https://issues.apache.org/bugzilla/show_bug.cgi?id=57344
Christopher Schultz <ch...@christopherschultz.net> changed: What |Removed |Added ---------------------------------------------------------------------------- OS| |All --- Comment #2 from Christopher Schultz <ch...@christopherschultz.net> --- (In reply to Konstantin Kolinko from comment #0) > 3) I do not have a command-line tool to automatically verify sha-512. > > There exist sha512sum from GNU, > http://www.gnu.org/software/coreutils/manual/coreutils.html#sha2-utilities > > but GnuWin32 CoreUtils do not have this tool. The 'sha512sum' command exists on both Debian and Amazon Linux (CentOS/RHEL compatible), and so I would imagine it's available on most Linux distributions. Mac OS X has 'shasum -a 512' which "mimics the behavior of GNU shaXsum" (according to the man page). As we use Apache Ant for building, why not just use <checksum>? https://ant.apache.org/manual/Tasks/checksum.html It can be configured to use any of the proposed formats... > 4) What file format shall we use? > > Apache Ant downloads are using hashsum + LF. > > We are using hashsum + " *" + filename, which is the format supported by > md5sum and sha1sum GNU utilities. > > `openssl dgst -sha512 filename` generates "SHA512(" + filename + ")= " > +hashsum +LF, but I think that openssl does not read this format. > > I think it would better to print just the hashsum value, but I wonder if > that is supported by sha512sum tool. I don't believe shaXsum can do that. I can't get the Mac version to do it, either. If sed/awk/etc can be relied upon, we can always cobble-together whatever combination of strings we need to make the tools happy. In what environments do we think that checksums will be verified? Ant's <checksum> can verify a signature as well as generate one. Is Ant/JVM any more/less trustworthy than shaXsum/openssl? -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org