1.\" $MirOS: src/bin/md5/sha1.1,v 1.7 2009/11/17 21:36:34 tg Exp $ 2.\" $OpenBSD: sha1.1,v 1.19 2004/05/16 18:31:31 otto Exp $ 3.\" 4.\" Copyright (c) 2008, 2009 5.\" Thorsten “mirabilos” Glaser <tg@mirbsd.org> 6.\" Copyright (c) 2003, 2004 Todd C. Miller <Todd.Miller@courtesan.com> 7.\" 8.\" Permission to use, copy, modify, and distribute this software for any 9.\" purpose with or without fee is hereby granted, provided that the above 10.\" copyright notice and this permission notice appear in all copies. 11.\" 12.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 13.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 14.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 15.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 16.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19.\" 20.\" Sponsored in part by the Defense Advanced Research Projects 21.\" Agency (DARPA) and Air Force Research Laboratory, Air Force 22.\" Materiel Command, USAF, under agreement number F39502-99-1-0512. 23.\" 24.\"- 25.\" Try to make GNU groff and AT&T nroff more compatible 26.\" * ` generates ‘ in gnroff, so use \` 27.\" * ' generates ’ in gnroff, \' generates ´, so use \*(aq 28.\" * - generates ‐ in gnroff, \- generates −, so .tr it to - 29.\" thus use - for hyphens and \- for minus signs and option dashes 30.\" * ~ is size-reduced and placed atop in groff, so use \*(TI 31.\" * ^ is size-reduced and placed atop in groff, so use \*(ha 32.\" * \(en does not work in nroff, so use \*(en 33.\" The section after the "doc" macropackage has been loaded contains 34.\" additional code to convene between the UCB mdoc macropackage (and 35.\" its variant as BSD mdoc in groff) and the GNU mdoc macropackage. 36.\" 37.ie \n(.g \{\ 38. if \*[.T]ascii .tr \-\N'45' 39. if \*[.T]latin1 .tr \-\N'45' 40. if \*[.T]utf8 .tr \-\N'45' 41. ds <= \[<=] 42. ds >= \[>=] 43. ds Rq \[rq] 44. ds Lq \[lq] 45. ds sL \(aq 46. ds sR \(aq 47. if \*[.T]utf8 .ds sL ` 48. if \*[.T]ps .ds sL ` 49. if \*[.T]utf8 .ds sR ' 50. if \*[.T]ps .ds sR ' 51. ds aq \(aq 52. ds TI \(ti 53. ds ha \(ha 54. ds en \(en 55.\} 56.el \{\ 57. ds aq ' 58. ds TI ~ 59. ds ha ^ 60. ds en \(em 61.\} 62.\" 63.\" Implement .Dd with the Mdocdate RCS keyword 64.\" 65.rn Dd xD 66.de Dd 67.ie \\$1$Mdocdate: \{\ 68. xD \\$2 \\$3, \\$4 69.\} 70.el .xD \\$1 \\$2 \\$3 \\$4 \\$5 \\$6 \\$7 \\$8 71.. 72.\" 73.\" .Dd must come before definition of .Mx, because when called 74.\" with -mandoc, it might implement .Mx itself, but we want to 75.\" use our own definition. And .Dd must come *first*, always. 76.\" 77.Dd $Mdocdate: November 17 2009 $ 78.\" 79.\" Check which macro package we use 80.\" 81.ie \n(.g \{\ 82. ie d volume-ds-1 .ds tT gnu 83. el .ds tT bsd 84.\} 85.el .ds tT ucb 86.\" 87.\" Implement .Mx (MirBSD) 88.\" 89.ie "\*(tT"gnu" \{\ 90. eo 91. de Mx 92. nr curr-font \n[.f] 93. nr curr-size \n[.ps] 94. ds str-Mx \f[\n[curr-font]]\s[\n[curr-size]u] 95. ds str-Mx1 \*[Tn-font-size]\%MirOS\*[str-Mx] 96. if !\n[arg-limit] \ 97. if \n[.$] \{\ 98. ds macro-name Mx 99. parse-args \$@ 100. \} 101. if (\n[arg-limit] > \n[arg-ptr]) \{\ 102. nr arg-ptr +1 103. ie (\n[type\n[arg-ptr]] == 2) \ 104. as str-Mx1 \~\*[arg\n[arg-ptr]] 105. el \ 106. nr arg-ptr -1 107. \} 108. ds arg\n[arg-ptr] "\*[str-Mx1] 109. nr type\n[arg-ptr] 2 110. ds space\n[arg-ptr] "\*[space] 111. nr num-args (\n[arg-limit] - \n[arg-ptr]) 112. nr arg-limit \n[arg-ptr] 113. if \n[num-args] \ 114. parse-space-vector 115. print-recursive 116.. 117. ec 118. ds sP \s0 119. ds tN \*[Tn-font-size] 120.