Compare file hash with PowerShell
Once you’ve downloaded the file use Get-FileHash
to calculate the SHA256 hash.
$hash = (Get-FileHash .\filename.exe).hash
Copy the hash value from the website and assign it to a variable to compare.
$webhash = "3...f'
[Paste the full SHA256 hash in the quotes]
Then use PowerShell to compare this to the published hash.
if ($hash -eq $webhash){$true}
This will return either “True” or nothing, if “True” then the hashes match.
Or if you want to do it in one line:
If ((Get-FileHash .\filename.exe).hash -eq "3..f"){$True}
[Published SHA256 goes in the quotes.]
Algorithms
The default hashing algorithm used is SHA256 (SHA version 2, 256 bit hash).
Get-FileHash
supports the following algorithms
- SHA1
- SHA256
- SHA384
- SHA512
- MD5
To use a different algorithm, use the -Algorithm
parameter to pass the desired option.
I’ve listed the algorithms here in the format accepted by PowerShell.
Here is the oneliner with SHA1 for the algorithm:
If ((Get-FileHash .\filename.exe -Algorithm SHA1).hash -eq "3..f"){$True}
Quick reminder
MD5 and SHA1 are no longer considered secure, so where possible avoide them, in favour of the stronger SHA 2 options.