msw/CISS.debian.live.builder
SHA256
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

V8.13.392.2025.11.07
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 51s
Details

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2025-11-08 00:42:29 +01:00
parent f2ae3796ee
commit 0af440b9f0
4 changed files with 22 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
config/includes.chroot/usr/lib/live/boot/0030-verify-checksums
View File

@@ -83,41 +83,42 @@ Verify_checksums() {
CDLB_SCRIPT="0030-verify-checksums"
CDLB_SHA="sha512"
CDLB_CMD="" CDLB_COMPUTED="" CDLB_EXPECTED="" CDLB_HASHFILE="" CDLB_ITEM="" CDLB_SIG_FILE=""
CDLB_CMD="" CDLB_COMPUTED="" CDLB_EXPECTED="" CDLB_HASHFILE="" CDLB_SIG_FILE=""
CDLB_HASHFILE="${CDLB_SCRIPT}.${CDLB_SHA}"
CDLB_SIG_FILE="${CDLB_HASHFILE}.sig"
CDLB_CMD="/bin/${CDLB_ITEM}sum"
CDLB_CMD="/bin/sha512sum"
printf "Verifying signature of: [%s]\n" "${CDLB_HASHFILE}"
if ! /bin/gpgv --keyring 0030-verify-checksums_public.gpg "${CDLB_SIG_FILE}" "${CDLB_HASHFILE}"; then
printf "Signature verification failed for: [%s]\n" "${CDLB_HASHFILE}"
printf "[PANIC] Signature verification failed for: [0030-verify-checksums.sha512]\n"
sleep 16
# TODO panic "[PANIC] Signature verification failed for: [0030-verify-checksums.sha512]"
else
printf "Signature verification successful for: [%s]\n" "${CDLB_HASHFILE}"
printf "Signature verification successful for: [0030-verify-checksums.sha512]\n"
fi
printf "Recomputing hash for: [%s]\n" "${CDLB_SHA}"
printf "Recomputing hash for: [sha512]\n"
CDLB_COMPUTED=$("${CDLB_CMD}" "${CDLB_SCRIPT}" | { read -r first _ || exit 1; printf '%s\n' "${first}"; })
IFS=' ' read -r CDLB_EXPECTED _ < "${CDLB_HASHFILE}"
if [ "${CDLB_COMPUTED}" != "${CDLB_EXPECTED}" ]; then
printf "Recomputed hash mismatch for: [sha512] failed \n"
printf "[PANIC] Recomputing hash for: [sha512] failed.\n"
sleep 16
panic "Recomputed hash mismatch for: [sha512] failed."
# TODO panic "[PANIC] Recomputing hash for: [sha512] failed."
fi
printf "Hash verification successful for: [%s]\n" "${CDLB_SHA}"
printf "Hash verification successful for: [sha512]\n"
printf "Verifying integrity of '0030-verify-checksums' successfully completed. Proceeding."
printf "Verification of authenticity and integrity of '0030-verify-checksums' successfully completed. Proceeding."
log_end_msg
printf "\n"