aboutsummaryrefslogtreecommitdiff
path: root/sbin/md5/md5.1
diff options
context:
space:
mode:
Diffstat (limited to 'sbin/md5/md5.1')
-rw-r--r--sbin/md5/md5.1344
1 files changed, 264 insertions, 80 deletions
diff --git a/sbin/md5/md5.1 b/sbin/md5/md5.1
index 899e49ba3517..b530292c8269 100644
--- a/sbin/md5/md5.1
+++ b/sbin/md5/md5.1
@@ -1,12 +1,14 @@
-.\" $FreeBSD$
-.Dd Feb 5, 2022
+.Dd March 12, 2024
.Dt MD5 1
.Os
.Sh NAME
-.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 , sha512t256 , rmd160 ,
-.Nm skein256 , skein512 , skein1024 ,
-.Nm md5sum , sha1sum , sha224sum , sha256sum , sha384sum , sha512sum ,
-.Nm sha512t256sum , rmd160sum , skein256sum , skein512sum , skein1024sum
+.Nm md5 , sha1 , sha224 , sha256 , sha384 ,
+.Nm sha512 , sha512t224 , sha512t256 ,
+.Nm rmd160 , skein256 , skein512 , skein1024 ,
+.Nm md5sum , sha1sum , sha224sum , sha256sum , sha384sum ,
+.Nm sha512sum , sha512t224sum , sha512t256sum ,
+.Nm rmd160sum , skein256sum , skein512sum , skein1024sum ,
+.Nm shasum
.Nd calculate a message-digest fingerprint (checksum) for a file
.Sh SYNOPSIS
.Nm
@@ -16,16 +18,44 @@
.Op Ar
.Pp
.Nm md5sum
-.Op Fl pqrtx
-.Op Fl c Ar file
-.Op Fl s Ar string
+.Op Fl bctwz
+.Op Fl -binary
+.Op Fl -check
+.Op Fl -help
+.Op Fl -ignore-missing
+.Op Fl -quiet
+.Op Fl -status
+.Op Fl -strict
+.Op Fl -tag
+.Op Fl -text
+.Op Fl -version
+.Op Fl -warn
+.Op Fl -zero
.Op Ar
.Pp
(All other hashes have the same options and usage.)
+.Pp
+.Nm shasum
+.Op Fl 0bchqstUvw
+.Op Fl -01
+.Op Fl a | -algorithm Ar alg
+.Op Fl -binary
+.Op Fl -check
+.Op Fl -help
+.Op Fl -ignore-missing
+.Op Fl -quiet
+.Op Fl -status
+.Op Fl -strict
+.Op Fl -tag
+.Op Fl -text
+.Op Fl -UNIVERSAL
+.Op Fl -version
+.Op Fl -warn
+.Op Ar
.Sh DESCRIPTION
The
-.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 , sha512t256 , rmd160 ,
-.Nm skein256 , skein512 ,
+.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 , sha512t224 , sha512t256 ,
+.Nm rmd160 , skein256 , skein512 ,
and
.Nm skein1024
utilities take as input a message of arbitrary length and produce as
@@ -34,15 +64,26 @@ output a
or
.Dq message digest
of the input.
+.Pp
The
.Nm md5sum , sha1sum , sha224sum , sha256sum , sha384sum , sha512sum ,
-.Nm sha512t256sum , rmd160sum , skein256sum , skein512sum ,
+.Nm sha512t224sum , sha512t256sum , rmd160sum , skein256sum , skein512sum ,
and
.Nm skein1024sum
-utilities do the same, but default to the reversed format of
-the
-.Fl r
-flag.
+utilities do the same, but with command-line options and an output
+format that match those of their similary named GNU utilities.
+.Pp
+The
+.Nm shasum
+utility does the same, but with command-line options and an output
+format that match those of the similarly named utility that ships with
+Perl.
+.Pp
+In all cases, each file listed on the command line is processed separately.
+If no files are listed on the command line, or a file name is given as
+.Pa - ,
+input is taken from stdin instead.
+.Pp
It is conjectured that it is computationally infeasible to
produce two messages having the same message digest, or to produce any
message having a given prespecified target message digest.
