Verifying SHA256 file hash|Classic OPC: DA, A&E, HDA, XML-DA, etc.|Forum|OPC Foundation

Avatar
Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
Lost password?
sp_Feed sp_PrintTopic sp_TopicIcon
Verifying SHA256 file hash
Avatar
Cavin Leske
New Member
Members
Forum Posts: 2
Member Since:
02/24/2014
sp_UserOfflineSmall Offline
1
04/19/2023 - 06:45
sp_Permalink sp_Print

Hello,

To comply with U.S. critical infrastructure regulations we’re required to verify the integrity of all software via file hashes.  In the past we’ve always compared the hash of the installer file to the hash provided on the company/organization’s website.

From what I can tell there aren’t any hashes for the software provided on the OPC Foundation’s website, but I noticed in the release notes that “all binaries are signed with SHA256.”  I’m not sure how that applies to our verification process, however.

Any suggestions would be greatly appreciated.

Avatar
Randy Armstrong
Admin
Forum Posts: 1578
Member Since:
05/30/2017
sp_UserOfflineSmall Offline
2
04/20/2023 - 04:45
sp_Permalink sp_Print

All binaries and installers are signed with a code signing certificate. This approach is typical for windows only installers/executables.

That said, we have a couple linux binaries that will need the SHA256 hash. Are you using those?

Avatar
Cavin Leske
New Member
Members
Forum Posts: 2
Member Since:
02/24/2014
sp_UserOfflineSmall Offline
3
04/20/2023 - 07:40
sp_Permalink sp_Print

My apologies, I should have stated that I’m using the OPC Core Components Redistributables.

Your reply helped me determine that the code signing certificate is perfect for our requirements.

Thanks very much, Randy!

Forum Timezone: America/Phoenix
Most Users Ever Online: 510
Currently Online:
Guest(s) 29
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Forum Stats:
Groups: 2
Forums: 10
Topics: 1444
Posts: 4887