moved checkSumTest.file, checksum.java, and checksumTest.java to dependency-check-utils

Former-commit-id: 0c05e466b5fe071ca55552660d471431572c0558

dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Checksum.java

@@ -0,0 +1,117 @@
+package org.owasp.dependencycheck.utils;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+/**
+ * Includes methods to generate the MD5 and SHA1 checksum.
+ *
+ * This code was copied from Real's How To. It has been slightly modified.
+ *
+ * Written and compiled by Réal Gagnon ©1998-2012
+ *
+ * @author Real's How To: http://www.rgagnon.com/javadetails/java-0416.html
+ *
+ */
+public final class Checksum {
+    
+    /**
+     * The logger.
+     */
+    private static final Logger LOGGER = Logger.getLogger(Checksum.class.getName());
+    /**
+     * Private constructor for a utility class.
+     */
+    private Checksum() {
+    }
+
+    /**
+     * <p>Creates the cryptographic checksum of a given file using the specified
+     * algorithm.</p> <p>This algorithm was copied and heavily modified from
+     * Real's How To: http://www.rgagnon.com/javadetails/java-0416.html</p>
+     *
+     * @param algorithm the algorithm to use to calculate the checksum
+     * @param file the file to calculate the checksum for
+     * @return the checksum
+     * @throws IOException when the file does not exist
+     * @throws NoSuchAlgorithmException when an algorithm is specified that does
+     * not exist
+     */
+    public static byte[] getChecksum(String algorithm, File file) throws NoSuchAlgorithmException, IOException {
+        InputStream fis = null;
+        byte[] buffer = new byte[1024];
+        MessageDigest complete = MessageDigest.getInstance(algorithm);
+        int numRead;
+        try {
+            fis = new FileInputStream(file);
+            do {
+                numRead = fis.read(buffer);
+                if (numRead > 0) {
+                    complete.update(buffer, 0, numRead);
+                }
+            } while (numRead != -1);
+        } finally {
+            if (fis != null) {
+                try {
+                    fis.close();
+                } catch (IOException ex) {
+                    LOGGER.log(Level.FINEST, "Error closing file '" + file.getName() + "'.", ex);
+                }
+            }
+        }
+        return complete.digest();
+    }
+
+    /**
+     * Calculates the MD5 checksum of a specified file.
+     *
+     * @param file the file to generate the MD5 checksum
+     * @return the hex representation of the MD5 hash
+     * @throws IOException when the file passed in does not exist
+     * @throws NoSuchAlgorithmException when the MD5 algorithm is not available
+     */
+    public static String getMD5Checksum(File file) throws IOException, NoSuchAlgorithmException {
+        byte[] b = getChecksum("MD5", file);
+        return getHex(b);
+    }
+
+    /**
+     * Calculates the SHA1 checksum of a specified file.
+     *
+     * @param file the file to generate the MD5 checksum
+     * @return the hex representation of the SHA1 hash
+     * @throws IOException when the file passed in does not exist
+     * @throws NoSuchAlgorithmException when the SHA1 algorithm is not available
+     */
+    public static String getSHA1Checksum(File file) throws IOException, NoSuchAlgorithmException {
+        byte[] b = getChecksum("SHA1", file);
+        return getHex(b);
+    }
+    private static final String HEXES = "0123456789ABCDEF";
+
+    /**
+     * <p>Converts a byte array into a hex string.</p>
+     *
+     * <p>This method was copied from <a
+     * href="http://www.rgagnon.com/javadetails/java-0596.html">http://www.rgagnon.com/javadetails/java-0596.html</a></p>
+     *
+     * @param raw a byte array
+     * @return the hex representation of the byte array
+     */
+    public static String getHex(byte[] raw) {
+        if (raw == null) {
+            return null;
+        }
+        final StringBuilder hex = new StringBuilder(2 * raw.length);
+        for (final byte b : raw) {
+            hex.append(HEXES.charAt((b & 0xF0) >> 4)).append(HEXES.charAt((b & 0x0F)));
+        }
+        return hex.toString();
+    }
+}

dependency-check-utils/src/test/java/org/owasp/dependencycheck/utils/ChecksumTest.java