@@ -68,72 +109,179 @@ On 64-bit hardware, this algorithm is approximately 50% faster than SHA-256 but
with the same level of security.
The hashes are not interchangeable.
.Pp
+SHA-512t224 is identical to SHA-512t256, but with the digest truncated
+to 224 bits.
+.Pp
It is recommended that all new applications use SHA-512 or SKEIN-512
instead of one of the other hash functions.
-.Pp
-The following options may be used in any combination and must
-precede any files named on the command line.
-The hexadecimal checksum of each file listed on the command line is printed
-after the options are processed.
+.Ss BSD OPTIONS
+The following options are available in BSD mode, i.e. when the program
+is invoked with a name that does not end in
+.Dq sum :
.Bl -tag -width indent
-.It Fl b
-Make the
-.Nm -sum
-programs separate hash and digest with a blank followed by an asterisk instead
-of by 2 blank characters for full compatibility with the output generated by the
-coreutils versions of these programs.
-.It Fl c Ar string
-If the program was called with a name that does not end in
-.Nm sum ,
-compare the digest of the file against this string.
-.Pq Note that this option is not yet useful if multiple files are specified.
-.It Fl c Ar file
-If the program was called with a name that does end in
-.Nm sum ,
-the file passed as argument must contain digest lines generated by the same
-digest algorithm with or without the
-.Fl r
-option
-.Pq i.e. in either classical BSD format or in GNU coreutils format .
-A line with the file name followed by a colon
-.Dq ":"
-and either OK or FAILED is written for each well-formed line in the digest file.
-If applicable, the number of failed comparisons and the number of lines that were
-skipped since they were not well-formed are printed at the end.
-The
+.It Fl c Ar string , Fl -check= Ns Ar string
+Compare the digest of the file against this string.
+If combined with the
.Fl q
-option can be used to quiesce the output unless there are mismatched entries in
-the digest.
-.Pp
-.It Fl s Ar string
-Print a checksum of the given
-.Ar string .
-.It Fl p
+or
+.Fl -quiet
+option, the calculated digest is printed in addition to the exit status being set.
+.Pq Note that this option is not yet useful if multiple files are specified.
+.It Fl p , -passthrough
Echo stdin to stdout and append the checksum to stdout.
-.It Fl q
+In this mode, any files specified on the command line are silently ignored.
+.It Fl q , -quiet
Quiet mode \(em only the checksum is printed out.
Overrides the
.Fl r
+or
+.Fl -reverse
option.
-.It Fl r
+.It Fl r , -reverse
Reverses the format of the output.
This helps with visual diffs.
Does nothing
when combined with the
.Fl ptx
options.
-.It Fl t
+.It Fl s Ar string , Fl -string= Ns Ar string
+Print a checksum of the given
+.Ar string .
+In this mode, any files specified on the command line are silently ignored.
+.It Fl t , Fl -time-trial
Run a built-in time trial.
For the
.Nm -sum
versions, this is a nop for compatibility with coreutils.
-.It Fl x
+.It Fl x , Fl -self-test
Run a built-in test script.
.El
+.Ss GNU OPTIONS
+The following options are available in GNU mode, i.e. when the program
+is invoked with a name that ends in
+.Dq sum :
+.Bl -tag -width indent
+.It Fl b , Fl -binary
+Read files in binary mode.
+.It Fl c , Fl -check
+The file passed as arguments must contain digest lines generated by the same
+digest algorithm in either classical BSD format or in GNU coreutils format.
+A line with the file name followed by a colon
+.Dq ":"
+and either OK or FAILED is written for each well-formed line in the digest file.
+If applicable, the number of failed comparisons and the number of lines that were
+skipped since they were not well-formed are printed at the end.
+The
+.Fl -quiet
+option can be used to quiesce the output unless there are mismatched entries in
+the digest.
+.It Fl -help
+Print a usage message and exit.
+.It Fl -ignore-missing
+When verifying checksums, ignore files for which checksums are given
+but which aren't found on disk.
+.It Fl -quiet
+When verifying checksums, do not print anything unless the
+verification fails.
