Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Problem: "Verify SIP checksums" activity assumes checksums will be MD5 #88

Closed
sallain opened this issue Nov 20, 2024 · 2 comments
Closed

Problem: "Verify SIP checksums" activity assumes checksums will be MD5 #88

sallain opened this issue Nov 20, 2024 · 2 comments
Assignees
@mcantelon
Labels
bug Something isn't working Client: SFA

Comments

@sallain
Copy link
Contributor

sallain commented Nov 20, 2024

Describe the bug

The checksum validation activity assumes that checksums in the provided metadata will be MD5. However, the eCH-0160 standard states that MD5, SHA-256, SHA-512, and SHA-1 are all permissible. Some of the sample packages that we have use SHA-256, and therefore fail on checksum validation.

To Reproduce

Steps to reproduce the behavior:

  1. Upload a sample package with non-MD5 checksums (e.g. GEVER)
  2. See it fail!

Expected behavior

The activity should support all valid checksum algorithms. In the metadata file, the checksum's algorithm is defined:

<pruefalgorithmus>MD5</pruefalgorithmus>
<pruefsumme>aa1f7ad13064e1643ac85478296165af</pruefsumme>

<pruefalgorithmus>SHA-256</pruefalgorithmus>
<pruefsumme>F4F4789FD15E5B9B19E0F2C2D640AC2BEA0690424FFD9258E6B35028A1981D0B</pruefsumme>

The activity should check the pruefalgorithmus tag to determine the type of checksum and check using the correct algorithm.

Screenshots

If applicable, add screenshots to help explain your problem.

Additional context

Add any other context about the problem here.
@sallain sallain added bug Something isn't working Client: SFA labels Nov 20, 2024
@sallain sallain added this to Enduro Nov 20, 2024
@sallain sallain moved this to 👍 Ready in Enduro Nov 20, 2024
@mcantelon mcantelon self-assigned this Nov 22, 2024
mcantelon added a commit that referenced this issue Nov 25, 2024
@mcantelon
Support more checksum algorithms (#88)
cc1c537 
Added support for SHA-1, SHA-256, and SHA-512 file checksums.
@jraddaoui jraddaoui mentioned this issue Nov 25, 2024
Merged
mcantelon added a commit that referenced this issue Nov 26, 2024
@mcantelon
Support more checksum algorithms (#88)
4ac122f 
Added support for SHA-1, SHA-256, and SHA-512 file checksums.
@sallain
Copy link
Contributor Author

sallain commented Nov 28, 2024

Ran a package with SHA-256 checksums with no problems!

@sallain sallain closed this as completed Nov 28, 2024
@github-project-automation github-project-automation bot moved this from 🧐 QA to 🎉 Done in Enduro Nov 28, 2024
@sallain
Copy link
Contributor Author

sallain commented Nov 28, 2024

I also ran a package with mixed checksums (MD5, SHA-1, SHA-256, and SHA-512) and it also worked

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mcantelon mcantelon

Labels
bug Something isn't working Client: SFA
Projects
Enduro
Archived in project
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mcantelon @sallain