1.\" $FreeBSD$ 2.Dd June 29, 2021 3.Dt MD5 1 4.Os 5.Sh NAME 6.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 , sha512t256 , rmd160 , 7.Nm skein256 , skein512 , skein1024 , 8.Nm md5sum , sha1sum , sha224sum , sha256sum , sha384sum , sha512sum , 9.Nm sha512t256sum , rmd160sum , skein256sum , skein512sum , skein1024sum 10.Nd calculate a message-digest fingerprint (checksum) for a file 11.Sh SYNOPSIS 12.Nm 13.Op Fl pqrtx 14.Op Fl c Ar string 15.Op Fl s Ar string 16.Op Ar 17.Pp 18.Nm md5sum 19.Op Fl pqrtx 20.Op Fl c Ar file 21.Op Fl s Ar string 22.Op Ar 23.Pp 24(All other hashes have the same options and usage.) 25.Sh DESCRIPTION 26The 27.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 , sha512t256 , rmd160 , 28.Nm skein256 , skein512 , 29and 30.Nm skein1024 31utilities take as input a message of arbitrary length and produce as 32output a 33.Dq fingerprint 34or 35.Dq message digest 36of the input. 37The 38.Nm md5sum , sha1sum , sha224sum , sha256sum , sha384sum , sha512sum , 39.Nm sha512t256sum , rmd160sum , skein256sum , skein512sum , 40and 41.Nm skein1024sum 42utilities do the same, but default to the reversed format of 43the 44.Fl r 45flag. 46It is conjectured that it is computationally infeasible to 47produce two messages having the same message digest, or to produce any 48message having a given prespecified target message digest. 49The SHA-224 , SHA-256 , SHA-384 , SHA-512, RIPEMD-160, 50and SKEIN 51algorithms are intended for digital signature applications, where a 52large file must be 53.Dq compressed 54in a secure manner before being encrypted with a private 55(secret) 56key under a public-key cryptosystem such as RSA. 57.Pp 58The MD5 and SHA-1 algorithms have been proven to be vulnerable to practical 59collision attacks and should not be relied upon to produce unique outputs, 60.Em nor should they be used as part of a cryptographic signature scheme. 61As of 2017-03-02, there is no publicly known method to 62.Em reverse 63either algorithm, i.e., to find an input that produces a specific 64output. 65.Pp 66SHA-512t256 is a version of SHA-512 truncated to only 256 bits. 67On 64-bit hardware, this algorithm is approximately 50% faster than SHA-256 but 68with the same level of security. 69The hashes are not interchangeable. 70.Pp 71It is recommended that all new applications use SHA-512 or SKEIN-512 72instead of one of the other hash functions. 73.Pp 74The following options may be used in any combination and must 75precede any files named on the command line. 76The hexadecimal checksum of each file listed on the command line is printed 77after the options are processed. 78.Bl -tag -width indent 79.It Fl b 80Make the 81.Nm -sum 82programs separate hash and digest with a blank followed by an asterisk instead 83of by 2 blank characters for full compatibility with the output generated by the 84coreutils versions of these programs. 85.It Fl c Ar string 86If the program was called with a name that does not end in 87.Nm sum , 88compare the digest of the file against this string. 89.Pq Note that this option is not yet useful if multiple files are specified. 90.It Fl c Ar file 91If the program was called with a name that does end in 92.Nm sum , 93the file passed as argument must contain digest lines generated by the same 94digest algorithm with or without the 95.Fl r 96option 97.Pq i.e. in either classical BSD format or in GNU coreutils format . 98A line with the file name followed by a colon 99.Dq ":" 100and either OK or FAILED is written for each well-formed line in the digest file. 101If applicable, the number of failed comparisons and the number of lines that were 102skipped since they were not well-formed are printed at the end. 103The 104.Fl q 105option can be used to quiesce the output unless there are mismatched entries in 106the digest. 107.Pp 108.It Fl s Ar string 109Print a checksum of the given 110.Ar string . 111.It Fl p 112Echo stdin to stdout and append the checksum to stdout. 