From 027b508da8e12979ae893610f6336c31e6af2be5 Mon Sep 17 00:00:00 2001
From: John Johansen <john.johansen@canonical.com>
Date: Thu, 19 Dec 2024 11:00:10 -0800
Subject: [PATCH] parser: equality tests: convert to using sha256sum for the
 hashes

There is a general industry wide effort to move off of md5 and even
sha1 (see recent kernel changes). While in this particular use case it
doesn't make a difference (besides slightly lowering the chance of a
collision) switch to sha256sum to make sure our code doesn't depend on
tools that are deprecated and there is an effort to remove.

Signed-off-by: John Johansen <john.johansen@canonical.com>
---
 parser/tst/equality.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/parser/tst/equality.sh b/parser/tst/equality.sh
index 556582191..c06c7ba38 100755
--- a/parser/tst/equality.sh
+++ b/parser/tst/equality.sh
@@ -103,7 +103,7 @@ hash_binary_policy()
 	printf %s "$2" | ${APPARMOR_PARSER} --features-file "${_SCRIPTDIR}/features_files/$features_file" ${flags} > "$tmpdir/$1.bin" 2>"$dump"
 	rc=$?
 	if [ $rc -eq 0 ] ; then
-		hash=$(md5sum "${tmpdir}/$1.bin" | cut -d ' ' -f 1)
+		hash=$(sha256sum "${tmpdir}/$1.bin" | cut -d ' ' -f 1)
 		rc=$?
 	fi