xref: /freebsd/sbin/md5/md5.1 (revision e1e636193db45630c7881246d25902e57c43d24e)
1.Dd March 12, 2024
2.Dt MD5 1
3.Os
4.Sh NAME
5.Nm md5 , sha1 , sha224 , sha256 , sha384 ,
6.Nm sha512 , sha512t224 , sha512t256 ,
7.Nm rmd160 , skein256 , skein512 , skein1024 ,
8.Nm md5sum , sha1sum , sha224sum , sha256sum , sha384sum ,
9.Nm sha512sum , sha512t224sum , sha512t256sum ,
10.Nm rmd160sum , skein256sum , skein512sum , skein1024sum ,
11.Nm shasum
12.Nd calculate a message-digest fingerprint (checksum) for a file
13.Sh SYNOPSIS
14.Nm
15.Op Fl pqrtx
16.Op Fl c Ar string
17.Op Fl s Ar string
18.Op Ar
19.Pp
20.Nm md5sum
21.Op Fl bctwz
22.Op Fl -binary
23.Op Fl -check
24.Op Fl -help
25.Op Fl -ignore-missing
26.Op Fl -quiet
27.Op Fl -status
28.Op Fl -strict
29.Op Fl -tag
30.Op Fl -text
31.Op Fl -version
32.Op Fl -warn
33.Op Fl -zero
34.Op Ar
35.Pp
36(All other hashes have the same options and usage.)
37.Pp
38.Nm shasum
39.Op Fl 0bchqstUvw
40.Op Fl -01
41.Op Fl a | -algorithm Ar alg
42.Op Fl -binary
43.Op Fl -check
44.Op Fl -help
45.Op Fl -ignore-missing
46.Op Fl -quiet
47.Op Fl -status
48.Op Fl -strict
49.Op Fl -tag
50.Op Fl -text
51.Op Fl -UNIVERSAL
52.Op Fl -version
53.Op Fl -warn
54.Op Ar
55.Sh DESCRIPTION
56The
57.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 , sha512t224 , sha512t256 ,
58.Nm rmd160 , skein256 , skein512 ,
59and
60.Nm skein1024
61utilities take as input a message of arbitrary length and produce as
62output a
63.Dq fingerprint
64or
65.Dq message digest
66of the input.
67.Pp
68The
69.Nm md5sum , sha1sum , sha224sum , sha256sum , sha384sum , sha512sum ,
70.Nm sha512t224sum , sha512t256sum , rmd160sum , skein256sum , skein512sum ,
71and
72.Nm skein1024sum
73utilities do the same, but with command-line options and an output
74format that match those of their similary named GNU utilities.
75.Pp
76The
77.Nm shasum
78utility does the same, but with command-line options and an output
79format that match those of the similarly named utility that ships with
80Perl.
81.Pp
82In all cases, each file listed on the command line is processed separately.
83If no files are listed on the command line, or a file name is given as
84.Pa - ,
85input is taken from stdin instead.
86.Pp
87It is conjectured that it is computationally infeasible to
88produce two messages having the same message digest, or to produce any
89message having a given prespecified target message digest.
90The SHA-224 , SHA-256 , SHA-384 , SHA-512, RIPEMD-160,
91and SKEIN
92algorithms are intended for digital signature applications, where a
93large file must be
94.Dq compressed
95in a secure manner before being encrypted with a private
96(secret)
97key under a public-key cryptosystem such as RSA.
98.Pp
99The MD5 and SHA-1 algorithms have been proven to be vulnerable to practical
100collision attacks and should not be relied upon to produce unique outputs,
101.Em nor should they be used as part of a cryptographic signature scheme.
102As of 2017-03-02, there is no publicly known method to
103.Em reverse
104either algorithm, i.e., to find an input that produces a specific
105output.
106.Pp
107SHA-512t256 is a version of SHA-512 truncated to only 256 bits.
108On 64-bit hardware, this algorithm is approximately 50% faster than SHA-256 but
109with the same level of security.
