linux command curl and sha256sum implement download verification package
example:
download_etcher_cli()
{
local url="https://github.com/resin-io/etcher/releases/download/v1.4.4/etcher-cli-1.4.4-linux-x64.tar.gz"
local hash="54709ad34ac304d2686130c7d22a3bc13b4f491387d987274eeca4f6eea34dce"
local filename=${url##*/}
#replace the suffix
local dirname=${filename/.tar.gz/-dist}
export PATH="$PATH:$SRC/cache/utility/$dirname"
if [[ -f $SRC/cache/utility/$dirname/.download-complete ]]; then
return
fi
cd $SRC/cache/utility/
display_alert "Downloading" "$dirname"
curl -Lf --progress-bar $url -o $filename
local verified=false
local b=$(sha256sum $filename)
display_alert "Verifying"
[[ "$hash" == "$(sha256sum $filename | cut -d ' ' -f 1)" ]] && verified=true
if [[ $verified == true ]]; then
display_alert "Extracting"
tar --no-same-owner --overwrite -xf $filename && touch $SRC/cache/utility/$dirname/.download-complete && rm $filename
display_alert "Download complete" "" "info"
else
display_alert "Verification failed" "" "wrn"
fi
}