Skip to content
Security

ChecksumCheck

Cross-platform desktop app for calculating and verifying file checksums. Supports MD5, SHA1, SHA256, and SHA512 with drag-and-drop, one-click copying, and local-only processing.

TypeScriptTauri WindowsmacOSLinux

Verifying a download against a published hash shouldn’t mean firing up PowerShell and remembering the syntax. Drop a file into ChecksumCheck and it shows MD5, SHA1, SHA256 and SHA512 side by side, with a one-click copy for whichever you need. Everything is computed locally — the file never leaves your machine — so it’s fine for private data.

What it does

  • Calculates MD5, SHA1, SHA256, and SHA512 at the same time.
  • Accepts files through a picker or drag and drop.
  • Shows file size, creation date, and modification date.
  • Copies any hash with one click.
  • Runs on Windows, macOS, and Linux.
  • Processes files locally with no network upload.

When to use it

Use ChecksumCheck when you need to:

  • verify a downloaded file against a published checksum
  • compare two files by hash
  • confirm that a file did not change during transfer
  • record hashes for audit or support notes
  • inspect known test values while troubleshooting hashing code

Requirements

  • Windows, macOS, or Linux.
  • Read access to the target file.
  • Rust and Node.js only if building from source.

Install

Download the latest release from:

https://github.com/Swatto86/ChecksumCheck/releases

Run the desktop app and select or drop a file.

Verify a file

  1. Open ChecksumCheck.
  2. Drag the file into the window or choose it with the file picker.
  3. Wait for the hashes to calculate.
  4. Compare the relevant hash with the expected value.
  5. Use the copy button if you need to paste the value into a ticket, terminal, or release note.

Most modern release verification uses SHA256 or SHA512. MD5 and SHA1 are still useful for compatibility, but they are not recommended for proving authenticity against a malicious attacker.

Local-only processing

ChecksumCheck does not upload file contents. Hashing runs on the local machine through the Rust backend. This makes it safe to use with private files, provided the local machine itself is trusted.

Known hash examples

Empty file:

AlgorithmHash
MD5d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Use these values when checking whether a hashing tool or script is behaving correctly.

Build from source

git clone https://github.com/Swatto86/ChecksumCheck.git
cd checksumcheck
npm install
npm run tauri dev

Build:

npm run tauri build

Run tests:

npm test
cd src-tauri
cargo test

Troubleshooting

Hash differs from expected value

Confirm you selected the exact file, not an extracted copy, shortcut, partial download, or installer wrapper. Re-download the file if needed.

A very large file takes time

Hashing must read the full file. Large ISO, VM, backup, and archive files will take longer.

File cannot be opened

Check permissions and whether another process has the file locked.

  • GitHub: https://github.com/Swatto86/ChecksumCheck
  • Releases: https://github.com/Swatto86/ChecksumCheck/releases
← All tools