110The hashes are not interchangeable.
111.Pp
112SHA-512t224 is identical to SHA-512t256, but with the digest truncated
113to 224 bits.
114.Pp
115It is recommended that all new applications use SHA-512 or SKEIN-512
116instead of one of the other hash functions.
117.Ss BSD OPTIONS
118The following options are available in BSD mode, i.e. when the program
119is invoked with a name that does not end in
120.Dq sum :
121.Bl -tag -width indent
122.It Fl c Ar string , Fl -check= Ns Ar string
123Compare the digest of the file against this string.
124If combined with the
125.Fl q
126or
127.Fl -quiet
128option, the calculated digest is printed in addition to the exit status being set.
129.Pq Note that this option is not yet useful if multiple files are specified.
130.It Fl p , -passthrough
131Echo stdin to stdout and append the checksum to stdout.
132In this mode, any files specified on the command line are silently ignored.
133.It Fl q , -quiet
134Quiet mode \(em only the checksum is printed out.
135Overrides the
136.Fl r
137or
138.Fl -reverse
139option.
140.It Fl r , -reverse
141Reverses the format of the output.
142This helps with visual diffs.
143Does nothing
144when combined with the
145.Fl ptx
146options.
147.It Fl s Ar string , Fl -string= Ns Ar string
148Print a checksum of the given
149.Ar string .
150In this mode, any files specified on the command line are silently ignored.
151.It Fl t , Fl -time-trial
152Run a built-in time trial.
153For the
154.Nm -sum
155versions, this is a nop for compatibility with coreutils.
156.It Fl x , Fl -self-test
157Run a built-in test script.
158.El
159.Ss GNU OPTIONS
160The following options are available in GNU mode, i.e. when the program
161is invoked with a name that ends in
162.Dq sum :
163.Bl -tag -width indent
164.It Fl b , Fl -binary
165Read files in binary mode.
166.It Fl c , Fl -check
167The file passed as arguments must contain digest lines generated by the same
168digest algorithm in either classical BSD format or in GNU coreutils format.
169A line with the file name followed by a colon
170.Dq ":"
171and either OK or FAILED is written for each well-formed line in the digest file.
172If applicable, the number of failed comparisons and the number of lines that were
173skipped since they were not well-formed are printed at the end.
174The
175.Fl -quiet
176option can be used to quiesce the output unless there are mismatched entries in
177the digest.
178.It Fl -help
179Print a usage message and exit.
180.It Fl -ignore-missing
181When verifying checksums, ignore files for which checksums are given
182but which aren't found on disk.
183.It Fl -quiet
184When verifying checksums, do not print anything unless the
185verification fails.
186.It Fl -status
187When verifying checksums, do not print anything at all.
188The exit code will reflect whether verification succeeded.
189.It Fl -strict
190When verifying checksums, fail if the input is malformed.
191.It Fl -tag
192Produce BSD-style output.
193.It Fl t , Fl -text
194Read files in text mode.
195This is the default.
196Note that this implementation does not differentiate between binary
197and text mode.
198.It Fl -version
199Print version information and exit.
200.It Fl w , Fl -warn
201When verifying checksums, warn about malformed input.
202.It Fl z , Fl -zero
203Terminate output lines with NUL rather than with newline.
204.El
205.Ss PERL OPTIONS
206The following options are available in Perl mode, i.e. when the program
207is invoked with the name
208.Dq shasum :
209.Bl -tag -width indent
210.It Fl 0 , Fl -01
211Read files in bits mode: ASCII
212.Sq 0
213and
214.Sq 1
215characters correspond to 0 and 1 bits, respectively, and all other
216characters are ignored.
217See
218.Sx BUGS .
219.It Fl a Ar alg , Fl -algorithm Ar alg
220Use the specified algorithm:
221.Dq 1
222for SHA-1 (default),
223.Dq xxx
224for
225.Va xxx Ns -bit
226SHA-2 (e.g.
