Checking the hash checksum of downloaded files can indicate if a file has been tampered with. Hash collisions are possible by intentionally manipulating a harmful file to look like the expected file. The simpler the hash function, the more likely hash collisions are–MD5 and SHA1 have demonstrated hash collisions. SHA256 is a popular SHA-2 hash function for which it is hard to generate collisons with today’s computing power.
Observe the SHA256 hash of an empty file:
If encountering this SHA256 hash on a downloaded file, perhaps the download failed in a way that wasn’t otherwise detected, or the server file is indeed empty. Using an “if” statement with this hash can be used to alert users to an empty file downloaded.