File Integrity

From Freephile Wiki
Jump to navigation Jump to search

Verify File Integrity[edit | edit source]

Sometimes we need to verify that a file created on one system has not been corrupted by any subsequent process of editing, copying, transmission across a network, or email transport. One file claiming to be identical to the source from which is was copied, having the same filename and byte count MAY be bitwise identical, or it may not be...

Downloading files from the Internet, you routinely see the authors provide a cryptographic signature that can and should be used to verify the integrity and authenticity of the file which is downloaded.

How[edit | edit source]

Comparing two files on a single system can be done using the (UNIX) diff command, but for comparing files on two different systems, use of a checksum utility is more reliable.

MD5[edit | edit source]

MD5 (Message-Digest algorithm 5) is one method "commonly used to check the integrity of files... The 128-bit (16-byte) MD5 hashes (also termed message digests) are typically represented as a sequence of 32 hexadecimal digits..."

On Linux systems, try

md5sum <filename>

at the command line; on the Solaris systems, try

md5

. The checksum value for a file (or simple string) reported by an MD5 utility should be constant, independent of operating system.

SHA1[edit | edit source]

The SHA family of algorithms are replacing md5 as a more secure cryptographic method. SHA_hash_functions