xref: /freebsd/sbin/md5/md5.1 (revision 448897d366c218f9fd6208427eef1e6dd51f78d0)
1.\" $FreeBSD$
2.Dd April 22, 2016
3.Dt MD5 1
4.Os
5.Sh NAME
6.Nm md5 , sha1 , sha256 , sha384 , sha512, sha512t256, rmd160
7.Nd calculate a message-digest fingerprint (checksum) for a file
8.Sh SYNOPSIS
9.Nm md5
10.Op Fl pqrtx
11.Op Fl c Ar string
12.Op Fl s Ar string
13.Op Ar
14.Nm sha1
15.Op Fl pqrtx
16.Op Fl c Ar string
17.Op Fl s Ar string
18.Op Ar
19.Nm sha256
20.Op Fl pqrtx
21.Op Fl c Ar string
22.Op Fl s Ar string
23.Op Ar
24.Nm sha384
25.Op Fl pqrtx
26.Op Fl c Ar string
27.Op Fl s Ar string
28.Op Ar
29.Nm sha512
30.Op Fl pqrtx
31.Op Fl c Ar string
32.Op Fl s Ar string
33.Op Ar
34.Nm sha512t256
35.Op Fl pqrtx
36.Op Fl c Ar string
37.Op Fl s Ar string
38.Op Ar
39.Nm rmd160
40.Op Fl pqrtx
41.Op Fl c Ar string
42.Op Fl s Ar string
43.Op Ar
44.Sh DESCRIPTION
45The
46.Nm md5 , sha1 , sha256 , sha384 , sha512, sha512t256
47and
48.Nm rmd160
49utilities take as input a message of arbitrary length and produce as
50output a
51.Dq fingerprint
52or
53.Dq message digest
54of the input.
55It is conjectured that it is computationally infeasible to
56produce two messages having the same message digest, or to produce any
57message having a given prespecified target message digest.
58The
59.Tn MD5 , SHA-1 , SHA-256 , SHA-384 , SHA-512
60and
61.Tn RIPEMD-160
62algorithms are intended for digital signature applications, where a
63large file must be
64.Dq compressed
65in a secure manner before being encrypted with a private
66(secret)
67key under a public-key cryptosystem such as
68.Tn RSA .
69.Pp
70.Tn MD5
71has been completely broken as far as finding collisions is
72concerned, and should not be relied upon to produce unique outputs.
73This also means that
74.Tn MD5
75should not be used as part of a cryptographic signature scheme.
76At the current time (2014-05-17) there is no publicly known method to
77.Dq reverse
78MD5, i.e., to find an input given a hash value.
79.Pp
80.Tn SHA-1
81currently (2014-05-17) has no known collisions, but an attack has been
82found which is faster than a brute-force search, placing the security of
83.Tn SHA-1
84in doubt.
85.Pp
86.Tn SHA-512t256
87is a version of
88.Tn SHA-512
89truncated to only 256 bits.
90On 64-bit hardware, this algorithm is approximately 50% faster than
91.Tn SHA-256
92but with the same level of security.
93The hashes are not interchangeable.
94.Pp
95It is recommended that all new applications use
96.Tn SHA-512
97instead of one of the other hash functions.
98.Pp
99The following options may be used in any combination and must
100precede any files named on the command line.
101The hexadecimal checksum of each file listed on the command line is printed
102after the options are processed.
103.Bl -tag -width indent
104.It Fl c Ar string
105Compare the digest of the file against this string.
106.Pq Note that this option is not yet useful if multiple files are specified.
107.It Fl s Ar string
108Print a checksum of the given
109.Ar string .
110.It Fl p
111Echo stdin to stdout and append the checksum to stdout.
112.It Fl q
113Quiet mode \(em only the checksum is printed out.
114Overrides the
115.Fl r
116option.
117.It Fl r
118Reverses the format of the output.
119This helps with visual diffs.
120Does nothing
121when combined with the
122.Fl ptx
123options.
124.It Fl t
125Run a built-in time trial.
126.It Fl x
127Run a built-in test script.
128.El
129.Sh EXIT STATUS
130The
131.Nm md5 , sha1 , sha256 , sha512, sha512t256
132and
133.Nm rmd160
134utilities exit 0 on success,
1351 if at least one of the input files could not be read,
136and 2 if at least one file does not have the same hash as the
137.Fl c
138option.
139.Sh SEE ALSO
140.Xr cksum 1 ,
141.Xr md5 3 ,
142.Xr ripemd 3 ,
143.Xr sha 3 ,
144.Xr sha256 3 ,
145.Xr sha384 3 ,
146.Xr sha512 3
147.Rs
148.%A R. Rivest
149.%T The MD5 Message-Digest Algorithm
150.%O RFC1321
151.Re
152.Rs
153.%A J. Burrows
154.%T The Secure Hash Standard
155.%O FIPS PUB 180-2
156.Re
157.Rs
158.%A D. Eastlake and P. Jones
159.%T US Secure Hash Algorithm 1
160.%O RFC 3174
161.Re
162.Pp
163RIPEMD-160 is part of the ISO draft standard
164.Qq ISO/IEC DIS 10118-3
165on dedicated hash functions.
166.Pp
167Secure Hash Standard (SHS):
168.Pa http://csrc.nist.gov/cryptval/shs.html .
169.Pp
170The RIPEMD-160 page:
171.Pa http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html .
172.Sh ACKNOWLEDGMENTS
173This program is placed in the public domain for free general use by
174RSA Data Security.
175.Pp
176Support for SHA-1 and RIPEMD-160 has been added by
177.An Oliver Eikemeier Aq Mt eik@FreeBSD.org .
178