I recently wanted to verify the hash of a file, named
setup.exe, that was provided in a GnuPG signature file, named
I used the PowerShell code below to verify the expected SHA-256 hash contained within the
setup.txt file against the actual hash of the
setup.exe file. You can use this script by modifying the first two lines for your needs, i.e. the filenames.
$exeFilename = "setup.exe"
$sigFilename = "setup.txt"
$algorithm = $algorithm = (cat $sigFilename | Select-String -Pattern "(?<=Hash: ).*$").Matches.Value.Trim()
$expectedFileHash = (cat $sigFilename | Select-String -Pattern "^.*(?=( $exeFilename))").Matches.Value
$actualFileHash = (Get-FileHash -Algorithm $algorithm $exeFilename).Hash.Trim()
($expectedFileHash -eq $actualFileHash) ? "Hashes match" : "Hashes do not match"
This code/script was modified from https://www.christopherkeim.com/post/verify-file-hash-with-powershell.
Note that the GnuPG signature file, i.e.
setup.txt, had the following format:
-----BEGIN PGP SIGNED MESSAGE-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
-----END PGP SIGNATURE-----
I also used regex help from:
- regex – Regular Expression to select everything before and up to a particular text – Stack Overflow.
- java – Getting the text that follows after the regex match – Stack Overflow