1 |
BLAKE2 is good and fast. Pentoo is using BLAKE2. There's no need for a |
2 |
second digest. |
3 |
|
4 |
Signed-off-by: Matt Turner <mattst88@g.o> |
5 |
--- |
6 |
examples/livecd-stage2_template.spec | 8 ++++---- |
7 |
targets/support/create-iso.sh | 27 +++++++-------------------- |
8 |
2 files changed, 11 insertions(+), 24 deletions(-) |
9 |
|
10 |
diff --git a/examples/livecd-stage2_template.spec b/examples/livecd-stage2_template.spec |
11 |
index 7398c972..4cb94d40 100644 |
12 |
--- a/examples/livecd-stage2_template.spec |
13 |
+++ b/examples/livecd-stage2_template.spec |
14 |
@@ -316,11 +316,11 @@ boot/kernel/gentoo/packages: |
15 |
# boot/kernel/gentoo/console: tty0 ttyS0 |
16 |
boot/kernel/gentoo/console: |
17 |
|
18 |
-# This feature will make sha512, blake2, or both checksums for every file in the iso (including files provided by livecd/overlay |
19 |
-# These checksums can be verified at boot using the genkernel option "verify" added to the kernel line. |
20 |
-# Currently this feature will generate both checksums if livecd/verify is defined to *any* value other than "blake2" or "sha512" |
21 |
+# Enables the generation of a isoroot_b2sums file containing a BLAKE2 digest of |
22 |
+# each file in the ISO. When 'livecd/bootargs' contains 'verify' this feature |
23 |
+# will be used to verify the contents of the ISO at boot time. |
24 |
# No checksums are generated if this is left commented. |
25 |
-#livecd/verify: sha512 |
26 |
+#livecd/verify: blake2 |
27 |
|
28 |
# This feature controls the depclean run after fsscript and before unmerge. |
29 |
# The default is unset, and will run emerge --depclean --with-bdeps=n which results |
30 |
diff --git a/targets/support/create-iso.sh b/targets/support/create-iso.sh |
31 |
index 9b10b7cf..b0e4d15e 100755 |
32 |
--- a/targets/support/create-iso.sh |
33 |
+++ b/targets/support/create-iso.sh |
34 |
@@ -94,30 +94,17 @@ else |
35 |
mkisofs_zisofs_opts="" |
36 |
fi |
37 |
|
38 |
-#we want to create a checksum for every file on the iso so we can verify it |
39 |
-#from genkernel during boot. Here we make a function to create the sha512sums, and blake2sums |
40 |
+# Generate list of checksums that genkernel can use to verify the contents of |
41 |
+# the ISO |
42 |
isoroot_checksum() { |
43 |
- echo "Creating checksums for all files included in the iso, please wait..." |
44 |
- if [ -z "${1}" ] || [ "${1}" = "sha512" ]; then |
45 |
- find "${clst_target_path}" -type f ! -name 'isoroot_checksums' ! -name 'isolinux.bin' ! -name 'isoroot_b2sums' -exec sha512sum {} + > "${clst_target_path}"/isoroot_checksums |
46 |
- ${clst_sed} -i "s#${clst_target_path}/\?##" "${clst_target_path}"/isoroot_checksums |
47 |
- fi |
48 |
- if [ -z "${1}" ] || [ "${1}" = "blake2" ]; then |
49 |
- find "${clst_target_path}" -type f ! -name 'isoroot_checksums' ! -name 'isolinux.bin' ! -name 'isoroot_b2sums' -exec b2sum {} + > "${clst_target_path}"/isoroot_b2sums |
50 |
- ${clst_sed} -i "s#${clst_target_path}/\?##" "${clst_target_path}"/isoroot_b2sums |
51 |
- fi |
52 |
+ echo ">> Creating checksums for all files included in the ISO" |
53 |
+ find "${clst_target_path}" -type f ! -name 'isoroot_b2sums' -exec b2sum {} + > "${clst_target_path}"/isoroot_b2sums |
54 |
+ ${clst_sed} -i "s#${clst_target_path}/\?##" "${clst_target_path}"/isoroot_b2sums |
55 |
} |
56 |
|
57 |
run_mkisofs() { |
58 |
- if [ -n "${clst_livecd_verify}" ]; then |
59 |
- if [ "${clst_livecd_verify}" = "sha512" ]; then |
60 |
- isoroot_checksum sha512 |
61 |
- elif [ "${clst_livecd_verify}" = "blake2" ]; then |
62 |
- isoroot_checksum blake2 |
63 |
- else |
64 |
- isoroot_checksum |
65 |
- fi |
66 |
- fi |
67 |
+ [ -n "${clst_livecd_verify}" ] && isoroot_checksum |
68 |
+ |
69 |
echo "Running \"mkisofs ${@}\"" |
70 |
mkisofs "${@}" || die "Cannot make ISO image" |
71 |
} |
72 |
-- |
73 |
2.24.1 |