HashCalc Pro

HashCalc Pro for macOS®. Last updated: April 25, 2026.

One file in, every digest out. HashCalc Pro is a native macOS hashing app for developers, security teams, IT staff, and anyone who needs to verify file integrity. Give it a file, text string, or raw hex payload and it computes up to 68 cryptographic and non-cryptographic hashes in one streaming pass, including SHA-1/2/3, SHAKE, BLAKE2, BLAKE3, KangarooTwelve, Skein, RIPEMD, Tiger, Whirlpool, GOST-94, Streebog, SM3, eD2k, xxHash, CRC, MurmurHash3, FNV, and more.

HashCalc can save and re-verify portable .hash sidecars, query VirusTotal by hash, and format results for documentation, code, or CI workflows. Files are processed locally in a sandboxed app. No account, telemetry, analytics, backend upload, or background network activity is used. The only network request is the VirusTotal hash lookup you explicitly start.

Built for Apple Silicon

HashCalc Pro ships as native arm64 for Apple Silicon Macs (M1 and newer) - no Rosetta or translation layer.

• Hardware-accelerated SHA. SHA-1, SHA-256, SHA-384, and SHA-512 use Apple's CryptoKit and CommonCrypto frameworks, which map to ARMv8 cryptography extensions on M-series chips.
• Single streaming pass. Large files are read once in 8 MB chunks. Enabled algorithms share the same buffer and run concurrently across CPU cores.
• Hardware CRC and SIMD paths. CRC32 uses ARM hardware CRC instructions, CRC64 uses PMULL carry-less multiply, and selected algorithms use NEON SIMD fast paths.
• Efficient file processing. Double-buffered reads overlap disk I/O with hash computation for better throughput on large files.
• Lean implementation. HashCalc uses Apple frameworks where available and compact vendored C implementations for algorithms Apple does not provide.

Algorithms with Apple Silicon fast paths use them automatically. The rest still run as native arm64 code, without emulation.

Who it's for

• Developers and release engineers - Verify artifacts against published digests, batch algorithms in one run, and copy output in the format your docs or CI expect.
• Security and IT teams - Generate MD5, SHA-1, and SHA-256 for triage, run optional VirusTotal hash lookups, and save sidecars for repeatable verification.
• Anyone validating downloads or archives - Confirm installers, disk images, backups, and large files against known-good digests.

What it actually does

• One read, many digests. Pick your algorithms once. HashCalc reads the input a single time and feeds each chunk to every enabled hasher in parallel.
• Three input modes. File (including drag-and-drop), plain text, or raw hex byte string.
• Find hash. Search results by algorithm name or by hex digits anywhere in a digest.
• HMAC support. Supported algorithms can use an HMAC key, optionally stored in the macOS Keychain®.
• Fast selection. Shift-click any algorithm toggle to turn the entire default set on or off.

Algorithms (68)

• SHA: SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256
• SHA-3 / Keccak / XOF: SHA3-224, SHA3-256, SHA3-384, SHA3-512, Keccak-256, SHAKE128, SHAKE256, KangarooTwelve (KT128)
• Legacy crypto digests: MD2, MD4, MD5
• RIPEMD: 128, 160, 256, 320
• Tiger: 128/160/192 in both 3-pass and 4-pass, TTH (Tiger Tree Hash)
• BLAKE: BLAKE2b-256, BLAKE2b-512, BLAKE2s-256, BLAKE3
• Skein: Skein-256, Skein-512, Skein-1024
• DSTU 7564 (Kupyna): DSTU7564-256, DSTU7564-384, DSTU7564-512
• SHA-3 finalists: Grøstl-256, Grøstl-512, JH-256, JH-512
• Other crypto: Whirlpool, Panama, GOST-94, GOST-94-CryptoPro, Streebog-256, Streebog-512, SM3, eD2k
• Checksums and fast hashes: Adler-32, CRC-32, CRC-32B, CRC-32C, CRC-64 (ECMA), xxHash32, xxHash64, xxHash128, XXH3-64, MurmurHash3 (A / C / F), FNV-1 and FNV-1a (32 and 64), Jenkins one-at-a-time

Hex output formatting

Results render in hexadecimal with layout controls for docs, CI logs, source code, or manifests:

• Letter case: all upper, all lower, high-nibble upper (Ab), or low-nibble upper (aB).
• Byte layout: plain, colon-separated, comma + space, C-style { 0x.., 0x.. }, array [0x.., 0x..], or custom.
• Custom layout: set a digest prefix/suffix plus per-byte prefix, separator, and suffix.

