Issue #17 チェックサムファイルの更新スクリプト

.devcontainer/Dockerfile

@@ -11,4 +11,7 @@ RUN apk add --no-cache \
 
 USER vscode
 
-RUN sh -c 'wget -O- https://git.io/shellspec | sh -s -- --yes'
+RUN \
+        # ShellSpec のインストール
+        sh -c 'wget -O- https://git.io/shellspec | sh -s -- --yes'
+

.devcontainer/devcontainer.json

@@ -5,31 +5,30 @@
     "build": {
         "dockerfile": "Dockerfile",
         // Update 'VARIANT' to pick an Alpine version: 3.10, 3.11, 3.12, 3.13
-        "args": { "VARIANT": "3.13" }
+        "args": {
+            "VARIANT": "3.13"
+        }
     },
-
     // Set *default* container specific settings.json values on container create.
     "settings": {
-        "terminal.integrated.shell.linux": "/bin/bash"
+        "terminal.integrated.profiles.linux": {
+            "bash (login)": {
+                "path": "/bin/bash",
+                "args": []
+            }
+        },
     },
-
     // Add the IDs of extensions you wanït installed when the container is created.
     // Note that some extensions may not work in Alpine Linux. See https://aka.ms/vscode-remote/linux.
     "extensions": [
         "foxundermoon.shell-format",
         "esbenp.prettier-vscode",
         "ms-azuretools.vscode-docker"
     ],
-
-    // Use 'forwardPorts' to make a list of ports inside the container available locally.
-    // "forwardPorts": [],
-
     // Use 'postCreateCommand' to run commands after the container is created.
-    // "postCreateCommand": "uname -a",
-
-    // Uncomment when using a ptrace-based debugger like C++, Go, and Rust
-    // "runArgs": [ "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" ],
-
-    // Comment out connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root.
+    "postCreateCommand": [
+        "./.devcontainer/postCreateCommand.sh"
+    ],
+    // Comment out below to connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root.
     "remoteUser": "vscode"
-}
+}

.devcontainer/postCreateCommand.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+# =============================================================================
+#  postCreateCommand for devcontainer.json
+# =============================================================================
+#  このファイルは Dev Container がビルドされた後、コンテナ内で実行されるスクリプトです。
+
+PATH_DIR_ROOT_REPO="$(dirname "$(cd "$(dirname "$0")" && pwd)")"
+PATH_FILE_WELCOME="${PATH_DIR_ROOT_REPO}/.devcontainer/welcome_msg.sh"
+PATH_FILE_LINT="${PATH_DIR_ROOT_REPO}/.github/run-lint.sh"
+PATH_FILE_TEST="${PATH_DIR_ROOT_REPO}/.github/run-test.sh"
+PATH_FILE_UPDATE_HASH="${PATH_DIR_ROOT_REPO}/.github/update-checksum.sh"
+PATH_FILE_VERIFY_HASH="${PATH_DIR_ROOT_REPO}/.github/verify-checksum.sh"
+
+# カレント・ユーザの .bashrc に追記
+{
+    # コマンドのエイリアス
+    echo "alias welcome='${PATH_FILE_WELCOME}'"
+    echo "alias run-lint='${PATH_FILE_LINT}'"
+    echo "alias run-test='${PATH_FILE_TEST}'"
+    echo "alias update-checksum='${PATH_FILE_UPDATE_HASH}'"
+    echo "alias verify-checksum='${PATH_FILE_VERIFY_HASH}'"
+
+    # ウェルカム・メッセージの表示
+    echo "$PATH_FILE_WELCOME"
+
+    # リポジトリのルートディレクトリのパスを環境変数にセット
+    # shellcheck disable=SC2016
+    echo "export PATH_DIR_ROOT_REPO=\"${PATH_DIR_ROOT_REPO}\""
+} >>"${HOME}/.bashrc"

