1.\" $NetBSD: cksum.1,v 1.20 2002/10/18 22:44:48 wiz Exp $ 2.\" 3.\" Copyright (c) 1991, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" This code is derived from software contributed to Berkeley by 7.\" the Institute of Electrical and Electronics Engineers, Inc. 8.\" 9.\" Redistribution and use in source and binary forms, with or without 10.\" modification, are permitted provided that the following conditions 11.\" are met: 12.\" 1. Redistributions of source code must retain the above copyright 13.\" notice, this list of conditions and the following disclaimer. 14.\" 2. Redistributions in binary form must reproduce the above copyright 15.\" notice, this list of conditions and the following disclaimer in the 16.\" documentation and/or other materials provided with the distribution. 17.\" 3. All advertising materials mentioning features or use of this software 18.\" must display the following acknowledgement: 19.\" This product includes software developed by the University of 20.\" California, Berkeley and its contributors. 21.\" 4. Neither the name of the University nor the names of its contributors 22.\" may be used to endorse or promote products derived from this software 23.\" without specific prior written permission. 24.\" 25.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 26.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 29.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35.\" SUCH DAMAGE. 36.\" 37.\" @(#)cksum.1 8.2 (Berkeley) 4/28/95 38.\" 39.Dd October 18, 2002 40.Dt CKSUM 1 41.Os 42.Sh NAME 43.Nm cksum , 44.Nm md2 , 45.Nm md4 , 46.Nm md5 , 47.Nm sha1 , 48.Nm rmd160 , 49.Nm sum 50.Nd display file checksums and block counts 51.Sh SYNOPSIS 52.Nm 53.Op Fl n 54.Oo 55.Fl m | 56.Fl 1 | 57.Fl 2 | 58.Fl 4 | 59.Fl 5 | 60.Fl 6 | 61.Op Fl o Ar 1 | Ar 2 62.Oc 63.Op Ar 64.Nm sum 65.Op Ar 66.Nm md2 67.Op Fl n 68.Op Fl p 69.Op Fl t 70.Op Fl x 71.Op Fl s Ar string 72.Op Ar 73.Nm md4 74.Op Fl n 75.Op Fl p 76.Op Fl t 77.Op Fl x 78.Op Fl s Ar string 79.Op Ar 80.Nm md5 81.Op Fl n 82.Op Fl p 83.Op Fl t 84.Op Fl x 85.Op Fl s Ar string 86.Op Ar 87.Nm sha1 88.Op Fl n 89.Op Fl p 90.Op Fl t 91.Op Fl x 92.Op Fl s Ar string 93.Op Ar 94.Nm rmd160 95.Op Fl n 96.Op Fl p 97.Op Fl t 98.Op Fl x 99.Op Fl s Ar string 100.Op Ar 101.Sh DESCRIPTION 102The 103.Nm 104utility writes to the standard output three whitespace separated 105fields for each input file. 106These fields are a checksum 107.Tn CRC , 108the total number of octets in the file and the file name. 109If no file name is specified, the standard input is used and no file name 110is written. 111.Pp 112The 113.Nm sum 114utility is identical to the 115.Nm 116utility, except that it defaults to using historic algorithm 1, as 117described below. 118It is provided for compatibility only. 119.Pp 120The 121.Nm md5 122utility takes as input a message of arbitrary length and produces 123as output a 128-bit 124.Dq fingerprint 125or 126.Dq message digest 127of the input. 128It is conjectured that it is computationally infeasible 129to product two messages having the same message digest, or to produce 130any message having a given prespecified target message digest. 131The 132MD5 algorithm is intended for digital signature applications, where 133a large file must be 134.Dq compressed 135in a secure manner before being encrypted with a private (secret) 136key under a public-key encryption system such as 137.Pa RSA . 138.Pp 139The 140.Nm md2 141and 142.Nm md4 143utilities behave in exactly the same manner as 144.Nm md5 145but use a different algorithms. 146.Pp 147The 148.Nm sha1 149and 150.Nm rmd160 151utilities also produce message digests, however the output from these 152two programs is 160 bits in length, as opposed to 128. 153.Pp 154The options are as follows: 155.Bl -tag -width indent 156.It Fl 1 157Use the SHA1 algorithm rather than the default one. 158.It Fl 2 159Use the MD2 algorithm rather than the default one. 160.It Fl 4 161Use the MD4 algorithm rather than the default one. 162.It Fl m | 5 163Use the MD5 algorithm rather than the default one. 164.It Fl 6 165Use the RMD160 algorithm rather than the default one. 166.It Fl o 167Use historic algorithms instead of the (superior) default one. 168.Pp 169Algorithm 1 is the algorithm used by historic 170.Bx 171systems as the 172.Xr sum 1 173algorithm and by historic 174.At V 175systems as the 176.Xr sum 1 177algorithm when using the 178.Fl r 179option. 