\} 121.el \{\ 122. de Mx 123. nr cF \\n(.f 124. nr cZ \\n(.s 125. ds aa \&\f\\n(cF\s\\n(cZ 126. if \\n(aC==0 \{\ 127. ie \\n(.$==0 \&MirOS\\*(aa 128. el .aV \\$1 \\$2 \\$3 \\$4 \\$5 \\$6 \\$7 \\$8 \\$9 129. \} 130. if \\n(aC>\\n(aP \{\ 131. nr aP \\n(aP+1 132. ie \\n(C\\n(aP==2 \{\ 133. as b1 \&MirOS\ #\&\\*(A\\n(aP\\*(aa 134. ie \\n(aC>\\n(aP \{\ 135. nr aP \\n(aP+1 136. nR 137. \} 138. el .aZ 139. \} 140. el \{\ 141. as b1 \&MirOS\\*(aa 142. nR 143. \} 144. \} 145.. 146.\} 147.\"- 148.Dt SHA1 1 149.Os 150.Sh NAME 151.Nm sha1 152.Nd calculate a message-digest fingerprint (checksum) for a file 153.Sh SYNOPSIS 154.Nm 155.Bk -words 156.Op Fl b 157.Oo 158.Fl p | s Ar string | 159.Ar file ... 160.Oc 161.Ek 162.Nm 163.Bk -words 164.Fl G 165.Op Ar file ... 166.Ek 167.Nm 168.Bk -words 169.Fl t | x | 170.Fl c Op Ar checklist ... 171.Ek 172.Nm sha1sum 173.Op Fl b | t 174.Op Ar file ... 175.Sh DESCRIPTION 176.Nm 177takes as input a message of arbitrary length and produces 178as output a 160-bit "fingerprint" or "message digest" of the input. 179It is conjectured that it is computationally infeasible to produce 180two messages having the same message digest, or to produce any 181message having a given prespecified target message digest. 182.Pp 183The 184.Em SHA-1 185algorithm is intended for digital signature applications, where a 186large file must be "compressed" in a secure manner before being 187encrypted with a private (secret) key under a public-key cryptosystem 188such as 189.Em RSA . 190However, recently the SHA family's (SHA-0, SHA-1, SHA-2 (SHA-384 and 191SHA-512) all share the same design) weakness has been proven in reduced 192versions of SHA-1 and partially SHA-2 and collisions for SHA-1 can be found. 193The use of other hash functions is encouraged; however, as RIPEMD-160 194is only little more secure, combining hashes from different families or, 195better, different approaches (Tiger, Whirlpool) is recommended. 196.Pp 197The options are as follows: 198.Bl -tag -width Ds 199.It Fl b 200Print the checksum as binary to stdout. 201Ignored in GNU mode. 202.It Xo 203.Fl c 204.Op Ar checklist ... 205.Xc 206Compares all checksums contained in the file 207.Ar checklist 208with newly computed checksums for the corresponding files. 209Output consists of the digest used, the file name, 210and an OK or FAILED for the result of the comparison. 211This will validate any of the supported checksums (see 212.Xr cksum 1 ) . 213If no file is given, stdin is used. 214.It Fl G 215Enable GNU 216.Nm md5sum 217compatible output mode. 218Can also be enabled by calling this programme as 219.Nm sha1sum . 220.It Fl p 221Echoes stdin to stdout and appends the 222.Em SHA-1 223sum to stdout. 224.It Fl s Ar string 225Prints a checksum of the given 226.Ar string . 227.It Fl t 228Runs a built-in time trial. 229Ignored in GNU mode. 230.It Fl x 231Runs a built-in test script. 232.El 233.Pp 234The SHA-1 235sum of each file listed on the command line is printed after the options 236are processed. 237.Pp 238The 239.Nm 240command is shorthand for 241.Bd -literal -offset indent 242cksum \-a sha1 243.Ed 244.Pp 245The 246.Xr cksum 1 247command can also be used to compute digests from the SHA-2 family: 248sha256, sha384 and sha512. 249.Sh SEE ALSO 250.Xr cksum 1 , 251.Xr md5 1 , 252.Xr rmd160 1 253.Rs 254.%A J. Burrows 255.%T The Secure Hash Standard 256.%O FIPS PUB 180-1 257.Re 258.Rs 259.%A D. Eastlake and P. Jones 260.%T US Secure Hash Algorithm 1 261.%O RFC 3174 262.Re 263