System Requirements

• Microsoft .NET 2.0 Framework; only the runtime or redistributable package is required. .NET 2.0 requires:
  • Windows 98, 98 SE, ME, 2000 SP3 or higher, XP SP2 or higher, Server 2003, or any flavor of Vista
  • Windows Installer 2.0 for Windows 98/ME, 3.0 for all other OSes (3.1 recommended)
  • Internet Explorer 5.01 or higher
  • 280MB disc space for the x86 version, 610MB for the x64 version
• About 1MB of free disk space
• No hard memory or processor limits are know beyond the OS and .NET's requirements, but obviously the more the merrier

Note: WinHasher may work on non-Windows platforms with a .NET 2.0 compatible framework like Mono. However, this is untested beyond running it through MoMA (which it passed). Use on a non-Windows platform is considered unsupported; there are far better hashing options available outside of Windows anyway, such as OpenSSL or Jacksum.

The implementations of the Whirlpool and Tiger hash algorithms have been lovingly stolen from the Legion of the Bouncy Castle Crypto API. The BC implementations are based on .NET 1.1, but I have since ported these to be subclasses of Microsoft's System.Security.Cryptography.HashAlgorithm class, so they should be usable by virtually any .NET 2.0 application.

[ Top ]

Features

• Two primary interfaces: A small Windows GUI applet and a console (command line) program
• Three primary operating modes: Compute the hash of a single file, compare the contents of multiple files by comparing the hash of each one, or hash arbitrary text
• Supported hashing algorithms: MD5, SHA-1, SHA-256, SHA-384, SHA-512, RIPEMD-160, Whirlpool (2003 revision), and Tiger (1995 original, not "Tiger2")
• Supported output formats: Hexadecimal (with either lower-case or upper-case letters), Base64, Bubble Babble
• Windows applet supports drag-and-drop functionality; automatically compute the hash of a single file by dropping it onto the applet, or drop one or more files to add them to the compare list
• Optional "Send To" shortcuts allow you to right-click any file in Windows Explorer and instantly get its hash, or right-click multiple files to compare their contents
• Long running processes (such as hashing an individual very large file or comparing the hashes of many files) can now be cancelled when running in GUI mode
• Now remembers last used settings such as hash algorithm, output format, last folder/directory, mode tab, etc.

[ Top ]

Download WinHasher

You can download the current version of WinHasher from the following links. A GnuPG digital signature and various hashes of the file (generated by WinHasher, no less) are also provided for verification.

Installer:	WinHasher_1.4_Setup.exe (374k)
GnuPG Signature:	WinHasher_1.4_Setup.exe.asc
Signing Key:	Jeff's Public Key
MD5 Hash:	8a40c1a1ccda9d5ff2913f21fd8352eb
SHA-1 Hash:	9f0eca14e683004fc3513b59a19e281b2d0e153d
SHA-256 Hash:	4fa75f409d8a043cc06342fd34dce952efbcb9d8d6a6b0514bc6a02833db1ca0
RIPEMD-160 Hash:	5c3fe92f7b51ab3422ad988360bc3132449cbe35
Tiger Hash:	5d12ae62c287a15358396ab5eb31db07c8df3f469990f66e

WinHasher is released under version 2.0 of the GNU General Public License. Thus, you can also download the C# source code:

Source ZIP archive:	WinHasher_1.4_Source.zip (103k)
GnuPG Signature:	WinHasher_1.4_Source.zip.asc
Signing Key:	Jeff's Public Key
MD5 Hash:	3794c75389ba0b408c3e6043a8efe593
SHA-1 Hash:	6e870446fc2702d471a4a5e01a0bf7fe2bf8bc77
SHA-256 Hash:	05ccae7d82c4c6810654075b293977320eb0c8c8a46529b874a2e07f7085d3ef
RIPEMD-160 Hash:	f1914dcdbe283115e4fdcd6c443c9033c55fbc30
Tiger Hash:	5d9b37d7691d7509c06c40ba2c526b382426dd7e043e6859

[ Top ]

Installation Instructions

Simply download and run the setup installer (after verfiying the digital signature and/or hashes, of course). It's as simple as that. The installer allows you to choose a number of options, such as which modules to install (the Windows application, the console programs, help files, etc.) and what shortcuts to create. Uninstalling is just as easy; either run the uninstall program from the Start menu or remove the program through the Add/Remove Programs interface.

In theory, WinHasher should be able to be used in a "portable" fashion which does not require installation. All the installer really does is set up WinHasher in a predictable (yet user-customizable) location and optionally creates "Send to" shortcuts and adds the install path to the Windows PATH. In order to use WinHasher as a portable app, you will need to install it on one machine and copy the WinHasherCore.dll library and any of the executables you wish to carry. The DLL must be in the same location as the executables, as it contains the core hashing engine for all the programs. You can then run the WinHasher executables anywhere you wish.

There are, however a few caveats to point out with using WinHasher in a portable manner:

• The context menu "Send to" shortcuts will not be available as these are created by the installer. You can, however, drag-and-drop files onto the GUI app or specify the file(s) to hash on the GUI app or console app command lines.
• Beginning with version 1.4, WinHasher stores your last used settings in the Windows registry. These settings are benign, but remain after the program closes. The uninstaller offers to delete these registry keys when the application is uninstalled, but the uninstaller is not available if the installer is not used. Thus, if you use WinHasher as a portable app, you will have to manually delete these registry keys if you want to maintain a completely zero-impact portable status. These registry keys may be found in HKCU\Software\GPF Comics\WinHasher. Note that the registry keys are only created by the GUI application in GUI mode and not by the console apps.

