.\" $NetBSD: cksum.1,v 1.43 2010/05/14 01:57:21 joerg Exp $ .\" .\" Copyright (c) 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" This code is derived from software contributed to Berkeley by .\" the Institute of Electrical and Electronics Engineers, Inc. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" .\" @(#)cksum.1 8.2 (Berkeley) 4/28/95 .\" .Dd January 2, 2009 .Dt CKSUM 1 .Os .Sh NAME .Nm cksum , .Nm md2 , .Nm md4 , .Nm md5 , .Nm rmd160 , .Nm sha1 , .Nm sum .Nd display file checksums and block counts .Sh SYNOPSIS .Nm cksum .Op Fl n .Op Fl a Ar algorithm Oo Fl ptx Oc Oo Fl s Ar string Oc .Op Fl o Ar 1 Ns | Ns Ar 2 .Op Ar Li \&| Fl c Oo Fl w Oc Oo Ar sumfile Oc .Nm sum .Op Fl n .Op Fl a Ar algorithm Oo Fl ptx Oc Oo Fl s Ar string Oc .Op Fl o Ar 1 Ns | Ns Ar 2 .Op Ar Li \&| Fl c Oo Fl w Oc Oo Ar sumfile Oc .Nm md2 .Op Fl nptx .Op Fl s Ar string .Op Ar Li \&| Fl c Oo Fl w Oc Oo Ar sumfile Oc .Nm md4 .Op Fl nptx .Op Fl s Ar string .Op Ar Li \&| Fl c Oo Fl w Oc Oo Ar sumfile Oc .Nm md5 .Op Fl nptx .Op Fl s Ar string .Op Ar Li \&| Fl c Oo Fl w Oc Oo Ar sumfile Oc .Nm rmd160 .Op Fl nptx .Op Fl s Ar string .Op Ar Li \&| Fl c Oo Fl w Oc Oo Ar sumfile Oc .Nm sha1 .Op Fl nptx .Op Fl s Ar string .Op Ar Li \&| Fl c Oo Fl w Oc Oo Ar sumfile Oc .Sh DESCRIPTION The .Nm utility writes to the standard output three whitespace separated fields for each input file. These fields are a checksum .Tn CRC , the total number of octets in the file and the file name. If no file name is specified, the standard input is used and no file name is written. .Pp The .Nm sum utility is identical to the .Nm utility, except that it defaults to using historic algorithm 1, as described below. It is provided for compatibility only. .Pp The .Nm md5 utility takes as input a message of arbitrary length and produces as output a 128-bit .Dq fingerprint or .Dq message digest of the input. It is conjectured that it is computationally infeasible to product two messages having the same message digest, or to produce any message having a given prespecified target message digest. The MD5 algorithm is intended for digital signature applications, where a large file must be .Dq compressed in a secure manner before being encrypted with a private (secret) key under a public-key encryption system such as .Pa RSA . .Pp The .Nm md2 and .Nm md4 utilities behave in exactly the same manner as .Nm md5 but use different algorithms. .Pp The .Nm rmd160 and .Nm sha1 utilities also produce message digests, however the output from these two programs is 160 bits in length, as opposed to 128. .Pp The options are as follows: .Bl -tag -width indent .It Fl a Ar algorithm When invoked as .Nm cksum , use the specified .Ar algorithm . Valid algorithms are: .Bl -column -offset indent ".Sy Algorithm" ".Sy Bits" ".Sy Description" .It Sy Algorithm Ta Sy Bits Ta Sy Description .It Li CRC Ta 32 Ta Default CRC algorithm .It Li MD2 Ta 128 Ta MD2, per Li RFC1319 .It Li MD4 Ta 128 Ta MD4, per Li RFC1320 .It Li MD5 Ta 128 Ta MD5, per Li RFC1321 .It Li RMD160 Ta 160 Ta RIPEMD-160 .It Li SHA1 Ta 160 Ta SHA-1, per Li FIPS PUB 180-1 .It Li SHA256 Ta 256 Ta SHA-2 .It Li SHA384 Ta 384 Ta SHA-2 .It Li SHA512 Ta 512 Ta SHA-2 .It Li old1 Ta 16 Ta Algorithm 1, per Fl o Ar 1 .It Li old2 Ta 16 Ta Algorithm 2, per Fl o Ar 2 .El .It Fl c Op Ar sumfile Verify (check) files against a list of checksums. The list is read from .Ar sumfile , or from stdin if no filename is given. E.g. first run .Dl Ic md5 *.tgz \*[Gt] MD5 .Dl Ic sha1 *.tgz \*[Gt] SHA1 to generate a list of MD5 checksums in .Pa MD5 , then use the following command to verify them: .Dl Ic cat MD5 SHA1 | cksum -c If an error is found during checksum verification, an error message is printed, and the program returns an error code of 1. .It Fl o Use historic algorithms instead of the (superior) default one. .Pp Algorithm 1 is the algorithm used by historic .Bx systems as the .Xr sum 1 algorithm and by historic .At V systems as the .Xr sum 1 algorithm when using the .Fl r option. This is a 16-bit checksum, with a right rotation before each