- apply suggested fixes

lib/checksum.go

@@ -17,7 +17,7 @@ import (
 func getChecksumFromHashFile(signatureFilePath string, terraformFileName string) (string, error) {
 	readFile, err := os.Open(signatureFilePath)
 	if err != nil {
-		fmt.Println("[Error]: Could not open ", signatureFilePath)
+		fmt.Println("[Error] : Could not open ", signatureFilePath)
 		return "", err
 	}
 	defer readFile.Close()
@@ -38,17 +38,17 @@ func checkChecksumMatches(hashFile string, targetFile *os.File) bool {
 	_, fileName := filepath.Split(targetFile.Name())
 	expectedChecksum, err := getChecksumFromHashFile(hashFile, fileName)
 	if err != nil {
-		fmt.Println("[Error]: could not get expected checksum from file: " + err.Error())
+		fmt.Println("[Error] : Could not get expected checksum from file: " + err.Error())
 		return false
 	}
 	hash := sha256.New()
 	if _, err := io.Copy(hash, targetFile); err != nil {
-		fmt.Println("[Error]: Calculating Checksum failed: " + err.Error())
+		fmt.Println("[Error] : Calculating Checksum failed: " + err.Error())
 		return false
 	}
 	checksum := hex.EncodeToString(hash.Sum(nil))
 	if expectedChecksum != checksum {
-		fmt.Println("[Error]: Checksum mismatch. Expected: ", expectedChecksum, " got ", checksum)
+		fmt.Println("[Error] : Checksum mismatch. Expected: ", expectedChecksum, " got ", checksum)
 		return false
 	}
 	return true
@@ -59,13 +59,13 @@ func checkSignatureOfChecksums(keyRingReader *os.File, hashFile *os.File, signat
 	log.Println("Verifying signature of checksum file...")
 	keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader)
 	if err != nil {
-		log.Fatal("[Error]: Read armored key ring: " + err.Error())
+		log.Fatal("[Error] : Read armored key ring: " + err.Error())
 		return false
 	}
 
 	_, err = openpgp.CheckDetachedSignature(keyring, hashFile, signatureFile)
 	if err != nil {
-		log.Fatal("[Error]: Checking detached signature: " + err.Error())
+		log.Fatal("[Error] : Checking detached signature: " + err.Error())
 		return false
 	}
 	log.Println("Verification successful.")

lib/download.go

@@ -28,52 +28,44 @@ func DownloadFromURL(installLocation string, mirrorURL string, tfversion string,
 	err := downloadPublicKey(installLocation, pubKeyFilename)
 	if err != nil {
 		log.Fatal("[Error]: Could not download public key file")
-		return "", err
 	}
 
 	log.Println("Downloading ", zipUrl)
 	zipFilePath, err := downloadFromURL(installLocation, zipUrl)
 	if err != nil {
 		log.Fatal("[Error]: Could not download zip file")
-		return "", err
 	}
 
 	log.Println("Downloading ", hashUrl)
 	hashFilePath, err := downloadFromURL(installLocation, hashUrl)
 	if err != nil {
 		log.Fatal("[Error]: Could not download hash file")
-		return "", err
 	}
 
 	log.Println("Downloading ", hashSignatureUrl)
 	hashSigFilePath, err := downloadFromURL(installLocation, hashSignatureUrl)
 	if err != nil {
 		log.Fatal("[Error]: Could not download hash signature file")
-		return "", err
 	}
 
 	publicKeyFile, err := os.Open(pubKeyFilename)
 	if err != nil {
-		log.Fatal("[Error]: Could not open the public key")
-		return "", err
+		log.Fatal("[Error]: Could not open the public key.", pubKeyFilename)
 	}
 
 	signatureFile, err := os.Open(hashSigFilePath)
 	if err != nil {
-		log.Fatal("[Error]: Could not open the public key")
-		return "", err
+		log.Fatal("[Error]: Could not open the signature file.", hashSigFilePath)
 	}
 
 	targetFile, err := os.Open(zipFilePath)
 	if err != nil {
-		log.Fatal("[Error]: Could not open the terraform binary for signature verification.")
-		return "", err
+		log.Fatal("[Error]: Could not open the terraform binary for checksum verification.", zipFilePath)
 	}
 
 	hashFile, err := os.Open(hashFilePath)
 	if err != nil {
-		log.Fatal("[Error]: Could not open the terraform binary for signature verification.")
-		return "", err
+		log.Fatal("[Error]: Could not open the terraform checksum file for signature verification.", hashFilePath)
 	}
 	verified := checkSignatureOfChecksums(publicKeyFile, hashFile, signatureFile)
 	if !verified {

test-data/checksum-check-file

@@ -4,4 +4,4 @@ Duis autem vel eum iriure dolor in hendrerit in vulputate velit esse molestie co
 
 Ut wisi enim ad minim veniam, quis nostrud exerci tation ullamcorper suscipit lobortis nisl ut aliquip ex ea commodo consequat. Duis autem vel eum iriure dolor in hendrerit in vulputate velit esse molestie consequat, vel illum dolore eu feugiat nulla facilisis at vero eros et accumsan et iusto odio dignissim qui blandit praesent luptatum zzril delenit augue duis dolore te feugait nulla facilisi.
 
-Nam liber tempor cum soluta nobis eleifend option congue nihil imperdiet doming id quod mazim placerat facer possim assum. Lorem ipsum dolor sit amet, consectetuer adipiscing elit, sed diam nonummy nibh euismod tincidunt ut laoreet dolore magna aliquam erat volutpat. Ut wisi enim ad minim veniam, quis nostrud exerci tation ullamcorper suscipit lobortis nisl ut aliquip ex ea commodo consequat.
+Nam liber tempor cum soluta nobis eleifend option congue nihil imperdiet doming id quod mazim placerat facer possim assum. Lorem ipsum dolor sit amet, consectetuer adipiscing elit, sed diam nonummy nibh euismod tincidunt ut laoreet dolore magna aliquam erat volutpat. Ut wisi enim ad minim veniam, quis nostrud exerci tation ullamcorper suscipit lobortis nisl ut aliquip ex ea commodo consequat.

test-data/terraform_1.7.5_SHA256SUMS

@@ -12,4 +12,4 @@ c0416b6b9fe0155bb3377e39a3f584b9f7b9a11a1236b9ea8cf7c074a804a513  terraform_1.7.
 385af229bd76a058c221b9c0be56f02a7d0fa2535620040c9c895df00e0f09ee  terraform_1.7.5_solaris_amd64.zip
 2639c9444c6091fd5ad76f112040d592e99931489582ada4d485c12a64a79052  terraform_1.7.5_windows_386.zip
 9b7be6ae159191ec1f4b5b9d27529ae5243e41020fb545c0041235bec8d92269  terraform_1.7.5_windows_amd64.zip
-5df31bd6da3ed91eb3fb8e5a7616fd2f59edb488a110f6d43621ca2136037d9a  checksum-check-file
+4083a1996695af4c8d1ac1079c47746cbf4bb58011faa644311c98a55b1de630  checksum-check-file