1.\"	$MirOS: src/bin/md5/sha1.1,v 1.7 2009/11/17 21:36:34 tg Exp $
2.\"	$OpenBSD: sha1.1,v 1.19 2004/05/16 18:31:31 otto Exp $
3.\"
4.\" Copyright (c) 2008, 2009
5.\"	Thorsten “mirabilos” Glaser <tg@mirbsd.org>
6.\" Copyright (c) 2003, 2004 Todd C. Miller <Todd.Miller@courtesan.com>
7.\"
8.\" Permission to use, copy, modify, and distribute this software for any
9.\" purpose with or without fee is hereby granted, provided that the above
10.\" copyright notice and this permission notice appear in all copies.
11.\"
12.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
13.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
14.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
15.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
16.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19.\"
20.\" Sponsored in part by the Defense Advanced Research Projects
21.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
22.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
23.\"
24.\"-
25.\" Try to make GNU groff and AT&T nroff more compatible
26.\" * ` generates ‘ in gnroff, so use \`
27.\" * ' generates ’ in gnroff, \' generates ´, so use \*(aq
28.\" * - generates ‐ in gnroff, \- generates −, so .tr it to -
29.\"   thus use - for hyphens and \- for minus signs and option dashes
30.\" * ~ is size-reduced and placed atop in groff, so use \*(TI
31.\" * ^ is size-reduced and placed atop in groff, so use \*(ha
32.\" * \(en does not work in nroff, so use \*(en
33.\" The section after the "doc" macropackage has been loaded contains
34.\" additional code to convene between the UCB mdoc macropackage (and
35.\" its variant as BSD mdoc in groff) and the GNU mdoc macropackage.
36.\"
37.ie \n(.g \{\
38.	if \*[.T]ascii .tr \-\N'45'
39.	if \*[.T]latin1 .tr \-\N'45'
40.	if \*[.T]utf8 .tr \-\N'45'
41.	ds <= \[<=]
42.	ds >= \[>=]
43.	ds Rq \[rq]
44.	ds Lq \[lq]
45.	ds sL \(aq
46.	ds sR \(aq
47.	if \*[.T]utf8 .ds sL `
48.	if \*[.T]ps .ds sL `
49.	if \*[.T]utf8 .ds sR '
50.	if \*[.T]ps .ds sR '
51.	ds aq \(aq
52.	ds TI \(ti
53.	ds ha \(ha
54.	ds en \(en
55.\}
56.el \{\
57.	ds aq '
58.	ds TI ~
59.	ds ha ^
60.	ds en \(em
61.\}
62.\"
63.\" Implement .Dd with the Mdocdate RCS keyword
64.\"
65.rn Dd xD
66.de Dd
67.ie \\$1$Mdocdate: \{\
68.	xD \\$2 \\$3, \\$4
69.\}
70.el .xD \\$1 \\$2 \\$3 \\$4 \\$5 \\$6 \\$7 \\$8
71..
72.\"
73.\" .Dd must come before definition of .Mx, because when called
74.\" with -mandoc, it might implement .Mx itself, but we want to
75.\" use our own definition. And .Dd must come *first*, always.
76.\"
77.Dd $Mdocdate: November 17 2009 $
78.\"
79.\" Check which macro package we use
80.\"
81.ie \n(.g \{\
82.	ie d volume-ds-1 .ds tT gnu
83.	el .ds tT bsd
84.\}
85.el .ds tT ucb
86.\"
87.\" Implement .Mx (MirBSD)
88.\"
89.ie "\*(tT"gnu" \{\
90.	eo
91.	de Mx
92.	nr curr-font \n[.f]
93.	nr curr-size \n[.ps]
94.	ds str-Mx \f[\n[curr-font]]\s[\n[curr-size]u]
95.	ds str-Mx1 \*[Tn-font-size]\%MirOS\*[str-Mx]
96.	if !\n[arg-limit] \
97.	if \n[.$] \{\
98.	ds macro-name Mx
99.	parse-args \$@
100.	\}
101.	if (\n[arg-limit] > \n[arg-ptr]) \{\
102.	nr arg-ptr +1
103.	ie (\n[type\n[arg-ptr]] == 2) \
104.	as str-Mx1 \~\*[arg\n[arg-ptr]]
105.	el \
106.	nr arg-ptr -1
107.	\}
108.	ds arg\n[arg-ptr] "\*[str-Mx1]
109.	nr type\n[arg-ptr] 2
110.	ds space\n[arg-ptr] "\*[space]
111.	nr num-args (\n[arg-limit] - \n[arg-ptr])
112.	nr arg-limit \n[arg-ptr]
113.	if \n[num-args] \
114.	parse-space-vector
115.	print-recursive
116..
