[poizan42]

The correct order is hash then encrypt, exactly so you can't do that. Now I don't know if FileVault is doing this correctly, but hopefully it does.

Edit: So two people have downvoted me without explanation. Is what I'm saying wrong?

[slaymaker1907]

You could also hash, encrypt, then hash again if you wanted extra integrity without decrypting. This is technically done with HTTPS through the TCP hash.

[mdekkers]

two people have downvoted me without explanation

Sadly, that is the new normal for HN (and, I'll be downvoted for saying something like this)

[maaaats]

You can't unhash, so you could never retrieve the original file again.

[poizan42]

What do you mean? You obviously store the encrypted file together with the encrypted hash.

[maaaats]

Then I guess me and the downvoters thought you meant hashing the files for encryption :)