Coverage Report

Coverage Report - org.owasp.dependencycheck.utils.Checksum

Classes in this File

Line Coverage

Branch Coverage

Complexity

Checksum

80%

28/35

70%

7/10

2.4

 /*
  * This file is part of dependency-check-core.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
  * Copyright (c) 2014 Jeremy Long. All Rights Reserved.
  */
 package org.owasp.dependencycheck.utils;
 
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.nio.MappedByteBuffer;
 import java.nio.channels.FileChannel;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
 /**
  * Includes methods to generate the MD5 and SHA1 checksum.
  *
  * @author Jeremy Long
  *
  */
 public final class Checksum {
 
     /**
      * The logger.
      */
     private static final Logger LOGGER = Logger.getLogger(Checksum.class.getName());
 
     /**
      * Private constructor for a utility class.
      */
     private Checksum() {
     }
 
     /**
      * <p>
      * Creates the cryptographic checksum of a given file using the specified algorithm.</p>
      *
      * @param algorithm the algorithm to use to calculate the checksum
      * @param file the file to calculate the checksum for
      * @return the checksum
      * @throws IOException when the file does not exist
      * @throws NoSuchAlgorithmException when an algorithm is specified that does not exist
      */
     @SuppressWarnings("empty-statement")
     public static byte[] getChecksum(String algorithm, File file) throws NoSuchAlgorithmException, IOException {
         MessageDigest digest = MessageDigest.getInstance(algorithm);
         FileInputStream fis = null;
         try {
             fis = new FileInputStream(file);
             FileChannel ch = fis.getChannel();
             long remainingToRead = file.length();
             long start = 0;
             while (remainingToRead > 0) {
                 long amountToRead;
                 if (remainingToRead > Integer.MAX_VALUE) {
                     remainingToRead -= Integer.MAX_VALUE;
                     amountToRead = Integer.MAX_VALUE;
                 } else {
                     amountToRead = remainingToRead;
                     remainingToRead = 0;
                 }
                 MappedByteBuffer byteBuffer = ch.map(FileChannel.MapMode.READ_ONLY, start, amountToRead);
                 digest.update(byteBuffer);
                 start += amountToRead;
             }
 
 //            BufferedInputStream bis = new BufferedInputStream(fis);
 //            DigestInputStream dis = new DigestInputStream(bis, digest);
 //            //yes, we are reading in a buffer for performance reasons - 1 byte at a time is SLOW
 //            byte[] buffer = new byte[8192];
 //            while (dis.read(buffer) != -1);
         } finally {
             if (fis != null) {
                 try {
                     fis.close();
                 } catch (IOException ex) {
                     LOGGER.log(Level.FINEST, "Error closing file '" + file.getName() + "'.", ex);
                 }
             }
         }
         return digest.digest();
     }
 
     /**
      * Calculates the MD5 checksum of a specified file.
      *
      * @param file the file to generate the MD5 checksum
      * @return the hex representation of the MD5 hash
      * @throws IOException when the file passed in does not exist
      * @throws NoSuchAlgorithmException when the MD5 algorithm is not available
      */
     public static String getMD5Checksum(File file) throws IOException, NoSuchAlgorithmException {
         byte[] b = getChecksum("MD5", file);
         return getHex(b);
     }
 
     /**
      * Calculates the SHA1 checksum of a specified file.
      *
      * @param file the file to generate the MD5 checksum
      * @return the hex representation of the SHA1 hash
      * @throws IOException when the file passed in does not exist
      * @throws NoSuchAlgorithmException when the SHA1 algorithm is not available
      */
     public static String getSHA1Checksum(File file) throws IOException, NoSuchAlgorithmException {
         byte[] b = getChecksum("SHA1", file);
         return getHex(b);
     }
     /**
      * Hex code characters used in getHex.
      */
     private static final String HEXES = "0123456789abcdef";
 
     /**
      * <p>
      * Converts a byte array into a hex string.</p>
      *
      * <p>
      * This method was copied from <a
      * href="http://www.rgagnon.com/javadetails/java-0596.html">http://www.rgagnon.com/javadetails/java-0596.html</a></p>
      *
      * @param raw a byte array
      * @return the hex representation of the byte array
      */
     public static String getHex(byte[] raw) {
         if (raw == null) {
             return null;
         }
         final StringBuilder hex = new StringBuilder(2 * raw.length);
         for (final byte b : raw) {
             hex.append(HEXES.charAt((b & 0xF0) >> 4)).append(HEXES.charAt(b & 0x0F));
         }
         return hex.toString();
     }
 }

