NAME
    sha1 - Secure Hash Algorithm (version 1) hash function

SYNOPSIS
  hash files:
    sha1 [ *files* ]

DESCRIPTION
    This is an implementation of the Secure Hash Algorithm version 1 as
    defined in US Federal Information Processing Standard "FIPS 180-1".

    This was shipped for convenience with the hashcash tool, but also
    functions similarly to the widely distributed md5sum utility but using
    SHA1 instead of MD5 so you may find other uses for it. (Some have argued
    that MD5 is too small a hash to use for checking files if the attacker
    can insert chosen files into your distribution as then a birthday attack
    becomes possible for the master md5sum with work factor of about 2^64,
    which is a fairly high cost but not infeasible.)

OTHER IMPLEMENTATIONS
    This program is fairly compatible with openssl sha1 (sha1(1)) and
    sha1sum (sha1sum(1)) installed on some unix systems and included with
    hashcash package so that a sha1 implementation is available for testing
    and scripting if those packages are missing.

USAGE NOTES
    The sha1 program will hash the files given on the command line, or if no
    files are given it will hash the input fed to it on standard input. The
    output format is a list of SHA1 hashes in hex followed by the
    corresponding filenames, one per line.

EXAMPLES
  Hashing files
    "sha1 file1 file2 [...]"
        Hashes the files listed on the command line and outputs their SHA1
        message digests as 40 hexadecimal digits, followed by the filename,
        one per line.

    "echo -n abc | sha1"
        When no files are given, hashes from standard in. The example
        command hashes the string "abc" from standard input. This string is
        coincidentally one of the test vectors specified in FIPS 180-1 and
        should output: *a9993e364706816aba3e25717850c26c9cd0d89d*.

    "echo -n abc | sha1 -"
        Equivalent to above. The filename of *-* means read from standard
        input.

    "echo -n abc | sha1 test.txt -"
        You can also mix filenames and reading from standard input with the
        *-* pseudo file. The above command first hashes file "test.txt" then
        reads the string abc from standard in.

Verifying Hashcash
    The SHA1 hash function is used by hashcash. You can use this sha1
    utility to write shell scripts to verify hashcash tokens without using
    the hashcash command line tool, or just to verify visually. Say you
    received the following email:

     From: Someone <test@test.invalid>
     To: Adam Back <adam@cypherspace.org>
     Subject: test hashcash
     Date: Thu, 15 Aug 2002 11:12:02 +0000
     X-Hashcash: 0:030626:adam@cypherspace.org:6470e06d773e05a8
 
    Then the following command would show visually the size of the
    collision:

    "echo -n 0:030626:adam@cypherspace.org:6470e06d773e05a8 | sha1"
         00000000c70db7389f241b8f441fcf068aead3f0

    and you can see the leading hex 0s.

LIMITATIONS
    Doesn't have the check option that md5sum has. Perhaps I'll add that in
    a future version. Also doesn't have the binary / text distinction that
    md5sum introduced for DOS/Windows benefit, nor the output convention
    signifying text (* after hash). Can't say I've ever seen anyone use that
    feature though.

EXIT STATUS
    "sha1" returns success (exit code 0) normally.

    If it can't read any of the files you give it on the comamnd line, it
    instead returns failure (exit code 1).

AUTHOR
    Written by Adam Back <adam@cypherspace.org>

SEE ALSO
    md5sum(1), sha1(1), sha1sum(1), hashcash(1), http://www.hashcash.org/,
    http://www.itl.nist.gov/fipspubs/fip180-1.htm

