For each release file we provide its SHA-256 hash.
Use the hash to check the integrity of your copy of the release file.
The API also includes the release file hash in the response to a ‘release list’ endpoint request.
You can use PowerShell to generate the hash of a downloaded release file for comparison with the hash of the same file on TRUD:
> Get-FileHash nhs_diagimg_29.0.0_20200401000001.zip | Format-List Algorithm : SHA256 Hash : 36DBA10E5708B0CBCFAE07F977E83635E20A8592E1DB26D6BBBF2587A8997BA5 Path : C:\downloads\nhs_diagimg_29.0.0_20200401000001.zip
You might like to use the open source software 7-Zip, which offers integration with File Explorer, so you can easily see the hash of a downloaded file by right-clicking it and selecting the appropriate option.
$ sha256sum nhs_diagimg_29.0.0_20200401000001.zip 36dba10e5708b0cbcfae07f977e83635e20a8592e1db26d6bbbf2587a8997ba5 *nhs_diagimg_29.0.0_20200401000001.zip
SHA-256 hashes replace the checksum, signature and public key files we previously provided with releases.
We made this change because the File Checksum Integrity Verifier (FCIV) software that those legacy release support files relied on is no longer supported by Microsoft. The software was Windows-specific, and using it along with GnuPG was cumbersome.
We still provide these files for compatibility, but they are now only available via the API.