1		/*
2		* This file is part of dependency-check-core.
3		*
4		* Licensed under the Apache License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.apache.org/licenses/LICENSE-2.0
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*
16		* Copyright (c) 2014 Jeremy Long. All Rights Reserved.
17		*/
18		package org.owasp.dependencycheck.utils;
19
20		import java.io.File;
21		import java.io.FileInputStream;
22		import java.io.IOException;
23		import java.nio.MappedByteBuffer;
24		import java.nio.channels.FileChannel;
25		import java.security.MessageDigest;
26		import java.security.NoSuchAlgorithmException;
27		import java.util.logging.Level;
28		import java.util.logging.Logger;
29
30		/**
31		* Includes methods to generate the MD5 and SHA1 checksum.
32		*
33		* @author Jeremy Long
34		*
35		*/
36		public final class Checksum {
37
38		/**
39		* The logger.
40		*/
41	1	private static final Logger LOGGER = Logger.getLogger(Checksum.class.getName());
42
43		/**
44		* Private constructor for a utility class.
45		*/
46	0	private Checksum() {
47	0	}
48
49		/**
50		* <p>
51		* Creates the cryptographic checksum of a given file using the specified algorithm.</p>
52		*
53		* @param algorithm the algorithm to use to calculate the checksum
54		* @param file the file to calculate the checksum for
55		* @return the checksum
56		* @throws IOException when the file does not exist
57		* @throws NoSuchAlgorithmException when an algorithm is specified that does not exist
58		*/
59		@SuppressWarnings("empty-statement")
60		public static byte[] getChecksum(String algorithm, File file) throws NoSuchAlgorithmException, IOException {
61	5	MessageDigest digest = MessageDigest.getInstance(algorithm);
62	4	FileInputStream fis = null;
63		try {
64	4	fis = new FileInputStream(file);
65	3	FileChannel ch = fis.getChannel();
66	3	long remainingToRead = file.length();
67	3	long start = 0;
68	6	while (remainingToRead > 0) {
69		long amountToRead;
70	3	if (remainingToRead > Integer.MAX_VALUE) {
71	0	remainingToRead -= Integer.MAX_VALUE;
72	0	amountToRead = Integer.MAX_VALUE;
73		} else {
74	3	amountToRead = remainingToRead;
75	3	remainingToRead = 0;
76		}
77	3	MappedByteBuffer byteBuffer = ch.map(FileChannel.MapMode.READ_ONLY, start, amountToRead);
78	3	digest.update(byteBuffer);
79	3	start += amountToRead;
80	3	}
81
82		// BufferedInputStream bis = new BufferedInputStream(fis);
83		// DigestInputStream dis = new DigestInputStream(bis, digest);
84		// //yes, we are reading in a buffer for performance reasons - 1 byte at a time is SLOW
85		// byte[] buffer = new byte[8192];
86		// while (dis.read(buffer) != -1);
87		} finally {
88	4	if (fis != null) {
89		try {
90	3	fis.close();
91	0	} catch (IOException ex) {
92	0	LOGGER.log(Level.FINEST, "Error closing file '" + file.getName() + "'.", ex);
93	4	}
94		}
95		}
96	3	return digest.digest();
97		}
98
99		/**
100		* Calculates the MD5 checksum of a specified file.
101		*
102		* @param file the file to generate the MD5 checksum
103		* @return the hex representation of the MD5 hash
104		* @throws IOException when the file passed in does not exist
105		* @throws NoSuchAlgorithmException when the MD5 algorithm is not available
106		*/
107		public static String getMD5Checksum(File file) throws IOException, NoSuchAlgorithmException {
108	1	byte[] b = getChecksum("MD5", file);
109	1	return getHex(b);
110		}
111
112		/**
113		* Calculates the SHA1 checksum of a specified file.
114		*
115		* @param file the file to generate the MD5 checksum
116		* @return the hex representation of the SHA1 hash
117		* @throws IOException when the file passed in does not exist
118		* @throws NoSuchAlgorithmException when the SHA1 algorithm is not available
119		*/
120		public static String getSHA1Checksum(File file) throws IOException, NoSuchAlgorithmException {
121	1	byte[] b = getChecksum("SHA1", file);
122	1	return getHex(b);
123		}
124		/**
125		* Hex code characters used in getHex.
126		*/
127		private static final String HEXES = "0123456789abcdef";
128
129		/**
130		* <p>
131		* Converts a byte array into a hex string.</p>
132		*
133		* <p>
134		* This method was copied from <a
135		* href="http://www.rgagnon.com/javadetails/java-0596.html">http://www.rgagnon.com/javadetails/java-0596.html</a></p>
136		*
137		* @param raw a byte array
138		* @return the hex representation of the byte array
139		*/
140		public static String getHex(byte[] raw) {
141	3	if (raw == null) {
142	0	return null;
143		}
144	3	final StringBuilder hex = new StringBuilder(2 * raw.length);
145	56	for (final byte b : raw) {
146	53	hex.append(HEXES.charAt((b & 0xF0) >> 4)).append(HEXES.charAt(b & 0x0F));
147		}
148	3	return hex.toString();
149		}
150		}