Verifying the integrity of the distribution archive can be used to ensure the integrity of the distribution archive in that the distribution has not been tampered in a potential malicious manner with during transit.
Checksum files using the MD5 and SHA256 algorithms are provided for every product, namely the files MD5SUM or SHA256SUM. These can be obtained in the product distribution portal or by contacting support.
NOTE: Both of these files must be re-downloaded each time a new distribution is released, as they only contain the checksums of the distributions released up until the time of download.
Assuming one or both of the aforementioned files are in the same directory as a distribution archive, for example cfsl10.win64.eoe.zip the integrity of the latter can be verified using:
CertUtil -hashfile cfsl10.win64.eoe.zip MD5
CertUtil -hashfile cfsl10.win64.eoe.zip SHA256
Both of these should print a checksum that equals the one found in the MD5SUM or SHA256SUM for the given distribution filename.