From 5968f18061319ab8a85f8b77fc1fbff4f2c3983a Mon Sep 17 00:00:00 2001
From: Papoteur <papoteur@mageia.org>
Date: Fri, 31 Jan 2020 10:35:31 +0100
Subject: Compute and check the SHA3 sum instead of SHA512

---
 backend/raw_write.py | 23 ++++++++++++++---------
 1 file changed, 14 insertions(+), 9 deletions(-)

diff --git a/backend/raw_write.py b/backend/raw_write.py
index 48dbb9c..a940199 100755
--- a/backend/raw_write.py
+++ b/backend/raw_write.py
@@ -162,13 +162,15 @@ class Dumper(object):
         gpg = gnupg.GPG()
         gpg.encoding = 'utf-8'
         # Use Mageia public key
-        sig_file = source +'.sha512.gpg'
+        sum_type = 'sha3'
+        sig_file = "{}.{}.gpg".format(source, sum_type)
+        source_file = "{}.{}".format(source, sum_type)
         try:
             gpg.recv_keys('pgp.mit.edu', 'EDCA7A90')
             self.sum_check_searched = True
             with open(sig_file, 'rb') as g:
                 self.signature_found = True
-                verified = gpg.verify_file(g, source + ".sha512")
+                verified = gpg.verify_file(g, source_file)
                 if verified.valid:
                     self.signature_checked = True
                     logging.debug("signature checked")
@@ -179,12 +181,12 @@ class Dumper(object):
             logging.info(_("Signature file {} not found\n").format(sig_file))
         try:
             # Look for sum files in the same directory as source
-            with open(source+'.sha512','r') as fs:
+            with open(source_file,'r') as fs:
                 # Read the sum in the file
                 self.sum_check=(fs.readline()).split()[0]
             self.sum_file = True
         except:
-            logging.info(_("Sum SHA512 file {} not found\n").format(source+'.sha512'))
+            logging.info(_("Sum file {} not found\n").format(source_file))
             self.sum_file = False
 
     def _check_write(self, target, source):
@@ -197,7 +199,7 @@ class Dumper(object):
         steps.append(b)
         indice=0
         checked=0
-        sha512func=hashlib.sha512()
+        sha512func=hashlib.sha3_512()
         ncuts=int(b/1024)
         #try:
         with open(target, 'rb') as f:
@@ -213,15 +215,18 @@ class Dumper(object):
             sha512sumcalc=sha512func.hexdigest()
         f.close()
         if self.signature_found and not self.signature_checked:
-            self.return_message = _('Invalid signature for %s.sha512')%source
+                #,  keep the pourcent, this is the place for source file name
+            self.return_message = _('Invalid signature for %s')%source_file
         if (self.sum_check == "") :  # Can't get stored sum
-                self.return_message += _('SHA512 sum: {}').format(sha512sumcalc)
+                self.return_message += _('SHA3 sum: {}').format(sha512sumcalc)
         #  compare the sums
         elif (sha512sumcalc == self.sum_check) :
             if self.signature_checked:
-                self.return_message +="\n" + _("The sha512 sum check is OK and the sum is signed")
+                #,  keep the bracket, this is the place for sum type
+                self.return_message +="\n" + _("The {} sum check is OK and the sum is signed").format(sum_type)
             else :
-                self.return_message +="\n" + _("The sha512 sum check is OK but the signature can't be found")
+                #,  keep the bracket, this is the place for sum type
+                self.return_message +="\n" + _("The {} sum check is OK but the signature can't be found").format(sum_type)
         else:
             self.return_message +="\n" + _("/!\\The computed and stored sums don't match")
         #except:
-- 
cgit v1.2.1