Skip to content
This repository has been archived by the owner. It is now read-only.

Wrong hash algorithm in checksum file? #2

Closed
lfam opened this issue Jul 10, 2016 · 2 comments
Closed

Wrong hash algorithm in checksum file? #2

lfam opened this issue Jul 10, 2016 · 2 comments

Comments

@lfam
Copy link

@lfam lfam commented Jul 10, 2016

I downloaded letskencrypt-portable-0.1.7.tgz and the associated file letskencrypt-portable-0.1.7.sha256 from https://kristaps.bsd.lv/letskencrypt/snapshots/.

However, the checksum contains a SHA512 hash rather than a SHA256 hash:

$ cat letskencrypt-portable-0.1.7.sha256 
SHA512(letskencrypt-portable.tgz)= 8b0e7e47054ce272486d472cef9e48c54b6179cd2da50967f373dd552ff59dd495758c56f8e147513267800254909e88304908f1495a969ed24ce8b43c0c64de

Also, the checksum itself was calculated on the "unversioned" filename, which is a little confusing, since the filename of the checksum includes the version.

It's probably worth signing the checksum as well, whether with PGP or signify.

@kristapsdz
Copy link
Owner

@kristapsdz kristapsdz commented Jul 12, 2016

Thanks! This has been fixed in the latest release of 0.1.8, now at kristaps.bsd.lv/letskencrypt.

@kristapsdz kristapsdz closed this Jul 12, 2016
@kristapsdz
Copy link
Owner

@kristapsdz kristapsdz commented Jul 12, 2016

(Except for the signature, which is a larger question that'll be answered in due time...)

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants