Tuesday, 15 May 2018

Compare the checksum (hash) of a download file

Ever needed to compute the checksum (i.e. the hash) of a file you’ve downloaded from the internet? If not, you probably should—when you can—to ensure the file you’ve downloaded wasn’t tampered with (e.g. to insert malware) or corrupted while it was being downloaded.

As two examples, there are the large files (OS, etc) we download from the trustworthy MSDN library, which may face interruptions during download, and then there are those really handy utilities like WinDirStat that may originate from unsavoury locations on the internet.

Microsoft provides a handy tool for the purpose of computing the cryptographic hash value of one or more files called the File Checksum Integrity Verifier utility. It’s simple to use and can be found here: https://support.microsoft.com/en-au/help/841290/availability-and-description-of-the-file-checksum-integrity-verifier-u

Once extracted, usage is as simple:

fciv myfile.exe

But it can also compute MD5 and/or SHA-1 hashes for a directory of files and store results in a database. Full details can be found at the download link, above.