NAME
md5 - RSA Data Security, Inc. MD5 Message-Digest Algorithm
SYNOPSIS
md5 [ -cdhiqtx ][ -pprefix ][ -Pprfile ][ -sstr ] file ...
DESCRIPTION
The md5 utility implements the RSA Data Security, Inc. MD5
Message-Digest Algorithm (MD5). It produces 128-bit MD5
Digests of files, strings or data read on stdin. If no file
is given, and no string is to be digested (-s) then stdin
will be digested. By default, a digests are printed as 40
hex characters without a leading 0x.
The algorithm takes as input an input message of arbitrary
length and produces as output a 128-bit ``fingerprint'' or
``message digest'' of the input. It is conjectured that it
is computationally infeasible to produce two messages having
the same message digest, or to produce any message having a
given prespecified target message digest. The MD5 algorithm
is intended for digital signature applications, where a
large file must be ``compressed'' in a secure manner before
being encrypted with a private (secret) key under a public-
key cryptosystem such as RSA.
If a str (string) argument is given, then the digest for
str, followed by a space, followed by str enclosed double
quotes is written to stdout. Any file arguments are
ignored.
If one or more file if given, a separate digest if produced
for each file. By default, file digests are followed by a
space and the filename.
If no str or file arguments are given, then a digest of
stdin is written to stdout.
-c Print C style hex digests with a leading 0x.
-d Compute dual digests.
Data is divided into two streams and digested
separately. Each successive octet is assigned an index
starting with 0. The even stream consists of octets
with even indices. The odd stream consists of octets
with odd indices. The even stream digest, followed by
a space, followed by the odd stream digest is written
to stdout.
-h Print a help and usage message.
-i Compute inode digests of files.
Prepend the filename and various inode information to
the file data being digested. The inode information
prepended includes information such as the device
(st_dev), inode number (st_ino), mode (st_mode), link
count (st_nlink), uid (st_uid), gid (st_gid), size
(st_size), modification time (st_mtime) and change time
(st_ctime). The prepended data is padded with zeros to
make it a multiple of 64 bytes long. Both a stat(2)
and a lstat(2) information are both used.
The -i flag allows one to include various inode
information in the digest. This option is useful in
detecting file tampering. For example, the following
will produce different digests:
md5 -i /tmp/chongo
cp /tmp/chongo /tmp/was_here
cp /tmp/was_here /tmp/chongo
md5 -i /tmp/chongo
Note that a -i digest is portable to other systems.
This is because inode information will likely change as
the contents of a file are copied from machine to
machine.
To mark a -i digest as a special value, .0 is prepended
onto the digest output.
One may only compute inode digests of files. Use of -i
disables reading from stdin. The -i flag is not
compatible with -s.
-pprefix
-Pprfile
Insert a prefix into the data to be digested.
By using -pprefix, one may prepend any set of data with
a string. The digest produced is equivalent to digest
that is produced with the string pretended to the data.
Thus the following two commands produce the same
digest:
md5 -p curds -s whey
md5 -s curdswhey
By use of the -Pprfile interface, one may prepend using
up to the 32k of a file. This interface allows one to
prepend using binary data. The following produces the
same digest:
md5 -P /usr/bin/awk /bin/ls
dd if=/usr/bin/awk of=/tmp/foo bs=32k count=1
cat /tmp/foo /bin/ls > /tmp/ls
md5 /tmp/ls
Knowledge of the original prepend data is only kept in
the digest. Thus one may use the prepend string as a
``salt'' making it intractable for someone else to
reproduce the digest of a file without knowledge of the
prepend data.
For sightly faster performance, use prepend data that
is a multiple of 64 bytes long. The easy way to do this
is to use -P on a file that is at least 32k bytes in
length.
This feature works in conjunction all modes of
operation except the -t and -x modes.
-q Output only digests. The filename or string will not
be written to stdout.
-sstr
Digest str as if it were a string.
The trailing NUL byte is not digested. No files are
digested. The str is written to stdout enclosed in
double quotes.
-t Time the user cpu seconds needed to digest several
megabytes of data. The number of megabytes, followed
by the digest produced, followed by the number of user
cpu seconds followed by the number of characters per
user second is written to stdout.
On some systems with certain virtual memory
characteristics, you may need to run the performance
test several times, ignoring the first result. The
default amount of data tested is 16 megabytes. On some
systems, this amount may differ. One may change the
number of megabytes processed by changing the value of
TEST_MEG in the file md5drvr.c and recompiling.
-v Print the version.
-x Perform an extended standard SHS test suite.
The test suite will first look in the current directory
for file1. If it is not found, it will look in
${DESTDIR} (usually /usr/local/lib/md5). It is assumes
that file2 is in the same location as
The standard test suite been extended. The initial
string now says:
md5 test suite results
instead of:
SHA test suite results
to reflect the utility name instead of the algorithm
implemented. This also helps distinguish this version
from much older versions which did not have the -v
flag. Also the original test file foo which contained
the string "abc" (with no newline) was renamed file1.
SEE ALSO
shs(1), stat(2), lstat(2)
FILES
${DESTDIR}/file1 alternate test file location
${DESTDIR}/file2 alternate test file location
The typical value of ${DESTDIR} is /usr/local/lib/md5, or
/usr/local/lib.
AUTHOR
Much of this code was written, re-written or modified by:
Landon Curt Noll ({chongo,noll}@{toad,sgi}.com) /\../\
Part of this code code is based on code by Peter C. Gutmann.
NOTICE
LANDON CURT NOLL DISCLAIMS ALL WARRANTIES WITH REGARD TO
THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL LANDON CURT
NOLL BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
Parts of this code are:
Copyright (C) 1990, RSA Data Security, Inc. All rights
reserved.
License to copy and use this software is granted provided
that it is identified as the "RSA Data Security, Inc. MD5
Message- Digest Algorithm" in all material mentioning or
referencing this software or this function.
License is also granted to make and use derivative works
provided that such works are identified as "derived from the
RSA Data Security, Inc. MD5 Message-Digest Algorithm" in all
material mentioning or referencing the derived work.
RSA Data Security, Inc. makes no representations concerning
either the merchantability of this software or the
suitability of this software for any particular purpose. It
is provided "as is" without express or implied warranty of
any kind.
These notices must be retained in any copies of any part of
this documentation and/or software.
BUGS
The command:
md5 -s '/\"O/\'
writes to stdout, the following line:
ae8b1f8db9eaa95693164bd224291da0 "/\"O/\"
The string written in double quotes by -s may not be a valid
string according to C or shell syntax.