1.\" $FreeBSD$ 2.Dd June 24, 2021 3.Dt MD5 1 4.Os 5.Sh NAME 6.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 , sha512t256 , rmd160 , 7.Nm skein256 , skein512 , skein1024 , 8.Nm md5sum , sha1sum , sha224sum , sha256sum , sha384sum , sha512sum , 9.Nm sha512t256sum , rmd160sum , skein256sum , skein512sum , skein1024sum 10.Nd calculate a message-digest fingerprint (checksum) for a file 11.Sh SYNOPSIS 12.Nm 13.Op Fl pqrtx 14.Op Fl c Ar string 15.Op Fl s Ar string 16.Op Ar 17.Pp 18.Nm md5sum 19.Op Fl pqrtx 20.Op Fl c Ar file 21.Op Fl s Ar string 22.Op Ar 23.Pp 24(All other hashes have the same options and usage.) 25.Sh DESCRIPTION 26The 27.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 , sha512t256 , rmd160 , 28.Nm skein256 , skein512 , 29and 30.Nm skein1024 31utilities take as input a message of arbitrary length and produce as 32output a 33.Dq fingerprint 34or 35.Dq message digest 36of the input. 37The 38.Nm md5sum , sha1sum , sha224sum , sha256sum , sha384sum , sha512sum , 39.Nm sha512t256sum , rmd160sum , skein256sum , skein512sum , 40and 41.Nm skein1024sum 42utilities do the same, but default to the reversed format of 43the 44.Fl r 45flag. 46It is conjectured that it is computationally infeasible to 47produce two messages having the same message digest, or to produce any 48message having a given prespecified target message digest. 49The SHA-224 , SHA-256 , SHA-384 , SHA-512, RIPEMD-160, 50and SKEIN 51algorithms are intended for digital signature applications, where a 52large file must be 53.Dq compressed 54in a secure manner before being encrypted with a private 55(secret) 56key under a public-key cryptosystem such as RSA. 57.Pp 58The MD5 and SHA-1 algorithms have been proven to be vulnerable to practical 59collision attacks and should not be relied upon to produce unique outputs, 60.Em nor should they be used as part of a cryptographic signature scheme. 61As of 2017-03-02, there is no publicly known method to 62.Em reverse 63either algorithm, i.e., to find an input that produces a specific 64output. 65.Pp 66SHA-512t256 is a version of SHA-512 truncated to only 256 bits. 67On 64-bit hardware, this algorithm is approximately 50% faster than SHA-256 but 68with the same level of security. 69The hashes are not interchangeable. 70.Pp 71It is recommended that all new applications use SHA-512 or SKEIN-512 72instead of one of the other hash functions. 73.Pp 74The following options may be used in any combination and must 75precede any files named on the command line. 76The hexadecimal checksum of each file listed on the command line is printed 77after the options are processed. 78.Bl -tag -width indent 79.It Fl b 80Ignored for compatibility with the coreutils 81.Nm -sum 82programs. 83.It Fl c Ar string 84If the program was called with a name that does not end in 85.Nm sum , 86compare the digest of the file against this string. 87.Pq Note that this option is not yet useful if multiple files are specified. 88.It Fl c Ar file 89If the program was called with a name that does end in 90.Nm sum , 91the file passed as argument must contain digest lines generated by the same digest algorithm 92with or without the 93.Fl r 94option 95.Pq i.e. in either classical BSD format or in GNU coreutils format . 96A line with file name followed by 97.Dq : 98and either OK or FAILED is written for each well-formed line in the digest file. 99If applicable, the number of failed comparisons and the number of lines that were 100skipped since they were not well-formed are printed at the end. 101The 102.Fl q 103option can be used to quiesce the output unless there are mismatched entries in 104the digest. 105.Pp 106.It Fl s Ar string 107Print a checksum of the given 108.Ar string . 109.It Fl p 110Echo stdin to stdout and append the checksum to stdout. 