Free cryptographic file hash generator for Windows

Version 1.4, For Microsoft .NET Framework 2.0

Note: This WinHasher is unrelated to the application WinHasher published by "Morgud" and available on many shareware/freeware download sites. Our application was developed completely independently and to our knowledge the other application is no longer maintained (its domain name seems to have elapsed). Please see the Disclaimers section below for more details.

System Requirements

Note: WinHasher may work on non-Windows platforms with a .NET 2.0 compatible framework like Mono. However, this is untested beyond running it through MoMA (which it passed). Use on a non-Windows platform is considered unsupported; there are far better hashing options available outside of Windows anyway, such as OpenSSL or Jacksum.

The implementations of the Whirlpool and Tiger hash algorithms have been lovingly stolen from the Legion of the Bouncy Castle Crypto API. The BC implementations are based on .NET 1.1, but I have since ported these to be subclasses of Microsoft's System.Security.Cryptography.HashAlgorithm class, so they should be usable by virtually any .NET 2.0 application.

[ Top ]

Features

[ Top ]

Download WinHasher

You can download the current version of WinHasher from the following links. A GnuPG digital signature and various hashes of the file (generated by WinHasher, no less) are also provided for verification.

Installer:WinHasher_1.4_Setup.exe (374k)
GnuPG Signature:WinHasher_1.4_Setup.exe.asc
Signing Key:Jeff's Public Key
MD5 Hash:8a40c1a1ccda9d5ff2913f21fd8352eb
SHA-1 Hash:9f0eca14e683004fc3513b59a19e281b2d0e153d
SHA-256 Hash:4fa75f409d8a043cc06342fd34dce952efbcb9d8d6a6b0514bc6a02833db1ca0
RIPEMD-160 Hash:5c3fe92f7b51ab3422ad988360bc3132449cbe35
Tiger Hash:5d12ae62c287a15358396ab5eb31db07c8df3f469990f66e

WinHasher is released under version 2.0 of the GNU General Public License. Thus, you can also download the C# source code:

Source ZIP archive:WinHasher_1.4_Source.zip (103k)
GnuPG Signature:WinHasher_1.4_Source.zip.asc
Signing Key:Jeff's Public Key
MD5 Hash:3794c75389ba0b408c3e6043a8efe593
SHA-1 Hash:6e870446fc2702d471a4a5e01a0bf7fe2bf8bc77
SHA-256 Hash:05ccae7d82c4c6810654075b293977320eb0c8c8a46529b874a2e07f7085d3ef
RIPEMD-160 Hash:f1914dcdbe283115e4fdcd6c443c9033c55fbc30
Tiger Hash:5d9b37d7691d7509c06c40ba2c526b382426dd7e043e6859

[ Top ]

Installation Instructions

Simply download and run the setup installer (after verfiying the digital signature and/or hashes, of course). It's as simple as that. The installer allows you to choose a number of options, such as which modules to install (the Windows application, the console programs, help files, etc.) and what shortcuts to create. Uninstalling is just as easy; either run the uninstall program from the Start menu or remove the program through the Add/Remove Programs interface.

In theory, WinHasher should be able to be used in a "portable" fashion which does not require installation. All the installer really does is set up WinHasher in a predictable (yet user-customizable) location and optionally creates "Send to" shortcuts and adds the install path to the Windows PATH. In order to use WinHasher as a portable app, you will need to install it on one machine and copy the WinHasherCore.dll library and any of the executables you wish to carry. The DLL must be in the same location as the executables, as it contains the core hashing engine for all the programs. You can then run the WinHasher executables anywhere you wish.

There are, however a few caveats to point out with using WinHasher in a portable manner:

[ Top ]

WinHasher Program History

Why WinHasher?

Cryptographic hashing is readily available on many computer operating systems. It often comes built-in to the OS or as a (relatively) standard optional package. Mac OS, Linux, Free/OpenBSD, and many other OSes include OpenSSL as either a pre-installed or easily installable optional component. OpenSSL includes several command-line components for generating cryptographic hashes and there are number of graphical user interface (GUI) applications that allow point-and-click access to its capabilities.

Not so with Microsoft Windows. Windows does not include any built-in utilities for cryptographic hashes, and installing and using OpenSSL on Windows is not a trivial matter. The typical Windows user of today is much less familiar with the Windows Console (i.e. command line) let alone compiling software from source. And while cryptographic hashes are pretty much standard in programming libraries such as the Microsoft .NET Framework, the user is required to write and compile their own applications to use them.

This "hashing divide" has annoyed me for some time. While I consider myself to be an operating system agnostic and find myself equally home on both Windows and Linux, there are many times I've downloaded Windows-only software but didn't have the capability to verify the file's hash. Either I've been unable to install and run OpenSSL on a given machine, or I haven't had the time or access to a Linux box to copy the file over, generate the hash, and verify it before install. So I wanted to create a quick, simple, easy-to-use Windows app so I could get the hash of a file without waiting or moving it around. I also thought it would be a nice idea to be able to quickly compare the hashes of multiple files without having to generate each one and manually check every hexadecimal digit, so I added that functionality too. After writing the program, I thought it might be useful to others, so I decided to share.

[ Top ]

Version History

[ Top ]

Browse the Documentation

The entire WinHasher 1.4 documentation is here online for your browsing enjoyment. Check out either the Windows GUI help or the console program help.

[ Top ]

Participate

Currently, WinHasher does not have a public source code repository. What you get when you download the source archive above is the latest snapshot of the code, "tagged" at the version number corresponding to the current release. Since my development team consist of a whopping one person, I didn't see much point in making the Subversion repository open to everyone.

That doesn't mean that I'm not receptive to feedback, however. Suggestions, feature requests, and even patches are certainly welcome. If you would like to contribute to WinHasher, by all means, please send me an e-mail with your feedback. If you wish to contribute code, please download the current source and test your patch thoroughly before submitting it. I'll make sure you get credit in the application's About dialog and in the source. I am especially interested in additional hashing algorithms, which must be a subclass of the .NET 2.0 System.Security.Cryptography.HashAlgorithm class. Other suggestions will be taken under consideration and added to the application as time permits.

[ Top ]

Disclaimers

Please read the WinHasher license for complete licensing information. WinHasher is released under the GNU General Public License version 2, which outlines information concerning its use, redistribution, and warranties. Please read this license fully before using this application.

It should be noted that cryptographic hashes and digests do NOT guarantee authenticity or ownership of digital files. Hashes and digests should NOT be confused with digital signatures, which verify both file integrity and the authenticity of the file's creator. Hashes and digests ONLY guarantee that the file has not been altered or corrupted in transit, and it is trivial for a hacker to alter both a file and the displayed hash if a remote site is hacked. If both integrity and authenticity are required, please use an application such as PGP or GnuPG to create and/or verify digital signatures.

After releasing WinHasher, it came to my attention that there already exists a separate WinHasher application that performs a similar function. This application is unrelated to the other application by the same name and was independently developed. I make no claims of trademark on the name "WinHasher" and from my understanding, neither has the other application's developer. Since my application came second, I will happily defer and rename my WinHasher if the other developer asserts ownership of the name. However, since names can mean a great deal in today's world of search engines, I will continue to use the name unless explicitly asked to change it by the other application's developer. You can find the other WinHasher by searching for "WinHasher" at Google and going to any of the shareware/freeware download sites listed. My WinHasher is currently only available at GPF-Comics.Com.

[ Top ]

Return to GPF Downloads