How to use Git Bash terminal on Windows to validate sha256 hash of a downloaded file?

Question

How to use Git Bash terminal on Windows to validate sha256 hash of a downloaded file? as in PHP versions for example.

Answer 1

The easiest way to validate sha256 hash of a file in Git Bash terminal is like this:

# Go to the directory in which the downloaded file exists
cd /path/to/directory/

# Validate sha256 hash of the file
sha256sum name_of_the_file

This will print, in the terminal, the sha256 hash of the file and you can then compare it to the original hash that exists in the website which you've downloaded the file from.

For example, you can download any PHP version from here: php.net/download and validate its sha256 hash like mentioned above.

Another method to validate is like this:

echo "the_original_sha256sum_of_the_file the_name_of_the_file" | sha256sum -c

Example:

echo "2a1468ab5dd540beb161d7b388ed2d80e2515ab112244b08ac201f5bf846d052 php-7.3.23-Win32-VC15-x64.zip" | sha256sum -c

If the sha256 hash of the file is valid, the next line (containing the file name followed by the word OK) will be printed in the terminal:

php-7.3.23-Win32-VC15-x64.zip: OK

And if you have a sha256sum file, you can validate the downloaded file like this:

sha256sum -c name_of_the_sha256sum_file

For example, if you downloaded, any version of these phpMyAdmin versions along with its sha256 file, then you can validate the file according to the above method like this:

sha256sum -c phpMyAdmin-5.0.2-english.zip.sha256

This will print the next line which means that the file is valid:

phpMyAdmin-5.0.2-english.zip: OK

Note that you can use sha1sum instead of sha256sum according to your needs.