Hi,

Theres atleast this command (quote from Command Reference)

 verify 
 To verify the checksum of a file, use the verify command in privileged EXEC mode. 
verify path 
verify /[md5 path [md5-value] | sha-512] signature 
 Syntax Description

 
 /md5 
 (Optional) Calculates and displays the MD5 value for the specified  software image. Compare this value with the value available on Cisco.com  for this image. 
 md5-value 
 (Optional) The known MD5 value for the specified image. When an MD5  value is specified in the command, the system will calculate the MD5  value for the specified image and display a message verifying that the  MD5 values match or that there is a mismatch. 
 path 
 •disk0:/[path/]filename 
 This option is only available for the ASA, and indicates the internal Flash memory. You can also use flash instead of disk0; they are aliased. 
 •disk1:/[path/]filename 
 This option is only available for the ASA, and indicates the external Flash memory card. 
 •flash:/[path/]filename 
 This option indicates the internal Flash card. For the ASA, flash is an alias for disk0. 
 •ftp://[user[:password]@]server[:port]/[path/]filename[;type=xx] 
 The type can be one of the following keywords: 
 –ap—ASCII passive mode 
 –an—ASCII normal mode 
 –ip—(Default) Binary passive mode 
 –in—Binary normal mode 
 •http[s]://[user[:password]@]server[:port]/[path/]filename 
 •tftp://[user[:password]@]server[:port]/[path/]filename[;int=interface_name] 
 Specify the interface name if you want to override the route to the server address. 
 The pathname cannot include spaces. If a pathname has spaces, set the path in the tftp-server command instead of in the verify command. 
 /sha-512 
 (Optional) Calculates and displays the SHA-512 value for the specified  software image. Compare this value with the value available on Cisco.com  for this image. 
 signature 
 Specifies an optional hexadecimal string. If specified, the signature  embedded in the image is compared to the signature provided. 
 
 Defaults 
 The current flash device is the default file system. 
 Note When you specify the /md5 option, you can use a network file, such as ftp, http and tftp as the source. The verify command without the /md5 option only lets you verify local images in Flash. 
 Command Modes 
 The following table shows the modes in which you can enter the command: 

 
 Command Mode 
 
 Firewall Mode 
 
 Security Context 
 
 Routed 
 
 Transparent 
 
 Single 
 
 Multiple 
 
 Context 
 
 System 
 
 Privileged EXEC 
 • 
 • 
 • 
 — 
 • 
 Command History

 
 Release 
 
 Modification 
 
 7.2(1) 
 This command was introduced. 
 8.4(4.1) 
 The /sha-256 option was added. 
 
 Usage Guidelines 
 Use the verify command to verify the checksum of a file before using it. 
 Each software image that is distributed on disk uses a single checksum  for the entire image. This checksum is displayed only when the image is  copied into Flash memory; it is not displayed when the image file is  copied from one disk to another. 
 Before loading or duplicating a new image, record the checksum and MD5  information for the image so that you can verify the checksum when you  copy the image into Flash memory or onto a server. A variety of image  information is available on Cisco.com. 
 To display the contents of Flash memory, use the show flash command. The Flash contents listing does not include the checksum of  individual files. To recompute and verify the image checksum after the  image has been copied into Flash memory, use the verify command. Note, however, that the verify command only performs a check on the integrity of the file after it has  been saved in the file system. It is possible for a corrupt image to be  transferred to the security appliance and saved in the file system  without detection. If a corrupt image is transferred successfully to the  security appliance, the software will be unable to tell that the image  is corrupted and the file will verify successfully. 
 To use the message-digest5 (MD5) hash algorithm to ensure file validation, use the verify command with the /md5 option. MD5 is an algorithm (defined in RFC 1321) that is used to  verify data integrity through the creation of a unique 128-bit message  digest. The /md5 option of the verify command allows you to check the integrity of the security appliance  software image by comparing its MD5 checksum value against a known MD5  checksum value for the image. MD5 values are now made available on  Cisco.com for all security appliance software images for comparison  against local system image values. 
 To perform the MD5 integrity check, issue the verify command using the /md5 keyword. For example, issuing the verify /md5 flash:cdisk.bin command  will calculate and display the MD5 value for the software image.  Compare this value with the value available on Cisco.com for this image. 
 Alternatively, you can get the MD5 value from Cisco.com first, then  specify this value in the command syntax. For example, issuing the verify /md5 flash:cdisk.bin 8b5f3062c4cacdbae72571440e962233 command will display a message verifying that the MD5 values match or  that there is a mismatch. A mismatch in MD5 values means that either the  image is corrupt or the wrong MD5 value was entered. 
 If neither MD5 nor SHA-512 is specified, a SHA-512 based integrity check  is performed on Version 8.4(4.1) images and later, and an MD5-based  integrity check is performed on Version 8.4(3) images and earlier. 
 Examples 
 The following example shows the verify command used on an image file called cdisk.bin. Some of the text was removed for clarity: 
hostname# verify cdisk.bin


 

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!Done!


 

Embedded Hash MD5: af5a155f3d5c128a271282c33277069b


 

Computed Hash MD5: af5a155f3d5c128a271282c33277069b


 

CCO Hash      MD5: b569fff8bbf8087f355aaf22ef46b782


 

Signature Verified


 

Verified disk0:/cdisk.bin


 

hostname# 

-  Jouni