SHA256 File Hash Values And How To Check Them (Raspberry Pi / Mac OS X / PowerShell)

Image showing SHA-256 value

Imagine that you are a software company and host an awesome free piece of software. One day your site is hacked and the download file for your software is replaced with a malicious version of the software. It might be days (or longer!) before you notice. Or what if someone is intercepting traffic and altering files as the end customer is downloading them. How would your customers know that the file they are downloading is malicious?

Step in file hashes. On creation the hash value of the file is worked out and if there are any changes to the file then the hash value changes. So if the hash value is different to the original this indicates a change in the file or that the file is not what it seems.

You may have already seen a hash value when downloading software. For example, if you head over to the Raspbian download page you may notice that the downloads have SHA256 values listed underneath them. Each one of these hash values is different.

Image showing SHA-256 value
Notice the SHA-256 value

The Raspbian Buster Lite download has a SHA-256 hash value of 9e5cf24ce483bb96e7736ea75ca422e3560e7b455eee63dd28f66fa1825db70e. Now that we know to look for a hash value we need to know how to check it.

Download the file, in this case 2019-07-10-raspbian-lite.zip but do not open it! Before opening the file we want to check its SHA-256 value to make sure it is safe to use.

Raspbian (Linux)

Use terminal and navigate to where the file is located. Type:

sha256sum 2019-07-10-raspbian-buster-lite.zip

geektechstuff_sha256sum_3
sha256sum on Raspbian

After a few moments a value should return and this should match the value on the Raspbian download page.

Mac OS X

Use terminal and navigate to where the file is located. Type:

openssl sha256 2019-07-10-raspbian-buster-lite.zip

geektechstuff_sha256sum_2
openssl sha256 on Mac OS X

After a few moments a value should return and this should match the value on the Raspbian download page.

PowerShell (Windows)

Use PowerShell and navigate to where the file is located. Type:

Get-FileHash .\2019-07-10-raspbian-buster-lite.zip

 

Get-FileHash in PowerShell
Get-FileHash in PowerShell

This option also works in PowerShell Core for Mac OS X or Linux.

What If The Values Don’t Match?

If the values don’t match (i.e. if the Raspbian page displays a different value to the one your file has) then it is a different file. This could be due to the file being updated or changed on the server, being altered during transfer or being corrupted.

Changing The Value

The hash value changes any time the file is edited. So if a zip file was extracted, a new file added or a config file edited, and then it was all compressed (zipped) again it would have a different hash value.

Want to know more? Check out:

https://en.wikipedia.org/wiki/File_verification

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.