xref: /freebsd/sbin/md5/md5.1 (revision 72ee91fed4cfdcfbfb767cc166370b40e50d446a) 
1.Dd February 13, 2024
2.Dt MD5 1
3.Os
4.Sh NAME
5.Nm md5 , sha1 , sha224 , sha256 , sha384 ,
6.Nm sha512 , sha512t224 , sha512t256 ,
7.Nm rmd160 , skein256 , skein512 , skein1024 ,
8.Nm md5sum , sha1sum , sha224sum , sha256sum , sha384sum ,
9.Nm sha512sum , sha512t224sum , sha512t256sum ,
10.Nm rmd160sum , skein256sum , skein512sum , skein1024sum ,
11.Nm shasum
12.Nd calculate a message-digest fingerprint (checksum) for a file
13.Sh SYNOPSIS
14.Nm
15.Op Fl pqrtx
16.Op Fl c Ar string
17.Op Fl s Ar string
18.Op Ar
19.Pp
20.Nm md5sum
21.Op Fl bctwz
22.Op Fl -binary
23.Op Fl -check
24.Op Fl -help
25.Op Fl -ignore-missing
26.Op Fl -quiet
27.Op Fl -status
28.Op Fl -strict
29.Op Fl -tag
30.Op Fl -text
31.Op Fl -version
32.Op Fl -warn
33.Op Fl -zero
34.Op Ar
35.Pp
36(All other hashes have the same options and usage.)
37.Pp
38.Nm shasum
39.Op Fl 0bchqstUvw
40.Op Fl -01
41.Op Fl a | -algorithm Ar alg
42.Op Fl -binary
43.Op Fl -check
44.Op Fl -help
45.Op Fl -ignore-missing
46.Op Fl -quiet
47.Op Fl -status
48.Op Fl -strict
49.Op Fl -tag
50.Op Fl -text
51.Op Fl -UNIVERSAL
52.Op Fl -version
53.Op Fl -warn
54.Op Ar
55.Sh DESCRIPTION
56The
57.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 , sha512t224 , sha512t256 ,
58.Nm rmd160 , skein256 , skein512 ,
59and
60.Nm skein1024
61utilities take as input a message of arbitrary length and produce as
62output a
63.Dq fingerprint
64or
65.Dq message digest
66of the input.
67.Pp
68The
69.Nm md5sum , sha1sum , sha224sum , sha256sum , sha384sum , sha512sum ,
70.Nm sha512t224sum , sha512t256sum , rmd160sum , skein256sum , skein512sum ,
71and
72.Nm skein1024sum
73utilities do the same, but with command-line options and an output
74format that match those of their similary named GNU utilities.
75.Pp
76The
77.Nm shasum
78utility does the same, but with command-line options and an output
79format that match those of the similarly named utility that ships with
80Perl.
81.Pp
82In all cases, each file listed on the command line is processed separately.
83If no files are listed on the command line, or a file name is given as
84.Pa - ,
85input is taken from stdin instead.
86.Pp
87It is conjectured that it is computationally infeasible to
88produce two messages having the same message digest, or to produce any
89message having a given prespecified target message digest.
90The SHA-224 , SHA-256 , SHA-384 , SHA-512, RIPEMD-160,
91and SKEIN
92algorithms are intended for digital signature applications, where a
93large file must be
94.Dq compressed
95in a secure manner before being encrypted with a private
96(secret)
97key under a public-key cryptosystem such as RSA.
98.Pp
99The MD5 and SHA-1 algorithms have been proven to be vulnerable to practical
100collision attacks and should not be relied upon to produce unique outputs,
101.Em nor should they be used as part of a cryptographic signature scheme.
102As of 2017-03-02, there is no publicly known method to
103.Em reverse
104either algorithm, i.e., to find an input that produces a specific
105output.
106.Pp
107SHA-512t256 is a version of SHA-512 truncated to only 256 bits.
