1.\" $FreeBSD$ 2.Dd March 2, 2017 3.Dt MD5 1 4.Os 5.Sh NAME 6.Nm md5 , sha1 , sha256 , sha384 , sha512 , sha512t256 , rmd160 , 7.Nm skein256 , skein512 , skein1024 8.Nd calculate a message-digest fingerprint (checksum) for a file 9.Sh SYNOPSIS 10.Nm md5 11.Op Fl pqrtx 12.Op Fl c Ar string 13.Op Fl s Ar string 14.Op Ar 15.Nm sha1 16.Op Fl pqrtx 17.Op Fl c Ar string 18.Op Fl s Ar string 19.Op Ar 20.Nm sha256 21.Op Fl pqrtx 22.Op Fl c Ar string 23.Op Fl s Ar string 24.Op Ar 25.Nm sha384 26.Op Fl pqrtx 27.Op Fl c Ar string 28.Op Fl s Ar string 29.Op Ar 30.Nm sha512 31.Op Fl pqrtx 32.Op Fl c Ar string 33.Op Fl s Ar string 34.Op Ar 35.Nm sha512t256 36.Op Fl pqrtx 37.Op Fl c Ar string 38.Op Fl s Ar string 39.Op Ar 40.Nm rmd160 41.Op Fl pqrtx 42.Op Fl c Ar string 43.Op Fl s Ar string 44.Op Ar 45.Nm skein256 46.Op Fl pqrtx 47.Op Fl c Ar string 48.Op Fl s Ar string 49.Op Ar 50.Nm skein512 51.Op Fl pqrtx 52.Op Fl c Ar string 53.Op Fl s Ar string 54.Op Ar 55.Nm skein1024 56.Op Fl pqrtx 57.Op Fl c Ar string 58.Op Fl s Ar string 59.Op Ar 60.Sh DESCRIPTION 61The 62.Nm md5 , sha1 , sha256 , sha384 , sha512, sha512t256, rmd160, 63.Nm skein256, skein512, 64and 65.Nm skein1024 66utilities take as input a message of arbitrary length and produce as 67output a 68.Dq fingerprint 69or 70.Dq message digest 71of the input. 72It is conjectured that it is computationally infeasible to 73produce two messages having the same message digest, or to produce any 74message having a given prespecified target message digest. 75The 76.Tn MD5 , SHA-1 , SHA-256 , SHA-384 , SHA-512, RIPEMD-160, 77and 78.Tn SKEIN 79algorithms are intended for digital signature applications, where a 80large file must be 81.Dq compressed 82in a secure manner before being encrypted with a private 83(secret) 84key under a public-key cryptosystem such as 85.Tn RSA . 86.Pp 87The 88.Tn MD5 89and 90.Tn SHA-1 91algorithms have been proven to be vulnerable to practical collision 92attacks and should not be relied upon to produce unique outputs, nor 93should they be used as part of a cryptographic signature scheme. 94As of 2017-03-02, there is no publicly known method to 95.Em reverse 96either algorithm, i.e. to find an input that produces a specific 97output. 98.Pp 99.Tn SHA-512t256 100is a version of 101.Tn SHA-512 102truncated to only 256 bits. 103On 64-bit hardware, this algorithm is approximately 50% faster than 104.Tn SHA-256 105but with the same level of security. 106The hashes are not interchangeable. 107.Pp 108It is recommended that all new applications use 109.Tn SHA-512 110or 111.Tn SKEIN-512 112instead of one of the other hash functions. 113.Pp 114The following options may be used in any combination and must 115precede any files named on the command line. 116The hexadecimal checksum of each file listed on the command line is printed 117after the options are processed. 118.Bl -tag -width indent 119.It Fl c Ar string 120Compare the digest of the file against this string. 121.Pq Note that this option is not yet useful if multiple files are specified. 122.It Fl s Ar string 123Print a checksum of the given 124.Ar string . 125.It Fl p 126Echo stdin to stdout and append the checksum to stdout. 127.It Fl q 128Quiet mode \(em only the checksum is printed out. 129Overrides the 130.Fl r 131option. 132.It Fl r 133Reverses the format of the output. 134This helps with visual diffs. 135Does nothing 136when combined with the 137.Fl ptx 138options. 139.It Fl t 140Run a built-in time trial. 141.It Fl x 142Run a built-in test script. 143.El 144.Sh EXIT STATUS 145The 146.Nm md5 , sha1 , sha256 , sha512, sha512t256, rmd160, 147.Nm skein256, skein512, 148and 149.Nm skein1024 150utilities exit 0 on success, 1511 if at least one of the input files could not be read, 152and 2 if at least one file does not have the same hash as the 153.Fl c 154option. 155.Sh SEE ALSO 156.Xr cksum 1 , 157.Xr md5 3 , 158.Xr ripemd 3 , 159.Xr sha 3 , 160.Xr sha256 3 , 161.Xr sha384 3 , 162.Xr sha512 3 , 163.Xr skein 3 164.Rs 165.%A R. Rivest 166.%T The MD5 Message-Digest Algorithm 167.%O RFC1321 168.Re 169.Rs 170.%A J. Burrows 171.%T The Secure Hash Standard 172.%O FIPS PUB 180-2 173.Re 174.Rs 175.%A D. Eastlake and P. Jones 176.%T US Secure Hash Algorithm 1 177.%O RFC 3174 178.Re 179.Pp 180RIPEMD-160 is part of the ISO draft standard 181.Qq ISO/IEC DIS 10118-3 182on dedicated hash functions. 183.Pp 184Secure Hash Standard (SHS): 185.Pa http://csrc.nist.gov/cryptval/shs.html . 186.Pp 187The RIPEMD-160 page: 188.Pa http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html . 189.Sh ACKNOWLEDGMENTS 190This program is placed in the public domain for free general use by 191RSA Data Security. 192.Pp 193Support for SHA-1 and RIPEMD-160 has been added by 194.An Oliver Eikemeier Aq Mt eik@FreeBSD.org . 195