usr.bin/cksum/cksum.1

.\"	$NetBSD: cksum.1,v 1.43 2010/05/14 01:57:21 joerg Exp $
.\"
.\" Copyright (c) 1991, 1993
.\"	The Regents of the University of California.  All rights reserved.
.\"
.\" This code is derived from software contributed to Berkeley by
.\" the Institute of Electrical and Electronics Engineers, Inc.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of the University nor the names of its contributors
.\"    may be used to endorse or promote products derived from this software
.\"    without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\"	@(#)cksum.1	8.2 (Berkeley) 4/28/95
.\"
.Dd January 2, 2009
.Dt CKSUM 1
.Os
.Sh NAME
.Nm cksum ,
.Nm md2 ,
.Nm md4 ,
.Nm md5 ,
.Nm rmd160 ,
.Nm sha1 ,
.Nm sum
.Nd display file checksums and block counts
.Sh SYNOPSIS
.Nm cksum
.Op Fl n
.Op Fl a Ar algorithm Oo Fl ptx Oc Oo Fl s Ar string Oc
.Op Fl o Ar 1 Ns | Ns Ar 2
.Op Ar Li \&| Fl c Oo Fl w Oc Oo Ar sumfile Oc
.Nm sum
.Op Fl n
.Op Fl a Ar algorithm Oo Fl ptx Oc Oo Fl s Ar string Oc
.Op Fl o Ar 1 Ns | Ns Ar 2
.Op Ar Li \&| Fl c Oo Fl w Oc Oo Ar sumfile Oc
.Nm md2
.Op Fl nptx
.Op Fl s Ar string
.Op Ar Li \&| Fl c Oo Fl w Oc Oo Ar sumfile Oc
.Nm md4
.Op Fl nptx
.Op Fl s Ar string
.Op Ar Li \&| Fl c Oo Fl w Oc Oo Ar sumfile Oc
.Nm md5
.Op Fl nptx
.Op Fl s Ar string
.Op Ar Li \&| Fl c Oo Fl w Oc Oo Ar sumfile Oc
.Nm rmd160
.Op Fl nptx
.Op Fl s Ar string
.Op Ar Li \&| Fl c Oo Fl w Oc Oo Ar sumfile Oc
.Nm sha1
.Op Fl nptx
.Op Fl s Ar string
.Op Ar Li \&| Fl c Oo Fl w Oc Oo Ar sumfile Oc
.Sh DESCRIPTION
The
.Nm
utility writes to the standard output three whitespace separated
fields for each input file.
These fields are a checksum
.Tn CRC ,
the total number of octets in the file and the file name.
If no file name is specified, the standard input is used and no file name
is written.
.Pp
The
.Nm sum
utility is identical to the
.Nm
utility, except that it defaults to using historic algorithm 1, as
described below.
It is provided for compatibility only.
.Pp
The
.Nm md5
utility takes as input a message of arbitrary length and produces
as output a 128-bit
.Dq fingerprint
or
.Dq message digest
of the input.
It is conjectured that it is computationally infeasible
to product two messages having the same message digest, or to produce
any message having a given prespecified target message digest.
The
MD5 algorithm is intended for digital signature applications, where
a large file must be
.Dq compressed
in a secure manner before being encrypted with a private (secret)
key under a public-key encryption system such as
.Pa RSA .
.Pp
The
.Nm md2
and
.Nm md4
utilities behave in exactly the same manner as
.Nm md5
but use different algorithms.
.Pp
The
.Nm rmd160
and
.Nm sha1
utilities also produce message digests, however the output from these
two programs is 160 bits in length, as opposed to 128.
.Pp
The options are as follows:
.Bl -tag -width indent
.It Fl a Ar algorithm
When invoked as
.Nm cksum ,
use the specified
.Ar algorithm .
Valid algorithms are:
.Bl -column -offset indent ".Sy Algorithm" ".Sy Bits" ".Sy Description"
.It Sy Algorithm Ta Sy Bits Ta Sy Description
.It Li CRC Ta 32 Ta Default CRC algorithm
.It Li MD2 Ta 128 Ta MD2, per Li RFC1319
.It Li MD4 Ta 128 Ta MD4, per Li RFC1320
.It Li MD5 Ta 128 Ta MD5, per Li RFC1321
.It Li RMD160 Ta 160 Ta RIPEMD-160
.It Li SHA1 Ta 160 Ta SHA-1, per Li FIPS PUB 180-1
.It Li SHA256 Ta 256 Ta SHA-2
.It Li SHA384 Ta 384 Ta SHA-2
.It Li SHA512 Ta 512 Ta SHA-2
.It Li old1 Ta 16 Ta Algorithm 1, per Fl o Ar 1
.It Li old2 Ta 16 Ta Algorithm 2, per Fl o Ar 2
.El
.It Fl c Op Ar sumfile
Verify (check) files against a list of checksums.
The list is read from
.Ar sumfile ,
or from stdin if no filename is given.
E.g. first run
.Dl Ic md5 *.tgz \*[Gt] MD5
.Dl Ic sha1 *.tgz \*[Gt] SHA1
to generate a list of MD5 checksums in
.Pa MD5 ,
then use the following command to verify them:
.Dl Ic cat MD5 SHA1 | cksum -c
If an error is found during checksum verification, an error
message is printed, and the program returns an error code of 1.
