System Requirements

• Microsoft .NET 2.0 Framework; only the runtime or redistributable package is required. .NET 2.0 requires:
  • Windows 98, 98 SE, ME, 2000 SP3 or higher, XP SP2 or higher, Server 2003, or any flavor of Vista
  • Windows Installer 2.0 for Windows 98/ME, 3.0 for all other OSes (3.1 recommended)
  • Internet Explorer 5.01 or higher
  • 280MB disc space for the x86 version, 610MB for the x64 version
• About 1MB of free disk space
• No hard memory or processor limits are know beyond the OS and .NET's requirements, but obviously the more the merrier

Note: WinHasher may work on non-Windows platforms with a .NET 2.0 compatible framework like Mono. However, this is untested beyond running it through MoMA (which it passed). Use on a non-Windows platform is considered unsupported; there are far better hashing options available outside of Windows anyway, such as OpenSSL or Jacksum.

The implementations of the Whirlpool and Tiger hash algorithms have been lovingly stolen from the Legion of the Bouncy Castle Crypto API. The BC implementations are based on .NET 1.1, but I have since ported these to be subclasses of Microsoft's System.Security.Cryptography.HashAlgorithm class, so they should be usable by virtually any .NET 2.0 application.

[ Top ]

Features

• Two primary interfaces: A small Windows GUI applet and a console (command line) program
• Three primary operating modes: Compute the hash of a single file, compare the contents of multiple files by comparing the hash of each one, or hash arbitrary text
• Supported hashing algorithms: MD5, SHA-1, SHA-256, SHA-384, SHA-512, RIPEMD-160, Whirlpool (2003 revision), and Tiger (1995 original, not "Tiger2")
• Supported output formats: Hexadecimal (with either lower-case or upper-case letters), Base64, Bubble Babble
• Windows applet supports drag-and-drop functionality; automatically compute the hash of a single file by dropping it onto the applet, or drop one or more files to add them to the compare list
• Optional "Send To" shortcuts allow you to right-click any file in Windows Explorer and instantly get its hash, or right-click multiple files to compare their contents
• Long running processes (such as hashing an individual very large file or comparing the hashes of many files) can now be cancelled when running in GUI mode
• Remembers last used settings such as hash algorithm, output format, last folder/directory, mode tab, etc.
• Can hash a total amount of data in one process up to 8.05EB (exabytes)!

[ Top ]

Download WinHasher

You can download the current version of WinHasher from the following links. A GnuPG digital signature and various hashes of the file (generated by WinHasher, no less) are also provided for verification.

Installer:	WinHasher_1.6_Setup.exe (379k)
GnuPG Signature:	WinHasher_1.6_Setup.exe.asc
Signing Key:	Jeff's Public Key
MD5 Hash:	ecb41f40c0dcb19b19161fd721881c9a
SHA-1 Hash:	6321b1e626520529264d55a9296e3e4894ed7829
SHA-256 Hash:	743667a1f1d3ebdc1ecae405a4171f87969165156b385b874ab51c9279d8a8ee
RIPEMD-160 Hash:	a05fad44f40cdd2d3953b425d4ad3ad88de5da76
Tiger Hash:	e1e558b405ebb139f17b27d3374a9d15c1ff0ea0ee4fcd7d

If you would prefer not to use the installer (for example, if you intend to use WinHasher as a portable app from a USB thumb drive), we now provide a binary-only archive. Note, however that the installer is the preferred method of installation and use as a portable app is not officially supported.

Binary archive:	WinHasher_1.6_Bin.zip (90k)
GnuPG Signature:	WinHasher_1.6_Bin.zip
Signing Key:	Jeff's Public Key
MD5 Hash:	94d116be92fad7a01e70546d6ea442b5
SHA-1 Hash:	7fb8ba0aa1a1dabf703a386619faec6d9c02a5a2
SHA-256 Hash:	6a880026c03d5d47dea0980e348936042f7b8cf014d665fd545de25b1e8b9842
RIPEMD-160 Hash:	81ca8b1f8893d6b5faf0e2f8e85c7051447fff02
Tiger Hash:	b8654b1f24c7ffecf03fd7bd40edec1f012968abdd06ab53

WinHasher is released under version 2.0 of the GNU General Public License. Thus, you can also download the C# source code:

