Deterministic zipping and verification utility that produces reproducible ZIP archives and cryptographic fingerprints (SHA256 and HMAC-SHA256).
The project provides:
• A GUI tool for general users
• A CLI tool for automation and scripting
Repository:
https://github.com/typer-hx/fingerprint_tool-File-Integrity-Checker.git
Create deterministic ZIP archives and verify them using SHA256 and HMAC-SHA256 to ensure the file has not been modified.
• Deterministic ZIP creation
• SHA256 hashing for integrity verification
• HMAC-SHA256 authenticated hashing
• Automatic folder → deterministic ZIP conversion
• CLI automation support
• GUI interface for non-technical users
• JSON manifest export
• Interactive verification mode
• Secure workflow for sender and receiver
Normal ZIP tools may produce different binary outputs even when the files inside are identical.
Reasons include:
• timestamps
• metadata
• file ordering
This tool eliminates those differences by:
• sorting files before zipping
• fixing timestamps
• fixing permissions
Result:
same input → identical ZIP → identical hash
This makes cryptographic verification reliable.
fingerprint_tool-File-Integrity-Checker/
│
├─ fingerprint_tool_cli.py
├─ gui_tool.py
├─ sample_manifest.json
├─ CHECKSUMS.txt
├─ LICENSE
└─ README.md
Python 3.8 or newer
git clone https://github.com/typer-hx/fingerprint_tool-File-Integrity-Checker.git
cd fingerprint_tool-File-Integrity-Checker(Optional virtual environment)
python -m venv .venv
.venv\Scripts\activatepython fingerprint_tool_cli.py file.txtpython fingerprint_tool_cli.py folder_nameThe folder will automatically be converted into a deterministic ZIP.
python fingerprint_tool_cli.py file.txt --zip-filespython fingerprint_tool_cli.py folder_name --out output.zipLinux / macOS
export FINGERPRINT_SECRET=mysecretWindows CMD
set FINGERPRINT_SECRET=mysecretThe secret must be shared securely with the receiver.
Run the GUI:
python gui_tool.pySteps:
- Select a file or folder
- Enter the HMAC secret
- Click Run
- The tool generates SHA256 and HMAC values
Optional actions:
• verify fingerprints
• save JSON manifest
{
"type": "zip",
"filename": "package.zip",
"sha256": "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
"hmac": "abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789"
}- Generate ZIP and fingerprints
- Send ZIP file to receiver
- Send SHA256 and HMAC values
- Share secret through secure channel
- After receiving the secure HMAC code, Runs verification
- Compare hashes
- If verified → unzip safely
PowerShell
Get-FileHash package.zip -Algorithm SHA256Windows CMD
certutil -hashfile package.zip SHA256OpenSSL HMAC example
openssl dgst -sha256 -hmac "secret" package.zipYou can build the GUI executable using PyInstaller.
Install PyInstaller:
pip install pyinstallerBuild the executable:
pyinstaller --onefile --windowed gui_tool.pyThe executable will appear inside:
dist/gui_tool.exe
Upload the EXE to GitHub Releases instead of committing it to the repository.
Example:
certutil -hashfile dist\gui_tool.exe SHA256Example format:
gui_tool.exe SHA256 <hash>
fingerprint_tool_cli.py SHA256 <hash>
• Never send the HMAC secret together with the file
• Share secrets via secure channel
• Always verify hashes before extracting files
• Do not modify the produced ZIP before sending
• Generate a new secret for each transfer if possible
Contributions are welcome.
Steps:
- Fork the repository
- Create a new branch
- Commit your changes
- Open a Pull Request
Repository:
https://github.com/typer-hx/fingerprint_tool-File-Integrity-Checker
This tool is designed for file integrity verification and secure file transfer workflows.
It does not replace full cryptographic signing systems such as GPG or code signing.
Student-First Non-Commercial License (SF-NC)
Commercial use requires permission.
Aditya
https://github.com/typer-hx