227.Dq 256
228for SHA-256)
229or
230.Dq xxxyyy
231for
232.Va xxx Ns -bit
233SHA-2 truncated to
234.Va yyy
235bits (e.g.
236.Dq 512224
237for SHA-512/224).
238.It Fl b , Fl -binary
239Read files in binary mode.
240.It Fl c , Fl -check
241The file passed as arguments must contain digest lines generated by the same
242digest algorithm in either classical BSD format or in GNU coreutils format.
243A line with the file name followed by a colon
244.Dq ":"
245and either OK or FAILED is written for each well-formed line in the digest file.
246If applicable, the number of failed comparisons and the number of lines that were
247skipped since they were not well-formed are printed at the end.
248The
249.Fl -quiet
250option can be used to quiesce the output unless there are mismatched entries in
251the digest.
252.It Fl -help
253Print a usage message and exit.
254.It Fl -ignore-missing
255When verifying checksums, ignore files for which checksums are given
256but which aren't found on disk.
257.It Fl -quiet
258When verifying checksums, do not print anything unless the
259verification fails.
260.It Fl -status
261When verifying checksums, do not print anything at all.
262The exit code will reflect whether verification succeeded.
263.It Fl -strict
264When verifying checksums, fail if the input is malformed.
265.It Fl -tag
266Produce BSD-style output.
267.It Fl t , Fl -text
268Read files in text mode.
269This is the default.
270Note that this implementation does not differentiate between binary
271and text mode.
272.It Fl U , Fl -UNIVERSAL
273Read files in universal mode: any CR-LF pair, as well as any CR not
274followed by LF, is translated to LF before the digest is computed.
275.It Fl -version
276Print version information and exit.
277.It Fl w , Fl -warn
278When verifying checksums, warn about malformed input.
279.El
280.Sh EXIT STATUS
281The
282.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 ,
283.Nm sha512t224 , sha512t256 ,
284.Nm rmd160 , skein256 , skein512 ,
285and
286.Nm skein1024
287utilities exit 0 on success,
2881 if at least one of the input files could not be read,
289and 2 if at least one file does not have the same hash as the
290.Fl c
291option.
292.Pp
293The
294.Nm md5sum , sha1sum , sha224sum , sha256sum , sha384sum , sha512sum ,
295.Nm sha512t224sum , sha512t256sum ,
296.Nm rmd160 , skein256 , skein512 , skein1024
297and
298.Nm shasum
299utilities exit 0 on success and 1 if at least one of the input files
300could not be read or, when verifying checksums, does not have the
301expected checksum.
302.Sh EXAMPLES
303Calculate the MD5 checksum of the string
304.Dq Hello .
305.Bd -literal -offset indent
306$ md5 -s Hello
307MD5 ("Hello") = 8b1a9953c4611296a827abf8c47804d7
308.Ed
309.Pp
310Same as above, but note the absence of the newline character in the input
311string:
312.Bd -literal -offset indent
313$ echo -n Hello | md5
3148b1a9953c4611296a827abf8c47804d7
315.Ed
316.Pp
317Calculate the checksum of multiple files reversing the output:
318.Bd -literal -offset indent
319$ md5 -r /boot/loader.conf /etc/rc.conf
320ada5f60f23af88ff95b8091d6d67bef6 /boot/loader.conf
321d80bf36c332dc0fdc479366ec3fa44cd /etc/rc.conf
322.Ed
323.Pp
324This is almost but not quite identical to the output from GNU mode:
325.Bd -literal -offset indent
326$ md5sum /boot/loader.conf /etc/rc.conf
327ada5f60f23af88ff95b8091d6d67bef6  /boot/loader.conf
328d80bf36c332dc0fdc479366ec3fa44cd  /etc/rc.conf
329.Ed
330.Pp
331Note the two spaces between hash and file name.
