md5 - Calculate and check MD5 cryptographic hashes
Format
md5 [-rbcT] [file ... file ...]
Description
md5 prints or checks MD5 (128 bits) cryptographic hashes.
If you do not specify any files on the command line, or if -
is specified as the
file name, md5 reads from standard input (stdin). In this case, the file name is
printed as -.
md5 supports reading sequential MVS data sets, PDS (partitioned data set), or PDSE (partitioned data set extended) members as input files. Error messages are sent to standard error (stderr).
Dependency
ICSF (at least FMID HCR77A0) must be installed and running because md5 uses the ICSF One-Way Hash Generate callable service. If resource CSFOWH has been defined, the user running the command must have READ access to the CSFOWH profile in the RACF CSFSERV general resource class. For more information about setting up profiles in the CSFSERV general resource class, see Setting up profiles in the CSFSERV general resource class in z/OS Cryptographic Services ICSF Administrator's Guide.
Options
- -r
- Reverses the output format. If the file operand is not specified, the path name and its leading white space are omitted.
- -b
- Prints checksum in binary, no file name.
- -c
- Reads a file that contains hashes that were produced by a previous run of md5
and checks them. The file containing the hashes should be the output of a former run of
md5. That is, each line must contain the name of the file and the check-sum in
hexadecimal. For example:
MD5 (somefile) = 8403ea2c155efe868f993d528b3778dc
MD5 (x.dat) = aba8f8f8e6db05fc8b9f97499baed0a7
MD5 (default/blob) = e7f1f438e47c281426b47b12b2067d7f
If -r was specified, then the file must look like this:8403ea2c155efe868f993d528b3778dc somefile
aba8f8f8e6db05fc8b9f97499baed0a7 x.dat
e7f1f438e47c281426b47b12b2067d7f default/blob
The output contains a line for each file that is being checked and includes OK or FAILED as the status. The last line of the output is a summary line, which will be written to standard error (stderr). Following is a sample output of that output:
somefile: OK x.dat: FAILED default/blob: FAILED md5: WARNING: 2 checks failed
The longest input line that md5 can handle is 2048 bytes. Longer lines are truncated or split into multiple lines.
- -T
- Enables the automatic conversion of tagged files to be calculated checksums.
Usage notes
- If you specify sequential MVS data sets, PDS or PDSE members as input files to calculate cryptographic hashes, md5 reads them as binary.
- Data sets with spanned records are not allowed.
Localization
- LANG
- LC_ALL
- LC_CTYPE
- LC_MESSAGES
- LC_TYPE
- NLSPATH
Examples
- To print the hash in binary:
md5 -b /data/app/accnt.xml
- To print the hash of an MVS data set:
md5 "//'SYS2.LOADLIB(XYZMOD)"
- To print the hash of a string:
echo 'Hi there' | md5
- To check all hashes listed in file sums.1st:
md5 -c sums.lst
- To print the hash of a file that is tagged as ASCII:
md5 -T /app/account.dat
Exit values
0
- Successful completion.
1
- Failure due any of the following:
- Inability to open a file.
- An error reading the input file.
- Error turning off the automatic conversion of the input file.
- Line too long.
- Bad line format.
- Cryptographic hash check failed.
2
- Unknown command-line option.
3
- ICSF is not available.
4
- ICSF callable service error.
If an ICSF error occurs, an error message that displays the return and reason code from the ICSF service is issued. For more information about return and reason codes, see ICSF and cryptographic coprocessor return and reason codes in z/OS Cryptographic Services ICSF Application Programmer's Guide.
Related information
rmd160, sha1, sha224, sha256, sha384, sha512