feat: sha512

Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2024-05-04 06:46:07 +02:00 · 2023-06-23 17:03:43 +00:00 · 2023-06-23 17:03:43 +00:00 · 04b5358dc0
parent fd63f71ad6
commit 04b5358dc0
2 changed files with 5 additions and 4 deletions
--- a/internal/rpmpack/rpm.go
+++ b/internal/rpmpack/rpm.go
@ -20,6 +20,7 @@ package rpmpack
 import (
 	"bytes"
 	"crypto/sha256"
+	"crypto/sha512"
 	"errors"
 	"fmt"
 	"io"
@ -393,8 +394,8 @@ func (r *RPM) writeGenIndexes(h *index) {
 	h.Add(tagPackager, EntryString(r.Packager))
 	h.Add(tagGroup, EntryString(r.Group))
 	h.Add(tagURL, EntryString(r.URL))
-	h.Add(tagPayloadDigest, EntryStringSlice([]string{fmt.Sprintf("%x", sha256.Sum256(r.payload.Bytes()))}))
-	h.Add(tagPayloadDigestAlgo, EntryInt32([]int32{hashAlgoSHA256}))
+	h.Add(tagPayloadDigest, EntryStringSlice([]string{fmt.Sprintf("%x", sha512.Sum512(r.payload.Bytes()))}))
+	h.Add(tagPayloadDigestAlgo, EntryInt32([]int32{hashAlgoSHA512}))

 	// rpm utilities look for the sourcerpm tag to deduce if this is not a source rpm (if it has a sourcerpm,
 	// it is NOT a source rpm).
@ -448,7 +449,7 @@ func (r *RPM) writeFileIndexes(h *index) {
 	for ii := range inodes {
 		// is inodes just a range from 1..len(dirindexes)? maybe different with hard links
 		inodes[ii] = int32(ii + 1)
-		digestAlgo[ii] = hashAlgoSHA256
+		digestAlgo[ii] = hashAlgoSHA512
 		// With regular files, it seems like we can always enable all of the verify flags
 		verifyFlags[ii] = int32(-1)
 		fileRDevs[ii] = int16(1)
--- a/internal/rpmpack/tags.go
+++ b/internal/rpmpack/tags.go
@ -26,7 +26,7 @@ const (
 	sigPayloadSize = 0x03ef // 1007

 	// https://github.com/rpm-software-management/rpm/blob/92eadae94c48928bca90693ad63c46ceda37d81f/rpmio/rpmpgp.h#L258
-	hashAlgoSHA256 = 0x0008 // 8
+	hashAlgoSHA512 = 0x0010 // 10

 	tagName        = 0x03e8 // 1000
 	tagVersion     = 0x03e9 // 1001