addition; overflow is discarded. .Pp Algorithm 2 is the algorithm used by historic .At V systems as the default .Xr sum 1 algorithm. This is a 32-bit checksum, and is defined as follows: .Bd -unfilled -offset indent s = sum of all bytes; r = s % 2^16 + (s % 2^32) / 2^16; cksum = (r % 2^16) + r / 2^16; .Ed .Pp Both algorithm 1 and 2 write to the standard output the same fields as the default algorithm except that the size of the file in bytes is replaced with the size of the file in blocks. For historic reasons, the block size is 1024 for algorithm 1 and 512 for algorithm 2. Partial blocks are rounded up. .It Fl w Print warnings about malformed checksum files when verifying checksums with .Fl c . .El .Pp The following options apply only when using the one of the message digest algorithms: .Bl -tag -width indent .It Fl n Print the hash and the filename in the normal sum output form, with the hash at the left and the filename following on the right. .It Fl p Echo input from standard input to standard output, and append the selected message digest. .It Fl s Ar string Print the hash of the given string .Ar string . .It Fl t Run a built-in message digest time trial. .It Fl x Run a built-in message digest test script. The tests that are run are supposed to encompass all the various tests in the suites that accompany the algorithms' descriptions with the exception of the last test for the SHA-1 algorithm and the RIPEMD-160 algorithm. The last test for these is one million copies of the lower letter a. .El .Pp The default .Tn CRC used is based on the polynomial used for .Tn CRC error checking in the networking standard .St -iso8802-3 . The .Tn CRC checksum encoding is defined by the generating polynomial: .Pp .Bd -unfilled -offset indent G(x) = x^32 + x^26 + x^23 + x^22 + x^16 + x^12 + x^11 + x^10 + x^8 + x^7 + x^5 + x^4 + x^2 + x + 1 .Ed .Pp Mathematically, the .Tn CRC value corresponding to a given file is defined by the following procedure: .Bd -filled -offset indent The .Ar n bits to be evaluated are considered to be the coefficients of a mod 2 polynomial M(x) of degree .Ar n Ns \-1 . These .Ar n bits are the bits from the file, with the most significant bit being the most significant bit of the first octet of the file and the last bit being the least significant bit of the last octet, padded with zero bits (if necessary) to achieve an integral number of octets, followed by one or more octets representing the length of the file as a binary value, least significant octet first. The smallest number of octets capable of representing this integer are used. .Pp M(x) is multiplied by x^32 (i.e., shifted left 32 bits) and divided by G(x) using mod 2 division, producing a remainder R(x) of degree \*[Le] 31. .Pp The coefficients of R(x) are considered to be a 32-bit sequence. .Pp The bit sequence is complemented and the result is the CRC. .Ed .Pp The .Nm and .Nm sum utilities exit 0 on success, and \*[Gt]0 if an error occurs. .Sh SEE ALSO .Xr openssl 1 , .Xr mtree 8 .Pp The default calculation is identical to that given in pseudo-code in the following .Tn ACM article. .Rs .%T "Computation of Cyclic Redundancy Checks Via Table Lookup" .%A Dilip V. Sarwate .%J "Communications of the \*(tNACM\*(sP" .%D "August 1988" .Re .Rs .%A R. Rivest .%T The MD2 Message-Digest Algorithm .%O RFC 1319 .Re .Rs .%A R. Rivest .%T The MD4 Message-Digest Algorithm .%O RFC 1186 and RFC 1320 .Re .Rs .%A R. Rivest .%T The MD5 Message-Digest Algorithm .%O RFC 1321 .Re .Rs .%A U.S. DOC/NIST .%T Secure Hash Standard .%O FIPS PUB 180-1 .Re .Sh STANDARDS The .Nm utility is expected to conform to .St -p1003.1-2004 . .Sh HISTORY The .Nm utility appeared in .Bx 4.4 . .Nm md5 was added in .Nx 1.3 . The functionality for .Nm md2 , .Nm md4 , .Nm sha1 , and .Nm rmd160 was added in .Nx 1.6 . Support for the SHA-2 algorithms .Po .Li SHA256 , .Li SHA384 , and .Li SHA512 .Pc was added in .Nx 3.0 . The functionality to verify checksum stored in a file .Pq Fl c first appeared in .Nx 4.0 . .\" .Pp .\" The .\" .Nm sum .\" utility appeared in .\" .Bx ?.? .\" and .\" .At V .