How to check SHA-256 checksum on files?

Question

I know that you can use shasum -a 256 filename to create a SHA-256 checksum for a file, but how can one automate the check if known SHA-256 matches a file on a mac?

Since the Mac shell is zsh by default, but our CI runner uses bash, I want to know both versions (for local testing and for the ci).

You can compare two files for equality using `cmp`. BTW, why is this tagged _bash_ and _zsh_? Please make up your mind in which language you are going to write your script. — user1934428, Jan 24 '23 at 13:51

Iiro Alhonen · Accepted Answer · 2023-01-25T11:11:05.843

0

I figured it out!

Using the awk '{ print $1 }', you can omit the filename printed by shasum. This way you can write an easy if statement to check if the SHA checksums match.

zsh version

sha=$( shasum -a 256 filename | awk '{ print $1 }')
if [[ $sha == "known checksum" ]] {
  echo "sha matches"
} else {
  echo $sha "does not match the required: known checksum"
}

bash version

sha=$( shasum -a 256 filename | awk '{ print $1 }')
if [[ $sha == "known checksum" ]]
then
  echo "sha matches"
else
  echo $sha "does not match the required: known checksum"
fi

edited Jan 25 '23 at 11:11

answered Jan 24 '23 at 13:40

Iiro Alhonen

352
3
19

2

You don't need a pipe to awk, see https://stackoverflow.com/questions/72642521/bash-string-comparison-sha256sum#comment128318698_72642618. Also, don't use all upper case for non-exported variables, see [correct-bash-and-shell-script-variable-capitalization](https://stackoverflow.com/questions/673055/correct-bash-and-shell-script-variable-capitalization). – Ed Morton Jan 24 '23 at 13:47

How to check SHA-256 checksum on files?

1 Answers1