
CalHash is a free Mac utility from Titanium Software that generates and compares cryptographic checksums for any file, letting you verify data integrity in seconds without touching the Terminal.
What is CalHash?
CalHash is a native macOS application that computes file fingerprints using algorithms such as MD5, SHA-1, SHA-256, and SHA-512, then lets you compare those fingerprints against a known checksum to confirm a file arrived intact. It sits in the same category of trust-but-verify tools that every serious Mac user eventually reaches for — the kind you install once and keep forever.
Titanium Software, the French indie shop behind the long-running OnyX maintenance suite, built CalHash with the same philosophy: no subscription, no telemetry, no fluff. Drop a file in, get a hash, move on with your day.
What does CalHash do best?
CalHash excels at making checksum verification feel effortless. The workflow is drag-and-drop: pull a file onto the window, choose your algorithm from the toolbar, and the digest appears almost instantly for anything short of a multi-gigabyte image. For larger files CalHash shows a live progress indicator, so you're never staring at a frozen interface wondering whether it crashed.
The comparison feature is where it earns its keep. Paste a reference hash from a download page, and CalHash highlights whether the two strings match — green for clean, red for mismatch. No manual character-by-character eyeballing, no awk one-liners. I've used this constantly when pulling OS installers and developer disk images from third-party mirrors where supply-chain risk is real.
- Multiple algorithms in one UI: MD5, SHA-1, SHA-256, SHA-512 — select from a menu, no separate commands needed.
- Drag-and-drop: works from Finder, your browser's downloads stack, or a mounted disk image.
- Instant visual comparison: paste the expected hash and get a clear pass/fail indicator.
- Lightweight footprint: written in native Cocoa; it launches faster than a Terminal window.
Is CalHash free?
Yes — CalHash is completely free to download and use. Titanium Software distributes it directly from their site and via Homebrew Cask with no purchase, trial period, or hidden upsell. If you want to support the developer, Titanium Software accepts voluntary donations on their website.
Who should use CalHash?
CalHash is indispensable for anyone who regularly downloads large binary files — OS installers, virtual machine images, developer SDKs, or archived backups — and needs to confirm those files haven't been tampered with or corrupted in transit. Security-conscious users who already know what SHA-256 means will find it a pleasant alternative to memorizing the shasum flags. Developers distributing their own software will also find it useful for generating the reference hashes they post alongside release artifacts.
If you only ever download files from iCloud or the Mac App Store and never touch a .dmg from a developer's own server, CalHash may sit unused. But if you live anywhere near a download page that shows a checksum next to a "Download" button, this tool pays for itself in the first use.
What are the best CalHash alternatives?
CalHash's closest GUI rivals are Hashsum (Mac App Store, free) and Checksum+. Both cover the same core algorithms and drag-and-drop workflow. For Terminal purists, macOS ships shasum and md5 built-in, which cover every algorithm CalHash supports — but you lose the instant visual comparison and the clean UI. QuickHashGUI is a cross-platform option that adds recursive folder hashing and file-to-file comparison, useful if you're auditing entire directory trees rather than individual files. For most casual verification tasks, though, CalHash's simplicity beats all of them on time-to-result.
How does CalHash compare to using Terminal?
The Terminal approach — shasum -a 256 ~/Downloads/SomeInstaller.dmg — is perfectly capable, but it demands you remember the right flag for each algorithm, copy-paste the output manually, and visually diff two 64-character hex strings. CalHash handles all three friction points: the algorithm picker replaces flag memorization, the paste field captures your reference hash, and the color-coded result replaces manual comparison. For a daily-driver workflow the difference is small; for someone who verifies files occasionally and can't remember whether SHA-256 is -a 256 or -256, CalHash removes every excuse not to check.