117.	ec
118.	ds sP \s0
119.	ds tN \*[Tn-font-size]
120.\}
121.el \{\
122.	de Mx
123.	nr cF \\n(.f
124.	nr cZ \\n(.s
125.	ds aa \&\f\\n(cF\s\\n(cZ
126.	if \\n(aC==0 \{\
127.		ie \\n(.$==0 \&MirOS\\*(aa
128.		el .aV \\$1 \\$2 \\$3 \\$4 \\$5 \\$6 \\$7 \\$8 \\$9
129.	\}
130.	if \\n(aC>\\n(aP \{\
131.		nr aP \\n(aP+1
132.		ie \\n(C\\n(aP==2 \{\
133.			as b1 \&MirOS\ #\&\\*(A\\n(aP\\*(aa
134.			ie \\n(aC>\\n(aP \{\
135.				nr aP \\n(aP+1
136.				nR
137.			\}
138.			el .aZ
139.		\}
140.		el \{\
141.			as b1 \&MirOS\\*(aa
142.			nR
143.		\}
144.	\}
145..
146.\}
147.\"-
148.Dt SHA1 1
149.Os
150.Sh NAME
151.Nm sha1
152.Nd calculate a message-digest fingerprint (checksum) for a file
153.Sh SYNOPSIS
154.Nm
155.Bk -words
156.Op Fl b
157.Oo
158.Fl p | s Ar string |
159.Ar file ...
160.Oc
161.Ek
162.Nm
163.Bk -words
164.Fl G
165.Op Ar file ...
166.Ek
167.Nm
168.Bk -words
169.Fl t | x |
170.Fl c Op Ar checklist ...
171.Ek
172.Nm sha1sum
173.Op Fl b | t
174.Op Ar file ...
175.Sh DESCRIPTION
176.Nm
177takes as input a message of arbitrary length and produces
178as output a 160-bit "fingerprint" or "message digest" of the input.
179It is conjectured that it is computationally infeasible to produce
180two messages having the same message digest, or to produce any
181message having a given prespecified target message digest.
182.Pp
183The
184.Em SHA-1
185algorithm is intended for digital signature applications, where a
186large file must be "compressed" in a secure manner before being
187encrypted with a private (secret) key under a public-key cryptosystem
188such as
189.Em RSA .
190However, recently the SHA family's (SHA-0, SHA-1, SHA-2 (SHA-384 and
191SHA-512) all share the same design) weakness has been proven in reduced
192versions of SHA-1 and partially SHA-2 and collisions for SHA-1 can be found.
193The use of other hash functions is encouraged; however, as RIPEMD-160
194is only little more secure, combining hashes from different families or,
195better, different approaches (Tiger, Whirlpool) is recommended.
196.Pp
197The options are as follows:
198.Bl -tag -width Ds
199.It Fl b
200Print the checksum as binary to stdout.
201Ignored in GNU mode.
202.It Xo
203.Fl c
204.Op Ar checklist ...
205.Xc
206Compares all checksums contained in the file
207.Ar checklist
208with newly computed checksums for the corresponding files.
209Output consists of the digest used, the file name,
210and an OK or FAILED for the result of the comparison.
211This will validate any of the supported checksums (see
212.Xr cksum 1 ) .
213If no file is given, stdin is used.
214.It Fl G
215Enable GNU
216.Nm md5sum
217compatible output mode.
218Can also be enabled by calling this programme as
219.Nm sha1sum .
220.It Fl p
221Echoes stdin to stdout and appends the
222.Em SHA-1
223sum to stdout.
224.It Fl s Ar string
225Prints a checksum of the given
226.Ar string .
227.It Fl t
228Runs a built-in time trial.
229Ignored in GNU mode.
230.It Fl x
231Runs a built-in test script.
232.El
233.Pp
234The SHA-1
235sum of each file listed on the command line is printed after the options
236are processed.
237.Pp
238The
239.Nm
240command is shorthand for
241.Bd -literal -offset indent
242cksum \-a sha1
243.Ed
244.Pp
245The
246.Xr cksum 1
247command can also be used to compute digests from the SHA-2 family:
248sha256, sha384 and sha512.
249.Sh SEE ALSO
250.Xr cksum 1 ,
251.Xr md5 1 ,
252.Xr rmd160 1
253.Rs
254.%A J. Burrows
255.%T The Secure Hash Standard
256.%O FIPS PUB 180-1
257.Re
258.Rs
259.%A D. Eastlake and P. Jones
260.%T US Secure Hash Algorithm 1
261.%O RFC 3174
262.Re
263