());
+            return Optional.of(parallelFileHashHandler.GetAllHashesInParallel(file));
         }
 
         catch (NullPointerException nullPointerException) {
@@ -101,7 +111,24 @@ boolean compareHashes(Checksum first, Checksum second) {
      *                            user.
      */
     final void setUserDefinedMaxLimitInHashComputer(long userDefinedMaxLimit) {
-        bigFileHashHandler.setUserDefinedMaxLimit(userDefinedMaxLimit);
+        this.bigFileHashHandler.setUserDefinedMaxLimit(userDefinedMaxLimit);
+    }
+
+    /**
+     * Shuts down resources used for parallel hash computation.
+     */
+    final void shutdownParallelHashProcessor() {
+
+        this.parallelFileHashHandler.shutdownThreadPool();
+    }
+
+    /**
+     * Initializes resources required for parallel hash computation
+     * before starting a scan operation.
+     */
+    final void initializeParallelHashing() {
+
+        this.parallelFileHashHandler = new ParallelFileHashHandler(bigFileHashHandler);
     }
 
 }

File-Integrity-Scanner/src/main/java/org/pwss/file_integrity_scanner/dsr/service/file_integrity_scanner/scan/ScanServiceImpl.java

@@ -268,7 +268,7 @@ public void scanAllDirectories(StartAllRequest request)
                     Scan scan = new Scan(time, ScanStatus.IN_PROGRESS.toString(), dir, note, isBaseLineScan);
 
                     repository.save(scan);
-
+                    fileHashComputer.initializeParallelHashing();
                     fileTraverser = new FileTraverserImpl();
                     Future<List<File>> futureFiles;
 
@@ -353,7 +353,7 @@ public void scanSingleDirectory(StartScanByIdRequest request)
 
             this.isScanRunning = true;
             log.debug("Scan is running - {}", isScanRunning);
-
+            fileHashComputer.initializeParallelHashing();
             fileTraverser = new FileTraverserImpl();
 
             final Time time = new Time(OffsetDateTime.now(), OffsetDateTime.now());
@@ -594,7 +594,8 @@ private boolean finalizeScanTask(Scan scanInstance, List<File> files) {
 
                     // Shutdown the file traverser thread pool
                     fileTraverser.shutdownThreadPool();
-
+                    // Shutdown the parallel hash calculation thread pool
+                    fileHashComputer.shutdownParallelHashProcessor();
                     // Set state boolean to false so this method can be ran again
                     this.isScanRunning = false;
                 }

File-Integrity-Scanner/src/main/resources/logback.xml

@@ -17,6 +17,7 @@
     <!-- Configure specific packages from dependencies -->
     <logger name="org.pwss.io_file" level="INFO"/>
     <logger name="lib.pwss.hash.file_hash_handler" level="ERROR"/>
+    <logger name="lib.pwss.hash.file_hash_handler.parallel" level="ERROR"/>
     <logger name="org.pwss.util.PWSSDirectoryNavUtil" level="INFO"/>
     <logger name="org.pwss.quarantineManager_aes" level="INFO"/>
     <logger name="org.hibernate" level="INFO"/>

README.md

@@ -1,30 +1,23 @@
-# File-Integrity Scanner
-## Overview
-
-The **File-Integrity Scanner** is a powerful tool designed to ensure the integrity of files by using cryptographic
-hash functions. This application provides peace of mind that files have not been tampered with, which is crucial
-for security and data verification purposes.
-
-
+# File-Integrity Scanner Backend (FIM Engine)
+This repository contains the backend service for the File Integrity Scanner system. It provides file integrity verification using cryptographic hash functions and detects unauthorized modifications and file corruption, ensuring reliable integrity checks for local systems.
 
 ## What is a File Integrity Scanner?
+A file integrity scanner computes cryptographic hashes of files and monitors them for changes over time. It detects tampering, corruption, or unauthorized modifications to critical system and user files.
 
