xref: /freebsd/sbin/md5/md5.1 (revision 93a065e7496dfbfbd0a5b0208ef763f37ea975c7) 
1.\" $FreeBSD$
2.Dd January 7, 2017
3.Dt MD5 1
4.Os
5.Sh NAME
6.Nm md5 , sha1 , sha256 , sha384 , sha512 , sha512t256 , rmd160 ,
7.Nm skein256 , skein512 , skein1024
8.Nd calculate a message-digest fingerprint (checksum) for a file
9.Sh SYNOPSIS
10.Nm md5
11.Op Fl pqrtx
12.Op Fl c Ar string
13.Op Fl s Ar string
14.Op Ar
15.Nm sha1
16.Op Fl pqrtx
17.Op Fl c Ar string
18.Op Fl s Ar string
19.Op Ar
20.Nm sha256
21.Op Fl pqrtx
22.Op Fl c Ar string
23.Op Fl s Ar string
24.Op Ar
25.Nm sha384
26.Op Fl pqrtx
27.Op Fl c Ar string
28.Op Fl s Ar string
29.Op Ar
30.Nm sha512
31.Op Fl pqrtx
32.Op Fl c Ar string
33.Op Fl s Ar string
34.Op Ar
35.Nm sha512t256
36.Op Fl pqrtx
37.Op Fl c Ar string
38.Op Fl s Ar string
39.Op Ar
40.Nm rmd160
41.Op Fl pqrtx
42.Op Fl c Ar string
43.Op Fl s Ar string
44.Op Ar
45.Nm skein256
46.Op Fl pqrtx
47.Op Fl c Ar string
48.Op Fl s Ar string
49.Op Ar
50.Nm skein512
51.Op Fl pqrtx
52.Op Fl c Ar string
53.Op Fl s Ar string
54.Op Ar
55.Nm skein1024
56.Op Fl pqrtx
57.Op Fl c Ar string
58.Op Fl s Ar string
59.Op Ar
60.Sh DESCRIPTION
61The
62.Nm md5 , sha1 , sha256 , sha384 , sha512, sha512t256, rmd160,
63.Nm skein256, skein512,
64and
65.Nm skein1024
66utilities take as input a message of arbitrary length and produce as
67output a
68.Dq fingerprint
69or
70.Dq message digest
71of the input.
72It is conjectured that it is computationally infeasible to
73produce two messages having the same message digest, or to produce any
74message having a given prespecified target message digest.
75The
76.Tn MD5 , SHA-1 , SHA-256 , SHA-384 , SHA-512, RIPEMD-160,
77and
78.Tn SKEIN
79algorithms are intended for digital signature applications, where a
80large file must be
81.Dq compressed
82in a secure manner before being encrypted with a private
83(secret)
84key under a public-key cryptosystem such as
85.Tn RSA .
86.Pp
87.Tn MD5
88has been completely broken as far as finding collisions is
89concerned, and should not be relied upon to produce unique outputs.
90This also means that
91.Tn MD5
92should not be used as part of a cryptographic signature scheme.
93At the current time (2014-05-17) there is no publicly known method to
94.Dq reverse
95MD5, i.e., to find an input given a hash value.
96.Pp
97.Tn SHA-1
98currently (2014-05-17) has no known collisions, but an attack has been
99found which is faster than a brute-force search, placing the security of
100.Tn SHA-1
101in doubt.
102.Pp
103.Tn SHA-512t256
104is a version of
105.Tn SHA-512
106truncated to only 256 bits.
107On 64-bit hardware, this algorithm is approximately 50% faster than
108.Tn SHA-256
109but with the same level of security.
110The hashes are not interchangeable.
111.Pp
112It is recommended that all new applications use
113.Tn SHA-512
114instead of one of the other hash functions.
115.Pp
116The following options may be used in any combination and must
117precede any files named on the command line.
118The hexadecimal checksum of each file listed on the command line is printed
119after the options are processed.
120.Bl -tag -width indent
121.It Fl c Ar string
122Compare the digest of the file against this string.
123.Pq Note that this option is not yet useful if multiple files are specified.
124.It Fl s Ar string
125Print a checksum of the given
126.Ar string .
127.It Fl p
128Echo stdin to stdout and append the checksum to stdout.
129.It Fl q
130Quiet mode \(em only the checksum is printed out.
131Overrides the
132.Fl r
133option.
134.It Fl r
135Reverses the format of the output.
136This helps with visual diffs.
137Does nothing
138when combined with the
139.Fl ptx
140options.
141.It Fl t
142Run a built-in time trial.
143.It Fl x
144Run a built-in test script.
145.El
146.Sh EXIT STATUS
147The
148.Nm md5 , sha1 , sha256 , sha512, sha512t256, rmd160,
149.Nm skein256, skein512,
150and
151.Nm skein1024
152utilities exit 0 on success,
1531 if at least one of the input files could not be read,
154and 2 if at least one file does not have the same hash as the
155.Fl c
156option.
157.Sh SEE ALSO
158.Xr cksum 1 ,
159.Xr md5 3 ,
160.Xr ripemd 3 ,
161.Xr sha 3 ,
162.Xr sha256 3 ,
163.Xr sha384 3 ,
164.Xr sha512 3 ,
165.Xr skein 3
166.Rs
167.%A R. Rivest
168.%T The MD5 Message-Digest Algorithm
169.%O RFC1321
170.Re
171.Rs
172.%A J. Burrows
173.%T The Secure Hash Standard
174.%O FIPS PUB 180-2
175.Re
176.Rs
177.%A D. Eastlake and P. Jones
178.%T US Secure Hash Algorithm 1
179.%O RFC 3174
180.Re
181.Pp
182RIPEMD-160 is part of the ISO draft standard
183.Qq ISO/IEC DIS 10118-3
184on dedicated hash functions.
185.Pp
186Secure Hash Standard (SHS):
187.Pa http://csrc.nist.gov/cryptval/shs.html .
188.Pp
189The RIPEMD-160 page:
190.Pa http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html .
191.Sh ACKNOWLEDGMENTS
192This program is placed in the public domain for free general use by
193RSA Data Security.
194.Pp
195Support for SHA-1 and RIPEMD-160 has been added by
196.An Oliver Eikemeier Aq Mt eik@FreeBSD.org .
197