108On 64-bit hardware, this algorithm is approximately 50% faster than SHA-256 but
109with the same level of security.
110The hashes are not interchangeable.
111.Pp
112SHA-512t224 is identical to SHA-512t256, but with the digest truncated
113to 224 bits.
114.Pp
115It is recommended that all new applications use SHA-512 or SKEIN-512
116instead of one of the other hash functions.
117.Ss BSD OPTIONS
118The following options are available in BSD mode, i.e. when the program
119is invoked with a name that does not end in
120.Dq sum :
121.Bl -tag -width indent
122.It Fl c Ar string , Fl -check= Ns Ar string
123Compare the digest of the file against this string.
124If combined with the
125.Fl q
126or
127.Fl -quiet
128option, the calculated digest is printed in addition to the exit status being set.
129.Pq Note that this option is not yet useful if multiple files are specified.
130.It Fl p , -passthrough
131Echo stdin to stdout and append the checksum to stdout.
132.It Fl q , -quiet
133Quiet mode \(em only the checksum is printed out.
134Overrides the
135.Fl r
136or
137.Fl -reverse
138option.
139.It Fl r , -reverse
140Reverses the format of the output.
141This helps with visual diffs.
142Does nothing
143when combined with the
144.Fl ptx
145options.
146.It Fl s Ar string , Fl -string= Ns Ar string
147Print a checksum of the given
148.Ar string .
149.It Fl t , Fl -time-trial
150Run a built-in time trial.
151For the
152.Nm -sum
153versions, this is a nop for compatibility with coreutils.
154.It Fl x , Fl -self-test
155Run a built-in test script.
156.El
157.Ss GNU OPTIONS
158The following options are available in GNU mode, i.e. when the program
159is invoked with a name that ends in
160.Dq sum :
161.Bl -tag -width indent
162.It Fl b , Fl -binary
163Read files in binary mode.
164.It Fl c , Fl -check
165The file passed as arguments must contain digest lines generated by the same
166digest algorithm in either classical BSD format or in GNU coreutils format.
167A line with the file name followed by a colon
168.Dq ":"
169and either OK or FAILED is written for each well-formed line in the digest file.
170If applicable, the number of failed comparisons and the number of lines that were
171skipped since they were not well-formed are printed at the end.
172The
173.Fl -quiet
174option can be used to quiesce the output unless there are mismatched entries in
175the digest.
176.It Fl -help
177Print a usage message and exit.
178.It Fl -ignore-missing
179When verifying checksums, ignore files for which checksums are given
180but which aren't found on disk.
181.It Fl -quiet
182When verifying checksums, do not print anything unless the
183verification fails.
184.It Fl -status
185When verifying checksums, do not print anything at all.
186The exit code will reflect whether verification succeeded.
187.It Fl -strict
188When verifying checksums, fail if the input is malformed.
189.It Fl -tag
190Produce BSD-style output.
191.It Fl t , Fl -text
192Read files in text mode.
193This is the default.
194Note that this implementation does not differentiate between binary
195and text mode.
196.It Fl -version
197Print version information and exit.
198.It Fl w , Fl -warn
199When verifying checksums, warn about malformed input.
200.It Fl z , Fl -zero
201Terminate output lines with NUL rather than with newline.
202.El
203.Ss PERL OPTIONS
204The following options are available in Perl mode, i.e. when the program
205is invoked with the name
206.Dq shasum :
207.Bl -tag -width indent
208.It Fl 0 , Fl -01
209Read files in bits mode: ASCII
210.Sq 0
211and
212.Sq 1
213characters correspond to 0 and 1 bits, respectively, and all other
214characters are ignored.
215See
216.Sx BUGS .
217.It Fl a Ar alg , Fl -algorithm Ar alg
218Use the specified algorithm:
219.Dq 1
220for SHA-1 (default),
221.Dq xxx
222for
223.Va xxx Ns -bit
224SHA-2 (e.g.
