I don’t know if I must report a security issue. I downloaded the torrent file from the download page for the 4.1.1 version. I downloaded the iso (and share…) but when I tried to verify the iso it fails.
The DIGEST is signed correctly.
gpg2 -v --verify Qubes-R4.1.1-x86_64.iso.DIGESTS
gpg: en-tête d'armure : Hash: SHA256
gpg: nom de fichier original : « »
gpg: Signature faite le ven. 15 juil. 2022 05:50:34 CEST
gpg: avec la clef RSA 5817A43B283DE5A9181A522E1848792F9E2795E9
gpg: utilisation du modèle de confiance pgp
gpg: Bonne signature de « Qubes OS Release 4 Signing Key » [totale]
gpg: signature mode texte, algorithme de hachage SHA256, algorithme de clef rsa4096
Test with sha256sum failed
sha256sum -c Qubes-R4.1.1-x86_64.iso.DIGESTS
sha256sum: Attention : 20 lignes ne sont pas correctement formatées
I will not say that I am 100% sure, but I did verification to be at 99,99%
It was the first thing I suspected and I still doubt the issue is not coming from transmission software. It notifies that the download was finished and the size of the iso was around 5,4 Go on the disk. That’s the part of the doubt, the real size the iso must have.
Did you check the file size of the torrented iso and compare it to the downloaded iso from the website? If the file sizes are the same, but one has a good hash and one has a bad hash, you likely downloaded a tampered qubes iso, and if so the developers would probably be interested in seeing it for research purposes.
Is it possible that your command is pulling the first sha256 hash available and that there are multiple sha256 hashes that differ depending on whether it is a download from the website or a torrent iso?
I’ve never heard of a sha512 being correct and a sha256 not being correct for the same file. I think it would be mathematically impossible absent some sort of error in the hash listings or user error. (edit: @chrisa is likely right, it would be mathematically so unlikely that it’s asymptotic to a probability of zero, but not in fact zero.)
I’m pretty sure, it’s possible to have 2 different inputs to sha512 give the same checksum (a collision) - but it would be unlikely to happen … and in that case, sha256 would be the “whistleblower” to say “Look! - they look the same to sha512, but they are not the same!”
I had to remove the torrented iso to download the iso from https because of disk space. I did du -sh for the size of the iso torrent, it will be better I just did du and compare the sizes.
Unfortunately It was afterward I thought that it would be a good idea to keep both iso for forensics. But first I focused on downloading the good file.
To clarify my initial message, for the torrented iso sha256sum was wrong and I try to get sh512 with openssl and compare the value within the DIGEST files. So both were wrong. The good sha512sum was the one for the iso downloaded with https.