Friday, 14 October 2022

MD5 checksum

Not enough blogging...  I know, I know.

Release23 might get a blog or two, I'm pretty excited about some of the enhancements.  I'll say more later, but calling a orchestration from the new workflow modeler is a relief!!

Now, back to this post - which is super basic and we all should now it (and probably do).

Checksum's are used to ensure that the file that had been uploaded has not been tampered with.  So when it's uploaded, quite often there will be a checksum next to the download icon that you can check the download and ensure that no nasty people have changed the download at any point in time.  Nice hey.

You also probably know that a checksum is basically a fingerprint of the file (like a nice and short unique string that is a representation of a much larger piece of data).  So you can MD5 a 10MB file and still only get 32 characters to prove it's identity.  And we know that we actually have [36 = 26 alpha and 10 numeric] 36^32 possibilities.  so that is a lot of uniqueness.

But recently I've needed to validate that some code we have written is making it to various servers (through many proxies and more security than you can poke a stick at), in tact.  So now I'm using checksum.

It's SO simple: 

windoze:

C:\Users\shannon.moir\Downloads>certutil -hashfile myAccess.war MD5

MD5 hash of myAccess.war:

62250ed14d149a7dcb7d35d73519ad06

CertUtil: -hashfile command completed successfully.

C:\Users\shannon.moir\Downloads>where certutil

C:\Windows\System32\certutil.exe

Linux

[ec2-user@F5PLAY1 tmp]$ md5sum myAccess.war

62250ed14d149a7dcb7d35d73519ad06  myAccess.war


Wow - so simple!!!  Therefore I can check git and my customers / servers results and know that it's not a corruption is some transmit



No comments:

Extending JDE to generative AI