Checks a file's checksum versus a passed checksum and checksum type.


Get-ChecksumValid `
  -File <String> `
  [-Checksum <String>] `
  [-ChecksumType <String>] `
  [-OriginalUrl <String>] `
  [-IgnoredArguments <Object[]>] [<CommonParameters>]


Makes a determination if a file meets an expected checksum signature.
This function is usually used when comparing a file that is downloaded
from an official distribution point. If the checksum fails to match the
expected output, this function throws an error.

Checksums have been used for years as a means of verification. A
checksum hash is a unique value or signature that corresponds to the
contents of a file. File names and extensions can be altered without
changing the checksum signature. However if you changed the contents of
the file, even one character, the checksum will be different.

Checksums are used to provide as a means of cryptographically ensuring
the contents of a file have not been changed. While some cryptographic
algorithms, including MD5 and SHA1, are no longer considered secure
against attack, the goal of a checksum algorithm is to make it
extremely difficult (near impossible with better algorithms) to alter
the contents of a file (whether by accident or for malicious reasons)
and still result in the same checksum signature.

When verifying a checksum using a secure algorithm, if the checksum
matches the expected signature, the contents of the file are identical
to what is expected.


This uses the checksum.exe tool available separately at

Options that affect checksum verification:

Features that affect checksum verification:





Get-ChecksumValid -File $fileFullPath -CheckSum $checksum -ChecksumType $checksumType






-File <String>

The full path to a binary file that is checksummed and compared to the
passed Checksum parameter value.

Property Value
Required? true
Position? 1
Default Value
Accept Pipeline Input? false

-Checksum [<String>]

The expected checksum hash value of the File resource. The checksum
type is covered by ChecksumType.

NOTE: Checksums in packages are meant as a measure to validate the
originally intended file that was used in the creation of a package is
the same file that is received at a future date. Since this is used for
other steps in the process related to the community repository, it
ensures that the file a user receives is the same file a maintainer
and a moderator (if applicable), plus any moderation review has
intended for you to receive with this package. If you are looking at a
remote source that uses the same url for updates, you will need to
ensure the package also stays updated in line with those remote
resource updates. You should look into automatic packaging
to help provide that functionality.

NOTE: To determine checksums, you can get that from the original
site if provided. You can also use the checksum tool available on
the [community feed](
(choco install checksum)
and use it e.g. checksum -t sha256 -f path\to\file. Ensure you
provide checksums for all remote resources used.

Property Value
Required? false
Position? 2
Default Value
Accept Pipeline Input? false

-ChecksumType [<String>]

The type of checkum that the file is validated with - 'md5', 'sha1',
'sha256' or 'sha512' - defaults to 'md5'.

MD5 is not recommended as certain organizations need to use FIPS
compliant algorithms for hashing - see for more details.

The recommendation is to use at least SHA256.

Property Value
Required? false
Position? 3
Default Value md5
Accept Pipeline Input? false

-OriginalUrl [<String>]

Property Value
Required? false
Position? 4
Default Value
Accept Pipeline Input? false

-IgnoredArguments [<Object[]>]

Allows splatting with arguments that do not apply. Do not use directly.

Property Value
Required? false
Position? named
Default Value
Accept Pipeline Input? false


This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see about_CommonParameters .

Function Reference

NOTE: This documentation has been automatically generated from Import-Module "$env:ChocolateyInstall\helpers\chocolateyInstaller.psm1" -Force; Get-Help Get-ChecksumValid -Full.

View the source for Get-ChecksumValid