You would need to use a hashing algorithm that is not public and cryptographic in some way. Otherwise, a malicious actor can "pad" malware until it reaches a desired checksum and passes the whitelist.
This would also make it extremely difficult for software to be distributed and updated in the way it is currently on Mac and Windows.
