From af976619f2cc0badd250fb12628a0ac42b5a18ca Mon Sep 17 00:00:00 2001
From: specter25 <ujjwalcoding012@gmail.com>
Date: Sun, 21 Mar 2021 01:22:26 +0530
Subject: Create struct to store checksums

- Store the checksums in a struct with properties algorithm and value
- Define permitted algorithm as constants

Signed-off-by: specter25 <ujjwalcoding012@gmail.com>
---
 spdx/checksum.go | 26 ++++++++++++++++++++++++++
 spdx/file.go     |  8 +++++---
 spdx/package.go  |  7 ++++---
 3 files changed, 35 insertions(+), 6 deletions(-)
 create mode 100644 spdx/checksum.go

(limited to 'spdx')

diff --git a/spdx/checksum.go b/spdx/checksum.go
new file mode 100644
index 0000000..b689ff8
--- /dev/null
+++ b/spdx/checksum.go
@@ -0,0 +1,26 @@
+// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+package spdx
+
+// ChecksumAlgorithm2_2 represents the algorithm used to generate the file checksum in the Checksum2_2 struct.
+type ChecksumAlgorithm2_2 string
+
+// The checksum algorithms mentioned in the spdxv2.2.0 https://spdx.github.io/spdx-spec/4-file-information/#44-file-checksum
+const (
+	SHA224 ChecksumAlgorithm2_2 = "SHA224"
+	SHA1                        = "SHA1"
+	SHA256                      = "SHA256"
+	SHA384                      = "SHA384"
+	SHA512                      = "SHA512"
+	MD2                         = "MD2"
+	MD4                         = "MD4"
+	MD5                         = "MD5"
+	MD6                         = "MD6"
+)
+
+//Checksum2_2 struct Provide a unique identifier to match analysis information on each specific file in a package.
+// The Algorithm field describes the ChecksumAlgorithm2_2 used and the Value represents the file checksum
+type Checksum2_2 struct {
+	Algorithm ChecksumAlgorithm2_2
+	Value     string
+}
diff --git a/spdx/file.go b/spdx/file.go
index bfd47b7..bb3bcdd 100644
--- a/spdx/file.go
+++ b/spdx/file.go
@@ -105,9 +105,11 @@ type File2_2 struct {
 
 	// 4.4: File Checksum: may have keys for SHA1, SHA256 and/or MD5
 	// Cardinality: mandatory, one SHA1, others may be optionally provided
-	FileChecksumSHA1   string
-	FileChecksumSHA256 string
-	FileChecksumMD5    string
+	// FileChecksumSHA1   string
+	// FileChecksumSHA256 string
+	// FileChecksumMD5    string
+
+	FileChecksums map[ChecksumAlgorithm2_2]Checksum2_2
 
 	// 4.5: Concluded License: SPDX License Expression, "NONE" or "NOASSERTION"
 	// Cardinality: mandatory, one
diff --git a/spdx/package.go b/spdx/package.go
index 4af3903..9ad9317 100644
--- a/spdx/package.go
+++ b/spdx/package.go
@@ -192,9 +192,10 @@ type Package2_2 struct {
 
 	// 3.10: Package Checksum: may have keys for SHA1, SHA256 and/or MD5
 	// Cardinality: optional, one or many
-	PackageChecksumSHA1   string
-	PackageChecksumSHA256 string
-	PackageChecksumMD5    string
+	// PackageChecksumSHA1   string
+	// PackageChecksumSHA256 string
+	// PackageChecksumMD5    string
+	PackageChecksums map[ChecksumAlgorithm2_2]Checksum2_2
 
 	// 3.11: Package Home Page
 	// Cardinality: optional, one
-- 
cgit v1.2.3