225.Dq 256
226for SHA-256)
227or
228.Dq xxxyyy
229for
230.Va xxx Ns -bit
231SHA-2 truncated to
232.Va yyy
233bits (e.g.
234.Dq 512224
235for SHA-512/224).
236.It Fl b , Fl -binary
237Read files in binary mode.
238.It Fl c , Fl -check
239The file passed as arguments must contain digest lines generated by the same
240digest algorithm in either classical BSD format or in GNU coreutils format.
241A line with the file name followed by a colon
242.Dq ":"
243and either OK or FAILED is written for each well-formed line in the digest file.
244If applicable, the number of failed comparisons and the number of lines that were
245skipped since they were not well-formed are printed at the end.
246The
247.Fl -quiet
248option can be used to quiesce the output unless there are mismatched entries in
249the digest.
250.It Fl -help
251Print a usage message and exit.
252.It Fl -ignore-missing
253When verifying checksums, ignore files for which checksums are given
254but which aren't found on disk.
255.It Fl -quiet
256When verifying checksums, do not print anything unless the
257verification fails.
258.It Fl -status
259When verifying checksums, do not print anything at all.
260The exit code will reflect whether verification succeeded.
261.It Fl -strict
262When verifying checksums, fail if the input is malformed.
263.It Fl -tag
264Produce BSD-style output.
265.It Fl t , Fl -text
266Read files in text mode.
267This is the default.
268Note that this implementation does not differentiate between binary
269and text mode.
270.It Fl U , Fl -UNIVERSAL
271Read files in universal mode: any CR-LF pair, as well as any CR not
272followed by LF, is translated to LF before the digest is computed.
273.It Fl -version
274Print version information and exit.
275.It Fl w , Fl -warn
276When verifying checksums, warn about malformed input.
277.El
278.Sh EXIT STATUS
279The
280.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 ,
281.Nm sha512t224 , sha512t256 ,
282.Nm rmd160 , skein256 , skein512 ,
283and
284.Nm skein1024
285utilities exit 0 on success,
2861 if at least one of the input files could not be read,
287and 2 if at least one file does not have the same hash as the
288.Fl c
289option.
290.Pp
291The
292.Nm md5sum , sha1sum , sha224sum , sha256sum , sha384sum , sha512sum ,
293.Nm sha512t224sum , sha512t256sum ,
294.Nm rmd160 , skein256 , skein512 , skein1024
295and
296.Nm shasum
297utilities exit 0 on success and 1 if at least one of the input files
298could not be read or, when verifying checksums, does not have the
299expected checksum.
300.Sh EXAMPLES
301Calculate the MD5 checksum of the string
302.Dq Hello .
303.Bd -literal -offset indent
304$ md5 -s Hello
305MD5 ("Hello") = 8b1a9953c4611296a827abf8c47804d7
306.Ed
307.Pp
308Same as above, but note the absence of the newline character in the input
309string:
310.Bd -literal -offset indent
311$ echo -n Hello | md5
3128b1a9953c4611296a827abf8c47804d7
313.Ed
314.Pp
315Calculate the checksum of multiple files reversing the output:
316.Bd -literal -offset indent
317$ md5 -r /boot/loader.conf /etc/rc.conf
318ada5f60f23af88ff95b8091d6d67bef6 /boot/loader.conf
319d80bf36c332dc0fdc479366ec3fa44cd /etc/rc.conf
320.Ed
321.Pp
322This is almost but not quite identical to the output from GNU mode:
323.Bd -literal -offset indent
324$ md5sum /boot/loader.conf /etc/rc.conf
325ada5f60f23af88ff95b8091d6d67bef6  /boot/loader.conf
326d80bf36c332dc0fdc479366ec3fa44cd  /etc/rc.conf
327.Ed
328.Pp
329Note the two spaces between hash and file name.
