1.\" $NetBSD: cksum.1,v 1.25 2004/07/09 11:47:59 wiz Exp $ 2.\" 3.\" Copyright (c) 1991, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" This code is derived from software contributed to Berkeley by 7.\" the Institute of Electrical and Electronics Engineers, Inc. 8.\" 9.\" Redistribution and use in source and binary forms, with or without 10.\" modification, are permitted provided that the following conditions 11.\" are met: 12.\" 1. Redistributions of source code must retain the above copyright 13.\" notice, this list of conditions and the following disclaimer. 14.\" 2. Redistributions in binary form must reproduce the above copyright 15.\" notice, this list of conditions and the following disclaimer in the 16.\" documentation and/or other materials provided with the distribution. 17.\" 3. Neither the name of the University nor the names of its contributors 18.\" may be used to endorse or promote products derived from this software 19.\" without specific prior written permission. 20.\" 21.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31.\" SUCH DAMAGE. 32.\" 33.\" @(#)cksum.1 8.2 (Berkeley) 4/28/95 34.\" 35.Dd July 9, 2004 36.Dt CKSUM 1 37.Os 38.Sh NAME 39.Nm cksum , 40.Nm md2 , 41.Nm md4 , 42.Nm md5 , 43.Nm sha1 , 44.Nm rmd160 , 45.Nm sum 46.Nd display file checksums and block counts 47.Sh SYNOPSIS 48.Nm 49.Op Fl n 50.Oo 51.Fl m | 52.Fl 1 | 53.Fl 2 | 54.Fl 4 | 55.Fl 5 | 56.Fl 6 | 57.Op Fl o Ar 1 | Ar 2 58.Oc 59.Op Ar 60.Nm sum 61.Op Ar 62.Nm md2 63.Op Fl n 64.Oo 65.Fl p | 66.Fl t | 67.Fl x | 68.Fl s Ar string 69.Oc 70.Op Ar 71.Nm md4 72.Op Fl n 73.Oo 74.Fl p | 75.Fl t | 76.Fl x | 77.Fl s Ar string 78.Oc 79.Op Ar 80.Nm md5 81.Op Fl n 82.Oo 83.Fl p | 84.Fl t | 85.Fl x | 86.Fl s Ar string 87.Oc 88.Op Ar 89.Nm sha1 90.Op Fl n 91.Oo 92.Fl p | 93.Fl t | 94.Fl x | 95.Fl s Ar string 96.Oc 97.Op Ar 98.Nm rmd160 99.Op Fl n 100.Oo 101.Fl p | 102.Fl t | 103.Fl x | 104.Fl s Ar string 105.Oc 106.Op Ar 107.Sh DESCRIPTION 108The 109.Nm 110utility writes to the standard output three whitespace separated 111fields for each input file. 112These fields are a checksum 113.Tn CRC , 114the total number of octets in the file and the file name. 115If no file name is specified, the standard input is used and no file name 116is written. 117.Pp 118The 119.Nm sum 120utility is identical to the 121.Nm 122utility, except that it defaults to using historic algorithm 1, as 123described below. 124It is provided for compatibility only. 125.Pp 126The 127.Nm md5 128utility takes as input a message of arbitrary length and produces 129as output a 128-bit 130.Dq fingerprint 131or 132.Dq message digest 133of the input. 134It is conjectured that it is computationally infeasible 135to product two messages having the same message digest, or to produce 136any message having a given prespecified target message digest. 137The 138MD5 algorithm is intended for digital signature applications, where 139a large file must be 140.Dq compressed 141in a secure manner before being encrypted with a private (secret) 142key under a public-key encryption system such as 143.Pa RSA . 144.Pp 145The 146.Nm md2 147and 148.Nm md4 149utilities behave in exactly the same manner as 150.Nm md5 151but use different algorithms. 152.Pp 153The 154.Nm sha1 155and 156.Nm rmd160 157utilities also produce message digests, however the output from these 158two programs is 160 bits in length, as opposed to 128. 159.Pp 160The options are as follows: 161.Bl -tag -width indent 162.It Fl 1 163Use the SHA1 algorithm rather than the default one. 164.It Fl 2 165Use the MD2 algorithm rather than the default one. 166.It Fl 4 167Use the MD4 algorithm rather than the default one. 168.It Fl m | 5 169Use the MD5 algorithm rather than the default one. 170.It Fl 6 171Use the RMD160 algorithm rather than the default one. 172.It Fl o 173Use historic algorithms instead of the (superior) default one. 174.Pp 175Algorithm 1 is the algorithm used by historic 176.Bx 177systems as the 178.Xr sum 1 179algorithm and by historic 180.At V 181systems as the 182.Xr sum 1 183algorithm when using the 184.Fl r 185option. 186This is a 16-bit checksum, with a right rotation before each addition; 187overflow is discarded. 