Readme- Improve binary file image verification script on the Windows Platform

[Marc-Gee]

Summary: Improvements to Binary file verification on Windows Platform:

Add new Powershell script that simulates the Linux SHASUM command , but within the Windows platform.

Rationale
The existing windows (powershell) script was not very effective and required users to manually open the Manifest file and manually check for themselves if the computed hash did equal to the expected hash.
This new (Powershell) script emulates the actions, behaviour and output of the Linux SHASUM command but on Windows. Thus it automates the task of checking that the computed and expected file hashes match exactly.

With many thanks and with credit to @Dimi8146 for his input on getting my own prior code snippets to work somewhat, his code was much more concise and used the more-correct powershell objects.
Our joint effort results in a more reliable verification experience for the windows users!

The output message matches the SHASUM Linux output for both the success and failure result.

If required, the code comments could be removed, or shortened to make the script appear shorter, but our decision thus far, was to try strike a balance between the readability and the brevity of a compressed 1-liner.

[Marc-Gee]

The updated powershell script is submitted.
There shall be a subsequent PR to consider renaming the manifest file (currently seedsigner.0.6.0.sha256), to be more obvious and friendly, including the word 'manifest'. However that should be done in a separate PR.

[Marc-Gee]

@Dimi8146 and I discusssed today that the '-eq $True' is actually redundant.

so possible code can drop off a few lines by incorporating the check of the files existence into the final line.

Hence a possible modification of the combined line is :

'....
# Test if the file exists, and then compare if the computed hash matches the expected hash
If (Test-Path $filename ) {write-host $filename ('FAILED: Computed checksum did NOT match!', 'is OK.')[((Get-FileHash $filename).hash -eq $hash)]}
'
}

Sorry backticks and Comments #'s didnt play nice in this comment box .
does anyone know how to get this to work correctly in github / html?

[jahangir13]

Hi guys,
worked for me in Windows using the new snippet. See attached screenshot.

[kdmukai]

Copying and pasting the snippet worked via CTRL-V and got the "OK" message.

However, the Windows shortcut of right-clicking the mouse to insta-paste made a mess in the terminal and did not yield a usable script.

[kdmukai]

NACK on the script approach.

I'm not a Windows scripting expert at all and the vast majority of people have even less knowledge here. In Windows (in particular!!!!) we don't want people running scripts they don't understand.

I feel much more comfortable with single step commands that I can execute on my own and understand what each command is doing.

I'd prefer a simplified approach that is more like:

---

...after verifying sig file

Calculate the hash of the image you downloaded:

# method 1:
Get-FileHash seedsigner*.img

# Or method 2 (must specify the exact img filename)
CertUtil -hashfile type-your-img-filename-here SHA256

Display the hashes contained in the .sha256 manifest file:

type seedsigner*.sha256

Find the hash for the image you downloaded and compare against your calculated result above. If the two values match (uppercase vs lowercase does not matter), then you know you have downloaded an authentic release image.

---

Why add the Cert-Util option? It's the same command that Bitcoin Core, Sparrow, and Electrum use.

It doesn't accept wildcards, which is annoying, but I think it's better to conform to what other major projects use for verification.

[Dimi8146]

How's this?

Code:

$files = Get-ChildItem -Filter seedsigner*.img
$files | ForEach-Object { CertUtil -hashfile $_.FullName sha256}

Example:

PS C:\WINDOWS\system32> cd C:\users\dimi8146\Downloads

PS C:\users\dimi8146\Downloads> $files = Get-ChildItem -Filter seedsigner*.img
$files | ForEach-Object { CertUtil -hashfile $_.FullName sha256}

SHA256 hash of C:\users\dimi8146\Downloads\seedsigner_os.0.6.0.pi0.img:
750f406c133d17994eb58544aad82b20f1478c8663af303e45b2d9c49c4e9825
CertUtil: -hashfile command completed successfully.
SHA256 hash of C:\users\dimi8146\Downloads\seedsigner_os.0.6.0.pi02w.img:
0012ae613545eecf6ff40a17967a91f0e89d28f0db1fbafcdd371a58b237b3f2
CertUtil: -hashfile command completed successfully.
SHA256 hash of C:\users\dimi8146\Downloads\seedsigner_os.0.6.0.pi2.img:
749115b3f222f45a20a632996939afa0bb75bc0591979f5be30b0335ebd3f378
CertUtil: -hashfile command completed successfully.
SHA256 hash of C:\users\dimi8146\Downloads\seedsigner_os.0.6.0.pi4.img:
78a15b08ed163b1911320e436ea7002cb8daf49c6867fb29b4d5f94dca107cb1
CertUtil: -hashfile command completed successfully.

