Generate a Hash Value from an Attached File

To ensure the integrity of a file, checksums can be created. These are also called hash values. There are different algorithms for this available, such as SHA, MD5, etc. The dotNET offers with its System.Security.Cryptography namspace a wide range of possibilities to use different types hash values easily.

Here a tiny code snippet to build an SHA512 of a file:


System.Security.Cryptography.SHA512 sha512 = System.Security.Cryptography.SHA512.Create();
System.IO.FileStream stream = File.OpenRead(inFileName);
byte[] hash = sha512.ComputeHash(stream);
outHash = BitConverter.ToString(hash).Replace("-", String.Empty).ToLower();


This provides a very simple way to check the integrity of a file used in the context of an automation workflow at runtime.

Due to the hard coding of the hash value in the automation workflow, it is necessary to change it as well when making adjustments to the attached file. If all files, e.g. like VBS, PS1, BAT or CMD, are part of the automation package, secures this type of integrity check against possible manipulation, because then a change must be made in two places in the runtime environment. That doesn’t make it impossible, but it does make it more difficult.