NAME
sha256 —
calculate a message-digest fingerprint
(checksum) for a file
SYNOPSIS
sha256 |
[-bpqrtx] [-c
[checklist ...]] [-s
string] [file ...] |
DESCRIPTION
sha256 takes as input a message of
arbitrary length and produces as output a 256-bit "fingerprint" or
"message digest" of the input. It is conjectured that it is
computationally infeasible to produce two messages having the same message
digest, or to produce any message having a given prespecified target message
digest.
The SHA2-256 algorithm is intended for digital signature applications, where a large file must be "compressed" in a secure manner before being encrypted with a private (secret) key under a public-key cryptosystem such as RSA.
The options are as follows:
-b- Output checksums in base64 notation, not hexadecimal.
-c[checklist ...]- Compares all checksums contained in the file checklist with newly computed checksums for the corresponding files. Output consists of the digest used, the file name, and an OK or FAILED for the result of the comparison. This will validate any of the supported checksums (see cksum(1)). If no file is given, stdin is used.
-p- Echoes stdin to stdout and appends the SHA2-256 sum to stdout.
-q- Only print the checksum (quiet mode).
-r- Reverse the format of the hash algorithm output, making it match the output format used by cksum(1).
-sstring- Prints a checksum of the given string.
-t- Runs a built-in time trial. Specifying
-tmultiple times results in the number of rounds being multiplied by 10 for each additional flag. -x- Runs a built-in test script.
The SHA2-256 sum of each file listed on the command line is printed after the options are processed.
The sha256 command is shorthand for
cksum -a sha256
EXIT STATUS
The sha256 utility exits 0 on
success, and >0 if an error occurs.
SEE ALSO
Secure Hash Standard, FIPS PUB 180-2.