Improve SHA* marking

2025-12-22 11:55:40 +01:00 · 2024-07-25 15:36:54 +02:00 · 2024-07-25 15:36:54 +02:00 · a131b0fb4b
commit a131b0fb4b
parent 257c316894
3 changed files with 99 additions and 63 deletions
--- a/cmd/csaf_downloader/downloader.go
+++ b/cmd/csaf_downloader/downloader.go
@ -501,23 +501,31 @@ nextAdvisory:
 			signData                   []byte
 		)

-		// Only hash when we have a remote counter part we can compare it with.
-		if remoteSHA256, s256Data, err = loadHash(client, file.SHA256URL()); err != nil {
-			slog.Warn("Cannot fetch SHA256",
-				"url", file.SHA256URL(),
-				"error", err)
+		if file.SHA256URL() == "" {
+			slog.Info("SHA256 not present", "file", file.URL())
 		} else {
-			s256 = sha256.New()
-			writers = append(writers, s256)
+			// Only hash when we have a remote counterpart we can compare it with.
+			if remoteSHA256, s256Data, err = loadHash(client, file.SHA256URL()); err != nil {
+				slog.Warn("Cannot fetch SHA256",
+					"url", file.SHA256URL(),
+					"error", err)
+			} else {
+				s256 = sha256.New()
+				writers = append(writers, s256)
+			}
 		}

-		if remoteSHA512, s512Data, err = loadHash(client, file.SHA512URL()); err != nil {
-			slog.Warn("Cannot fetch SHA512",
-				"url", file.SHA512URL(),
-				"error", err)
+		if file.SHA512URL() == "" {
+			slog.Info("SHA512 not present", "file", file.URL())
 		} else {
-			s512 = sha512.New()
-			writers = append(writers, s512)
+			if remoteSHA512, s512Data, err = loadHash(client, file.SHA512URL()); err != nil {
+				slog.Warn("Cannot fetch SHA512",
+					"url", file.SHA512URL(),
+					"error", err)
+			} else {
+				s512 = sha512.New()
+				writers = append(writers, s512)
+			}
 		}

 		// Remember the data as we need to store it to file later.