Source ZIP archive:	WinHasher_1.6_Source.zip (128k)
GnuPG Signature:	WinHasher_1.6_Source.zip.asc
Signing Key:	Jeff's Public Key
MD5 Hash:	1d5c0ecf516fd14f8c5ac299f7bdddb3
SHA-1 Hash:	08e121bbe83729305d2f270745979c909162a864
SHA-256 Hash:	7b168816c0d798b0b2eeb530584f15997b0b443772a4703353e8a18eb4bb000a
RIPEMD-160 Hash:	81aab9e8770f75e629258bf7e42beb7f53e1de26
Tiger Hash:	99f1eae9c6c6d57cc57f70f20b20b8b5494c7a8da3301d57

[ Top ]

Installation Instructions

Simply download and run the setup installer (after verfiying the digital signature and/or hashes, of course). It's as simple as that. The installer allows you to choose a number of options, such as which modules to install (the Windows application, the console programs, help files, etc.) and what shortcuts to create. Uninstalling is just as easy; either run the uninstall program from the Start menu or remove the program through the Add/Remove Programs interface.

In theory, WinHasher should be able to be used in a "portable" fashion which does not require installation. All the installer really does is set up WinHasher in a predictable (yet user-customizable) location and optionally creates "Send to" shortcuts and adds the install path to the Windows PATH. In order to use WinHasher as a portable app, download and uncompress the binary-only archive linked above. Note that the DLL must be in the same location as the executables, as it contains the core hashing engine for all the programs. Copy these files to your portable media and you can then run the WinHasher executables anywhere you wish.

There are, however a few caveats to point out with using WinHasher in a portable manner:

• The context menu "Send to" shortcuts will not be available as these are created by the installer. You can, however, drag-and-drop files onto the GUI app or specify the file(s) to hash on the GUI app or console app command lines.
• Beginning with version 1.4, WinHasher stores your last used settings in the Windows registry. These settings are benign, but remain after the program closes. The uninstaller offers to delete these registry keys when the application is uninstalled, but the uninstaller is not available if the installer is not used. Thus, if you use WinHasher as a portable app, you will have to manually delete these registry keys if you want to maintain a completely zero-impact portable status. These registry keys may be found in HKCU\Software\GPF Comics\WinHasher. Note that the registry keys are only created by the GUI application in GUI mode and not by the console apps, nor by the GUI app when executed in command-line mode.

[ Top ]

WinHasher Program History

Why WinHasher?

Cryptographic hashing is readily available on many computer operating systems. It often comes built-in to the OS or as a (relatively) standard optional package. Mac OS, Linux, Free/OpenBSD, and many other OSes include OpenSSL as either a pre-installed or easily installable optional component. OpenSSL includes several command-line components for generating cryptographic hashes and there are number of graphical user interface (GUI) applications that allow point-and-click access to its capabilities.

Not so with Microsoft Windows. Windows does not include any built-in utilities for cryptographic hashes, and installing and using OpenSSL on Windows is not a trivial matter. The typical Windows user of today is much less familiar with the Windows Console (i.e. command line) let alone compiling software from source. And while cryptographic hashes are pretty much standard in programming libraries such as the Microsoft .NET Framework, the user is required to write and compile their own applications to use them.

This "hashing divide" has annoyed me for some time. While I consider myself to be an operating system agnostic and find myself equally home on both Windows and Linux, there are many times I've downloaded Windows-only software but didn't have the capability to verify the file's hash. Either I've been unable to install and run OpenSSL on a given machine, or I haven't had the time or access to a Linux box to copy the file over, generate the hash, and verify it before install. So I wanted to create a quick, simple, easy-to-use Windows app so I could get the hash of a file without waiting or moving it around. I also thought it would be a nice idea to be able to quickly compare the hashes of multiple files without having to generate each one and manually check every hexadecimal digit, so I added that functionality too. After writing the program, I thought it might be useful to others, so I decided to share.

