inyourbrowser.com

File Checksum

Drop any file to generate its checksum. Paste an expected hash to verify the file is intact and hasn't been tampered with. All hashing runs locally in your browser.

Drop a file

Drop any file here

or click to browse. All processing is local

ALGORITHM

DISPLAY

Drop any file to generate its checksum. Compare against a publisher's hash to verify integrity.

Processed locally

How it works

Your file is streamed into memory through the File API and then passed to crypto.subtle.digest with the algorithm you select (SHA-256 by default, with SHA-512 and SHA-1 also available). The resulting digest is displayed as a hex string ready to compare against the value published by the file's author. Paste a known good checksum into the verification field and the page highlights whether the two values match.

Processing runs in your browser

Your file is read directly by the browser. All hashing happens locally, our servers are not involved at any point. You can verify this yourselfin your browser's DevTools Network tab.

Technical specification

SHA-256 is specified in FIPS PUB 180-4 (NIST, 2015). SHA-256 produces a 256-bit (32-byte) digest encoded as 64 hexadecimal characters. Both are part of the SHA-2 family and remain approved for all security applications including TLS certificates, code signing, and HMAC construction.

Output size
256 bits (64 hex characters)
Standard
FIPS PUB 180-4 (NIST)
Browser API
SubtleCrypto.digest()
Security status
Approved, recommended for all uses

Related operations

For encoding the result as Base64 for transport, try Base64. To generate strong random secrets to hash, use the password generator. For random unique identifiers without a hash collision risk, see the UUID generator.

Frequently asked questions

What is a file checksum?
A checksum is a hash of a file's contents. If even one byte changes, the hash changes completely. You can compare a checksum to a value published by a software author to verify you downloaded the correct file.
Which algorithm should I use for verification?
Use whatever algorithm the publisher provides. SHA-256 is the most common today. Avoid MD5 and SHA-1 for security-sensitive verification.
Is my file uploaded anywhere?
All processing runs in your browser. The file is read using the File API and hashed with the SubtleCrypto API.
Is there a file size limit?
Files up to 10 MB are supported. The hash computes locally in your browser using the Web Crypto API for SHA variants, or a JavaScript implementation for MD5.

Related tools

Base64
Encode text or files to Base64, decode Base64, or convert images to data URIs.
UUID generator
Generate random UUID v4 values in bulk. Uses the browser's crypto API.
Password generator
Generate random, strong, or memorable passwords using your browser's crypto API.
JWT decoder
Decode JWT header and payload instantly. All inspection runs in your browser.