| 1 |
BLAKE2 is good and fast. Pentoo is using BLAKE2. There's no need for a |
| 2 |
second digest. |
| 3 |
|
| 4 |
Signed-off-by: Matt Turner <mattst88@g.o> |
| 5 |
--- |
| 6 |
examples/livecd-stage2_template.spec | 8 ++++---- |
| 7 |
targets/support/create-iso.sh | 27 +++++++-------------------- |
| 8 |
2 files changed, 11 insertions(+), 24 deletions(-) |
| 9 |
|
| 10 |
diff --git a/examples/livecd-stage2_template.spec b/examples/livecd-stage2_template.spec |
| 11 |
index 7398c972..4cb94d40 100644 |
| 12 |
--- a/examples/livecd-stage2_template.spec |
| 13 |
+++ b/examples/livecd-stage2_template.spec |
| 14 |
@@ -316,11 +316,11 @@ boot/kernel/gentoo/packages: |
| 15 |
# boot/kernel/gentoo/console: tty0 ttyS0 |
| 16 |
boot/kernel/gentoo/console: |
| 17 |
|
| 18 |
-# This feature will make sha512, blake2, or both checksums for every file in the iso (including files provided by livecd/overlay |
| 19 |
-# These checksums can be verified at boot using the genkernel option "verify" added to the kernel line. |
| 20 |
-# Currently this feature will generate both checksums if livecd/verify is defined to *any* value other than "blake2" or "sha512" |
| 21 |
+# Enables the generation of a isoroot_b2sums file containing a BLAKE2 digest of |
| 22 |
+# each file in the ISO. When 'livecd/bootargs' contains 'verify' this feature |
| 23 |
+# will be used to verify the contents of the ISO at boot time. |
| 24 |
# No checksums are generated if this is left commented. |
| 25 |
-#livecd/verify: sha512 |
| 26 |
+#livecd/verify: blake2 |
| 27 |
|
| 28 |
# This feature controls the depclean run after fsscript and before unmerge. |
| 29 |
# The default is unset, and will run emerge --depclean --with-bdeps=n which results |
| 30 |
diff --git a/targets/support/create-iso.sh b/targets/support/create-iso.sh |
| 31 |
index 9b10b7cf..b0e4d15e 100755 |
| 32 |
--- a/targets/support/create-iso.sh |
| 33 |
+++ b/targets/support/create-iso.sh |
| 34 |
@@ -94,30 +94,17 @@ else |
| 35 |
mkisofs_zisofs_opts="" |
| 36 |
fi |
| 37 |
|
| 38 |
-#we want to create a checksum for every file on the iso so we can verify it |
| 39 |
-#from genkernel during boot. Here we make a function to create the sha512sums, and blake2sums |
| 40 |
+# Generate list of checksums that genkernel can use to verify the contents of |
| 41 |
+# the ISO |
| 42 |
isoroot_checksum() { |
| 43 |
- echo "Creating checksums for all files included in the iso, please wait..." |
| 44 |
- if [ -z "${1}" ] || [ "${1}" = "sha512" ]; then |
| 45 |
- find "${clst_target_path}" -type f ! -name 'isoroot_checksums' ! -name 'isolinux.bin' ! -name 'isoroot_b2sums' -exec sha512sum {} + > "${clst_target_path}"/isoroot_checksums |
| 46 |
- ${clst_sed} -i "s#${clst_target_path}/\?##" "${clst_target_path}"/isoroot_checksums |
| 47 |
- fi |
| 48 |
- if [ -z "${1}" ] || [ "${1}" = "blake2" ]; then |
| 49 |
- find "${clst_target_path}" -type f ! -name 'isoroot_checksums' ! -name 'isolinux.bin' ! -name 'isoroot_b2sums' -exec b2sum {} + > "${clst_target_path}"/isoroot_b2sums |
| 50 |
- ${clst_sed} -i "s#${clst_target_path}/\?##" "${clst_target_path}"/isoroot_b2sums |
| 51 |
- fi |
| 52 |
+ echo ">> Creating checksums for all files included in the ISO" |
| 53 |
+ find "${clst_target_path}" -type f ! -name 'isoroot_b2sums' -exec b2sum {} + > "${clst_target_path}"/isoroot_b2sums |
| 54 |
+ ${clst_sed} -i "s#${clst_target_path}/\?##" "${clst_target_path}"/isoroot_b2sums |
| 55 |
} |
| 56 |
|
| 57 |
run_mkisofs() { |
| 58 |
- if [ -n "${clst_livecd_verify}" ]; then |
| 59 |
- if [ "${clst_livecd_verify}" = "sha512" ]; then |
| 60 |
- isoroot_checksum sha512 |
| 61 |
- elif [ "${clst_livecd_verify}" = "blake2" ]; then |
| 62 |
- isoroot_checksum blake2 |
| 63 |
- else |
| 64 |
- isoroot_checksum |
| 65 |
- fi |
| 66 |
- fi |
| 67 |
+ [ -n "${clst_livecd_verify}" ] && isoroot_checksum |
| 68 |
+ |
| 69 |
echo "Running \"mkisofs ${@}\"" |
| 70 |
mkisofs "${@}" || die "Cannot make ISO image" |
| 71 |
} |
| 72 |
-- |
| 73 |
2.24.1 |
Archives