Use the following steps to
- Download and install the free application Cryptophane. We recommend that you use the full installer.
- Download the public key that was used to create the signature for the checksum that you are checking. We use the same version of the key to sign many releases, so you only need to download each version once – the version number is given in the link for each release, for example “Public key 6”.
- Start Cryptophane.
- From the Cryptophane menu, click File, then click Import Keys.
- Choose the public key file that you downloaded in step 2, and then click OK.
If, in future, a release that you want to check uses a different version of the public key, repeat steps 2 through 5 above to import the key before continuing with the steps below.
Now you are ready to check that the checksum file came from us. Follow these steps:
- Download the checksum file of the release by using the “Checksum” link on the release page.
- Download the signature file of the release by using the “Signature” link on the release page. Save the signature file to the same location as the checksum file.
- In Windows Explorer, locate the signature file you downloaded in step 2.
- Double-click the signature file name. If the checksum file came from us you’ll see something like this: