Sunday, October 3, 2021

How to Validate the Integrity of the Downloaded KeePassXC File on Mac

Download from https://keepassxc.org/download/ the birnary, signature and hash files.
KeePassXC-2.6.6-x86_64.dmg
KeePassXC-2.6.6-x86_64.dmg.sig
Value from KeePassXC-2.6.6-x86_64.dmg.DIGEST
ab96033c16459de5a95e1f9e5864a5bd8cc47b4f3dee2c68ede6199dd44286ec  KeePassXC-2.6.6-x86_64.dmg

At the terminal:
$ openssl dgst -sha256 KeePassXC-2.6.6-x86_64.dmg
SHA256(KeePassXC-2.6.6-x86_64.dmg)= ab96033c16459de5a95e1f9e5864a5bd8cc47b4f3dee2c68ede6199dd44286ec

Use the search function in any text editor to seach and compare the hash value before install.

$ gpg --verify KeePassXC-2.6.6-x86_64.dmg.sig
gpg: assuming signed data in 'KeePassXC-2.6.6-x86_64.dmg'
gpg: Signature made Sat Jun 12 10:52:46 2021 PDT
gpg:                using RSA key C1E4CBA3AD78D3AFD894F9E0B7A66F03B59076A8
gpg: Can't check signature: No public key

$ gpg --keyserver pgp.mit.edu --recv C1E4CBA3AD78D3AFD894F9E0B7A66F03B59076A8
gpg: key CFB4C2166397D0D2: 1 duplicate signature removed
gpg: key CFB4C2166397D0D2: public key "KeePassXC Release <release@keepassxc.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1

$ gpg --verify KeePassXC-2.6.6-x86_64.dmg.sig KeePassXC-2.6.6-x86_64.dmg
gpg: Signature made Sat Jun 12 10:52:46 2021 PDT
gpg:                using RSA key C1E4CBA3AD78D3AFD894F9E0B7A66F03B59076A8
gpg: Good signature from "KeePassXC Release <release@keepassxc.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: BF5A 669F 2272 CF43 24C1  FDA8 CFB4 C216 6397 D0D2
     Subkey fingerprint: C1E4 CBA3 AD78 D3AF D894  F9E0 B7A6 6F03 B590 76A8
    
at No comments:

Validate integrity of LibreOffice downloaded files on Mac

On this page https://www.libreoffice.org/download/download/, click info
https://download.documentfoundation.org/libreoffice/stable/7.2.1/mac/x86_64/LibreOffice_7.2.1_MacOS_x86-64.dmg.mirrorlist

Mirrors for LibreOffice_7.2.1_MacOS_x86-64.dmg
File information

Filename: LibreOffice_7.2.1_MacOS_x86-64.dmg
Path: /libreoffice/stable/7.2.1/mac/x86_64/LibreOffice_7.2.1_MacOS_x86-64.dmg
Size: 267M (279867887 bytes)
Last modified: Fri, 10 Sep 2021 09:43:36 GMT (Unix time: 1631267016)
SHA-256 Hash: b83e841360fa6ee9e42bfc1579ce9ae135972d6e7a01e79d1b975c2b855ff152
SHA-1 Hash: ad46a513f7c2047f632d8a3929a23b74aaebcc3d
MD5 Hash: 741cd9f35e133d0b2cc1944dc362cb0f
BitTorrent Information Hash: bcb717c49259229b9108c0967679dc2f53c9aba9
PGP signature available

At the terminal:
$ openssl dgst -sha256 LibreOffice_7.2.1_MacOS_x86-64.dmg
SHA256(LibreOffice_7.2.1_MacOS_x86-64.dmg)= b83e841360fa6ee9e42bfc1579ce9ae135972d6e7a01e79d1b975c2b855ff152

Search and compare the hash sum for matching before install
at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)

How to recognize a fake Geek Squad renewal scam | Consumer Advice

Except from  https://consumer.ftc.gov/consumer-alerts/2022/10/how-recognize-fake-geek-squad-renewal-scam Scammers are at it ag...

  • Visual Studio 2010 Keyboard Shortcuts
    These keyboard shortcuts are helpful. Some of them are not document in Visual Studio 2010 Express, for example: <Ctrl> F5 to run the ...
  • SQL Questions and Answers - Part 3
    What is a view? A view can be thought of as either a virtual table or a stored query. The data accessible through a view is not stored in th...
  • GPG Verify DupeGuru
    https://dupeguru.voltaicideas.net/ https://github.com/arsenetar/dupeguru/releases/tag/4.3.1 $ gpg --verify dupeguru_macOS_Qt_4.3.1.zip.siggp...