111.It Fl q 112Quiet mode \(em only the checksum is printed out. 113Overrides the 114.Fl r 115option. 116.It Fl r 117Reverses the format of the output. 118This helps with visual diffs. 119Does nothing 120when combined with the 121.Fl ptx 122options. 123.It Fl t 124Run a built-in time trial. 125For the 126.Nm -sum 127versions, this is a nop for compatibility with coreutils. 128.It Fl x 129Run a built-in test script. 130.El 131.Sh EXIT STATUS 132The 133.Nm md5 , sha1 , sha224 , sha256 , sha512 , sha512t256 , rmd160 , 134.Nm skein256 , skein512 , 135and 136.Nm skein1024 137utilities exit 0 on success, 1381 if at least one of the input files could not be read, 139and 2 if at least one file does not have the same hash as the 140.Fl c 141option. 142.Sh EXAMPLES 143Calculate the MD5 checksum of the string 144.Dq Hello . 145.Bd -literal -offset indent 146$ md5 -s Hello 147MD5 ("Hello") = 8b1a9953c4611296a827abf8c47804d7 148.Ed 149.Pp 150Same as above, but note the absence of the newline character in the input 151string: 152.Bd -literal -offset indent 153$ echo -n Hello | md5 1548b1a9953c4611296a827abf8c47804d7 155.Ed 156.Pp 157Calculate the checksum of multiple files reversing the output: 158.Bd -literal -offset indent 159$ md5 -r /boot/loader.conf /etc/rc.conf 160ada5f60f23af88ff95b8091d6d67bef6 /boot/loader.conf 161d80bf36c332dc0fdc479366ec3fa44cd /etc/rc.conf 162.Ed 163.Pp 164Write the digest for 165.Pa /boot/loader.conf 166in a file named 167.Pa digest . 168Then calculate the checksum again and validate it against the checksum string 169extracted from the 170.Pa digest 171file: 172.Bd -literal -offset indent 173$ md5 /boot/loader.conf > digest && md5 -c $(cut -f2 -d= digest) /boot/loader.conf 174MD5 (/boot/loader.conf) = ada5f60f23af88ff95b8091d6d67bef6 175.Ed 176.Pp 177Same as above but comparing the digest against an invalid string 178.Pq Dq randomstring , 179which results in a failure. 180.Bd -literal -offset indent 181$ md5 -c randomstring /boot/loader.conf 182MD5 (/boot/loader.conf) = ada5f60f23af88ff95b8091d6d67bef6 [ Failed ] 183.Ed 184.Pp 185If invoked with a name ending in 186.Nm -sum 187the 188.Fl c 189option does not compare against a hash string passed as parameter. 190Instead, it expects a digest file, as created under the name 191.Pa digest 192for 193.Pa /boot/loader.conf 194in the example above. 195.Bd -literal -offset indent 196$ md5 -c digest /boot/loader.conf 197/boot/loader.conf: OK 198.Ed 199.Pp 200The digest file may contain any number of lines in the format generated with or without the 201.Fl r 202option 203.Pq i.e. in either classical BSD format or in GNU coreutils format . 204If a hash value does not match the file, FAILED is printed instead of OK. 205.Sh SEE ALSO 206.Xr cksum 1 , 207.Xr md5 3 , 208.Xr ripemd 3 , 209.Xr sha 3 , 210.Xr sha256 3 , 211.Xr sha384 3 , 212.Xr sha512 3 , 213.Xr skein 3 214.Rs 215.%A R. Rivest 216.%T The MD5 Message-Digest Algorithm 217.%O RFC1321 218.Re 219.Rs 220.%A J. Burrows 221.%T The Secure Hash Standard 222.%O FIPS PUB 180-2 223.Re 224.Rs 225.%A D. Eastlake and P. Jones 226.%T US Secure Hash Algorithm 1 227.%O RFC 3174 228.Re 229.Pp 230RIPEMD-160 is part of the ISO draft standard 231.Qq ISO/IEC DIS 10118-3 232on dedicated hash functions. 233.Pp 234Secure Hash Standard (SHS): 235.Pa http://csrc.nist.gov/cryptval/shs.html . 236.Pp 237The RIPEMD-160 page: 238.Pa http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html . 239.Sh BUGS 240All of the utilities that end in 241.Sq sum 242are intended to be compatible with the GNU coreutils programs. 243However, the long option functionality is not provided. 244.Sh ACKNOWLEDGMENTS 245This program is placed in the public domain for free general use by 246RSA Data Security. 247.Pp 248Support for SHA-1 and RIPEMD-160 has been added by 249.An Oliver Eikemeier Aq Mt eik@FreeBSD.org . 250