Purpose. Decide HASH_OK by recomputing the file digest under the declared algorithm and comparing hex strings. Everything is plain ASCII and offline.
Definition (must)
- File digest:
h_file = H_algo(file_bytes) - Default
algo = sha256unless overridden bykv:algo. Supported:{sha256, sha3_256, blake2b-256}(all 256-bit →64hex). - Stamps emit lowercase
64-hex in thesha256(file)field (historical label; algorithm comes fromkv:algo).
Producer procedure (deterministic)
- Open the target file in binary mode.
- Compute
H_algo(file_bytes)in one pass or streaming; both MUST yield the same hex digest. - Emit the hex digest as lowercase
64-hex and place it in thesha256(file)field.
Verifier procedure (deterministic)
- Select algorithm:
algo = kv:algoelsesha256. - Read file in binary; compute
h' = H_algo(file_bytes). - Shape check: recorded digest matches
[0-9a-f]{64}. - Compare as strings:
h' == recorded_hex→ setHASH_OK = true; elsefalse.
Notes (precision & safety)
- No normalization. Do not change bytes (no CRLF fixes, no encoding conversions, no metadata tweaks). Hash the exact bytes.
- Streaming allowed. Chunk size is free; the final digest must equal the monolithic hash.
- Case policy. Emit lowercase in stamps; verifiers may compare case-insensitively but SHOULD normalize to lowercase.
Common failure reasons
- File read in text mode (newline conversion).
- Digest not
64-hex or uppercase. kv:algodeclared but verifier uses defaultsha256.- File content changed since stamping.
Outcome
- Set
HASH_OK=true/false. Proceed to Clock Consistency (2.3).
Navigation
Back: SSM-Clock Stamp – Parse & Validate Fields (2.1)
Next: SSM-Clock Stamp – Clock Consistency (2.3)
SHUNYAYA 