330If binary mode is requested, they are instead separated by a space and
331an asterisk:
332.Bd -literal -offset indent
333$ md5sum -b /boot/loader.conf /etc/rc.conf
334ada5f60f23af88ff95b8091d6d67bef6 */boot/loader.conf
335d80bf36c332dc0fdc479366ec3fa44cd */etc/rc.conf
336.Ed
337.Pp
338Write the digest for
339.Pa /boot/loader.conf
340in a file named
341.Pa digest .
342Then calculate the checksum again and validate it against the checksum string
343extracted from the
344.Pa digest
345file:
346.Bd -literal -offset indent
347$ md5 /boot/loader.conf > digest && md5 -c $(cut -f2 -d= digest) /boot/loader.conf
348MD5 (/boot/loader.conf) = ada5f60f23af88ff95b8091d6d67bef6
349.Ed
350.Pp
351Same as above but comparing the digest against an invalid string
352.Pq Dq randomstring ,
353which results in a failure.
354.Bd -literal -offset indent
355$ md5 -c randomstring /boot/loader.conf
356MD5 (/boot/loader.conf) = ada5f60f23af88ff95b8091d6d67bef6 [ Failed ]
357.Ed
358.Pp
359In GNU mode, the
360.Fl c
361option does not compare against a hash string passed as parameter.
362Instead, it expects a digest file, as created under the name
363.Pa digest
364for
365.Pa /boot/loader.conf
366in the example above.
367.Bd -literal -offset indent
368$ md5 -c digest /boot/loader.conf
369/boot/loader.conf: OK
370.Ed
371.Pp
372The digest file may contain any number of lines in the format
373generated in either BSD or GNU mode.
374If a hash value does not match the file,
375.Dq FAILED
376is printed instead of
377.Dq OK .
378.Sh SEE ALSO
379.Xr cksum 1 ,
380.Xr md5 3 ,
381.Xr ripemd 3 ,
382.Xr sha 3 ,
383.Xr sha256 3 ,
384.Xr sha384 3 ,
385.Xr sha512 3 ,
386.Xr skein 3
387.Rs
388.%A R. Rivest
389.%T The MD5 Message-Digest Algorithm
390.%O RFC1321
391.Re
392.Rs
393.%A J. Burrows
394.%T The Secure Hash Standard
395.%O FIPS PUB 180-2
396.Re
397.Rs
398.%A D. Eastlake and P. Jones
399.%T US Secure Hash Algorithm 1
400.%O RFC 3174
401.Re
402.Pp
403RIPEMD-160 is part of the ISO draft standard
404.Qq ISO/IEC DIS 10118-3
405on dedicated hash functions.
406.Pp
407Secure Hash Standard (SHS):
408.Pa https://www.nist.gov/publications/secure-hash-standard-shs
409.Pp
410The RIPEMD-160 page:
411.Pa https://homes.esat.kuleuven.be/~bosselae/ripemd160.html
412.Sh BUGS
413In bits mode, the original
414.Nm shasum
415script is capable of processing inputs of arbitrary length.
416This implementation is not, and will issue an error if the input
417length is not a multiple of eight bits.
418.Sh ACKNOWLEDGMENTS
419.An -nosplit
420This utility was originally derived from a program which was placed in
421the public domain for free general use by RSA Data Security.
422.Pp
423Support for SHA-1 and RIPEMD-160 was added by
424.An Oliver Eikemeier Aq Mt eik@FreeBSD.org .
425.Pp
426Support for SHA-2 was added by
427.An Colin Percival Aq Mt cperciva@FreeBSD.org
428and
429.An Allan Jude Aq Mt allanjude@FreeBSD.org .
430.Pp
431Support for SKEIN was added by
432.An Allan Jude Aq Mt allanjude@FreeBSD.org .
433.Pp
434Compatibility with GNU coreutils was added by
435.An Warner Losh Aq Mt imp@FreeBSD.org
436and much expanded by
437.An Dag-Erling Sm\(/orgrav Aq Mt des@FreeBSD.org ,
438who also added Perl compatibility.
439