public void verify()

in maven-wrapper/src/main/java/org/apache/maven/wrapper/HashAlgorithmVerifier.java [33:59]

• 27 lines of code
• 4 McCabe index (conditional complexity)

    public void verify(Path file, String property, String algorithm, String expectedSum) throws Exception {
        MessageDigest digest = MessageDigest.getInstance(algorithm);
        try (InputStream inputStream = Files.newInputStream(file)) {
            byte[] buffer = new byte[1024 * 8];
            int length;
            while ((length = inputStream.read(buffer)) != -1) {
                digest.update(buffer, 0, length);
            }
        }
        byte[] hash = digest.digest();
        StringBuilder actualSum = new StringBuilder(hash.length * 2);
        for (byte aByte : hash) {
            actualSum.append(String.format("%02x", aByte));
        }
        if (expectedSum.contentEquals(actualSum)) {
            Logger.info(String.format(
                    Locale.ROOT, "Validated %s hash for %s to be equal (%s)", algorithm, file, expectedSum));
        } else {
            throw new RuntimeException(String.format(
                    Locale.ROOT,
                    "Failed to validate Maven distribution %s, your Maven distribution "
                            + "might be compromised. If you updated your Maven version, you need to "
                            + "update the specified %s property.",
                    algorithm,
                    property));
        }
    }