Stephen Harrison, M.Sc., CITP 🗓️ Updated ⏱️ — 📝 —

File Checksum and Signature Verifier

The File Checksum and Signature Verifier tool enables you to check the files you download are genuine and have not been tampered with. This is to give you assurance that the files you are using are genuine and free from misuse.

Follow the instructions below. Click the demo buttons to see what good results looks like. This is what you should expect when you test your own files. Remember to click or tap the rest button after running the demos. Enjoy, and please share.

File Checksum and Signature Verifier

Compute SHA-256 / SHA-1 / MD5 and (optionally) verify a detached signature with a vendor public key. Try the one-click demos to see good results.

Quick How-To

Choose your file and click Calculate to get SHA-256, SHA-1 and MD5.
Compare by pasting the vendor’s expected hash — you’ll see Match/Mismatch.
For signatures, paste the vendor’s public key (PEM/SPKI) and the detached signature, then click Verify Signature.

Demos use a tiny built-in sample (“eComputerZ demo file”). No data leaves your browser.

1) File & Checksums

File to verify

SHA-256

Computed

–

Expected

ResultPending

SHA-1

Computed

–

Expected

ResultPending

MD5 (uses Spark-MD5)

Computed

–

Expected

ResultPending

2) Signature Verification (Detached)

Algorithm

Public Key (PEM/SPKI)

Signature file (or paste below) Signature (Base64 or Hex)

Advanced

RSA-PSS saltLength

No verification attempted

This verifies raw detached signatures with a matching SPKI public key. GPG/PGP (.asc) or PKCS#7 (.p7s) are different formats.

Share

Facebook X Pinterest Reddit WhatsApp

twitter facebook pinterest

File Checksum and Signature Verifier

File Checksum and Signature Verifier

Quick How-To

1) File & Checksums

2) Signature Verification (Detached)

Articles of Interest