@@ -0,0 +1,150 @@
+/*
+ * This file is part of dependency-check-core.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Copyright (c) 2012 Jeremy Long. All Rights Reserved.
+ */
+package org.owasp.dependencycheck.utils;
+
+import java.io.File;
+import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.owasp.dependencycheck.utils.Checksum;
+import org.owasp.dependencycheck.utils.Checksum;
+
+/**
+ *
+ * @author Jeremy Long <jeremy.long@owasp.org>
+ */
+public class ChecksumTest {
+
+    @BeforeClass
+    public static void setUpClass() throws Exception {
+    }
+
+    @AfterClass
+    public static void tearDownClass() throws Exception {
+    }
+
+    @Before
+    public void setUp() throws Exception {
+    }
+
+    @After
+    public void tearDown() throws Exception {
+    }
+
+    /**
+     * Test of getChecksum method, of class Checksum.
+     *
+     * @throws Exception thrown when an exception occurs.
+     */
+    @Test
+    public void testGetChecksum() throws Exception {
+        String algorithm = "MD5";
+        File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").getPath());
+        byte[] expResult = {-16, -111, 92, 95, 70, -72, -49, -94, -125, -27, -83, 103, -96, -101, 55, -109};
+        byte[] result = Checksum.getChecksum(algorithm, file);
+        boolean arraysAreEqual = true;
+        if (expResult.length == result.length) {
+            for (int i = 0; arraysAreEqual && i < result.length; i++) {
+                arraysAreEqual = result[i] == expResult[i];
+            }
+        } else {
+            Assert.fail("Checksum results do not match expected results.");
+        }
+        Assert.assertTrue(arraysAreEqual);
+    }
+
+    /**
+     * Test of getChecksum method, of class Checksum. This checks that an exception is thrown when an invalid path is
+     * specified.
+     *
+     * @throws Exception is thrown when an exception occurs.
+     */
+    @Test
+    public void testGetChecksum_FileNotFound() throws Exception {
+        String algorithm = "MD5";
+        File file = new File("not a valid file");
+        boolean exceptionThrown = false;
+        try {
+            byte[] result = Checksum.getChecksum(algorithm, file);
+        } catch (IOException ex) {
+            exceptionThrown = true;
+        }
+        Assert.assertTrue(exceptionThrown);
+    }
+
+    /**
+     * Test of getChecksum method, of class Checksum. This checks that an exception is thrown when an invalid algorithm
+     * is specified.
+     *
+     * @throws Exception is thrown when an exception occurs.
+     */
+    @Test
+    public void testGetChecksum_NoSuchAlgorithm() throws Exception {
+        String algorithm = "some unknown algorithm";
+        File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").getPath());
+        boolean exceptionThrown = false;
+        try {
+            byte[] result = Checksum.getChecksum(algorithm, file);
+        } catch (NoSuchAlgorithmException ex) {
+            exceptionThrown = true;
+        }
+        Assert.assertTrue(exceptionThrown);
+    }
+
+    /**
+     * Test of getMD5Checksum method, of class Checksum.
+     *
+     * @throws Exception is thrown when an exception occurs.
+     */
+    @Test
+    public void testGetMD5Checksum() throws Exception {
+        File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").getPath());
+        String expResult = "F0915C5F46B8CFA283E5AD67A09B3793";
+        String result = Checksum.getMD5Checksum(file);
+        Assert.assertEquals(expResult, result);
+    }
+
+    /**
+     * Test of getSHA1Checksum method, of class Checksum.
+     *
+     * @throws Exception is thrown when an exception occurs.
+     */
+    @Test
+    public void testGetSHA1Checksum() throws Exception {
+        File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").getPath());
+        String expResult = "B8A9FF28B21BCB1D0B50E24A5243D8B51766851A";
+        String result = Checksum.getSHA1Checksum(file);
+        Assert.assertEquals(expResult, result);
+    }
+
+    /**
+     * Test of getHex method, of class Checksum.
+     */
+    @Test
+    public void testGetHex() {
+        byte[] raw = {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16};
+        String expResult = "000102030405060708090A0B0C0D0E0F10";
+        String result = Checksum.getHex(raw);
+        Assert.assertEquals(expResult, result);
+    }
+}

dependency-check-utils/src/test/resources/checkSumTest.file

@@ -0,0 +1 @@
+this is a test file used to check the checksums.