+.It Fl -status
+When verifying checksums, do not print anything at all.
+The exit code will reflect whether verification succeeded.
+.It Fl -strict
+When verifying checksums, fail if the input is malformed.
+.It Fl -tag
+Produce BSD-style output.
+.It Fl t , Fl -text
+Read files in text mode.
+This is the default.
+Note that this implementation does not differentiate between binary
+and text mode.
+.It Fl -version
+Print version information and exit.
+.It Fl w , Fl -warn
+When verifying checksums, warn about malformed input.
+.It Fl z , Fl -zero
+Terminate output lines with NUL rather than with newline.
+.El
+.Ss PERL OPTIONS
+The following options are available in Perl mode, i.e. when the program
+is invoked with the name
+.Dq shasum :
+.Bl -tag -width indent
+.It Fl 0 , Fl -01
+Read files in bits mode: ASCII
+.Sq 0
+and
+.Sq 1
+characters correspond to 0 and 1 bits, respectively, and all other
+characters are ignored.
+See
+.Sx BUGS .
+.It Fl a Ar alg , Fl -algorithm Ar alg
+Use the specified algorithm:
+.Dq 1
+for SHA-1 (default),
+.Dq xxx
+for
+.Va xxx Ns -bit
+SHA-2 (e.g.
+.Dq 256
+for SHA-256)
+or
+.Dq xxxyyy
+for
+.Va xxx Ns -bit
+SHA-2 truncated to
+.Va yyy
+bits (e.g.
+.Dq 512224
+for SHA-512/224).
+.It Fl b , Fl -binary
+Read files in binary mode.
+.It Fl c , Fl -check
+The file passed as arguments must contain digest lines generated by the same
+digest algorithm in either classical BSD format or in GNU coreutils format.
+A line with the file name followed by a colon
+.Dq ":"
+and either OK or FAILED is written for each well-formed line in the digest file.
+If applicable, the number of failed comparisons and the number of lines that were
+skipped since they were not well-formed are printed at the end.
+The
+.Fl -quiet
+option can be used to quiesce the output unless there are mismatched entries in
+the digest.
+.It Fl -help
+Print a usage message and exit.
+.It Fl -ignore-missing
+When verifying checksums, ignore files for which checksums are given
+but which aren't found on disk.
+.It Fl -quiet
+When verifying checksums, do not print anything unless the
+verification fails.
+.It Fl -status
+When verifying checksums, do not print anything at all.
+The exit code will reflect whether verification succeeded.
+.It Fl -strict
+When verifying checksums, fail if the input is malformed.
+.It Fl -tag
+Produce BSD-style output.
+.It Fl t , Fl -text
+Read files in text mode.
+This is the default.
+Note that this implementation does not differentiate between binary
+and text mode.
+.It Fl U , Fl -UNIVERSAL
+Read files in universal mode: any CR-LF pair, as well as any CR not
+followed by LF, is translated to LF before the digest is computed.
+.It Fl -version
+Print version information and exit.
+.It Fl w , Fl -warn
+When verifying checksums, warn about malformed input.
+.El
.Sh EXIT STATUS
The
-.Nm md5 , sha1 , sha224 , sha256 , sha512 , sha512t256 , rmd160 ,
-.Nm skein256 , skein512 ,
+.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 ,
+.Nm sha512t224 , sha512t256 ,
+.Nm rmd160 , skein256 , skein512 ,
and
.Nm skein1024
utilities exit 0 on success,
@@ -141,6 +289,16 @@ utilities exit 0 on success,
and 2 if at least one file does not have the same hash as the
.Fl c
option.
+.Pp
+The
+.Nm md5sum , sha1sum , sha224sum , sha256sum , sha384sum , sha512sum ,
+.Nm sha512t224sum , sha512t256sum ,
+.Nm rmd160 , skein256 , skein512 , skein1024
+and
+.Nm shasum
+utilities exit 0 on success and 1 if at least one of the input files
+could not be read or, when verifying checksums, does not have the
+expected checksum.
.Sh EXAMPLES
Calculate the MD5 checksum of the string
.Dq Hello .