188.Pp 189Algorithm 2 is the algorithm used by historic 190.At V 191systems as the 192default 193.Xr sum 1 194algorithm. 195This is a 32-bit checksum, and is defined as follows: 196.Bd -unfilled -offset indent 197s = sum of all bytes; 198r = s % 2^16 + (s % 2^32) / 2^16; 199cksum = (r % 2^16) + r / 2^16; 200.Ed 201.Pp 202Both algorithm 1 and 2 write to the standard output the same fields as 203the default algorithm except that the size of the file in bytes is 204replaced with the size of the file in blocks. 205For historic reasons, the block size is 1024 for algorithm 1 and 512 206for algorithm 2. 207Partial blocks are rounded up. 208.El 209.Pp 210The following options apply only when using the one of the message 211digest algorithms: 212.Bl -tag -width indent 213.It Fl n 214Print the hash and the filename in the normal sum output form, with 215the hash at the left and the filename following on the right. 216.It Fl p 217Echo input from standard input to standard output, and append the 218selected message digest. 219.It Fl s Ar string 220Print the hash of the given string 221.Ar string . 222.It Fl t 223Run a built-in message digest time trial. 224.It Fl x 225Run a built-in message digest test script. 226The tests that are run 227are supposed to encompass all the various tests in the suites that 228accompany the algorithms' descriptions with the exception of the 229last test for the SHA-1 algorithm and the RIPEMD-160 algorithm. 230The 231last test for these is one million copies of the lower letter a. 232.El 233.Pp 234The default 235.Tn CRC 236used is based on the polynomial used for 237.Tn CRC 238error checking 239in the networking standard 240.St -iso8802-3 . 241The 242.Tn CRC 243checksum encoding is defined by the generating polynomial: 244.Pp 245.Bd -unfilled -offset indent 246G(x) = x^32 + x^26 + x^23 + x^22 + x^16 + x^12 + 247 x^11 + x^10 + x^8 + x^7 + x^5 + x^4 + x^2 + x + 1 248.Ed 249.Pp 250Mathematically, the 251.Tn CRC 252value corresponding to a given file is defined by 253the following procedure: 254.Bd -filled -offset indent 255The 256.Ar n 257bits to be evaluated are considered to be the coefficients of a mod 2 258polynomial M(x) of degree 259.Ar n Ns \-1 . 260These 261.Ar n 262bits are the bits from the file, with the most significant bit being the most 263significant bit of the first octet of the file and the last bit being the least 264significant bit of the last octet, padded with zero bits (if necessary) to 265achieve an integral number of octets, followed by one or more octets 266representing the length of the file as a binary value, least significant octet 267first. 268The smallest number of octets capable of representing this integer are used. 269.Pp 270M(x) is multiplied by x^32 (i.e., shifted left 32 bits) and divided by 271G(x) using mod 2 division, producing a remainder R(x) of degree \*[Le] 31. 272.Pp 273The coefficients of R(x) are considered to be a 32-bit sequence. 274.Pp 275The bit sequence is complemented and the result is the CRC. 276.Ed 277.Pp 278The 279.Nm 280and 281.Nm sum 282utilities exit 0 on success, and \*[Gt]0 if an error occurs. 283.Sh SEE ALSO 284The default calculation is identical to that given in pseudo-code 285in the following 286.Tn ACM 287article. 288.Rs 289.%T "Computation of Cyclic Redundancy Checks Via Table Lookup" 290.%A Dilip V. Sarwate 291.%J "Communications of the \\*(tNACM\\*(sP" 292.%D "August 1988" 293.Re 294.Rs 295.%A R. Rivest 296.%T The MD2 Message-Digest Algorithm 297.%O RFC 1319 298.Re 299.Rs 300.%A R. Rivest 301.%T The MD4 Message-Digest Algorithm 302.%O RFC 1186 and RFC 1320 303.Re 304.Rs 305.%A R. Rivest 306.%T The MD5 Message-Digest Algorithm 307.%O RFC 1321 308.Re 309.Rs 310.%A U.S. DOC/NIST 311.%T Secure Hash Standard 312.%O FIPS PUB 180-1 313.Re 314.Sh STANDARDS 315The 316.Nm 317utility is expected to conform to 318.St -p1003.2-92 . 319.Sh HISTORY 320The 321.Nm 322utility appeared in 323.Bx 4.4 . 324The functionality for 325.Nm md2 , 326.Nm md4 , 327.Nm sha1 , 328and 329.Nm rmd160 330was added in 331.Nx 1.6 . 332.\" .Pp 333.\" The 334.\" .Nm sum 335.\" utility appeared in 336.\" .Bx ?.? 337.\" and 338.\" .At V . 339