.hash sidecar files

Saving writes a JSON sidecar next to the source or to a folder you choose. Each sidecar records:

• The algorithm → hex digest map for every enabled hash in that run.
• An HMAC key fingerprint (not the key itself) when HMAC was used, so later verifications can check you're using the same secret.
• Generator metadata (app version, build flavor, ISO timestamps).
• A portable, tilde-abbreviated source path, such as ~/Desktop/file.txt.

To verify later, drop the .hash file onto HashCalc. The app re-reads the original source, recomputes every stored hash, and reports per-algorithm match or mismatch. If the stored source is not reachable under the current sandbox grant, HashCalc asks you to locate it.

VirusTotal (optional)

Use your own VirusTotal API key. The key is stored in the macOS Keychain, not plain preferences.

• Hash-only lookups. HashCalc sends MD5, SHA-1, or SHA-256 to VirusTotal's /files/{hash} endpoint over HTTPS. File bytes are never sent.
• Color-coded toast. The status toast is tinted by VirusTotal's detection verdict - green (no risk), amber (low), orange (medium), red (high), deep red (critical).
• Clear status line: VT Detections: [3/72] → Low Risk.
• Auto-lookup after calculation and detections dialog are opt-in.
• Rate limits. HashCalc enforces VirusTotal's public-tier limits locally. A Use paid/org account toggle skips local throttling for premium keys.

Inside the app

• Main - source input, HMAC key, algorithm toggles, searchable results, progress, Calculate / VirusTotal / Write / Verify buttons.
• Theme - appearance mode (light, dark, system), font family picker over any installed font with a filter field, font size 11–22 pt, accent color and primary text color (with reset).
• Options - keep window on top, quit-confirmation dialog, .hash output folder, toast durations, hex output format, VirusTotal key and behavior.
• Stats - totals, throughput, per-algorithm runs and timings, actions, and time-wasted tracker.
• Credits - acknowledgments for the algorithms, references, and components behind the app.

Privacy-first. Always.

HashCalc Pro is designed around a simple rule: do not share anything the user did not explicitly choose to share. That is why the app has no telemetry, analytics, ads, hidden uploads, or developer-operated backend.

• Sandboxed by design. The app reads only the files and folders you select. Access persists across launches using standard macOS security-scoped bookmarks, fully under your control.
• No account required. No sign-in, telemetry, analytics, ads, anonymized tracking, or aggregated metrics.
• No background network activity. The only network request is a VirusTotal hash lookup that you explicitly initiate. Only the hash is sent, never the file itself.
• Minimal Keychain usage. At most, two optional items may be stored: your HMAC secret and your VirusTotal API key. Both remain under your control and can be removed at any time.
• No dark patterns. Features that would compromise these guarantees are excluded, not hidden behind settings.

See the privacy policy for itemized commitments.

Actively developed, shaped by your feedback

HashCalc Pro ships frequent updates, tracked in the changelog. Many improvements come from user reports, feature requests, and workflow feedback.

Use the support form to report issues, request algorithms, suggest formatting options, or flag usability problems.

Requirements

macOS 15 (Sequoia) or later. Apple Silicon (M1 or newer) required. Distributed exclusively on the Mac® App Store®.

Official distribution only

HashCalc Pro is available exclusively through the Mac App Store. There are no third-party downloads, direct DMGs, GitHub releases, or legitimate "cracked" or "patched" builds.

Treat any copy obtained outside the Mac App Store as untrusted. Use the App Store link on this site or search for HashCalc Pro directly in the Mac App Store. You can also verify the installed app binary against the published release hash.