[Marc-Gee]

Everytime I spend hours writing some code , Dimi is already ahead of me, on the same idea and he publishes it before me!! 🤣 I must learn to put my unfinished ideas up already, before they are perfect..... #AlwaysLearning I did a similar technique but used getfilehash not certutil. (because certutil is an exe, and getfilehash is a PowerShell command, so it was hard to cross that boundary/ meme space. Well done Dimi! Will post my own (imperfect) code later today. Marc.

…

________________________________ From: Dimi8146 ***@***.***> Sent: Tuesday, July 4, 2023 4:38:58 AM To: SeedSigner/seedsigner ***@***.***> Cc: Marc G ***@***.***>; Author ***@***.***> Subject: Re: [SeedSigner/seedsigner] Readme- Improve binary file image verification script on the Windows Platform (PR #352) How's this? Code: $files = Get-ChildItem -Filter seedsigner*.img $files | ForEach-Object { CertUtil -hashfile $_.FullName sha256} Example: PS C:\WINDOWS\system32> cd C:\users\dimi8146\Downloads PS C:\users\dimi8146\Downloads> $files = Get-ChildItem -Filter seedsigner*.img $files | ForEach-Object { CertUtil -hashfile $_.FullName sha256} SHA256 hash of C:\users\dimi8146\Downloads\seedsigner_os.0.6.0.pi0.img: 750f406c133d17994eb58544aad82b20f1478c8663af303e45b2d9c49c4e9825 CertUtil: -hashfile command completed successfully. SHA256 hash of C:\users\dimi8146\Downloads\seedsigner_os.0.6.0.pi02w.img: 0012ae613545eecf6ff40a17967a91f0e89d28f0db1fbafcdd371a58b237b3f2 CertUtil: -hashfile command completed successfully. SHA256 hash of C:\users\dimi8146\Downloads\seedsigner_os.0.6.0.pi2.img: 749115b3f222f45a20a632996939afa0bb75bc0591979f5be30b0335ebd3f378 CertUtil: -hashfile command completed successfully. SHA256 hash of C:\users\dimi8146\Downloads\seedsigner_os.0.6.0.pi4.img: 78a15b08ed163b1911320e436ea7002cb8daf49c6867fb29b4d5f94dca107cb1 CertUtil: -hashfile command completed successfully. — Reply to this email directly, view it on GitHub<#352 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AVYRGJJZNBC5CIA4RUH6PZLXOOF5FANCNFSM6AAAAAAV76T22Y>. You are receiving this because you authored the thread.Message ID: ***@***.***>

[kdmukai]

NACK on any Windows scripting dependencies (Get-ChildItem, ForEach-Object).

Assume most users will download a single .img (so no need to iterate over all possible img matches).

Users can visually inspect the .sha256 file to find their expected matching hash (so no need to find the matching line in that file via scripting).

Simplicity. Simplicity. Simplicity.

I still much prefer: #352 (comment)

[marc3linho]

Hi Guys, I also prefer #352
I have consolidated a few of your suggestions and made a change from an old PR of mine where I have placed the Windows part further down. I don't want to open another PR on this topic that would split up this communication.

Step 2. Verifying that the software images/binaries are genuine

Now that you have confirmed that you do have the real SeedSigner Project's Public Key (ie the 16 characters match) - you can return to your terminal window. Running the shasum command, is the final verification step and will confirm (via file hashing) that the software code/image files, were also not altered since publication, or even during your download process.
(Prior to version 0.6.0 , your verify command will check the .zip file which contains the binary files.)

On Linux or OSX: Run this command

shasum -a 256 --ignore-missing --check seedsigner.0.7.*.sha256.txt  

After entering the command, it should display:

seedsigner_os.0.7.x.[Your_Pi_Model_For_Example:pi02w].img: OK

If you receive the "OK" message for your seedsigner_os.0.7.x.[Your_Pi_Model_For_Example:pi02w].img file, as shown above, then your verification is fully complete!
All of your downloaded files have now been confirmed as both authentic and unaltered!

On Windows (inside Powershell): Run this command

CertUtil -hashfile  seedsigner_os.0.7.0.Insert_Your_Pi_Models_binary_here_For_Example_pi02w.img SHA256 

Display the hashes contained in the .sha256 manifest file:

type seedsigner*.sha256

Find the hash for the image you downloaded and compare against your calculated result above. If the two values match (uppercase vs lowercase does not matter), then you know you have downloaded an authentic release image.

You can proceed to create/write your MicroSD card

If your file result shows "FAILED", then you must stop here immediately. Do not continue. Contact us for assistance at the Telegram group address above.

Please recognize that this process can only validate the software to the extent that the entity that first published the key is an honest actor, and their private key is not compromised or somehow being used by a malicious actor.

[kdmukai]

@Marc-Gee can you take a final(?) crack at getting this updated (or have the docs already been updated to be sufficient? If so, please close this PR).