Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Build Checksum / Versioning Error #2861

Closed
GWdd opened this issue Oct 16, 2020 · 1 comment
Closed

[BUG] Build Checksum / Versioning Error #2861

GWdd opened this issue Oct 16, 2020 · 1 comment
Labels
bug

Comments

@GWdd
Copy link

GWdd commented Oct 16, 2020

Please, before you create a new bug report, please make sure you searched in open and closed issues and couldn't find anything that matches.

MK3/S Driver-Firmware-PSLicer Downloads
Printer firmware version- 2.2.9.1 and 2.3.0

Describe the bug
SHA5 in download files doesn't match the actual file checksum
Security descriptor checksum doesn't match file (e.g., both 2.2.9.1 and 2.3.0 show same checksum signed by Prusa)

To Reproduce
Just look at the file download section of prusa.com

Expected behavior
Fix and make accurate the file descriptions, the internally signed checksums, and the website download section.

** Text Description **
The downloadable files need accurate checksums to ensure no man-in-the-middle attacks are taking place, and that the files downloaded are as produced by Prusa engineers.

Two files, 2.3.0 released on March 23, 2020; and a later file now claiming to be most recent released on July 13, 2020, conflict with each other. Both have the same Prusa Signed checksum in the digital security fields. Both have the same files size. Both have a different actual checksum than the security descriptor say they should have.

The 2.3.0.0 file on my machine is Prusa Signed, dated March 23, 2020 07:31 SHA5 = 0eb1b7e9ac15637638310cc5288e8fee

The 2.2.9.1 file on my machine is Prusa Signed, dated July 13, 2020 03:03 SHA5 = 0eb1b7e9ac15637638310cc5288e8fee

Oddly - even with a binary compare failing; both 2.2.9.1 and 2.3.0. are supposed to have the same checksum. So something is amiss.

And checksums on 2.2.9.1 do not match the certificates.

D:\Tools\Applications\Prusa 3D Printer>fciv prusa3d_win_2_2_9_1.exe
//
// File Checksum Integrity Verifier version 2.05.
//
8c5f0711cae119e955911ffc67d77405 prusa3d_win_2_2_9_1.exe

D:\Tools\Applications\Prusa 3D Printer>fciv prusa3D_win_2_3_0.exe
//
// File Checksum Integrity Verifier version 2.05.
//
d4328d12a7986c014b3f8bebf392f9c7 prusa3d_win_2_3_0.exe

2 2 9 Capture

2 3 0 Capture
@GWdd GWdd added the bug label Oct 16, 2020
@GWdd GWdd changed the title [BUG]<Enter comprehensive title> [BUG] Build Checksum / Versioning Error Oct 16, 2020
@DRracer
Copy link
Collaborator

DRracer commented Jul 21, 2021

@GWdd Please try the latest installation package, the signature should be up to date and valid. If not, please file a new issue. Thank you.

@DRracer DRracer closed this as completed Jul 21, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@DRracer @GWdd