[ Top ]

Version History

• Version 1.0: Initial release
• Version 1.1: Improved GUI responsiveness by moving the actual hashing operations into a System.ComponentModel.BackgroundWorker object, so the hashing takes place in a different thread than the GUI. Now the GUI (regardless of whether the main window is opened or the process is launched by a "Send To" shortcut) will display an "in progress" dialog box to let you know that it's actually working. Before, hashes of really big files (say, several gigabyte DVD ISOs) seemed to disappear into nowhere, with no indication that the program was doing anything. The progress dialog includes a cancel button to allow the user to abort the operation while it is in progress. Unfortunately, there's no way to indicate how far along we are in an individual hash, an artifact of the System.Security.Cryptography.HashAlgorithm implementation. Comparisons will display a progress bar, but that only tells how many files of the batch have been hashed so far.
• Version 1.2: Improved multi-threaded progress dialog box so now all operations display a percentage complete. Previous, this only occurred in multi-file comparisons. This is really helpful when hashing really big files (like CD or DVD ISOs or uncompressed video) or comparing multiple large files. Operations can be cancelled by clicking the Cancel button.
• Version 1.3: Added Hash Text tab to hash arbitrary text. All modes now support Base64 output as well as hexadecimal.
• Version 1.4: Added Bubble Babble and upper-case hexadecimal output; made SHA-1 default algorithm (as MD5 is no longer secure); added ability to turn tooltip help on or off; preferences saved to Windows registry on exit and restored on next load
• Version 1.5: Fixed a bug in the hashing engine where the accidental use of a 32-bit integer forced files larger than 2GB to cause WinHasher to crash. WinHasher now uses a 64-bit integer for all file size calculations, so hashes can be computed on any combination of files (single or multiple) where the total data size does not exceed 8.05EB (exabytes). Also added a "Compare To" field in both the GUI Hash Single File tab and the "Send To" shortcut result dialog that lets you paste pre-computed hashes copied from another source (such as a Web site) into this field and WinHasher will compare the two hashes for you. A color-coded textual confirmation of success or failure will be displayed.
• Version 1.6: Added progress indicator for console applications. Added "case kludge" for comparison fields; when an externally-produeced hash is pasted into a comparison field and a hash output type is used that does not contain mixed case (currently everything except Base64), the pasted-in value is forced to match the same case as the output type. Otherwise, hash results being compared that match in every way except case will fail the comparison. Fixed bug where icons were not displaying properly.

[ Top ]

Browse the Documentation

The entire WinHasher 1.6 documentation is here online for your browsing enjoyment. Check out either the Windows GUI help or the console program help.

[ Top ]

Participate

Currently, WinHasher does not have a public source code repository. What you get when you download the source archive above is the latest snapshot of the code, "tagged" at the version number corresponding to the current release. Since my development team consist of a whopping one person, I didn't see much point in making the Subversion repository open to everyone.

That doesn't mean that I'm not receptive to feedback, however. Suggestions, feature requests, and even patches are certainly welcome. If you would like to contribute to WinHasher, by all means, please send me an e-mail with your feedback. If you wish to contribute code, please download the current source and test your patch thoroughly before submitting it. I'll make sure you get credit in the application's About dialog and in the source. I am especially interested in additional hashing algorithms, which must be a subclass of the .NET 2.0 System.Security.Cryptography.HashAlgorithm class. Other suggestions will be taken under consideration and added to the application as time permits.

[ Top ]

Disclaimers

Please read the WinHasher license for complete licensing information. WinHasher is released under the GNU General Public License version 2, which outlines information concerning its use, redistribution, and warranties. Please read this license fully before using this application.

It should be noted that cryptographic hashes and digests do NOT guarantee authenticity or ownership of digital files. Hashes and digests should NOT be confused with digital signatures, which verify both file integrity and the authenticity of the file's creator. Hashes and digests ONLY guarantee that the file has not been altered or corrupted in transit, and it is trivial for a hacker to alter both a file and the displayed hash if a remote site is hacked. If both integrity and authenticity are required, please use an application such as PGP or GnuPG to create and/or verify digital signatures.

After releasing WinHasher, it came to my attention that there already exists a separate WinHasher application that performs a similar function. This application is unrelated to the other application by the same name and was independently developed. I make no claims of trademark on the name "WinHasher" and from my understanding, neither has the other application's developer. Since my application came second, I will happily defer and rename my WinHasher if the other developer asserts ownership of the name. However, since names can mean a great deal in today's world of search engines, I will continue to use the name unless explicitly asked to change it by the other application's developer. You can find the other WinHasher by searching for "WinHasher" at Google and going to any of the shareware/freeware download sites listed. My WinHasher is currently only available at GPF-Comics.Com.

[ Top ]