180This is a 16-bit checksum, with a right rotation before each addition; 181overflow is discarded. 182.Pp 183Algorithm 2 is the algorithm used by historic 184.At V 185systems as the 186default 187.Xr sum 1 188algorithm. 189This is a 32-bit checksum, and is defined as follows: 190.Bd -unfilled -offset indent 191s = sum of all bytes; 192r = s % 2^16 + (s % 2^32) / 2^16; 193cksum = (r % 2^16) + r / 2^16; 194.Ed 195.Pp 196Both algorithm 1 and 2 write to the standard output the same fields as 197the default algorithm except that the size of the file in bytes is 198replaced with the size of the file in blocks. 199For historic reasons, the block size is 1024 for algorithm 1 and 512 200for algorithm 2. 201Partial blocks are rounded up. 202.El 203.Pp 204The following options apply only when using the one of the message 205digest algorithms: 206.Bl -tag -width indent 207.It Fl n 208Print the hash and the filename in the normal sum output form, with 209the hash at the left and the filename following on the right. 210.It Fl p 211Echo input from standard input to standard output, and append the 212selected message digest. 213.It Fl s Ar string 214Print the hash of the given string 215.Ar string . 216.It Fl t 217Run a built-in message digest time trial. 218.It Fl x 219Run a built-in message digest test script. 220The tests that are run 221are supposed to encompass all the various tests in the suites that 222accompany the algorithms' descriptions with the exception of the the 223last test for the SHA-1 algorithm and the RIPEMD-160 algorithm. 224The 225last test for these is one million copies of the lower letter a. 226.El 227.Pp 228The default 229.Tn CRC 230used is based on the polynomial used for 231.Tn CRC 232error checking 233in the networking standard 234.St -iso8802-3 235The 236.Tn CRC 237checksum encoding is defined by the generating polynomial: 238.Pp 239.Bd -unfilled -offset indent 240G(x) = x^32 + x^26 + x^23 + x^22 + x^16 + x^12 + 241 x^11 + x^10 + x^8 + x^7 + x^5 + x^4 + x^2 + x + 1 242.Ed 243.Pp 244Mathematically, the 245.Tn CRC 246value corresponding to a given file is defined by 247the following procedure: 248.Bd -filled -offset indent 249The 250.Ar n 251bits to be evaluated are considered to be the coefficients of a mod 2 252polynomial M(x) of degree 253.Ar n Ns \-1 . 254These 255.Ar n 256bits are the bits from the file, with the most significant bit being the most 257significant bit of the first octet of the file and the last bit being the least 258significant bit of the last octet, padded with zero bits (if necessary) to 259achieve an integral number of octets, followed by one or more octets 260representing the length of the file as a binary value, least significant octet 261first. 262The smallest number of octets capable of representing this integer are used. 263.Pp 264M(x) is multiplied by x^32 (i.e., shifted left 32 bits) and divided by 265G(x) using mod 2 division, producing a remainder R(x) of degree \*[Le] 31. 266.Pp 267The coefficients of R(x) are considered to be a 32-bit sequence. 268.Pp 269The bit sequence is complemented and the result is the CRC. 270.Ed 271.Pp 272The 273.Nm 274and 275.Nm sum 276utilities exit 0 on success, and \*[Gt]0 if an error occurs. 277.Sh SEE ALSO 278The default calculation is identical to that given in pseudo-code 279in the following 280.Tn ACM 281article. 282.Rs 283.%T "Computation of Cyclic Redundancy Checks Via Table Lookup" 284.%A Dilip V. Sarwate 285.%J "Communications of the \\*(tNACM\\*(sP" 286.%D "August 1988" 287.Re 288.Rs 289.%A R. Rivest 290.%T The MD2 Message-Digest Algorithm 291.%O RFC 1319 292.Re 293.Rs 294.%A R. Rivest 295.%T The MD4 Message-Digest Algorithm 296.%O RFC 1186 and RFC 1320 297.Re 298.Rs 299.%A R. Rivest 300.%T The MD5 Message-Digest Algorithm 301.%O RFC 1321 302.Re 303.Rs 304.%A U.S. DOC/NIST 305.%T Secure Hash Standard 306.%O FIPS PUB 180-1 307.Re 308.Sh STANDARDS 309The 310.Nm 311utility is expected to conform to 312.St -p1003.2-92 . 313.Sh HISTORY 314The 315.Nm 316utility appeared in 317.Bx 4.4 . 318The functionality for 319.Nm md2 , 320.Nm md4 , 321.Nm sha1 , 322and 323.Nm rmd160 324was added in 325.Nx 1.6 . 326.\" .Pp 327.\" The 328.\" .Nm sum 329.\" utility appeared in 330.\" .Bx ?.? 331.\" and 332.\" .At V . 333