332If binary mode is requested, they are instead separated by a space and
333an asterisk:
334.Bd -literal -offset indent
335$ md5sum -b /boot/loader.conf /etc/rc.conf
336ada5f60f23af88ff95b8091d6d67bef6 */boot/loader.conf
337d80bf36c332dc0fdc479366ec3fa44cd */etc/rc.conf
338.Ed
339.Pp
340Write the digest for
341.Pa /boot/loader.conf
342in a file named
343.Pa digest .
344Then calculate the checksum again and validate it against the checksum string
345extracted from the
346.Pa digest
347file:
348.Bd -literal -offset indent
349$ md5 /boot/loader.conf > digest && md5 -c $(cut -f2 -d= digest) /boot/loader.conf
350MD5 (/boot/loader.conf) = ada5f60f23af88ff95b8091d6d67bef6
351.Ed
352.Pp
353Same as above but comparing the digest against an invalid string
354.Pq Dq randomstring ,
355which results in a failure.
356.Bd -literal -offset indent
357$ md5 -c randomstring /boot/loader.conf
358MD5 (/boot/loader.conf) = ada5f60f23af88ff95b8091d6d67bef6 [ Failed ]
359.Ed
360.Pp
361In GNU mode, the
362.Fl c
363option does not compare against a hash string passed as parameter.
364Instead, it expects a digest file, as created under the name
365.Pa digest
366for
367.Pa /boot/loader.conf
368in the example above.
369.Bd -literal -offset indent
370$ md5sum -c digest
371/boot/loader.conf: OK
372.Ed
373.Pp
374The digest file may contain any number of lines in the format
375generated in either BSD or GNU mode.
376If a hash value does not match the file,
377.Dq FAILED
378is printed instead of
379.Dq OK .
380.Sh SEE ALSO
381.Xr cksum 1 ,
382.Xr md5 3 ,
383.Xr ripemd 3 ,
384.Xr sha 3 ,
385.Xr sha256 3 ,
386.Xr sha384 3 ,
387.Xr sha512 3 ,
388.Xr skein 3
389.Rs
390.%A R. Rivest
391.%T The MD5 Message-Digest Algorithm
392.%O RFC1321
393.Re
394.Rs
395.%A J. Burrows
396.%T The Secure Hash Standard
397.%O FIPS PUB 180-2
398.Re
399.Rs
400.%A D. Eastlake and P. Jones
401.%T US Secure Hash Algorithm 1
402.%O RFC 3174
403.Re
404.Pp
405RIPEMD-160 is part of the ISO draft standard
406.Qq ISO/IEC DIS 10118-3
407on dedicated hash functions.
408.Pp
409Secure Hash Standard (SHS):
410.Pa https://www.nist.gov/publications/secure-hash-standard-shs
411.Pp
412The RIPEMD-160 page:
413.Pa https://homes.esat.kuleuven.be/~bosselae/ripemd160.html
414.Sh BUGS
415In bits mode, the original
416.Nm shasum
417script is capable of processing inputs of arbitrary length.
418This implementation is not, and will issue an error if the input
419length is not a multiple of eight bits.
420.Sh ACKNOWLEDGMENTS
421.An -nosplit
422This utility was originally derived from a program which was placed in
423the public domain for free general use by RSA Data Security.
424.Pp
425Support for SHA-1 and RIPEMD-160 was added by
426.An Oliver Eikemeier Aq Mt eik@FreeBSD.org .
427.Pp
428Support for SHA-2 was added by
429.An Colin Percival Aq Mt cperciva@FreeBSD.org
430and
431.An Allan Jude Aq Mt allanjude@FreeBSD.org .
432.Pp
433Support for SKEIN was added by
434.An Allan Jude Aq Mt allanjude@FreeBSD.org .
435.Pp
436Compatibility with GNU coreutils was added by
437.An Warner Losh Aq Mt imp@FreeBSD.org
438and much expanded by
439.An Dag-Erling Sm\(/orgrav Aq Mt des@FreeBSD.org ,
440who also added Perl compatibility.
441