Pretty Good Privacy

  1. Home
  2. Pretty Good Privacy

Verification of software files

For the verification of downloadable software files for AXING products there are offered two options:

  • Checksums (hash values) SHA2-256 und SHA3-256 (Secure Hash Algorithmus) of single binary files.
  • Signature with PGP (Pretty Good Privacy) of ZIP files containing readme and binary files.

1. Pretty Good Privacy (PGP)

For signed and/or encrypted e-mail communication or a secured file exchange or storage there are existing two standardized methods S/MIME and PGP. For this a public key can be exchanged between sender and receivers. For more information about this topic see:

https://en.wikipedia.org/wiki/Pretty_Good_Privacy
https://en.wikipedia.org/wiki/S/MIME

The public PGP key of <mailto:support@axing.com>
for signed/encrypted E-Mails and for verification of software download files can be received like this:

The fingerprint of public keys can be checked with:

  • pub 3072R/7812E9ED “Support AXING AG” <support@axing.com> (created 2022-02-23)
  • Fingerprint = 50FE 7FB8 7BBC 7F78 9B25 9E82 3EC9 D64A 7812 E9ED
    Fingerprint = 50FE7FB87BBC7F789B259E823EC9D64A7812E9ED
    Fingerprint = 50fe 7fb8 7bbc 7f78 9b25 9e82 3ec9 d64a 7812 e9ed

One recommended free solution for the usage of PGP is this collection of tools:

2. Checksums

Checksums (hash values) of files can be used to check files for their original unmodified state. Every even minor change of a file would lead to a totally different checksum. There does exist a big number of standardized methods for checksums.

For the creation and validation of checksums there do exist quite a lot of different tools::