|
Bacula 1.32 User's Guide
|
Chapter
|
|
 |
Bacula TCP/IP Network Protocol
|
Index
|
Smart Memory Allocation
|
|
|
Command Line Message Digest Utility
This page describes md5, a command line utility usable on either Unix
or MS-DOS/Windows, which generates and verifies message digests (digital
signatures) using the MD5 algorithm. This program can be useful when developing
shell scripts or Perl programs for software installation, file comparison, and
detection of file corruption and tampering.
NAMEmd5 - generate / check MD5 message digest
SYNOPSISmd5 [ -csignature ] [ -u ] [
-dinput_text | infile ] [ outfile ]
DESCRIPTIONA message digest is a compact digital signature for
an arbitrarily long stream of binary data. An ideal message digest algorithm
would never generate the same signature for two different sets of input, but
achieving such theoretical perfection would require a message digest as long as
the input file. Practical message digest algorithms compromise in favour of a
digital signature of modest size created with an algorithm designed to make
preparation of input text with a given signature computationally infeasible.
Message digest algorithms have much in common with techniques used in
encryption, but to a different end; verification that data have not been altered
since the signature was published.
Many older programs requiring digital signatures employed 16 or 32 bit
cyclical redundancy codes (CRC) originally developed to verify correct
transmission in data communication protocols, but these short codes, while
adequate to detect the kind of transmission errors for which they were intended,
are insufficiently secure for applications such as electronic commerce and
verification of security related software distributions.
The most commonly used present-day message digest algorithm is the 128 bit
MD5 algorithm, developed by Ron Rivest of the MIT Laboratory
for Computer Science and RSA Data Security,
Inc. The algorithm, with a reference implementation, was published as
Internet RFC 1321 in
April 1992, and was placed into the public domain at that time. Message digest
algorithms such as MD5 are not deemed "encryption technology" and are not
subject to the export controls some governments impose on other data security
products. (Obviously, the responsibility for obeying the laws in the
jurisdiction in which you reside is entirely your own, but many common Web and
Mail utilities use MD5, and I am unaware of any restrictions on their
distribution and use.)
The MD5 algorithm has been implemented in numerous computer languages
including C, Perl, and Java; if you're writing a program in such a
language, track down a suitable subroutine and incorporate it into your program.
The program described on this page is a command line implementation of
MD5, intended for use in shell scripts and Perl programs (it is much faster than
computing an MD5 signature directly in Perl). This md5 program was
originally developed as part of a suite of tools intended to monitor large
collections of files (for example, the contents of a Web site) to detect
corruption of files and inadvertent (or perhaps malicious) changes. That task is
now best accomplished with more comprehensive packages such as Tripwire, but the
command line md5 component continues to prove useful for verifying
correct delivery and installation of software packages, comparing the contents
of two different systems, and checking for changes in specific files.
OPTIONS
- -csignature
- Computes the signature of the specified infile or the string
supplied by the -d option and compares it against the specified
signature. If the two signatures match, the exit status will be zero,
otherwise the exit status will be 1. No signature is written to
outfile or standard output; only the exit status is set. The
signature to be checked must be specified as 32 hexadecimal digits.
- -dinput_text
- A signature is computed for the given input_text (which must be
quoted if it contains white space characters) instead of input from
infile or standard input. If input is specified with the -d
option, no infile should be specified.
- -u
- Print how-to-call information.
FILESIf no infile or -d option is specified or
infile is a single "-", md5 reads from standard input; if no
outfile is given, or outfile is a single "-", output is sent
to standard output. Input and output are processed strictly serially;
consequently md5 may be used in pipelines.
BUGSThe mechanism used to set standard input to binary mode may be
specific to Microsoft C; if you rebuild the DOS/Windows version of the program
from source using another compiler, be sure to verify binary files work properly
when read via redirection or a pipe.
This program has not been tested on a machine on which int and/or
long are longer than 32 bits.
The program is provided as md5.zip, a Zipped archive containing an ready-to-run
Win32 command-line executable program, md5.exe (compiled using
Microsoft Visual C++ 5.0), and in source code form along with a
Makefile to build the program under Unix.
SEE ALSOsum(1)
EXIT STATUSmd5 returns status 0 if processing was completed
without errors, 1 if the -c option was specified and the given signature
does not match that of the input, and 2 if processing could not be performed at
all due, for example, to a nonexistent input file.
COPYING
This software is in the public domain. Permission to use, copy,
modify, and distribute this software and its documentation for any purpose and
without fee is hereby granted, without any conditions or restrictions. This
software is provided "as is" without express or implied warranty.
ACKNOWLEDGEMENTSThe MD5 algorithm was developed by Ron Rivest. The
public domain C language implementation used in this program was written by
Colin Plumb in 1993.
by John Walker
January 6th,
MIM
Bacula TCP/IP Network Protocol
|
Index
|
Smart Memory Allocation
|
|
|
|
|
|
