GnuPG Gpg4win Logo
  • Comments
  • Immutable Page
  • Menu
    • Navigation
    • RecentChanges
    • FindPage
    • Local Site Map
    • Help
    • HelpContents
    • HelpOnMoinWikiSyntax
    • Display
    • Attachments
    • Info
    • Raw Text
    • Print View
    • Edit
    • Load
    • Save
  • Login

Navigation

  • RecentChanges
  • FindPage
  • HelpContents

Upload page content

You can upload content for the page named below. If you change the page name, you can also upload content for another page. If the page name is empty, we derive the page name from the file name.

File to load page content from
Page name
Comment
Get the password from https://wiki.gnupg.org/UnlockRegistration

Revision 1 as of 2017-01-20 10:21:25
  • Gpg4win
  • CheckIntegrity

Check integrity of Gpg4win packages

How to actually perform the checks can be found e.g. on the GnuPG web page on integrity checks.

SHA1 checksums

67e13c4f90ff6a70ad57bd31af64a238c9315308 gpg4win-2.3.3.exe
71a3ed36a8af2ef14c7ac4d2d25fa2fef9eaa13b gpg4win-light-2.3.3.exe
a105cc82d60a315a14a4f69ea783a83baa434e55 gpg4win-vanilla-2.3.3.exe
46349916d17854e90bc9fe311b280af359350236 gpg4win-src-2.3.3.exe
5fa6d34206f3b08f1fdee58b03db1dc06c627388 gpg4win-2.3.3.tar.bz2

OpenPGP signatures

For gpg4win-2.3.3.exe: https://files.gpg4win.org/gpg4win-2.3.3.exe.sig
For gpg4win-light-2.3.3.exe: https://files.gpg4win.org/gpg4win-light-2.3.3.exe.sig
For gpg4win-vanilla-2.3.3.exe: https://files.gpg4win.org/gpg4win-vanilla-2.3.3.exe.sig
For gpg4win-src-2.3.3.exe: https://files.gpg4win.org/gpg4win-src-2.3.3.exe.sig
For gpg4win-2.3.3.tar.bz2: https://files.gpg4win.org/gpg4win-2.3.3.tar.bz2.sig

The signatures have been created with the following OpenPGP certificate
Intevation File Distribution Key (Key ID: EC70B1B8)

The certificate be retrieved from OpenPGP certificate servers. Loading a certificate from a certificate server can be done e.g. via Kleopatra or GPA. Checking the signature of a file is best done with GpgEX via the Explorer.

File lengths

If you have a mismatch on the checksum or a bad signature you should first verify that you really downloaded the complete file. Here are the lengths you should get:

25629112 bytes for gpg4win-2.3.3.exe
8461096 bytes for gpg4win-light-2.3.3.exe
3321976 bytes for gpg4win-vanilla-2.3.3.exe
301613824 bytes for gpg4win-src-2.3.3.exe
5913239 bytes for gpg4win-2.3.3.tar.bz2

Code Signing Certificate

All Gpg4win exe installer files since April 2016 are signed with the following code signing certificate:

S/N: 1121A3D67EAB28AA86FD85728B57FA62630D
Issuer: CN=GlobalSign CodeSigning CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE
Subject: 1.2.840.113549.1.9.1=#636F64657369676E696E6740696E7465766174696F6E2E6465,CN=Intevation GmbH,O=Intevation GmbH,L=Osnabrueck,ST=Niedersachsen,C=DE
sha1_fpr: DE:16:D5:97:2F:0B:73:95:F7:D9:1E:DC:1F:21:9B:0F:FE:89:FA:B3
md5_fpr: C0:98:08:94:D4:E7:97:3E:9D:F4:18:E4:5E:0A:2E:D7
notBefore: 2016-03-30 16:54:41
notAfter: 2019-03-31 16:54:41

Previously used code signing certificates were:

S/N: 112117F638BDC993B761C6073D63C2F86EC4
Issuer: CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE
Subject: 1.2.840.113549.1.9.1=#636F64657369676E696E6740696E7465766174696F6E2E6465,CN=Intevation GmbH,O=Intevation GmbH,L=Osnabrueck,ST=Niedersachsen,C=DE
sha1_fpr: 15:94:27:DA:C1:6E:68:A4:DD:47:EF:04:D2:17:C5:56:00:CF:A0:EC
md5_fpr: 35:64:A0:D5:FC:6A:58:83:B8:C4:F7:1F:1C:F9:A6:9E
notBefore: 2013-06-20 14:48:08
notAfter: 2016-09-10 09:27:26

and

S/N: 0100000000012A60AF8A8F
Issuer: CN=GlobalSign ObjectSign CA,OU=ObjectSign CA,O=GlobalSign nv-sa,C=BE
Subject: 1.2.840.113549.1.9.1=#636F64657369676E696E6740696E7465766174696F6E2E6465,CN=Intevation GmbH,O=Intevation GmbH,C=DE
sha1_fpr: B4:71:26:90:F0:3A:69:1E:F0:75:3F:8D:11:C9:EA:C3:6D:FB:7C:92
md5_fpr: 80:0E:E2:F9:6F:AC:F4:16:0F:B2:AB:65:CA:82:22:55
notBefore: 2010-08-11 09:27:29
notAfter: 2013-08-11 09:27:26
  • This site is hosted by Intevation GmbH
  • |
  • Datenschutzerklärung und Impressum
  • |
  • Privacy Policy and Imprint