sha1sum
sha1sum is a computer program that calculates and verifies SHA-1 hashes. It is commonly used to verify the integrity of files. It (or a variant) is installed by default in most Unix-like operating systems. Variants include shasum (which permits SHA-1 through SHA-512 hash functions to be selected manually), sha224sum, sha256sum, sha384sum and sha512sum, which use a specific SHA-2 hash function, and sha3sum (which permits SHA-3 through SHA3-512, SHAKE, RawSHAKE and Keccak functions to be selected manually). Versions for Microsoft Windows also exist, and the ActivePerl distribution includes a perl implementation of shasum. On FreeBSD this utility is called sha512 and contains additional features.
The SHA-1 variants are proven vulnerable to collision attacks, and users should use for example a SHA-2 variant such as sha256sum instead to prevent tampering by an adversary.[1][2]
It is included in GNU Core Utilities,[3] Busybox[4] and Toybox.[5]
Examples
To create a file with an sha1 hash in it, if one is not provided:
$ sha1sum filename [filename2] ... > SHA1SUM
If distributing one file, ".sha1" may be appended to the filename e.g.:
$ sha1sum my-zip.tar.gz > my-zip.tar.gz.sha1
The output contains one line per file of the form "{hash} SPACE ASTERISK [{directory} SLASH] {filename}
". For example:
$ sha1sum -b my-zip.tar.gz d5db29cd03a2ed055086cef9c31c252b4587d6d0 *my-zip.tar.gz $ sha1sum -b subdir/filename2 55086cef9c87d6d031cd5db29cd03a2ed0252b45 *subdir/filename2
To verify the file was downloaded correctly:
$ sha1sum -c SHA1SUM filename: OK filename2: OK $ sha1sum -c my-zip.tar.gz.sha1 my-zip.tar.gz: OK
Hash file trees
sha1sum can only create checksums of one or multiple files inside a directory, but not of a directory tree, i.e. of subdirectories, sub-subdirectories, etc. and the files they contain. This is possible by using sha1sum in combination with the commands find and xargs (and optionally with sort so that the files are sorted in the checksum file). sha1deep can create checksums of a directory tree.
See also
References
- ↑ Bruce Schneier. "Cryptanalysis of SHA-1". Schneier on Security. https://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html.
- ↑ https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html
- ↑ https://www.gnu.org/software/coreutils/manual/html_node/sha1sum-invocation.html
- ↑ https://github.com/mirror/busybox/blob/a6f8651/testsuite/sha1sum.tests
- ↑ https://github.com/landley/toybox/blob/409a8e093a4ea8e0892ab302b4fd433d08f435eb/toys/lsb/md5sum.c#L17
External links
- 165.227.69.69
- Apple Knowledge Base Article "Mac OS X: How to Verify a SHA-1 Digest"
- sha1sum for Windows announcement