@@ -161,11 +319,22 @@ Calculate the checksum of multiple files reversing the output:
$ md5 -r /boot/loader.conf /etc/rc.conf
ada5f60f23af88ff95b8091d6d67bef6 /boot/loader.conf
d80bf36c332dc0fdc479366ec3fa44cd /etc/rc.conf
-.Pd
-The
-.Nm -sum
-variants put 2 blank characters between hash and file name for full compatibility
-with the coreutils versions of these commands.
+.Ed
+.Pp
+This is almost but not quite identical to the output from GNU mode:
+.Bd -literal -offset indent
+$ md5sum /boot/loader.conf /etc/rc.conf
+ada5f60f23af88ff95b8091d6d67bef6 /boot/loader.conf
+d80bf36c332dc0fdc479366ec3fa44cd /etc/rc.conf
+.Ed
+.Pp
+Note the two spaces between hash and file name.
+If binary mode is requested, they are instead separated by a space and
+an asterisk:
+.Bd -literal -offset indent
+$ md5sum -b /boot/loader.conf /etc/rc.conf
+ada5f60f23af88ff95b8091d6d67bef6 */boot/loader.conf
+d80bf36c332dc0fdc479366ec3fa44cd */etc/rc.conf
.Ed
.Pp
Write the digest for
@@ -189,9 +358,7 @@ $ md5 -c randomstring /boot/loader.conf
MD5 (/boot/loader.conf) = ada5f60f23af88ff95b8091d6d67bef6 [ Failed ]
.Ed
.Pp
-If invoked with a name ending in
-.Nm -sum
-the
+In GNU mode, the
.Fl c
option does not compare against a hash string passed as parameter.
Instead, it expects a digest file, as created under the name
@@ -200,15 +367,16 @@ for
.Pa /boot/loader.conf
in the example above.
.Bd -literal -offset indent
-$ md5 -c digest /boot/loader.conf
+$ md5sum -c digest
/boot/loader.conf: OK
.Ed
.Pp
-The digest file may contain any number of lines in the format generated with or without the
-.Fl r
-option
-.Pq i.e. in either classical BSD format or in GNU coreutils format .
-If a hash value does not match the file, FAILED is printed instead of OK.
+The digest file may contain any number of lines in the format
+generated in either BSD or GNU mode.
+If a hash value does not match the file,
+.Dq FAILED
+is printed instead of
+.Dq OK .
.Sh SEE ALSO
.Xr cksum 1 ,
.Xr md5 3 ,
@@ -244,13 +412,29 @@ Secure Hash Standard (SHS):
The RIPEMD-160 page:
.Pa https://homes.esat.kuleuven.be/~bosselae/ripemd160.html
.Sh BUGS
-All of the utilities that end in
-.Sq sum
-are intended to be compatible with the GNU coreutils programs.
-However, the long option functionality is not provided.
+In bits mode, the original
+.Nm shasum
+script is capable of processing inputs of arbitrary length.
+This implementation is not, and will issue an error if the input
+length is not a multiple of eight bits.
.Sh ACKNOWLEDGMENTS
-This program is placed in the public domain for free general use by
-RSA Data Security.
+.An -nosplit
+This utility was originally derived from a program which was placed in
+the public domain for free general use by RSA Data Security.
.Pp
-Support for SHA-1 and RIPEMD-160 has been added by
+Support for SHA-1 and RIPEMD-160 was added by
.An Oliver Eikemeier Aq Mt eik@FreeBSD.org .
+.Pp
+Support for SHA-2 was added by
+.An Colin Percival Aq Mt cperciva@FreeBSD.org
+and
+.An Allan Jude Aq Mt allanjude@FreeBSD.org .
+.Pp
+Support for SKEIN was added by
+.An Allan Jude Aq Mt allanjude@FreeBSD.org .
+.Pp
+Compatibility with GNU coreutils was added by
+.An Warner Losh Aq Mt imp@FreeBSD.org
+and much expanded by
+.An Dag-Erling Sm\(/orgrav Aq Mt des@FreeBSD.org ,
+who also added Perl compatibility.
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-23 20:53:14 +0000