Created
September 30, 2015 02:49
-
-
Save jpouellet/6466f64afad05c33e075 to your computer and use it in GitHub Desktop.
Verify hashes non-visually. Too many people only compare the first and/or last few hex digits, which is too easy to collide.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| z=$(basename "$0") | |
| err() { | |
| printf "%s: %s\n" "$z" "$1" >&2 | |
| exit 1 | |
| } | |
| usage() { | |
| printf "Usage: %s file hash [algo]\n" "$z" | |
| exit 2 | |
| } | |
| [ $# -eq 2 -o $# -eq 3 ] || usage | |
| file=$1 | |
| hash=$2 | |
| if [ $# -eq 3 ]; then | |
| algo="$3" | |
| else | |
| # Guess hash algorithm by length. | |
| len=$(printf %s "$2" | wc -c | awk '{print $1}') | |
| case "$len" in | |
| 128) algo=sha512 ;; | |
| 64) algo=sha256 ;; | |
| 40) algo=sha1 ;; | |
| 32) algo=md5 ;; | |
| *) err "unknown hash type (length $len)" ;; | |
| esac | |
| fi | |
| actual=$(openssl dgst -r -"$algo" < "$file" | cut -d' ' -f1) | |
| if [ X"$actual" = X"$hash" ]; then | |
| echo "$algo OK" | |
| exit 0 | |
| else | |
| echo "$algo FAIL" | |
| printf "\twanted: %s\n" "$hash" | |
| printf "\tactual: %s\n" "$actual" | |
| exit 1 | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment