.\" $OpenBSD: sha256.1,v 1.4 2012/02/26 19:15:20 haesbaert Exp $ .\" .\" Copyright (c) 2003, 2004, 2006 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" .\" Sponsored in part by the Defense Advanced Research Projects .\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" .Dd $Mdocdate: February 26 2012 $ .Dt SHA256 1 .Os .Sh NAME .Nm sha256 .Nd calculate a message-digest fingerprint (checksum) for a file .Sh SYNOPSIS .Nm sha256 .Op Fl bpqrtx .Op Fl c Op Ar checklist ... .Op Fl s Ar string .Op Ar .Sh DESCRIPTION .Nm takes as input a message of arbitrary length and produces as output a 256-bit "fingerprint" or "message digest" of the input. It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given prespecified target message digest. .Pp The .Em SHA2-256 algorithm is intended for digital signature applications, where a large file must be "compressed" in a secure manner before being encrypted with a private (secret) key under a public-key cryptosystem such as .Em RSA . .Pp The options are as follows: .Bl -tag -width Ds .It Fl b Output checksums in base64 notation, not hexadecimal. .It Xo .Fl c .Op Ar checklist ... .Xc Compares all checksums contained in the file .Ar checklist with newly computed checksums for the corresponding files. Output consists of the digest used, the file name, and an OK or FAILED for the result of the comparison. This will validate any of the supported checksums (see .Xr cksum 1 ) . If no file is given, stdin is used. .It Fl p Echoes stdin to stdout and appends the .Em SHA2-256 sum to stdout. .It Fl q Only print the checksum (quiet mode). .It Fl r Reverse the format of the hash algorithm output, making it match the output format used by .Xr cksum 1 . .It Fl s Ar string Prints a checksum of the given .Ar string . .It Fl t Runs a built-in time trial. Specifying .Fl t multiple times results in the number of rounds being multiplied by 10 for each additional flag. .It Fl x Runs a built-in test script. .El .Pp The SHA2-256 sum of each file listed on the command line is printed after the options are processed. .Pp The .Nm command is shorthand for .Bd -literal -offset indent cksum -a sha256 .Ed .Sh EXIT STATUS .Ex -std sha256 .Sh SEE ALSO .Xr cksum 1 , .Xr md5 1 , .Xr sha1 1 .Rs .%T Secure Hash Standard .%O FIPS PUB 180-2 .Re