/  Frequently asked questions (FAQ) / Hashes

 Frequently Asked Questions | Signatures, hashes and CRC


Q: What is a digital signature?

A digital signature ensures that a file is from a particular developer and has not been manipulated. It can therefore be seen as a digital signature. Provided files are accompanied by another file with the same name and the "* .asc".

The "* .asc" files are associated with OpenPGP and allow users to check downloaded files for their origin and manipulation.


Q: What is a hash?

A hash is the easiest to view as a digital imprint of a file and is defined by SHA Algorihtmen.

SHA stands for the abbreviation Secure Hash Algorithm. Similar to digital signatures, each file has a unique checksum.

In addition to OpenPGP signatures, users can check files for manipulation and origin. On the sides of the, hash values are used in various places. In the product search, hash values are assigned to respective products and Downloads and images have also been provided with hash values.

Current SHA value of th GI-Host-Templates.exe from the download area:

 Sha256: E34B2F0972E9F648B5468E1BB2B35C52A1425A8340D7B8166F31C5DD163D5B63

This value is unique. If even the smallest byte on the file changes, this would also result in a different checksum that is displayed.

If the file was obtained from another page and does not have the same checksum, it was manipulated.


Q: What does CRC32 mean?

CRC stands for the abbreviation "Cyclic Redundancy Check".

This method serves as a method for determining check values for file transfers or storage of files. If a CRC value does not match, the file contains a data error. This can happen e.g. if a download has been aborted prematurely.

Current CRC32 value of the GI-Host-Templates.exe from the download area:

 CRC32: 0DC65EB8


Q: Why is the "GI-Host-Templates.exe" file not signed by provider XY?

Published software (as an example * .exe, * .ocx, * .dll files) can be equipped with a certificate of trust from providers such as Comodo CA, Sectigo, Thawte, Symantec, GoDaddy and many other providers. So-called code signing.

In the end, this works like SSL certificates in the browser.

The only difference is that a so-called code signature of these providers can cost several hundred € PER year and I am not ready for this. From that time on, trust cannot be bought by money.