.devcontainer/welcome_msg.sh

@@ -0,0 +1,33 @@
+#!/bin/bash
+# =============================================================================
+#  Bash ログイン時（新規ターミナル起動時）に表示されるメッセージ
+# =============================================================================
+#  テストの実行コマンドのパスなど、コンテナ内で知っておくと便利なメッセージを表示します。
+
+# OS 情報の取得
+. /etc/os-release
+
+cat <<HEREDOC
+===============================================================================
+ QiiCipher 開発コンテナにようこそ
+===============================================================================
+- 現在のユーザ: $(whoami)
+- 現在の作業ディレクトリ: $(pwd)
+- OS: ${PRETTY_NAME}
+- Alpine 用のパッケージ検索と追加:
+    $ apk list --no-cache <パッケージ名>
+    $ sudo apk add --no-cace <パッケージ名>
+- 自動フォーマッタの実行
+    Alt + Shift + F
+- このメッセージの再表示
+    $ welcome
+- チェックサムファイルの更新
+    $ update-checksum
+- テストの実行
+  構文チェック/Lint の実行 ... shfmt, shellcheck が実行されます
+    $ run-lint
+  ユニットテストの実行 ... shellspec が実行されます
+    $ run-test
+  チェックサムファイルのハッシュ値確認
+    $ verify-checksum
+HEREDOC

.github/run-lint.sh

@@ -6,11 +6,14 @@
 # -----------------------------------------------------------------------------
 #  Constants
 # -----------------------------------------------------------------------------
+SUCCESS=0
+FAILURE=1
+NAME_FILE_CHECKSUM='checksum.sha512'
+
 PATH_DIR_REPO="$(dirname "$(cd "$(dirname "$0")" && pwd)")"
 PATH_DIR_BIN="${PATH_DIR_REPO}/bin"
 PATH_DIR_RETURN="$(cd . && pwd)"
-SUCCESS=0
-FAILURE=1
+PATH_FILE_CHECKSUM="${PATH_DIR_BIN}/${NAME_FILE_CHECKSUM}"
 
 # 拡張子のないスクリプトファイル一覧（テスト対象リスト）
 LIST_SCRIPT_NO_EXT="archive check dec enc keygen sign verify checkkeylength dearchive"
@@ -122,15 +125,30 @@ cd "$PATH_DIR_REPO" || {
 
     exit $FAILURE
 }
+trap 'cd "$PATH_DIR_RETURN"' 0
 
 echo '-------------------------------------------------------------------------------'
 echo ' Running linters'
 echo '-------------------------------------------------------------------------------'
 runShfmt
 runShellCheck
 
-cd "$PATH_DIR_RETURN" || {
-    echo >&2 "Failed to change dir to: ${PATH_DIR_RETURN}"
+echo '-------------------------------------------------------------------------------'
+echo ' Verifying Checksum File'
+echo '-------------------------------------------------------------------------------'
+
+printf "%s" '- Checksum ... '
+
+cd "$PATH_DIR_BIN" || {
+    echo >&2 "Failed to change dir to: ${PATH_DIR_BIN}"
+
+    exit $FAILURE
+}
+
+result=$(sha512sum -c "$PATH_FILE_CHECKSUM") || {
+    echo >&2 "$result"
+    echo >&2 "Filed to verify checksum."
 
     exit $FAILURE
 }
+echo 'OK'

