NAME
cksum —
display file checksums and block
counts
SYNOPSIS
cksum |
[-bcpqrtx]
[-a algorithms]
[-C checklist]
[-h hashfile]
[-s string]
[file ...] |
DESCRIPTION
The cksum utility writes to the standard
output a single line for each input file. The format of this line varies
with the algorithm being used as follows:
- cksum
- The output line consists of three whitespace separated fields: a CRC checksum, the number of octets in the input, and name of the file or string. If no file name is specified, the standard input is used and no file name is written.
- all others
- Unless the
-roption is specified (see below), output lines consist of four whitespace separated fields: the name of the algorithm used, the name of the file or string in parentheses, an equals sign, and the cryptographic hash of the input. If no file name is specified, the standard input is used and only the cryptographic hash is output.
The options are as follows:
-aalgorithms- Use the specified algorithm(s) instead of the default (cksum). Supported
algorithms include cksum, md5, rmd160, sha1, sha224, sha256, sha384,
sha512/256, and sha512. Multiple algorithms may be specified, separated by
a comma or whitespace. Additionally, multiple
-aoptions may be specified on the command line. Case is ignored when matching algorithms. The output format may be specified on a per-algorithm basis by using a single-character suffix, e.g. “sha256b”. If the algorithm has a ‘b’ suffix, the checksum will be output in base64 format. If the algorithm has an ‘x’ suffix, the checksum will be output in hex format. If an algorithm with the same output format is repeated, only the first instance is used. Note that output format suffixes are not supported for the cksum algorithm. -b- Output checksums in base64 notation, not hexadecimal by default. A ‘b’ or ‘x’ suffix on the algorithm will override this default. This option is ignored for the cksum algorithm.
-Cchecklist- Compare the checksum of each file against the checksums in the checklist. Any specified file that is not listed in the checklist will generate an error.
-c- If this option is specified, the file options become
checklists. Each checklist should contain hash results, which will be
verified against the specified paths. Both normal (BSD) and reverse (GNU)
forms are supported in either hexadecimal or base64 format. Output
consists of the digest used, the file name, and an OK, FAILED, or MISSING
for the result of the comparison. Entries in normal format can be
validated using any of the supported checksums. Entries in reverse format
are validated using the specified algorithm (or the default algorithm if
none is specified). If no file is given, stdin is used. The
-coption may not be used in conjunction with more than a single-aoption. -hhashfile- Place the checksum into hashfile instead of stdout.
-p- Echo stdin to stdout and append the checksum to stdout.
-q- Only print the checksum (quiet mode) or if used in conjunction with the
-cflag, only print the failed cases. -r- Reverse the format of the hash algorithm output, similar to the checksum
output format (but without the number of octets). This is also the format
used by the GNU
cksumutility. -sstring- Print a checksum of the given string.
-t- Run a built-in time trial. Specifying
-tmultiple times results in the number of rounds being multiplied by 10 for each additional flag. -x- Run a built-in test script.
The default CRC used is based on the polynomial used for CRC error checking in the networking standard ISO/IEC 8802-3:1996. The other available algorithms are described in their respective man pages in section 3 of the manual.
EXIT STATUS
The cksum utility exits 0 on
success, and >0 if an error occurs.
SEE ALSO
The default calculation is identical to that given in pseudo-code in the following ACM article:
Dilip V. Sarwate, Computation of Cyclic Redundancy Checks Via Table Lookup, Communications of the ACM, August 1988.
STANDARDS
The cksum utility is compliant with the
IEEE Std 1003.1-2008 (“POSIX.1”)
specification.
All the flags are extensions to that specification.
HISTORY
The cksum utility appeared in
4.3BSD-Net/2.
CAVEATS
Do not use the cksum or md5 algorithms to verify file integrity. An attacker can trivially produce modified payload that has the same checksum as the original version. Use a cryptographic checksum instead.