.It Fl o
Use historic algorithms instead of the (superior) default one.
.Pp
Algorithm 1 is the algorithm used by historic
.Bx
systems as the
.Xr sum 1
algorithm and by historic
.At V
systems as the
.Xr sum 1
algorithm when using the
.Fl r
option.
This is a 16-bit checksum, with a right rotation before each addition;
overflow is discarded.
.Pp
Algorithm 2 is the algorithm used by historic
.At V
systems as the
default
.Xr sum 1
algorithm.
This is a 32-bit checksum, and is defined as follows:
.Bd -unfilled -offset indent
s = sum of all bytes;
r = s % 2^16 + (s % 2^32) / 2^16;
cksum = (r % 2^16) + r / 2^16;
.Ed
.Pp
Both algorithm 1 and 2 write to the standard output the same fields as
the default algorithm except that the size of the file in bytes is
replaced with the size of the file in blocks.
For historic reasons, the block size is 1024 for algorithm 1 and 512
for algorithm 2.
Partial blocks are rounded up.
.It Fl w
Print warnings about malformed checksum files when verifying
checksums with
.Fl c .
.El
.Pp
The following options apply only when using the one of the message
digest algorithms:
.Bl -tag -width indent
.It Fl n
Print the hash and the filename in the normal sum output form, with
the hash at the left and the filename following on the right.
.It Fl p
Echo input from standard input to standard output, and append the
selected message digest.
.It Fl s Ar string
Print the hash of the given string
.Ar string .
.It Fl t
Run a built-in message digest time trial.
.It Fl x
Run a built-in message digest test script.
The tests that are run
are supposed to encompass all the various tests in the suites that
accompany the algorithms' descriptions with the exception of the
last test for the SHA-1 algorithm and the RIPEMD-160 algorithm.
The
last test for these is one million copies of the lower letter a.
.El
.Pp
The default
.Tn CRC
used is based on the polynomial used for
.Tn CRC
error checking
in the networking standard
.St -iso8802-3 .
The
.Tn CRC
checksum encoding is defined by the generating polynomial:
.Pp
.Bd -unfilled -offset indent
G(x) = x^32 + x^26 + x^23 + x^22 + x^16 + x^12 +
     x^11 + x^10 + x^8 + x^7 + x^5 + x^4 + x^2 + x + 1
.Ed
.Pp
Mathematically, the
.Tn CRC
value corresponding to a given file is defined by
the following procedure:
.Bd -filled -offset indent
The
.Ar n
bits to be evaluated are considered to be the coefficients of a mod 2
polynomial M(x) of degree
.Ar n Ns \-1 .
These
.Ar n
bits are the bits from the file, with the most significant bit being the most
significant bit of the first octet of the file and the last bit being the least
significant bit of the last octet, padded with zero bits (if necessary) to
achieve an integral number of octets, followed by one or more octets
representing the length of the file as a binary value, least significant octet
first.
The smallest number of octets capable of representing this integer are used.
.Pp
M(x) is multiplied by x^32 (i.e., shifted left 32 bits) and divided by
G(x) using mod 2 division, producing a remainder R(x) of degree \*[Le] 31.
.Pp
The coefficients of R(x) are considered to be a 32-bit sequence.
.Pp
The bit sequence is complemented and the result is the CRC.
.Ed
.Pp
The
.Nm
and
.Nm sum
utilities exit 0 on success, and \*[Gt]0 if an error occurs.
.Sh SEE ALSO
.Xr openssl 1 ,
.Xr mtree 8
.Pp
The default calculation is identical to that given in pseudo-code
in the following
.Tn ACM
article.
.Rs
.%T "Computation of Cyclic Redundancy Checks Via Table Lookup"
.%A Dilip V. Sarwate
.%J "Communications of the \*(tNACM\*(sP"
.%D "August 1988"
.Re
.Rs
.%A R. Rivest
.%T The MD2 Message-Digest Algorithm
.%O RFC 1319
.Re
.Rs
.%A R. Rivest
.%T The MD4 Message-Digest Algorithm
.%O RFC 1186 and RFC 1320
.Re
.Rs
.%A R. Rivest
.%T The MD5 Message-Digest Algorithm
.%O RFC 1321
.Re
.Rs
.%A U.S. DOC/NIST
.%T Secure Hash Standard
.%O FIPS PUB 180-1
.Re
.Sh STANDARDS
The
.Nm
utility is expected to conform to
.St -p1003.1-2004 .
.Sh HISTORY
The
.Nm
utility appeared in
.Bx 4.4 .
.Nm md5
was added in
.Nx 1.3 .
The functionality for
.Nm md2 ,
.Nm md4 ,
.Nm sha1 ,
and
.Nm rmd160
was added in
.Nx 1.6 .
Support for the SHA-2 algorithms
.Po
.Li SHA256 ,
.Li SHA384 ,
and
.Li SHA512
.Pc
was added in
.Nx 3.0 .
The functionality to verify checksum stored in a file
.Pq Fl c
first appeared in
.Nx 4.0 .
.\" .Pp
.\" The
.\" .Nm sum
.\" utility appeared in
.\" .Bx ?.?
.\" and
.\" .At V .