question about SHA512 when using tzdata
Hello. Is it possible to have a howto procedure ot use SHA-512 checksums when using tzdata? I am getting some errors when trying to update our java, like this, /opt/jdksun64/1.7.0_71/bin/java -jar /opt/jdksun64/1.7.0_71/jre/lib/tzupdater.jar -f -l http://localhost:81/tzdata2015g.tar.gz -v It returns, tzupdater tool would update with tzdata version: tzdata2015g Error encountered while downloading https://javadl-esd-secure.oracle.com/update/tzupdater/tzdata2015g.tar.gz.sha... And I don't see very well how to use your SHA-512 checksums procedure. Gérard Moisset gerar.moisset@orange.com<mailto:gerar.moisset@orange.com> _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
gerar.moisset@orange.com wrote:
tzupdater tool would update with tzdata version: tzdata2015g Error encountered while downloadinghttps://javadl-esd-secure.oracle.com/update/tzupdater/tzdata2015g.tar.gz.sha...
That looks like an Oracle URL, so I'd ask the Oracle folks who are maintaining the tzupdater data. To generate the SHA-512 checksums in the tz release announcements, I use the GNU coreutils implementation of the sha512sum command, like the following shell command: sha512sum tzcode2015g.tar.gz tzdata2015g.tar.gz The GNU sha512sum command is documented here: https://www.gnu.org/software/coreutils/manual/html_node/sha2-utilities.html and you can use its -c option to verify a checksum.
On 16/10/2015 09:39, Paul Eggert wrote:
To generate the SHA-512 checksums in the tz release announcements, I use the GNU coreutils implementation of the sha512sum command, like the following shell command:
sha512sum tzcode2015g.tar.gz tzdata2015g.tar.gz
Would it be worth using the -b option to treat the input as a binary file? I know there is no difference between text and binary files on UNIX-like systems, but this marks the file as binary (by prefixing the filename with an asterisk) on the output line for the benefit of non-UNIX-like systems. -- -=( Ian Abbott @ MEV Ltd. E-mail: <abbotti@mev.co.uk> )=- -=( Web: http://www.mev.co.uk/ )=-
On 10/16/2015 02:07 AM, Ian Abbott wrote:
sha512sum tzcode2015g.tar.gz tzdata2015g.tar.gz
Would it be worth using the -b option to treat the input as a binary file?
I'm of two minds about this. On the one hand it is more portable; but on the other, that "*" tends to confuse people. Perhaps we should try it for a release or two and see what happens.
On 2015-10-16 13:11, Paul Eggert wrote:
On 10/16/2015 02:07 AM, Ian Abbott wrote:
sha512sum tzcode2015g.tar.gz tzdata2015g.tar.gz
Would it be worth using the -b option to treat the input as a binary file?
I'm of two minds about this. On the one hand it is more portable; but on the other, that "*" tends to confuse people. Perhaps we should try it for a release or two and see what happens.
The sha2 docs say binary is the default (unless reading stdin from a tty, which seems an uncommon use case) and the "*" prefix is generated automatically by current sha2 releases whenever the file is treated as binary, so the -b option should now be redundant, as the the "*" prefix should be generated for most uses. It is unfortunate that the "*" is prefixed to the filename, a space between would make its role as a flag more obvious and less confusing. -- Take care. Thanks, Brian Inglis
Brian Inglis wrote:
The sha2 docs say binary is the default (unless reading stdin from a tty, which seems an uncommon use case) and the "*" prefix is generated automatically by current sha2 releases
Sorry, I don't know what 'sha2' is. I used Ubuntu 15.04 for the latest tz release, and Ubuntu doesn't have an sha2 command. I used Ubuntu's sha512sum command.
On 2015-10-17 13:03, Paul Eggert wrote:
Brian Inglis wrote:
The sha2 docs say binary is the default (unless reading stdin from a tty, which seems an uncommon use case) and the "*" prefix is generated automatically by current sha2 releases
Sorry, I don't know what 'sha2' is. I used Ubuntu 15.04 for the latest tz release, and Ubuntu doesn't have an sha2 command. I used Ubuntu's sha512sum command.
sha2 is the collective name for the new secure hashes of length 224, 256, 384, 512 bits, that superseded the old 160 bit sha1 hash: see info sha2. -- Take care. Thanks, Brian Inglis
Brian Inglis wrote:
see info sha2
Ah, in that case I guess we're talking about the same software. On Ubuntu sha512sum (which is the 512-bit version of SHA-2) does not output '*' by default. One must use the -b option to get the '*'. For example: $ sha224sum Theory 685a1c44d638eabaf90721c599ebc87dabfa1eaecafcf320b0b37cf9 Theory $ sha224sum -b Theory 685a1c44d638eabaf90721c599ebc87dabfa1eaecafcf320b0b37cf9 *Theory The checksums are the same either way. As I understand it, the Coreutils SHA-2 programs behave differently on platforms like MS-Windows that distinguish text from binary I/O, and they make -b the default there. Ian Abbott is suggesting the '*' form so that the checksums can be checked more easily on MS-Windows. We can do that on Ubuntu by using -b. The '*' will also likely confuse users on other platforms (it's certainly confused *me* in this thread...) but perhaps it's worth the hassle.
Gérard, tzupdater needs http and https access to external sites when using default settings. More instructions in the README on how to to set up local installs. http://www.oracle.com/technetwork/java/javase/tzupdater-readme-136440.html#o... Regards, Sean. On 14/10/15 09:38, gerar.moisset@orange.com wrote:
Hello.
Is it possible to have a howto procedure ot use SHA-512 checksums when using tzdata? I am getting some errors when trying to update our java, like this, //opt/jdksun64/1.7.0_71/bin/java -jar /opt/jdksun64/1.7.0_71/jre/lib/tzupdater.jar -f -l http://localhost:81/tzdata2015g.tar.gz -v/
It returns,
/tzupdater tool would update with tzdata version: tzdata2015g/
/Error encountered while downloading https://javadl-esd-secure.oracle.com/update/tzupdater/tzdata2015g.tar.gz.sha...
And I don’t see very well how to use your SHA-512 checksums procedure.
*Gérard Moisset * gerar.moisset@orange.com <mailto:gerar.moisset@orange.com>
_________________________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
participants (5)
-
Brian Inglis -
gerar.moisset@orange.com -
Ian Abbott -
Paul Eggert -
Seán Coffey