Skip to main content
L
Loopaloo
Buy Us a Coffee
All ToolsImage ProcessingAudio ProcessingVideo ProcessingDocument & TextPDF ToolsCSV & Data AnalysisConverters & EncodersWeb ToolsMath & ScienceGames
Guides & BlogAboutContact
Buy Us a Coffee
L
Loopaloo

Free online tools for developers, designers, and content creators. All processing happens entirely in your browser - your files never leave your device. No uploads, no accounts, complete privacy.

support@loopaloo.com

Tool Categories

  • Image Tools
  • Audio Tools
  • Video Tools
  • Document & Text
  • PDF Tools
  • CSV & Data
  • Converters
  • Web Tools
  • Math & Science
  • Games

Company

  • About Us
  • Contact
  • Blog
  • FAQ

Legal

  • Privacy Policy
  • Terms of Service
  • Disclaimer

Support

Buy Us a Coffee

© 2026 Loopaloo. All rights reserved. Built with privacy in mind.

Privacy|Terms|Disclaimer
  1. Home
  2. Converters & Encoders
  3. Checksum Calculator
Add to favorites

Checksum Calculator

Calculate file checksums and verify integrity (MD5, SHA-1, SHA-256)

Upload a file and calculate its checksum using MD5, SHA-1, or SHA-256. Compare it against an expected value to verify the file has not been corrupted or altered during download or transfer.

Runs locally in your browserMore converters & encodersJump to full guide

Related reading

  • Hash Functions Explained: MD5, SHA-256, and When to Use Each14 min read

Initializing in your browser…

You might also like

Hash Generator

Generate MD5, SHA1, SHA256, SHA384, SHA512 hashes from text

SRI Hash Generator

Generate Subresource Integrity (SRI) hashes for scripts and stylesheets. Protect against CDN compromise and tampering

Base64 Encoder/Decoder

Encode and decode text or files to/from Base64

An example conversion

You burned an ISO to a USB stick and want to confirm it is bit-for-bit identical to the source before booting it.

File

ubuntu-24.04.iso (selected locally)
Checksum Calculator produces

Checksums

CRC32:   8f3a1b2c
MD5:     b1946ac92492d2347c6235b4d2611184
SHA-256: 9f86d081884c7d659a2feaa0c55ad015…

The file is read in your browser and reduced to checksums you compare against the values the publisher posted; any mismatch means corruption or tampering. CRC32 catches accidental transmission errors cheaply, while SHA-256 is the one to trust for integrity. The file never leaves your machine.

What this calculator does

Upload a file and calculate its checksum using MD5, SHA-1, or SHA-256. Compare it against an expected value to verify the file has not been corrupted or altered during download or transfer.

How it works

The Checksum Calculator computes cryptographic file hashes entirely in your browser using the Web Crypto API (crypto.subtle.digest), reading the file into an ArrayBuffer with the browser's FileReader so nothing is uploaded to a server, which matters when you are checking a multi-gigabyte ISO or disk image. It offers four algorithms, all SHA-family: SHA-1 (160-bit, flagged with a deprecation warning), SHA-256 (256-bit, the default and marked as the recommended standard), SHA-384, and SHA-512. There is deliberately no MD5 option, since SubtleCrypto does not implement it; if a download page only publishes an MD5 sum you cannot verify it here. A progress bar tracks the work in two halves, roughly 0 to 50 percent as the file is read and 50 to 100 percent while the digest is computed.

The tool has four modes. Calculate hashes a single dropped or browsed file and shows the hex digest with a copy button; switching the algorithm while a file is loaded automatically recomputes it. Verify lets you paste a publisher's expected checksum into a text box and renders a green 'Match!' or red 'Mismatch!' verdict; before comparing, the expected value is normalized by lowercasing it and stripping all whitespace, so trailing newlines or a copied 'SHA256 (file) = ...' fragment with spaces will not cause a false mismatch, but you must still pick the same algorithm the publisher used. Compare hashes two files in parallel (via Promise.all) and reports 'Identical!' or 'Different!' to confirm two copies are bit-for-bit equal. Batch adds many files at once, hashes them sequentially, flags any files that share a checksum under a 'Duplicates Found!' heading, and exports a checksums-{algorithm}.txt file in the standard 'hash␣␣filename' sha256sum format.

Understanding the threat model is important: a matching SHA-1 (or any single hash) only proves the file was not corrupted in transit or storage; SHA-1 is collision-broken, so it does not protect against a deliberate attacker, which is why the interface marks SHA-1 with a warning and SHA-256 with a checkmark. A SHA-256 (or stronger SHA-384/SHA-512) value obtained over an HTTPS connection is the meaningfully tamper-resistant check. When Verify reports a mismatch, the usual causes are choosing the wrong algorithm (a SHA-256 file against a published MD5 or SHA-1 sum will never match), an incomplete or corrupted download, a text file whose line endings changed when it was re-saved, or genuine tampering. The File Info panel shown alongside Calculate and Verify lists the file's name, size, MIME type, and last-modified date so you can confirm you grabbed the right file before trusting the verdict.

Examples

  • Verify a downloaded Linux ISO

    Switch to Verify mode, select SHA-256, drop the .iso file (read locally, never uploaded), paste the publisher's expected SHA-256 from their HTTPS page, and click Verify Checksum for a green Match or red Mismatch verdict.

  • Confirm two files are identical

    Use Compare mode to load File 1 and File 2; the tool hashes both in parallel and reports 'Identical!' or 'Different!', useful for checking a backup copy is bit-for-bit equal to the original.

How to use

  1. 1Upload the file you want to verify.
  2. 2Select the checksum algorithm.
  3. 3Paste the expected checksum to compare (optional).
  4. 4The tool highlights whether the values match.

Key features

  • MD5, SHA-1, and SHA-256 support
  • Drag-and-drop file upload
  • Side-by-side comparison with an expected checksum
  • Match/mismatch indicator
  • Processes files locally, nothing is uploaded to a server

Tips & best practices

  • Pick the same algorithm the publisher used before pasting an expected checksum in Verify mode - a SHA-256 hash will never match an MD5 or SHA-1 sum, and this tool has no MD5 option at all.
  • In Verify mode you can paste the checksum with surrounding spaces or newlines; the value is lowercased and whitespace-stripped before comparison, so a copied fragment still works.
  • Use Batch mode's duplicate detection to find identical files in a folder: it groups files by matching checksum and lists them under 'Duplicates Found!'.
  • Export from Batch mode produces a checksums-{algorithm}.txt in the standard sha256sum 'hash␣␣filename' format, which command-line tools like sha256sum -c can read back.

Where this fits

  • Verifying software downloads

    Confirm that a downloaded ISO, installer, or archive matches the hash published by the developer.

  • Data transfer validation

    Ensure a file sent via email or cloud storage arrived intact by comparing checksums on both ends.

Frequently asked questions

Which algorithm should I use?

Use whichever algorithm the file publisher provides. SHA-256 is the most common choice for modern software verification.

How is this different from the hash generator?

The checksum calculator is focused on file verification with a comparison feature. The hash generator is broader, supporting text input and multiple simultaneous algorithms.

Related tools and how they differ

  • Hash Generator: Hashes typed text and does keyed HMAC, hash comparison, and password-strength checks; use it for strings and message authentication, not files.
  • SRI Hash Generator: Builds the base64 integrity attribute and crossorigin script/link snippet for web pages; use it to lock down a CDN asset, not to verify a local download.

Further reading

  • Hash Functions Explained: MD5, SHA-256, and When to Use Each14 min read

Private by design

Conversions run on your device in JavaScript. The values you enter are never sent over the network.