Let me explain how to generate a signed hash file. But before moving to process of generation of signed hash let me explain what is the purpose of signed hash.
Today if anyone write code and want to identify is it the same code that he/she write no change has been done in his/her initial code. In that case user should write the code and generate the hash of her/her code file and share code to anyone. And match the hash of file share before sharing and after.
So let me quickly explain how to generate signed hash file. Run below command it will generate a hash of file.
certutil -hashfile filename.war MD5 certutil -hashfile filename.txt MD5 certutil -hashfile filename.dll MD5
File hash generated before share or deploy to anywhere
> certutil -hashfile filename.txt MD5 MD5 hash of file filename.txt: b3 26 5d 69 eb 69 a8 f2 91 10 81 4a d9 7a 26 e4 CertUtil: -hashfile command completed successfully.
User modify some changes in file and share of file also changes:-
> certutil -hashfile filename.txt MD5 MD5 hash of file filename.txt: fa e0 6c 69 17 0a 41 e5 20 ae 25 66 50 57 27 08 CertUtil: -hashfile command completed successfully.
In Linux Env:
md5sum – compute and check MD5 message digest
md5sum is used to compute check sum of a file same as certutil command in linux.
Let me explain how to use md5sum command in linux
Linux >md5sum test.c 4bc576d6aa56ecf9db5a0d99b78d789f test.c Linux >
1. Create file, to let me create a text file having some content
Linux >vim test.txt
2. Compute check of test file.
Linux >md5sum test.txt b74ed347390d35c29923e80f64c9d904 test.txt
or we can save that in a file
Linux > md5sum test.c >; test.c.md5 Linux >vim test.c.md5
Validate from checksum save in file:-
Linux >md5sum -c test.c.md5 test.c: OK
Let me modify the content of file and validate the checksum again:-
Linux >md5sum -c test.c.md5 test.c: FAILED md5sum: WARNING: 1 computed checksum did NOT match
This command is used by auditor to take the hash of code, and it will be as proof that there is no change in code after audit process.