Checking the Hash or Checksum of a Download

Many download sites provide you with a hash or checksum that you can use to check that the file you downloaded wasn’t corrupted or incomplete. Common algorithms used are MD5, SHA1, SHA256 and CRC32.

If you’re on a Linux or UNIX system, you may have commands lying around that can compute some of these algorithms, e.g. a crc32 command.

As I wasn’t aware of any convenient commands for checking hashes and checksums on Windows, I wrote a simple .NET program that can compute and check the following hash and checksum algorithms on a file:

  • CRC32
  • CRC64
  • MD5
  • SHA1
  • SHA256
  • SHA384
  • SHA512

The various hash algorithms are provided by the .NET framework, but the two CRC algorithms aren’t, so I used code from Damien Guard’s blog for CRC32 and CRC64.

You can get the program from the Softwariness site on Github:

Example usage of HashCheck tool

Example usage of HashCheck tool

If you run hashcheck without parameters, you will get a usage message.

To get all the supported hash and checksum values for a file, run hashcheck with just the filename as an argument. You might want to do this if you are sharing a download on your website, and want to provide these values for a user to check. If you just want to check a hash, see below, as computing all the hash values will be slow for a large download, like a CD image.

To compute just a particular hash value, pass the name of the hash (e.g. MD5) as the second argument.

If you want to validate against the hash value that you found on the download site, pass that as the third argument. This must be in hexadecimal. Different case or extra hyphens will be ignored by hashcheck when comparing the hex.

Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInEmail this to someonePrint this page

Comments are closed