Compare file hash with PowerShell

How to use PowerShell to check a file hash

Once you’ve downloaded the file use Get-FileHash to calculate the SHA256 hash.
$hash = (Get-FileHash .\filename.exe).hash

Copy the hash value from the website and assign it to a variable to compare.
$webhash = "3...f'
[Paste the full SHA256 hash in the quotes]

Then use PowerShell to compare this to the published hash.
if ($hash -eq $webhash){$true}

This will return either “True” or nothing, if “True” then the hashes match.

Or if you want to do it in one line:
If ((Get-FileHash .\filename.exe).hash -eq "3..f"){$True}
[Published SHA256 goes in the quotes.]

Algorithms

The default hashing algorithm used is SHA256 (SHA version 2, 256 bit hash).
Get-FileHash supports the following algorithms

  • SHA1
  • SHA256
  • SHA384
  • SHA512
  • MD5

To use a different algorithm, use the -Algorithm parameter to pass the desired option.
I’ve listed the algorithms here in the format accepted by PowerShell.

Here is the oneliner with SHA1 for the algorithm:
If ((Get-FileHash .\filename.exe -Algorithm SHA1).hash -eq "3..f"){$True}

Quick reminder

MD5 and SHA1 are no longer considered secure, so where possible avoide them, in favour of the stronger SHA 2 options.

comments powered by Disqus