Comment 6 for bug 1100295

No. apt uses the archive’s SHA-256 hashes to verify packages when they are initially downloaded, but debsums is for re-checking the installed files after installation, and the only currently available per-file hashes are MD5.

See https://wiki.debian.org/Sha256sumsInPackages for some prior work in this area (though it has seen essentially no updates for five years).