验证文件的 SHA-256 总和，如果不符合预期则退出脚本

Question

I am attempting to make a bash script to auto-install a software I frequently work with, and I've arrived at a small issue. I would like my script to verify the validity of the downloaded file's sha256sum and either respond with a message of success or exit with an error message if it isn't what is expected.

Here's what I've tried so far (It works somewhat but doesn't exit on failure):

shasum panel.tar.gz |
awk $1=="acca80528628ad362c5733229203a6c4bb3d648a9c40be318ff9f4f9653d505d"{print"SHA256SUM validated, installation may proceed"}

It's a part of an installation script, I'd like for it to verify the shasum and then if it doesn't match the expected acca80528628ad362c5733229203a6c4bb3d648a9c40be318ff9f4f9653d505d , it should exit the entire script. The line I gave above keeps the script going as-is without stopping, even if the shasum doesn't match the expected.

Answer 1

Use a process substitution to create the checksum file for shasum -c on the fly:

checksum=acca80528628ad362c5733229203a6c4bb3d648a9c40be318ff9f4f9653d505d
shasum -c <(echo "$checksum panel.tar.gz")

Or pipe the contents to shasum , using - as the file name:

echo "$checksum panel.tar.gz" | shasum -c -

Look at the exit status to determine whether to continue.

if ! echo "$checksum panel.tar.gz" | shasum -c -; then
    echo "Checksum failed" >&2
    exit 1
fi

If you don't want to do anything other than exit immediately, you can use

echo "$checksum panel.tar.gz" | shasum -c - || exit 1

Answer 2

Simple use case, sign and verify a file against a given sum, in the view of proving ownership, and content integrity.

---

The author publish a file, and a sha256 fingerprint sum.

To get the sum, the author simply does:

sha256sum file

He gets a sha256 sum and the file name, separated by two spaces .

---

The reader, or anyone wanting to verify if the file is NOT altered , can do:

if [[ $(sha256sum file) = "75efecda52220be1c97ab2b29cd2880a089dff40b0f7967653535cb8b02e8cc2  file" ]];then echo "Signature OK"; fi