[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] SHA-256 checksum mismatch



Tuuranton:
> The SHA-256 checksum of the downloaded file
> https://www.torproject.org/dist/torbrowser/6.0/TorBrowser-6.0-osx64_en-US.dmg
> is on my computer
> 0f4f6ca01028c2956c811dd94d67a76feb507cad176c031f32e6f95873003b4c
> 
> But according to the text file
> https://dist.torproject.org/torbrowser/6.0/sha256sums-unsigned-build.txt
> the SHA-256 checksum of the file
> TorBrowser-6.0-osx64_en-US.dmg
> should be
> d68d01889ba38764ebf2057b3cd3263f638a74205031a6d1df11ab8ca13a3618
> 
> 
> Why the mismatch?

This is due to OS X code-signing that arrived with Tor Browser 6.0. See:
https://blog.torproject.org/blog/tor-browser-60-released third section.

We are working on providing instructions on how to remove the
code-signature in order to get the same SHA256 sum as the pre-signed
bundle. See: https://bugs.torproject.org/18925 for these efforts.

Georg


Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev