diff --git a/carl9170fw/toolchain/Makefile b/carl9170fw/toolchain/Makefile
index 23843a7eefaeaeb61bdb4006dc9bcafa37c3b04c..2b25ffe6b92b9117f68c90511d1e8eb6ed8b8874 100644
--- a/carl9170fw/toolchain/Makefile
+++ b/carl9170fw/toolchain/Makefile
@@ -12,16 +12,27 @@ GCC_TAR=gcc-$(GCC_VER).tar.bz2
 
 BASEDIR=$(shell pwd)
 
+define checksum
+@if grep -q '  $(subst .,\.,$(1))$$' SHA256SUMS; then			\
+	grep '  $(subst .,\.,$(1))$$' SHA256SUMS | sha256sum -c;	\
+else									\
+	echo "WARNING: no checksum defined for $(1)";			\
+fi
+endef
+
 all: gcc
 
 src/$(BINUTILS_TAR):
 	wget -P src $(BINUTILS_URL)
+	$(call checksum,$@)
 
 src/$(NEWLIB_TAR):
 	wget -P src $(NEWLIB_URL)
+	$(call checksum,$@)
 
 src/$(GCC_TAR):
 	wget -P src $(GCC_URL)
+	$(call checksum,$@)
 
 src/binutils-$(BINUTILS_VER): src/$(BINUTILS_TAR)
 	tar -C src -xjf $<
diff --git a/carl9170fw/toolchain/SHA256SUMS b/carl9170fw/toolchain/SHA256SUMS
new file mode 100644
index 0000000000000000000000000000000000000000..00c3911f449b753bcc407a2ddbee5cbca73abcc2
--- /dev/null
+++ b/carl9170fw/toolchain/SHA256SUMS
@@ -0,0 +1,3 @@
+6c7af8ed1c8cf9b4b9d6e6fe09a3e1d3d479fe63984ba8b9b26bf356b6313ca9  src/binutils-2.22.tar.bz2
+16093f6fa01732adf378d97fe338f113c933bdf56da22bf87c76beff13da406f  src/gcc-4.7.1.tar.bz2
+c644b2847244278c57bec2ddda69d8fab5a7c767f3b9af69aa7aa3da823ff692  src/newlib-1.20.0.tar.gz