Ability to ignore file size

[obilodeau]

Hi,

It would be nice if the file size could be ignored from the -k file format.

This would enable a use case like the following: find any files matching hashes in the -k file in a directory.

hashdeep -k hashes -c md5 -a -r samples/*

Where hashes is:

%%%% HASHDEEP-1.0
%%%% size,md5,filename
0,a6b2ce1cc02c902ba6374210faf786a3,a
0,83b383884405190683d748f4a95f48d4,b
0,62fc46151cfe1e57a8fa00065bde57b0,c

Useful to look for specific malware samples in a directory full of them. This community exchanges hashes not file sizes.

Thanks!