1.\" $NetBSD: cksum.1,v 1.17 2002/02/08 01:36:20 ross Exp $ 2.\" 3.\" Copyright (c) 1991, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" This code is derived from software contributed to Berkeley by 7.\" the Institute of Electrical and Electronics Engineers, Inc. 8.\" 9.\" Redistribution and use in source and binary forms, with or without 10.\" modification, are permitted provided that the following conditions 11.\" are met: 12.\" 1. Redistributions of source code must retain the above copyright 13.\" notice, this list of conditions and the following disclaimer. 14.\" 2. Redistributions in binary form must reproduce the above copyright 15.\" notice, this list of conditions and the following disclaimer in the 16.\" documentation and/or other materials provided with the distribution. 17.\" 3. All advertising materials mentioning features or use of this software 18.\" must display the following acknowledgement: 19.\" This product includes software developed by the University of 20.\" California, Berkeley and its contributors. 21.\" 4. Neither the name of the University nor the names of its contributors 22.\" may be used to endorse or promote products derived from this software 23.\" without specific prior written permission. 24.\" 25.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 26.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 29.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35.\" SUCH DAMAGE. 36.\" 37.\" @(#)cksum.1 8.2 (Berkeley) 4/28/95 38.\" 39.Dd April 28, 1995 40.Dt CKSUM 1 41.Os 42.Sh NAME 43.Nm cksum , 44.Nm md2 , 45.Nm md4 , 46.Nm md5 , 47.Nm sha1 , 48.Nm rmd160 , 49.Nm sum 50.Nd display file checksums and block counts 51.Sh SYNOPSIS 52.Nm 53.Oo 54.Fl m | 55.Fl 1 | 56.Fl 2 | 57.Fl 4 | 58.Fl 5 | 59.Fl 6 | 60.Op Fl o Ar 1 | Ar 2 61.Oc 62.Op Ar 63.Nm sum 64.Op Ar 65.Nm md2 66.Op Fl p 67.Op Fl t 68.Op Fl x 69.Op Fl s Ar string 70.Op Ar 71.Nm md4 72.Op Fl p 73.Op Fl t 74.Op Fl x 75.Op Fl s Ar string 76.Op Ar 77.Nm md5 78.Op Fl p 79.Op Fl t 80.Op Fl x 81.Op Fl s Ar string 82.Op Ar 83.Nm sha1 84.Op Fl p 85.Op Fl t 86.Op Fl x 87.Op Fl s Ar string 88.Op Ar 89.Nm rmd160 90.Op Fl p 91.Op Fl t 92.Op Fl x 93.Op Fl s Ar string 94.Op Ar 95.Sh DESCRIPTION 96The 97.Nm 98utility writes to the standard output three whitespace separated 99fields for each input file. 100These fields are a checksum 101.Tn CRC , 102the total number of octets in the file and the file name. 103If no file name is specified, the standard input is used and no file name 104is written. 105.Pp 106The 107.Nm sum 108utility is identical to the 109.Nm 110utility, except that it defaults to using historic algorithm 1, as 111described below. 112It is provided for compatibility only. 113.Pp 114The 115.Nm md5 116utility takes as input a message of arbitrary length and produces 117as output a 128-bit 118.Dq fingerprint 119or 120.Dq message digest 121of the input. It is conjectured that it is computationally infeasible 122to product two messages having the same message digest, or to produce 123any message having a given prespecified target message digest. The 124MD5 algorithm is intended for digital signature applications, where 125a large file must be 126.Dq compressed 127in a secure manner before being encrypted with a private (secret) 128key under a public-key encryption system such as 129.Pa RSA . 130.Pp 131The 132.Nm md2 133and 134.Nm md4 135utilities behave in exactly the same manner as 136.Nm md5 137but use a different algorithms. 138.Pp 139The 140.Nm sha1 141and 142.Nm rmd160 143utilities also produce message digests, however the output from these 144two programs is 160 bits in length, as opposed to 128. 145.Pp 146The options are as follows: 147.Bl -tag -width indent 148.It Fl 1 149Use the SHA1 algorithm rather than the default one. 150.It Fl 2 151Use the MD2 algorithm rather than the default one. 152.It Fl 4 153Use the MD4 algorithm rather than the default one. 154.It Fl m | 5 155Use the MD5 algorithm rather than the default one. 156.It Fl 6 157Use the RMD160 algorithm rather than the default one. 158.It Fl o 159Use historic algorithms instead of the (superior) default one. 160.Pp 161Algorithm 1 is the algorithm used by historic 162.Bx 163systems as the 164.Xr sum 1 165algorithm and by historic 166.At V 167systems as the 168.Xr sum 1 169algorithm when using the 170.Fl r 171option. 