.github/update-checksum.sh

@@ -0,0 +1,100 @@
+#!/bin/sh
+# =============================================================================
+#  Update CheckSUM
+# =============================================================================
+#  このスクリプトは bin ディレクトリの各コマンドの SHA512 ハッシュの値を checksum.sha512
+#  に出力するスクリプトです。署名はされません。
+
+# -----------------------------------------------------------------------------
+#  Constants
+# -----------------------------------------------------------------------------
+SUCCESS=0
+FAILURE=1
+LIST_SCRIPT_BIN="archive check dec enc keygen sign verify checkkeylength dearchive"
+NAME_FILE_CHECKSUM="checksum.sha512"
+
+PATH_DIR_REPO="$(dirname "$(cd "$(dirname "$0")" && pwd)")"
+PATH_DIR_RETURN="$(cd . && pwd)"
+PATH_DIR_BIN="${PATH_DIR_REPO}/bin"
+PATH_FILE_CHECKSUM="${PATH_DIR_BIN}/${NAME_FILE_CHECKSUM}"
+
+# -----------------------------------------------------------------------------
+#  Setup
+# -----------------------------------------------------------------------------
+cd "$PATH_DIR_BIN" || {
+    echo >&2 "ディレクトリの移動に失敗しました。bin ディレクトリに移動できません。"
+
+    exit $FAILURE
+}
+trap 'cd "$PATH_DIR_RETURN"' 0
+
+# -----------------------------------------------------------------------------
+#  Function
+# -----------------------------------------------------------------------------
+# appendChecksum は LIST_SCRIPT_BIN
+appendChecksum() {
+    # shellcheck disable=SC2086
+    set -- $LIST_SCRIPT_BIN
+
+    # LIST_SCRIPT_BIN のループごとにチェックサムを追記
+    while [ "${1:+none}" ]; do
+        path_file_target="${1}"
+
+        if [ ! -r "$path_file_target" ]; then
+            echo >&2 "圧縮＆暗号化したいファイル ${path_file_target} が見つかりません。"
+
+            return $FAILURE
+        fi
+
+        # ハッシュ値を取得
+        hashCurrent="$(openssl sha512 "$path_file_target" 2>&1)" || {
+            echo >&2 "ファイルのハッシュ値取得に失敗しました。ファイル: ${path_file_target}"
+            echo >&2 "$hashCurrent"
+
+            return $FAILURE
+        }
+
+        # 更新（追記）
+        echo "$hashCurrent" >>"$PATH_FILE_CHECKSUM"
+
+        shift
+    done
+
+    return $SUCCESS
+}
+
+verifyChecksum() {
+    result=$(sha512sum -c "$PATH_FILE_CHECKSUM") || {
+        echo >&2 "$result"
+
+        return $FAILURE
+    }
+
+    return $SUCCESS
+}
+
+# -----------------------------------------------------------------------------
+#  Main
+# -----------------------------------------------------------------------------
+# チェックサムファイルの初期化
+cat /dev/null >"$PATH_FILE_CHECKSUM"
+
+# ハッシュ値の更新
+printf "%s" "- ハッシュ値を更新します ... "
+appendChecksum || {
+    echo >&2 "* エラー：ハッシュ値の更新に失敗しました。"
+
+    exit $FAILURE
+}
+echo 'OK'
+
+# ハッシュ値の照合
+printf "%s" "- ハッシュ値を照合します ... "
+verifyChecksum || {
+    echo >&2 "* エラー：ハッシュ値の照合に失敗しました。"
+
+    exit $FAILURE
+}
+echo 'OK'
+
+echo 'OK: チェックサム用のハッシュ値の更新が完了しました。'

.github/verify-checksum.sh

@@ -0,0 +1,53 @@
+#!/bin/sh
+# =============================================================================
+#  Update CheckSUM
+# =============================================================================
+#  このスクリプトは bin ディレクトリの各コマンドの SHA512 ハッシュの値を checksum.sha512
+#  に出力するスクリプトです。署名はされません。
+
+# -----------------------------------------------------------------------------
+#  Constants
+# -----------------------------------------------------------------------------
+SUCCESS=0
+FAILURE=1
+NAME_FILE_CHECKSUM="checksum.sha512"
+
+PATH_DIR_REPO="$(dirname "$(cd "$(dirname "$0")" && pwd)")"
+PATH_DIR_RETURN="$(cd . && pwd)"
+PATH_DIR_BIN="${PATH_DIR_REPO}/bin"
+PATH_FILE_CHECKSUM="${PATH_DIR_BIN}/${NAME_FILE_CHECKSUM}"
+
+# -----------------------------------------------------------------------------
+#  Setup
+# -----------------------------------------------------------------------------
+cd "$PATH_DIR_BIN" || {
+    echo >&2 "ディレクトリの移動に失敗しました。bin ディレクトリに移動できません。"
+
+    exit $FAILURE
+}
+trap 'cd "$PATH_DIR_RETURN"' 0
+
+# -----------------------------------------------------------------------------
+#  Functions
+# -----------------------------------------------------------------------------
+verifyChecksum() {
+    result=$(sha512sum -c "$PATH_FILE_CHECKSUM") || {
+        echo >&2 "$result"
+
+        return $FAILURE
+    }
+
+    return $SUCCESS
+}
+
+# -----------------------------------------------------------------------------
+#  Main
+# -----------------------------------------------------------------------------
+# ハッシュ値の照合
+printf "%s" "- ハッシュ値を照合します ... "
+verifyChecksum || {
+    echo >&2 "* エラー：ハッシュ値の照合に失敗しました。"
+
+    exit $FAILURE
+}
+echo 'OK'

