TIL = Things, or Today I Learned

An experiment in Learning in Public.

Home

Powershell - check hash of downloaded file

When downloading files, such as those attached to a github release, most have hashes. After downloading the file, how do I check that the hash of a file I'm downloading is valid?

An example I'll use are the packer binary files. The releases folder for Version 1.8.4 contains the binaries as well the packer_1.8.4_SHA256SUMS file.

  • Download the binary for your platform. I downloaded packer_1.8.4_windows_386.zip in C:\var\tmp
  • Download packer_1.8.4_SHA256SUMS. Open it and paste the checksum that corresponds to the binary you downloaded to the first line in the snippet below.
  • In Powershell console, navigate to C:\var\tmp and paste each line in the console.
$Hash='523ad3fef34be9a5e29f58fd6ba68f38e3df5832f8f6a39ba73f2e9715e3bc24';
$Alg='SHA256'
$DownloadedFileName='packer_1.8.4_windows_386.zip';

if((Get-FileHash -Path $DownloadedFileName -Algorithm $Alg).Hash.ToUpper() -ne $Hash.ToUpper() { 
    throw 'Computed checksum did not match';
}

Change the $Hash value. Re-running the If check fails because the values don't match.

Improvements

Integrate it with Powershell - web requests for file downloadsPowershell - web requests for file downloads
How do I download a remote file via an API that also expects an auth Token?

$DownloadedFile = "C:\tmp\filename.zip";

$Url = "https://path/"

$headers = @{
'Accept' = 'application/octet-stream...
in such a way that if the checksum check fails, the files is immediately deleted.