172This is a 16-bit checksum, with a right rotation before each addition; 173overflow is discarded. 174.Pp 175Algorithm 2 is the algorithm used by historic 176.At V 177systems as the 178default 179.Xr sum 1 180algorithm. 181This is a 32-bit checksum, and is defined as follows: 182.Bd -unfilled -offset indent 183s = sum of all bytes; 184r = s % 2^16 + (s % 2^32) / 2^16; 185cksum = (r % 2^16) + r / 2^16; 186.Ed 187.Pp 188Both algorithm 1 and 2 write to the standard output the same fields as 189the default algorithm except that the size of the file in bytes is 190replaced with the size of the file in blocks. 191For historic reasons, the block size is 1024 for algorithm 1 and 512 192for algorithm 2. 193Partial blocks are rounded up. 194.El 195.Pp 196The following options apply only when using the one of the message 197digest algorithms: 198.Bl -tag -width indent 199.It Fl s Ar string 200Print the hash of the given string 201.Ar string . 202.It Fl p 203Echo input from standard input to standard output, and append the 204selected message digest. 205.It Fl t 206Run a built-in message digest time trial. 207.It Fl x 208Run a built-in message digest test script. The tests that are run 209are supposed to encompass all the various tests in the suites that 210accompany the algorithms' descriptions with the exception of the the 211last test for the SHA-1 algorithm and the RIPEMD-160 algorithm. The 212last test for these is one million copies of the lower letter a. 213.El 214.Pp 215The default 216.Tn CRC 217used is based on the polynomial used for 218.Tn CRC 219error checking 220in the networking standard 221.St -iso8802-3 222The 223.Tn CRC 224checksum encoding is defined by the generating polynomial: 225.Pp 226.Bd -unfilled -offset indent 227G(x) = x^32 + x^26 + x^23 + x^22 + x^16 + x^12 + 228 x^11 + x^10 + x^8 + x^7 + x^5 + x^4 + x^2 + x + 1 229.Ed 230.Pp 231Mathematically, the 232.Tn CRC 233value corresponding to a given file is defined by 234the following procedure: 235.Bd -filled -offset indent 236The 237.Ar n 238bits to be evaluated are considered to be the coefficients of a mod 2 239polynomial M(x) of degree 240.Ar n Ns \-1 . 241These 242.Ar n 243bits are the bits from the file, with the most significant bit being the most 244significant bit of the first octet of the file and the last bit being the least 245significant bit of the last octet, padded with zero bits (if necessary) to 246achieve an integral number of octets, followed by one or more octets 247representing the length of the file as a binary value, least significant octet 248first. 249The smallest number of octets capable of representing this integer are used. 250.Pp 251M(x) is multiplied by x^32 (i.e., shifted left 32 bits) and divided by 252G(x) using mod 2 division, producing a remainder R(x) of degree \*[Le] 31. 253.Pp 254The coefficients of R(x) are considered to be a 32-bit sequence. 255.Pp 256The bit sequence is complemented and the result is the CRC. 257.Ed 258.Pp 259The 260.Nm 261and 262.Nm sum 263utilities exit 0 on success, and \*[Gt]0 if an error occurs. 264.Sh SEE ALSO 265The default calculation is identical to that given in pseudo-code 266in the following 267.Tn ACM 268article. 269.Rs 270.%T "Computation of Cyclic Redundancy Checks Via Table Lookup" 271.%A Dilip V. Sarwate 272.%J "Communications of the \\*(tNACM\\*(sP" 273.%D "August 1988" 274.Re 275.Rs 276.%A R. Rivest 277.%T The MD2 Message-Digest Algorithm 278.%O RFC 1319 279.Re 280.Rs 281.%A R. Rivest 282.%T The MD4 Message-Digest Algorithm 283.%O RFC 1186 and RFC 1320 284.Re 285.Rs 286.%A R. Rivest 287.%T The MD5 Message-Digest Algorithm 288.%O RFC 1321 289.Re 290.Rs 291.%A U.S. DOC/NIST 292.%T Secure Hash Standard 293.%O FIPS PUB 180-1 294.Re 295.Sh STANDARDS 296The 297.Nm 298utility is expected to conform to 299.St -p1003.2-92 . 300.Sh HISTORY 301The 302.Nm 303utility appeared in 304.Bx 4.4 . 305The functionality for 306.Nm md2 , 307.Nm md4 , 308.Nm sha1 , 309and 310.Nm rmd160 311was added in 312.Nx 1.6 . 313.\" .Pp 314.\" The 315.\" .Nm sum 316.\" utility appeared in 317.\" .Bx ?.? 318.\" and 319.\" .At V . 320