Dockerfile

@@ -19,6 +19,7 @@ FROM alpine:latest AS testbuild
 RUN apk add --no-cache \
     openssl \
     openssh \
+    coreutils \
     ca-certificates && update-ca-certificates
 
 # Install requirements for testing
@@ -47,6 +48,7 @@ FROM alpine
 RUN apk add --no-cache \
     openssl \
     openssh \
+    coreutils \
     ca-certificates && update-ca-certificates
 
 COPY --from=testbuild /app/bin /usr/local/sbin

bin/checksum.sha512

@@ -1,5 +1,9 @@
-SHA512(enc)= 1dbe9385c98b037c504a97eea73968c917bda3242be10b1b5edd0e8e9ea4d0e8c23e0d03d14b5532c530af2c6836336a3f308b62bd5702c2cdd0a23111078ee9
-SHA512(dec)= 84b5792acc10b50c5f377c05fa17f8bb5787a8a8530327d8cf56ad725b2af040a3127429660db31e84bce7c1791737e712c6308e99940e243d3ed8376e436d99
-SHA512(check)= 52d72637792dc031a316d6d18286d406857062a6c1c0ced4e8b39c1363a40b4172688c0d542dcca2af67a06522c0abb7cd9776d55698b6b8c58beede0572b935
-SHA512(sign)= f1079e594aff9c06b4c0d2f5e9839fa2531f9179321e9a70e2679e150b780f7c8fca65b8c821133716f85d9790f092808f98af7481ab008f01a792b53e6746b8
-SHA512(verify)= a6f7602fadd1c3b28609a3e0b0ad64f7d65243054fdebf7c53aaa11abf9bbebe1c54b5c5b8250e88e69dd37bab6056f2a641c25cd5d05d63bfa8e4386ef52fb7
+SHA512(archive)= fcb4698a5f4f96800ae240dc89cba9357b1cf790580caa32b2e812cd3ff9e86ae78f83ef55052ab55915d8fdf2084d0449bf2de3d194923b679eb7718bb340c2
+SHA512(check)= 692552538d1de7ac088028e3e7534cb1cd4bff36414182c9144d0c3007e3b9a6f903deb1a4a998724e6dd2e2b302e29401e6da396ba9e85c8d7b1adfa41530b5
+SHA512(dec)= fc008d500df780fbd346546530881a892f8d675ace94acedb27f137d86bf4f340e18089847c541c43593453097d8a73c5b9a750bf869c9f366ebaa85e4c4f2cf
+SHA512(enc)= be9026689c4f372eb4a43e73a0da226a40cea0bec3329522ec0b6368c489d9340721a97d88efb9933e6b18b24e097789b651992717313a86e9d28581581ed904
+SHA512(keygen)= 19cd976454b9bf76080bfb2ad4c294a1cd5d1fa39956a84e3a8b06e342f5dcb1d107be7df444369b8386c75935dbd497df53b4b5f103db5ec13c937dfbaeee62
+SHA512(sign)= 41f0f7561e54b74c077cf9db185f26c578a9684d4392ae167faac0799891407577dc43c279dbaba9ad060cc09c2662e4d6dd62ef05128c6ba493f1e356a59393
+SHA512(verify)= eabbf0253650f6acce4a2359fb45cf084997a7108017eaca453da5c157c8d1a04a34abce7dfcb19d13c95f28c7b895d73c79c0fa8c2d5b873d5700a8fb480e6c
+SHA512(checkkeylength)= b08b5a0d0cee7a872ed0354251f30228663b386f30b5c08bb6feba2c6cbf71425cdfc8d40f89af85766e63fc404a8917717a342917259fec4f71d3ae1a72b28e
+SHA512(dearchive)= ec09979610be4ba119edf38a252fde9367f9a3c4a50027da1635e1268d01e1df5103dd0728b8335b7a751841e7d6ed8cb39be61b2c580dc8e59995f131cdddbb