113.It Fl q 114Quiet mode \(em only the checksum is printed out. 115Overrides the 116.Fl r 117option. 118.It Fl r 119Reverses the format of the output. 120This helps with visual diffs. 121Does nothing 122when combined with the 123.Fl ptx 124options. 125.It Fl t 126Run a built-in time trial. 127For the 128.Nm -sum 129versions, this is a nop for compatibility with coreutils. 130.It Fl x 131Run a built-in test script. 132.El 133.Sh EXIT STATUS 134The 135.Nm md5 , sha1 , sha224 , sha256 , sha512 , sha512t256 , rmd160 , 136.Nm skein256 , skein512 , 137and 138.Nm skein1024 139utilities exit 0 on success, 1401 if at least one of the input files could not be read, 141and 2 if at least one file does not have the same hash as the 142.Fl c 143option. 144.Sh EXAMPLES 145Calculate the MD5 checksum of the string 146.Dq Hello . 147.Bd -literal -offset indent 148$ md5 -s Hello 149MD5 ("Hello") = 8b1a9953c4611296a827abf8c47804d7 150.Ed 151.Pp 152Same as above, but note the absence of the newline character in the input 153string: 154.Bd -literal -offset indent 155$ echo -n Hello | md5 1568b1a9953c4611296a827abf8c47804d7 157.Ed 158.Pp 159Calculate the checksum of multiple files reversing the output: 160.Bd -literal -offset indent 161$ md5 -r /boot/loader.conf /etc/rc.conf 162ada5f60f23af88ff95b8091d6d67bef6 /boot/loader.conf 163d80bf36c332dc0fdc479366ec3fa44cd /etc/rc.conf 164.Pd 165The 166.Nm -sum 167variants put 2 blank characters between hash and file name for full compatibility 168with the coreutils versions of these commands. 169.Ed 170.Pp 171Write the digest for 172.Pa /boot/loader.conf 173in a file named 174.Pa digest . 175Then calculate the checksum again and validate it against the checksum string 176extracted from the 177.Pa digest 178file: 179.Bd -literal -offset indent 180$ md5 /boot/loader.conf > digest && md5 -c $(cut -f2 -d= digest) /boot/loader.conf 181MD5 (/boot/loader.conf) = ada5f60f23af88ff95b8091d6d67bef6 182.Ed 183.Pp 184Same as above but comparing the digest against an invalid string 185.Pq Dq randomstring , 186which results in a failure. 187.Bd -literal -offset indent 188$ md5 -c randomstring /boot/loader.conf 189MD5 (/boot/loader.conf) = ada5f60f23af88ff95b8091d6d67bef6 [ Failed ] 190.Ed 191.Pp 192If invoked with a name ending in 193.Nm -sum 194the 195.Fl c 196option does not compare against a hash string passed as parameter. 197Instead, it expects a digest file, as created under the name 198.Pa digest 199for 200.Pa /boot/loader.conf 201in the example above. 202.Bd -literal -offset indent 203$ md5 -c digest /boot/loader.conf 204/boot/loader.conf: OK 205.Ed 206.Pp 207The digest file may contain any number of lines in the format generated with or without the 208.Fl r 209option 210.Pq i.e. in either classical BSD format or in GNU coreutils format . 211If a hash value does not match the file, FAILED is printed instead of OK. 212.Sh SEE ALSO 213.Xr cksum 1 , 214.Xr md5 3 , 215.Xr ripemd 3 , 216.Xr sha 3 , 217.Xr sha256 3 , 218.Xr sha384 3 , 219.Xr sha512 3 , 220.Xr skein 3 221.Rs 222.%A R. Rivest 223.%T The MD5 Message-Digest Algorithm 224.%O RFC1321 225.Re 226.Rs 227.%A J. Burrows 228.%T The Secure Hash Standard 229.%O FIPS PUB 180-2 230.Re 231.Rs 232.%A D. Eastlake and P. Jones 233.%T US Secure Hash Algorithm 1 234.%O RFC 3174 235.Re 236.Pp 237RIPEMD-160 is part of the ISO draft standard 238.Qq ISO/IEC DIS 10118-3 239on dedicated hash functions. 240.Pp 241Secure Hash Standard (SHS): 242.Pa http://csrc.nist.gov/cryptval/shs.html . 243.Pp 244The RIPEMD-160 page: 245.Pa http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html . 246.Sh BUGS 247All of the utilities that end in 248.Sq sum 249are intended to be compatible with the GNU coreutils programs. 250However, the long option functionality is not provided. 251.Sh ACKNOWLEDGMENTS 252This program is placed in the public domain for free general use by 253RSA Data Security. 254.Pp 255Support for SHA-1 and RIPEMD-160 has been added by 256.An Oliver Eikemeier Aq Mt eik@FreeBSD.org . 257