Fix the calculation of package verification code which should not include algorithm information.

Bug: 293304694 Test: atest --host sbom_data_test Test: build/soong/tests/sbom_test.sh Change-Id: I94ea42284a9a6b5cc787a3489bfa575aa7663282
2023-07-31 14:12:52 -07:00
parent 9997fdbacf
commit f99db9977c
3 changed files with 162 additions and 1 deletions
--- a/tools/sbom/sbom_data.py
+++ b/tools/sbom/sbom_data.py
@@ -133,7 +133,7 @@ class Document:
      checksums = []
      for file in self.files:
        if file.id in package.file_ids:
-          checksums.append(file.checksum)
+          checksums.append(file.checksum.split(': ')[1])
      checksums.sort()
      h = hashlib.sha1()
      h.update(''.join(checksums).encode(encoding='utf-8'))