[ Top ]

WinHasher Program History

Why WinHasher?

Cryptographic hashing is readily available on many computer operating systems. It often comes built-in to the OS or as a (relatively) standard optional package. Mac OS, Linux, Free/OpenBSD, and many other OSes include OpenSSL as either a pre-installed or easily installable optional component. OpenSSL includes several command-line components for generating cryptographic hashes and there are number of graphical user interface (GUI) applications that allow point-and-click access to its capabilities.

Not so with Microsoft Windows. Windows does not include any built-in utilities for cryptographic hashes, and installing and using OpenSSL on Windows is not a trivial matter. The typical Windows user of today is much less familiar with the Windows Console (i.e. command line) let alone compiling software from source. And while cryptographic hashes are pretty much standard in programming libraries such as the Microsoft .NET Framework, the user is required to write and compile their own applications to use them.

This "hashing divide" has annoyed me for some time. While I consider myself to be an operating system agnostic and find myself equally home on both Windows and Linux, there are many times I've downloaded Windows-only software but didn't have the capability to verify the file's hash. Either I've been unable to install and run OpenSSL on a given machine, or I haven't had the time or access to a Linux box to copy the file over, generate the hash, and verify it before install. So I wanted to create a quick, simple, easy-to-use Windows app so I could get the hash of a file without waiting or moving it around. I also thought it would be a nice idea to be able to quickly compare the hashes of multiple files without having to generate each one and manually check every hexadecimal digit, so I added that functionality too. After writing the program, I thought it might be useful to others, so I decided to share.

[ Top ]

Version History

• Version 1.0: Initial release
• Version 1.1: Improved GUI responsiveness by moving the actual hashing operations into a System.ComponentModel.BackgroundWorker object, so the hashing takes place in a different thread than the GUI. Now the GUI (regardless of whether the main window is opened or the process is launched by a "Send To" shortcut) will display an "in progress" dialog box to let you know that it's actually working. Before, hashes of really big files (say, several gigabyte DVD ISOs) seemed to disappear into nowhere, with no indication that the program was doing anything. The progress dialog includes a cancel button to allow the user to abort the operation while it is in progress. Unfortunately, there's no way to indicate how far along we are in an individual hash, an artifact of the System.Security.Cryptography.HashAlgorithm implementation. Comparisons will display a progress bar, but that only tells how many files of the batch have been hashed so far.
• Version 1.2: Improved multi-threaded progress dialog box so now all operations display a percentage complete. Previous, this only occurred in multi-file comparisons. This is really helpful when hashing really big files (like CD or DVD ISOs or uncompressed video) or comparing multiple large files. Operations can be cancelled by clicking the Cancel button.
• Version 1.3: Added Hash Text tab to hash arbitrary text. All modes now support Base64 output as well as hexadecimal.
• Version 1.4: Added Bubble Babble and upper-case hexadecimal output; made SHA-1 default algorithm (as MD5 is no longer secure); added ability to turn tooltip help on or off; preferences saved to Windows registry on exit and restored on next load

[ Top ]

Browse the Documentation

The entire WinHasher 1.4 documentation is here online for your browsing enjoyment. Check out either the Windows GUI help or the console program help.

[ Top ]

Participate

Currently, WinHasher does not have a public source code repository. What you get when you download the source archive above is the latest snapshot of the code, "tagged" at the version number corresponding to the current release. Since my development team consist of a whopping one person, I didn't see much point in making the Subversion repository open to everyone.

That doesn't mean that I'm not receptive to feedback, however. Suggestions, feature requests, and even patches are certainly welcome. If you would like to contribute to WinHasher, by all means, please send me an e-mail with your feedback. If you wish to contribute code, please download the current source and test your patch thoroughly before submitting it. I'll make sure you get credit in the application's About dialog and in the source. I am especially interested in additional hashing algorithms, which must be a subclass of the .NET 2.0 System.Security.Cryptography.HashAlgorithm class. Other suggestions will be taken under consideration and added to the application as time permits.

[ Top ]

Disclaimers

Please read the WinHasher license for complete licensing information. WinHasher is released under the GNU General Public License version 2, which outlines information concerning its use, redistribution, and warranties. Please read this license fully before using this application.

It should be noted that cryptographic hashes and digests do NOT guarantee authenticity or ownership of digital files. Hashes and digests should NOT be confused with digital signatures, which verify both file integrity and the authenticity of the file's creator. Hashes and digests ONLY guarantee that the file has not been altered or corrupted in transit, and it is trivial for a hacker to alter both a file and the displayed hash if a remote site is hacked. If both integrity and authenticity are required, please use an application such as PGP or GnuPG to create and/or verify digital signatures.

After releasing WinHasher, it came to my attention that there already exists a separate WinHasher application that performs a similar function. This application is unrelated to the other application by the same name and was independently developed. I make no claims of trademark on the name "WinHasher" and from my understanding, neither has the other application's developer. Since my application came second, I will happily defer and rename my WinHasher if the other developer asserts ownership of the name. However, since names can mean a great deal in today's world of search engines, I will continue to use the name unless explicitly asked to change it by the other application's developer. You can find the other WinHasher by searching for "WinHasher" at Google and going to any of the shareware/freeware download sites listed. My WinHasher is currently only available at GPF-Comics.Com.

[ Top ]