SOLR-14301: Remove external commons-codec usage in gradle validateJarChecksums

[asalamon74]

…Checksums

Description

Right now gradle calculates SHA-1 checksums using an external commons-codec library. We can calculate SHA-1 using Java 8 classes, no need for commons-codec here.

Solution

Eliminate commons-codec usage in checksum validation.

Tests

./gradlew validateJarChecksums

Checklist

Please review the following and check all that apply:

• I have reviewed the guidelines for How to Contribute and my code conforms to the standards described there to the best of my ability.
• I have created a Jira issue and added the issue ID to my pull request title.
• I have given Solr maintainers access to contribute to my PR branch. (optional but recommended)
• I have developed this patch against the master branch.
• I have run ./gradlew check.
• I have added tests for my changes.
• I have added documentation for the Ref Guide (for Solr changes only).

[madrob]

I believe this was done with an external dependency because there's an issue with how checksums were handled on Windows, but I don't remember all the details and can't find it now. Maybe @dweiss can remember.

We also do the same thing in releasing.gradle

[dweiss]

I think it's just much shorter invocation in the end - when you look at the diff you'll see it. I also don't know if the checksum format is required to be supported by the JDK.

[asalamon74]

Yes, the invocation is longer with this patch, on the other hand we avoid using an external library so the .gradle file is shorter.

We only require that SHA-1 is supported by the JDK, which is a requirement for all JDK implementations: https://docs.oracle.com/javase/7/docs/api/java/security/MessageDigest.html