-A file integrity scanner is a software utility that computes cryptographic hashes of files and monitors them for
-changes. This process helps in detecting unauthorized modifications or corruption of critical files on a local
-machine.
-
+## What is a Cryptographic Hash?
+A cryptographic hash is a one-way mathematical function that converts data into a fixed-size value known as a hash or digest. Even the smallest change to a file results in a completely different hash value, making hashes useful for integrity verification and tamper detection.
 
 ## Key Features
+Different hashing algorithms are supported to allow flexibility between performance and cryptographic strength depending on use case requirements.
 
-- **Hashing Algorithms:** Supports three different hashing algorithms:
+- **Hashing Algorithms:**
   - SHA-256
   - SHA-3 (256-bit)
-  - BLAKE_2b (512-bit)
+  - BLAKE2b (512-bit)
 
 - **Database Storage:** Uses PostgreSQL to store file hashes along with the date of the scan and other relevant file metadata.
 
-- **Local Operation:** The scanner runs exclusively on the user's local machine. No remote services are required
-or desired, ensuring full control over data integrity for the end-user.
+- **Local Operation:** The scanner runs exclusively on the user's local machine. No remote services are required, ensuring full local control over data and integrity verification.
 
 
 ![File Integrity Scanner Image](https://github.com/pwssOrg/File-Integrity-Scanner/blob/master/.github/assets/images/640x486.jpg?raw=true)
@@ -33,17 +26,18 @@ or desired, ensuring full control over data integrity for the end-user.
 
 🛡️ **Zero spyware. Zero tracking. Full respect for your privacy.**
 
-## Basic Setup Instructions
+## Basic Setup Instructions (for developers)
 
 ### Requirements
 
 - **PostgreSQL**
 - **SSL password**
 
 
-### Spring Version
+### Technology Stack
 
-**Spring 4.0.6**
+- Spring Framework 4.0.6
+- PostgreSQL
 
 ### Steps
 
@@ -58,11 +52,54 @@ or desired, ensuring full control over data integrity for the end-user.
 
 ## Contact Information
 
-For any questions or support, please reach out to:
+For questions, support, or contributions:
+
+- **Peter** — [@pwgit-create](https://github.com/pwgit-create)
+- **Stefan** — [@lilstiffy](https://github.com/lilstiffy)
 
-	@pwgit-create	Peter pwgit-create
-	@lilstiffy	Stefan lilstiffy
 ### Discussion Forum
 
 Please visit our discussion forum for project-related documentation and discussions: [Project Discussion
 Forum](https://github.com/orgs/pwssOrg/discussions/categories/file-integrity-scanner)
+
+---
+
+## Related Repositories
+
+### [PWSS Release Repository](https://github.com/pwssOrg/PWSS-Release-File-Integrity-Scanner)
+
+User-focused distribution of the Integrity Hash platform for Windows and Linux systems.
+
+Designed for non-developers and system administrators who want a simplified installation and local file integrity monitoring experience without manually configuring backend services.
+<p align="center">
+  <a href="https://youtu.be/DcZYuQVOpCQ">
+    <img src="https://img.youtube.com/vi/DcZYuQVOpCQ/maxresdefault.jpg" alt="Titta på videon" width="100%" max-width="600px">
+  </a>
+</p>
+Features:
+
+* Easy setup
+* Local-only operation
+* PostgreSQL integration
+* Multi-algorithm hashing support
+* Privacy-focused design
+---
+
+## System Architecture
+
+The system is split into backend services, a GUI client, shared PWSS libraries, and an end-user distribution package. This modular architecture enables independent development of core security logic, user interface components, and deployment tooling for both technical and non-technical users. Each component can be developed and deployed independently while maintaining a shared security and hashing standard through the PWSS libraries.
+
+### Components
+
+- **Core Backend (FIM Engine)** – Handles hashing, integrity verification, and monitoring logic  
+- **GUI Application** – User interface for managing scans and viewing results  
+- **PWSS Libraries** – Shared components used across all PWSS projects  
+- **PWSS Release Repository** – End-user distribution for Windows and Linux
+
+### Architecture diagram
+This repository represents the backend layer of the File Integrity Scanner system and implements the core FIM engine.
+```
+GUI → Local Backend → PostgreSQL
+          ↓
+   PWSS Libraries (dependency)
+```