Command Line MD5 hash

A colleague asked me the other day what the command-line tool was for calculating MD5 hashes in Windows.

In a moment of sanity, I told him that the usual tool was FCIV, the Microsoft File Checksum Integrity Verifier, but that you had to download it.

Then when he started making fun, and saying that Linux had a command-line tool built in, I went more towards insanity, and suggested the following for him:

[BitConverter]::ToString((new-object Security.Cryptography.MD5CryptoServiceProvider).ComputeHash((new-object IO.FileInfo("c:\windows\explorer.exe")).OpenRead())).Replace("-","").ToLower()

Sure, it’s PowerShell, but that’s been a part of Windows for some while now.

[If you really want to use the example, note that it calculates the hash for the file c:\windows\explorer.exe – change the string to change the file.]

More useful is to create a function:

function MD5 ($a) {[BitConverter]::ToString((new-object Security.Cryptography.MD5CryptoServiceProvider).ComputeHash((new-object IO.FileInfo($a)).OpenRead())).Replace("-","").ToLower();}

Then you can call this with MD5(“c:\windows\calc.exe”) to get a hash of the Calculator.

The meta-lesson

But this does draw out a distinction between operating systems – Linux has an MD5 hash calculator because you are expected to calculate MD5 hashes of files manually on a regular basis. Windows doesn’t have an MD5 hash calculator, because that’s generally done for you. Windows Update will check hashes on files it downloads before it applies them, for instance.

You can learn a lot about an operating system by looking at what is in its default deployment, and what is absent – and why it’s absent (which you can deduce from finding out what you’re supposed to do instead).

2 thoughts on “Command Line MD5 hash”

  1. I certainly hope that when Windows calculates hashes for Windows Update or other such stuff it doesn’t use MD5. I also assume that there’s a Security.Cryptography.SHA1CryptoServiceProvider available? What others?

    Oh Larry, you’re such a cynic.

    No, they’re not using MD5. It’s not easy to find the specific documentation (because, hey, most people aren’t going to specifically care as long as it’s taken care of), but here’s a link that indicates that, at least in Vista, they were using SHA1:

    http://technet.microsoft.com/en-us/library/cc505869.aspx – note that it says specifically the algorithm is SHA1.

    As for other algorithms, another link:

    http://msdn.microsoft.com/en-us/library/system.security.cryptography.hashalgorithm.aspx – the current set of hash algorithms in .NET. Each one has a corresponding CryptoServiceProvider or Managed implementation.

    Thursday, July 24, 2011 19:16 PM by Alun Jones
  2. Follow-up: Does Linux come with command line tools for all those hashes?

    Possibly…

    Given that there are oodles of different packages that represent “Linux” in one sense or another, there’s probably a version that provides a hash based on the analysis of pink elephant stools. Wikipedia says that sha1sum is generally installed by default, but does not say whether the more generic version, shasum, is available ‘out of the box’ (for some value of box).

    So, yes, probably, perhaps.

    Monday, July 25, 2011 9:51 PM by Alun Jones

Leave a Reply

Your email address will not be published. Required fields are marked *