windows provisioning: automatically choose the right hash algorithm

...based on the length of the given hash. Additionally use -ine for string comparison, which explicitly does case-insensitive comparison. That is what the function needs, previously it was done implicitly by -ne. And remove MD5, it's not used anywhere. Pick-to: 6.10 6.8 6.5 Change-Id: Ib4303737e5e1d743dd0be1a8f829be9a0db2bc04 Reviewed-by: Tero Heikkinen <tero.heikkinen@qt.io> (cherry picked from commit e5e813ef90)
2026-04-18 02:56:07 +08:00 · 2026-03-12 13:05:43 +01:00
parent f6c3e33877
commit 54e04d08b8
8 changed files with 15 additions and 11 deletions
--- a/coin/provisioning/common/windows/helpers.ps1
+++ b/coin/provisioning/common/windows/helpers.ps1
@@ -2,16 +2,20 @@ function Verify-Checksum
 {
    Param (
        [string]$File=$(throw("You must specify a filename to get the checksum of.")),
-        [string]$Expected=$(throw("Checksum required")),
-        [ValidateSet("sha256","sha1","md5")][string]$Algorithm="sha1"
+        [string]$Expected=$(throw("Checksum required"))
    )
+    switch ($Expected.Length) {
+        40 { $Algorithm = "SHA1" }
+        64 { $Algorithm = "SHA256" }
+        default { throw "Unknown hash length for: $Expected" }
+    }
    Write-Host "Verifying checksum of $File"
    $fs = new-object System.IO.FileStream $File, "Open"
    $algo = [type]"System.Security.Cryptography.$Algorithm"
    $crypto = $algo::Create()
    $hash = [BitConverter]::ToString($crypto.ComputeHash($fs)).Replace("-", "")
    $fs.Close()
-    if ($hash -ne $Expected) {
+    if ($hash -ine $Expected) {
        throw "Checksum verification failed, got: '$hash' expected: '$Expected'"
    }
 }