Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: added openssl; and cleaned up

How to verify a checksum

> By the way... without maven implicitly checking the checksum and reporting a
> problem to me, I don't know how to manually check the checksum for myself.

Normally, you could just do:

$ sha1sum -c
No Format

Unfortunately, the potential one-line solution: sha1sum -c filename.jar.sha1


doesn't work because it incorporates the filename into the calculation.

calculate the checksum:

No Format
$linux$ sha1sum -c commons-logging-1.0.4.jar.sha1
sha1sum:f029a2aefe2b3e1517573c580f948caac31b1056 *commons-logging-1.0.4.jar.sha1:
no properly formatted SHA1 checksum lines found



No Format
$macorlinux$ sha1sumopenssl dgst -sha1 commons-logging-1.0.4.jar
f029a2aefe2b3e1517573c580f948caac31b1056 *SHA1(/Maven 2 Repo/commons-logging/commons-logging/1.0.4.jar

And compare with the checksum:

No Format

$ cat /commons-logging-1.0.4.jar.sha1)= f029a2aefe2b3e1517573c580f948caac31b1056


Windows users
Windows users

If you're on Windows, Cygwin has the md5 and sha1 utilities:


then compare with the externally supplied checksum:

No Format

$ cat commons-logging-1.0.4.jar.sha1