1.\" $FreeBSD$ 2.Dd April 22, 2016 3.Dt MD5 1 4.Os 5.Sh NAME 6.Nm md5 , sha1 , sha256 , sha384 , sha512, sha512t256, rmd160 7.Nd calculate a message-digest fingerprint (checksum) for a file 8.Sh SYNOPSIS 9.Nm md5 10.Op Fl pqrtx 11.Op Fl c Ar string 12.Op Fl s Ar string 13.Op Ar 14.Nm sha1 15.Op Fl pqrtx 16.Op Fl c Ar string 17.Op Fl s Ar string 18.Op Ar 19.Nm sha256 20.Op Fl pqrtx 21.Op Fl c Ar string 22.Op Fl s Ar string 23.Op Ar 24.Nm sha384 25.Op Fl pqrtx 26.Op Fl c Ar string 27.Op Fl s Ar string 28.Op Ar 29.Nm sha512 30.Op Fl pqrtx 31.Op Fl c Ar string 32.Op Fl s Ar string 33.Op Ar 34.Nm sha512t256 35.Op Fl pqrtx 36.Op Fl c Ar string 37.Op Fl s Ar string 38.Op Ar 39.Nm rmd160 40.Op Fl pqrtx 41.Op Fl c Ar string 42.Op Fl s Ar string 43.Op Ar 44.Sh DESCRIPTION 45The 46.Nm md5 , sha1 , sha256 , sha384 , sha512, sha512t256 47and 48.Nm rmd160 49utilities take as input a message of arbitrary length and produce as 50output a 51.Dq fingerprint 52or 53.Dq message digest 54of the input. 55It is conjectured that it is computationally infeasible to 56produce two messages having the same message digest, or to produce any 57message having a given prespecified target message digest. 58The 59.Tn MD5 , SHA-1 , SHA-256 , SHA-384 , SHA-512 60and 61.Tn RIPEMD-160 62algorithms are intended for digital signature applications, where a 63large file must be 64.Dq compressed 65in a secure manner before being encrypted with a private 66(secret) 67key under a public-key cryptosystem such as 68.Tn RSA . 69.Pp 70.Tn MD5 71has been completely broken as far as finding collisions is 72concerned, and should not be relied upon to produce unique outputs. 73This also means that 74.Tn MD5 75should not be used as part of a cryptographic signature scheme. 76At the current time (2014-05-17) there is no publicly known method to 77.Dq reverse 78MD5, i.e., to find an input given a hash value. 79.Pp 80.Tn SHA-1 81currently (2014-05-17) has no known collisions, but an attack has been 82found which is faster than a brute-force search, placing the security of 83.Tn SHA-1 84in doubt. 85.Pp 86.Tn SHA-512t256 87is a version of 88.Tn SHA-512 89truncated to only 256 bits. 90On 64-bit hardware, this algorithm is approximately 50% faster than 91.Tn SHA-256 92but with the same level of security. 93The hashes are not interchangeable. 94.Pp 95It is recommended that all new applications use 96.Tn SHA-512 97instead of one of the other hash functions. 98.Pp 99The following options may be used in any combination and must 100precede any files named on the command line. 101The hexadecimal checksum of each file listed on the command line is printed 102after the options are processed. 103.Bl -tag -width indent 104.It Fl c Ar string 105Compare the digest of the file against this string. 106.Pq Note that this option is not yet useful if multiple files are specified. 107.It Fl s Ar string 108Print a checksum of the given 109.Ar string . 110.It Fl p 111Echo stdin to stdout and append the checksum to stdout. 112.It Fl q 113Quiet mode \(em only the checksum is printed out. 114Overrides the 115.Fl r 116option. 117.It Fl r 118Reverses the format of the output. 119This helps with visual diffs. 120Does nothing 121when combined with the 122.Fl ptx 123options. 124.It Fl t 125Run a built-in time trial. 126.It Fl x 127Run a built-in test script. 128.El 129.Sh EXIT STATUS 130The 131.Nm md5 , sha1 , sha256 , sha512, sha512t256 132and 133.Nm rmd160 134utilities exit 0 on success, 1351 if at least one of the input files could not be read, 136and 2 if at least one file does not have the same hash as the 137.Fl c 138option. 139.Sh SEE ALSO 140.Xr cksum 1 , 141.Xr md5 3 , 142.Xr ripemd 3 , 143.Xr sha 3 , 144.Xr sha256 3 , 145.Xr sha384 3 , 146.Xr sha512 3 147.Rs 148.%A R. Rivest 149.%T The MD5 Message-Digest Algorithm 150.%O RFC1321 151.Re 152.Rs 153.%A J. Burrows 154.%T The Secure Hash Standard 155.%O FIPS PUB 180-2 156.Re 157.Rs 158.%A D. Eastlake and P. Jones 159.%T US Secure Hash Algorithm 1 160.%O RFC 3174 161.Re 162.Pp 163RIPEMD-160 is part of the ISO draft standard 164.Qq ISO/IEC DIS 10118-3 165on dedicated hash functions. 166.Pp 167Secure Hash Standard (SHS): 168.Pa http://csrc.nist.gov/cryptval/shs.html . 169.Pp 170The RIPEMD-160 page: 171.Pa http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html . 172.Sh ACKNOWLEDGMENTS 173This program is placed in the public domain for free general use by 174RSA Data Security. 175.Pp 176Support for SHA-1 and RIPEMD-160 has been added by 177.An Oliver Eikemeier Aq Mt eik@FreeBSD.org . 178