1.\" $FreeBSD: src/sbin/md5/md5.1,v 1.24 2005/03/10 09:56:39 cperciva Exp $ 2.Dd January 21, 2010 3.Dt MD5 1 4.Os 5.Sh NAME 6.Nm md5 , 7.Nm sha1 , 8.Nm sha256 , 9.Nm rmd160 10.Nd calculate a message-digest fingerprint (checksum) for a file 11.Sh SYNOPSIS 12.Nm md5 13.Op Fl pqrtx 14.Op Fl b Ar offset 15.Op Fl e Ar offset 16.Op Fl s Ar string 17.Op Ar 18.Nm sha1 19.Op Fl pqrtx 20.Op Fl b Ar offset 21.Op Fl e Ar offset 22.Op Fl s Ar string 23.Op Ar 24.Nm sha256 25.Op Fl pqrtx 26.Op Fl b Ar offset 27.Op Fl e Ar offset 28.Op Fl s Ar string 29.Op Ar 30.Nm rmd160 31.Op Fl pqrtx 32.Op Fl b Ar offset 33.Op Fl e Ar offset 34.Op Fl s Ar string 35.Op Ar 36.Sh DESCRIPTION 37The 38.Nm md5 , 39.Nm sha1 , 40.Nm sha256 41and 42.Nm rmd160 43utilities take as input a message of arbitrary length and produce as 44output a 45.Dq fingerprint 46or 47.Dq message digest 48of the input. 49It is conjectured that it is computationally infeasible to 50produce two messages having the same message digest, or to produce any 51message having a given prespecified target message digest. 52The 53.Tn MD5 , SHA-1, SHA-256 54and 55.Tn RIPEMD-160 56algorithms are intended for digital signature applications, where a 57large file must be 58.Dq compressed 59in a secure manner before being encrypted with a private 60(secret) 61key under a public-key cryptosystem such as 62.Tn RSA . 63.Pp 64.Tn MD5 65has not yet (2001-09-03) been broken, but sufficient attacks have been 66made that its security is in some doubt. 67The attacks on 68.Tn MD5 69are in the nature of finding 70.Dq collisions 71\(em that is, multiple 72inputs which hash to the same value; it is still unlikely for an attacker 73to be able to determine the exact original input given a hash value. 74.Pp 75The following options may be used in any combination and must 76precede any files named on the command line. 77The hexadecimal checksum of each file listed on the command line is printed 78after the options are processed. 79.Bl -tag -width indent 80.It Fl b Ar offset 81When processing file(s), use the specified begin and/or end (below) instead 82of processing each file in its entirety. 83Either option can be omitted. 84Both begin- and end-offsets can be specified as just a number (of bytes) or 85be followed by K, M, or G to mean that the number is to be multiplied by 861024 once, twice, or thrice respectively. 87For example, to start at 512, you can use 88.Fl b Ar 512 89or 90.Fl b Ar 0.5K . 91.Pp 92The use of offsets is implemented using 93.Fn mmap 94and will only work on regular files and mmap-able devices. 95.Pp 96If the beginning offset is negative, its absolute value is subtracted 97from the file's size. 98Zero thus means the very beginning of each file, 99which is also the default if the option is omitted entirely. 100.It Fl e Ar offset 101If the end-offset is not positive, its absolute value is subtracted 102from the file's size. 103Zero thus means the very end of each file, 104which is also the default if the option is omitted entirely. 105.It Fl s Ar string 106Print a checksum of the given 107.Ar string . 108.It Fl p 109Echo stdin to stdout and append the checksum to stdout. 110.It Fl q 111Quiet mode - only the checksum is printed out. 112Overrides the 113.Fl r 114option. 115.It Fl r 116Reverses the format of the output. 117This helps with visual diffs. 118Does nothing 119when combined with the 120.Fl ptx 121options. 122.It Fl t 123Run a built-in time trial. 124.It Fl x 125Run a built-in test script. 126.El 127.Sh EXIT STATUS 128The 129.Nm md5 , 130.Nm sha1 , 131.Nm sha256 132and 133.Nm rmd160 134utilities exit 0 on success, and 135.Dv EX_NOINPUT Pq 66 136if at least one of the input files could not be read or 137invalid offsets were specified. 138A mistake with command line arguments results in 139.Dv EX_USAGE Pq 64 . 140.Sh SEE ALSO 141.Xr cksum 1 , 142.Xr mmap 2 , 143.Xr md5 3 , 144.Xr ripemd 3 , 145.Xr sha 3 146.Rs 147.%A R. Rivest 148.%T The MD5 Message-Digest Algorithm 149.%O RFC 1321 150.Re 151.Rs 152.%A J. Burrows 153.%T The Secure Hash Standard 154.%O FIPS PUB 180-1 155.Re 156.Rs 157.%A D. Eastlake and P. Jones 158.%T US Secure Hash Algorithm 1 159.%O RFC 3174 160.Re 161.Pp 162RIPEMD-160 is part of the ISO draft standard 163.Qq ISO/IEC DIS 10118-3 164on dedicated hash functions. 165.Pp 166Secure Hash Standard (SHS): 167.Pa http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf . 168.Pp 169The RIPEMD-160 page: 170.Pa http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html . 171.Sh ACKNOWLEDGMENTS 172This program is placed in the public domain for free general use by 173RSA Data Security. 174.Pp 175Support for SHA-1 and RIPEMD-160 has been added by 176.An Oliver Eikemeier Aq Mt eik@FreeBSD.org . 177