Skip to main content
Sign in

Digital signature digest file

  • Updated

Overview

Capella provides a way for customers to verify that that their data products have not been tampered with from the time of generation until the time of receipt by providing an additional digest file in JSON format. The digest file contains two cryptographic hashes (SHA-256 & MD5) for each of the data and metadata files generated. Like other assets, the manifest file can be downloaded individually and is also contained in the full asset bundle.

Example

File name:

CAPELLA_C06_SM_GEO_HH_20220211174711_20220211174715_digest.json

File contents:

{
    "files": [
        {
            "name": "CAPELLA_C06_SM_GEO_HH_20220211174711_20220211174715.tif",
            "md5": "836da4042992f20b79659d8a5406a138",
            "sha256": "add40f2d8949a01e4a8e628e21774d17345eb1d928ef8e57f03f9e761554da8b"
        },
        {
            "name": "CAPELLA_C06_SM_GEO_HH_20220211174711_20220211174715_extended.json",
            "md5": "e9485c22f476e1598d0d3e5e53aaa730",
            "sha256": "1c610710e41dfa636046873495e66e7bf64537e7e37816c821e2545ff939dcfe"
        },
        {
            "name": "CAPELLA_C06_SM_GEO_HH_20220211174711_20220211174715.log",
            "md5": "43f5b03e1b0eb83020d9abda536a25b0",
            "sha256": "1b3125fe56dea737a14e68c92a8c52774ebe03adc9d9147c225cfd79555d9eef"
        },
        {
            "name": "CAPELLA_C06_SM_GEO_HH_20220211174711_20220211174715.prof",
            "md5": "224abb114fbae259a06da65f6f011b84",
            "sha256": "3e579cc3f2ff9784415f0a7ec0d097269632ae05dfcbeb906cc1ad1ef5fba8a1"
        },
        {
            "name": "CAPELLA_C06_SM_GEO_HH_20220211174711_20220211174715_stats.json",
            "md5": "5c0bfc9a294640b0501a969828c3f149",
            "sha256": "c6d7842ceb3f93da58c5a47855db1e6404529826f8431b037cf7bdc53a846272"
        },
        {
            "name": "CAPELLA_C06_SM_GEO_HH_20220211174711_20220211174715_stats_plots.zip",
            "md5": "01b43a0e70c14ddecb868a2cce7213ba",
            "sha256": "b7d60d3c7fdb222388153e883a90252c7693f97873f59efa5ae4df41352187bd"
        },
        {
            "name": "CAPELLA_C06_SM_GEO_HH_20220211174711_20220211174715_preview.tif",
            "md5": "ec8edc93b374540b41a010051c642663",
            "sha256": "61f808ae95acafb8c17590617b343426a4cee3f2fd4ae0f2a2c1521a2cb31adb"
        },
        {
            "name": "CAPELLA_C06_SM_GEO_HH_20220211174711_20220211174715_thumb.png",
            "md5": "128eef02cc0924bd74753bd2076b9213",
            "sha256": "bdf79bb33091d615d93e27b05aab48cd8eecd4fdecf9045cc3ae3e230a467dad"
        }
    ]
}

How to use

  1. Use the commands below (based on your machine's OS) to obtain the cryptographic hashes for one of the data files (ex: the image .tif file).
  2. Compare the two hash values that were generated to the values in the digest file for the corresponding data file name.
  3. If the values match then the data has not been tampered with from the time of generation. If they do not match then it is advised that you do not open the file.

SHA-256

For Windows:

certutil -hashfile [file location] SHA256

For Linux:

sha256sum [file location]

For macOS:

shasum -a 256 [file location]

MD5

For Windows:

certutil -hashfile [file location] MD5

For Linux:

md5sum [file location]

For macOS:

md5 [file location]

 

Availability in Console

The digital signature file is available for download in the Console UI in the same way as other assets for a given collect, on the Order Details page:

mceclip1.png

 

 

 

 

Related articles