mirror of
https://github.com/goreleaser/nfpm
synced 2024-05-04 06:46:07 +02:00
feat: sha512
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
This commit is contained in:
parent
fd63f71ad6
commit
04b5358dc0
|
@ -20,6 +20,7 @@ package rpmpack
|
|||
import (
|
||||
"bytes"
|
||||
"crypto/sha256"
|
||||
"crypto/sha512"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
|
@ -393,8 +394,8 @@ func (r *RPM) writeGenIndexes(h *index) {
|
|||
h.Add(tagPackager, EntryString(r.Packager))
|
||||
h.Add(tagGroup, EntryString(r.Group))
|
||||
h.Add(tagURL, EntryString(r.URL))
|
||||
h.Add(tagPayloadDigest, EntryStringSlice([]string{fmt.Sprintf("%x", sha256.Sum256(r.payload.Bytes()))}))
|
||||
h.Add(tagPayloadDigestAlgo, EntryInt32([]int32{hashAlgoSHA256}))
|
||||
h.Add(tagPayloadDigest, EntryStringSlice([]string{fmt.Sprintf("%x", sha512.Sum512(r.payload.Bytes()))}))
|
||||
h.Add(tagPayloadDigestAlgo, EntryInt32([]int32{hashAlgoSHA512}))
|
||||
|
||||
// rpm utilities look for the sourcerpm tag to deduce if this is not a source rpm (if it has a sourcerpm,
|
||||
// it is NOT a source rpm).
|
||||
|
@ -448,7 +449,7 @@ func (r *RPM) writeFileIndexes(h *index) {
|
|||
for ii := range inodes {
|
||||
// is inodes just a range from 1..len(dirindexes)? maybe different with hard links
|
||||
inodes[ii] = int32(ii + 1)
|
||||
digestAlgo[ii] = hashAlgoSHA256
|
||||
digestAlgo[ii] = hashAlgoSHA512
|
||||
// With regular files, it seems like we can always enable all of the verify flags
|
||||
verifyFlags[ii] = int32(-1)
|
||||
fileRDevs[ii] = int16(1)
|
||||
|
|
|
@ -26,7 +26,7 @@ const (
|
|||
sigPayloadSize = 0x03ef // 1007
|
||||
|
||||
// https://github.com/rpm-software-management/rpm/blob/92eadae94c48928bca90693ad63c46ceda37d81f/rpmio/rpmpgp.h#L258
|
||||
hashAlgoSHA256 = 0x0008 // 8
|
||||
hashAlgoSHA512 = 0x0010 // 10
|
||||
|
||||
tagName = 0x03e8 // 1000
|
||||
tagVersion = 0x03e9 // 1001
|
||||
|
|
Loading…
Reference in New Issue