Author: wizengamot
Subject: Sigcheck Problem
Posted: 18 February 2014 at 2:04am
Pasted from MSDN Documentation for MSDN Subscribers who wish to verify the SHA1 Hash of their downloads (does anyone but me do this?).
---
To verify your copy, you can use the Sigcheck tool, available from Sysinternals, to generate its SHA-1 hash value by running Sigcheck with the –h option; then compare the value you generated against the original to verify your copy. In addition, many freeware programs can calculate an SHA-1 hash value; use your favorite Internet search engine to look for sha1 hash to find them.
---
The problem is that the function does not work! .. or rather I don't know how to work it is also quite possible ... and there appears to be no documentation on that subject either. A quick google search (sorry bing but your not invited to the search party), shows that a few people all give the same instructions as MSDN does, run sigcheck with a -h option and the tool will tell you the hash value to compare with MSDN's published hash.
eg. http://xrsolis.blogspot.ca/2011/08/using-sysinternals-sigcheck-to-verify.html
However, running the tool as follows: sigcheck -h <full_path_toFile> results in the following:
c:\TEMP>sigcheck -h "c:\TEMP\w\Windows 7\en_windows_7_home_premium_with_sp
1_x64_dvd_u_676549.iso2"
Sigcheck v2.02 - File version and signature viewer
Copyright (C) 2004-2014 Mark Russinovich
Sysinternals - www.sysinternals.com
c:\TEMP\w\windows 7\en_windows_7_home_premium_with_sp1_x64_dvd_u_676549.iso2:
Verified: Unsigned
File date: 6:13 AM 17/02/2014
Publisher: n/a
Description: n/a
Product: n/a
Prod version: n/a
File version: n/a
MachineType: n/a
No hash values at all and the sigcheck runs in like 1/1000th of a second or less not like I would expect if it had to calculate a sha1 hash value for a large ISO file like windows.
If anyone can provide guidance as to why this does not work or confirm that there is a bug and that a new version will be published soon to correct this oversight that would be great.
Thanks,
B
Subject: Sigcheck Problem
Posted: 18 February 2014 at 2:04am
Pasted from MSDN Documentation for MSDN Subscribers who wish to verify the SHA1 Hash of their downloads (does anyone but me do this?).
---
To verify your copy, you can use the Sigcheck tool, available from Sysinternals, to generate its SHA-1 hash value by running Sigcheck with the –h option; then compare the value you generated against the original to verify your copy. In addition, many freeware programs can calculate an SHA-1 hash value; use your favorite Internet search engine to look for sha1 hash to find them.
---
The problem is that the function does not work! .. or rather I don't know how to work it is also quite possible ... and there appears to be no documentation on that subject either. A quick google search (sorry bing but your not invited to the search party), shows that a few people all give the same instructions as MSDN does, run sigcheck with a -h option and the tool will tell you the hash value to compare with MSDN's published hash.
eg. http://xrsolis.blogspot.ca/2011/08/using-sysinternals-sigcheck-to-verify.html
However, running the tool as follows: sigcheck -h <full_path_toFile> results in the following:
c:\TEMP>sigcheck -h "c:\TEMP\w\Windows 7\en_windows_7_home_premium_with_sp
1_x64_dvd_u_676549.iso2"
Sigcheck v2.02 - File version and signature viewer
Copyright (C) 2004-2014 Mark Russinovich
Sysinternals - www.sysinternals.com
c:\TEMP\w\windows 7\en_windows_7_home_premium_with_sp1_x64_dvd_u_676549.iso2:
Verified: Unsigned
File date: 6:13 AM 17/02/2014
Publisher: n/a
Description: n/a
Product: n/a
Prod version: n/a
File version: n/a
MachineType: n/a
No hash values at all and the sigcheck runs in like 1/1000th of a second or less not like I would expect if it had to calculate a sha1 hash value for a large ISO file like windows.
If anyone can provide guidance as to why this does not work or confirm that there is a bug and that a new version will be published soon to correct this oversight that would be great.
Thanks,
B