Specialized IT Services focused on Data Management | Speak with Us 877-634-9222
Art of BI: Message Digest (MD5 / SHA) with Oracle Downloads Important
At this point most customers and developers of Oracle software know that their evaluation and purchased software can be downloaded from edelivery.oracle.com. I am giving away no secrets with that statement. One signs-in to the Oracle portal, accepts a few legal assertions, uses the dropdowns to select the specific software series and OS version and they are in a position to download the software. At this stage most people, even experience Oracle software officianados, begin downloading the zipped binaries and expect all to go swimmingly. One consideration that is easily and often overlooked is the “digest” which provides the MD5 and AE5 checksum information for each file (zip, tar, 7z, etc.) that one is actually downloading. If you don’t know what I’m talking about then you must keep reading as you are about to learn something that will prevent you from looking like a newb and wasting hours of your time.
This blog post takes a quick look at describing what the heck the “digest” is and how to verify these checksums in the most common operating systems such as Linux and Windows.
What many people don’t pay attention to is the view digest page when they begin their downloads. They assume that once the download is complete everything will be okay. But what happens if someone downloads a file and a hiccup in the download is a bit lossy or an administrator downloads some files on Linux and FTP’s them to a Windows OS box using the wrong transfer protocol, etc.? How would you know if something is right or wrong? Most people, if something isn’t starkly obvious, like a file size of 0KB, will never know until something “breaks” that something is wrong. And, after 4+ hours of thinking it is just them using the wrong zip decompression tool they will eventually redirect the blame and several hours after that another attempt to download will take place. That is a reactive approach and doesn’t have any place in a proactive agile approach to being a kick-ass techie. So, How would you know if something is right or wrong? The smart thing to do is just to run a comparison digest immediately after downloading the set of files that you need for your implementation. It’s that simple.
On Oracle’s edelivery site be sure to click the “View Digest” button as seen in the image below to open a new window which provides all the hash/checksums for the files in the section you are downloading.
What are you comparing to?
Well each good software vendor will run a checksum/hash digest against their compiles/compress binary files that are available for download. The most common message digests are MD5 and SHA-1. Each file when run against a checksum operation will produce basically a unique hash. When you finish downloading the file to your machine/server, you simply run the MD5 or SHA-1 command against the file (i.e.: .zip, .exe, etc.) and you compare the resulting hash from your execution of the MD5 command to the one that the software vendor, in this case Oracle, provides. If the hashes match then you are good to go and the files should decompress or execute as expected. If the hashes are off even by a single character then your downloaded file is bunk and you should re-download it or verify that you are actually comparing the right hash for the right file (blurry vision can happen when comparing a list of files at once.). Be proactive not reactive.
Here is what the View Digest file will look like. See how it lists each downloadable file name next to its respective has codes.
Note: Most hash commands also let you check the hashes for all files within a single folder (may take a while depending on how may files) and output the result to a flat file for easy comparison and of course documentation.
Where Can I Find The MD5 Command for my OS?
Just run MD5Sum command