Bug 136153

Summary: Need better way to validate checksums
Product: [Fedora] Fedora Reporter: Need Real Name <lsof>
Component: coreutilsAssignee: Tim Waugh <twaugh>
Status: CLOSED WONTFIX QA Contact: Bill Nottingham <notting>
Severity: medium Docs Contact:
Priority: medium    
Version: 3CC: rvokal
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-12-03 12:40:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Need Real Name 2004-10-18 12:17:19 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; 
SV1; .NET CLR 1.1.4322)

Description of problem:
The md5sum and sha1sum programs both take a -c option to have them 
check that a file matches its checksum.

md5sum will return nothing if the checksum is okay, otherwise it will 
complain.
sha1sum will print a message saying "OK" if it's checksum is okay, 
otherwise it will also complain.

Both programs only seem to take notice of their own checksums, i.e. 
when passed a file using -c, sha1sum ignores MD5sums, and md5sum 
ignores SHA1sums.
I'm not sure if this is by design, but if it is, this enables 
multiple checksum formats to be stored in the same file.

What would be nice if there was a wrapper command that ran both 
md5sum and sha1sum on a given file, and complains if any checksums 
are bad.

This could address the issue of a checksumming algorithm being 
compromised.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
x

Additional info:
Comment 1 Tim Waugh 2004-12-03 12:40:17 UTC 
Is it really worth a separate wrapper script to do this?

#!/bin/bash
md5sum "$@"
sha1sum "$@"