I am downloading a file that want to install on my computer. I know that it will be Ok to install if the signature matches the signature I have on file for the distributor of that file.
I am not downloading directly from the distributor though so I want to check that the file is signed with their key.
I have downloaded a version of openssl for windows but I can't see from that how to tell what the key is from the application file. I've seen many files for download say that their hash is x but what I am looking for is the distributor's key which from the file itself. What I have to compared it against is the SHA1-40-hex digit key.