taiki-e/install-action
1
0
Fork 0
mirror of https://github.com/taiki-e/install-action.git synced 2025-12-27 01:54:13 -05:00
Code Issues Packages Projects Releases Wiki Activity

codegen: Use ring instead of sha2

Browse Source 
```
    Updating crates.io index
     Locking 0 packages to latest compatible versions
    Removing block-buffer v0.10.4
    Removing cpufeatures v0.2.17
    Removing crypto-common v0.1.7
    Removing digest v0.10.7
    Removing generic-array v0.14.7
    Removing sha2 v0.10.9
    Removing typenum v1.19.0
    Removing version_check v0.9.5
```
This commit is contained in:
Taiki Endo
2025-12-17 20:19:06 +09:00
parent 936dbd8ac6
commit a62e6211cb
2 changed files with 5 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tools/codegen/Cargo.toml
View File

@@ -9,11 +9,11 @@ anyhow = "1"
flate2 = "1" flate2 = "1"
fs-err = "3" fs-err = "3"
minisign-verify = "0.2" minisign-verify = "0.2"
ring = "0.17"
semver = { version = "1", features = ["serde"] } semver = { version = "1", features = ["serde"] }
serde = "1" serde = "1"
serde_derive = "1" serde_derive = "1"
serde_json = "1" serde_json = "1"
sha2 = "0.10"
spdx = "0.13" spdx = "0.13"
tar = "0.4" tar = "0.4"
toml = { version = "0.9", default-features = false, features = ["parse", "serde"] } toml = { version = "0.9", default-features = false, features = ["parse", "serde"] }

9
tools/codegen/src/main.rs
View File

@@ -17,7 +17,6 @@ use install_action_internal_codegen::{
BaseManifest, HostPlatform, Manifest, ManifestDownloadInfo, ManifestRef, ManifestTemplate, BaseManifest, HostPlatform, Manifest, ManifestDownloadInfo, ManifestRef, ManifestTemplate,
ManifestTemplateDownloadInfo, Manifests, Signing, SigningKind, Version, workspace_root, ManifestTemplateDownloadInfo, Manifests, Signing, SigningKind, Version, workspace_root,
}; };
use sha2::{Digest as _, Sha256};
use spdx::expression::{ExprNode, ExpressionReq, Operator}; use spdx::expression::{ExprNode, ExpressionReq, Operator};
fn main() -> Result<()> { fn main() -> Result<()> {
@@ -343,8 +342,8 @@ fn main() -> Result<()> {
} }
eprintln!("getting sha256 hash for {url}"); eprintln!("getting sha256 hash for {url}");
let hash = Sha256::digest(&buf); let hash = ring::digest::digest(&ring::digest::SHA256, &buf);
let hash = format!("{hash:x}"); let hash = format!("{hash:?}").strip_prefix("SHA256:").unwrap().to_owned();
if let Some(digest) = digest { if let Some(digest) = digest {
if hash != digest.strip_prefix("sha256:").unwrap() { if hash != digest.strip_prefix("sha256:").unwrap() {
bail!( bail!(
@@ -386,8 +385,8 @@ fn main() -> Result<()> {
eprintln!("already downloaded"); eprintln!("already downloaded");
} else { } else {
download(&url)?.into_reader().read_to_end(&mut buf2)?; download(&url)?.into_reader().read_to_end(&mut buf2)?;
let hash = Sha256::digest(&buf2); let hash = ring::digest::digest(&ring::digest::SHA256, &buf2);
if format!("{hash:x}") != v.checksum { if format!("{hash:?}").strip_prefix("SHA256:").unwrap() != v.checksum {
bail!("checksum mismatch for {url}"); bail!("checksum mismatch for {url}");
} }
let decoder = flate2::read::GzDecoder::new(&*buf2); let decoder = flate2::read::GzDecoder::new(&*buf2);