408 lines
12 KiB
Groff
408 lines
12 KiB
Groff
.rn '' }`
|
|
'''
|
|
'''
|
|
.de Sh
|
|
.br
|
|
.if t .Sp
|
|
.ne 5
|
|
.PP
|
|
\fB\\$1\fR
|
|
.PP
|
|
..
|
|
.de Sp
|
|
.if t .sp .5v
|
|
.if n .sp
|
|
..
|
|
.de Ip
|
|
.br
|
|
.ie \\n(.$>=3 .ne \\$3
|
|
.el .ne 3
|
|
.IP "\\$1" \\$2
|
|
..
|
|
.de Vb
|
|
.ft CW
|
|
.nf
|
|
.ne \\$1
|
|
..
|
|
.de Ve
|
|
.ft R
|
|
|
|
.fi
|
|
..
|
|
'''
|
|
'''
|
|
''' Set up \*(-- to give an unbreakable dash;
|
|
''' string Tr holds user defined translation string.
|
|
''' Bell System Logo is used as a dummy character.
|
|
'''
|
|
.tr \(*W-|\(bv\*(Tr
|
|
.ie n \{\
|
|
.ds -- \(*W-
|
|
.ds PI pi
|
|
.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
|
.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
|
.ds L" ""
|
|
.ds R" ""
|
|
''' \*(M", \*(S", \*(N" and \*(T" are the equivalent of
|
|
''' \*(L" and \*(R", except that they are used on ".xx" lines,
|
|
''' such as .IP and .SH, which do another additional levels of
|
|
''' double-quote interpretation
|
|
.ds M" """
|
|
.ds S" """
|
|
.ds N" """""
|
|
.ds T" """""
|
|
.ds L' '
|
|
.ds R' '
|
|
.ds M' '
|
|
.ds S' '
|
|
.ds N' '
|
|
.ds T' '
|
|
'br\}
|
|
.el\{\
|
|
.ds -- \(em\|
|
|
.tr \*(Tr
|
|
.ds L" ``
|
|
.ds R" ''
|
|
.ds M" ``
|
|
.ds S" ''
|
|
.ds N" ``
|
|
.ds T" ''
|
|
.ds L' `
|
|
.ds R' '
|
|
.ds M' `
|
|
.ds S' '
|
|
.ds N' `
|
|
.ds T' '
|
|
.ds PI \(*p
|
|
'br\}
|
|
.\" If the F register is turned on, we'll generate
|
|
.\" index entries out stderr for the following things:
|
|
.\" TH Title
|
|
.\" SH Header
|
|
.\" Sh Subsection
|
|
.\" Ip Item
|
|
.\" X<> Xref (embedded
|
|
.\" Of course, you have to process the output yourself
|
|
.\" in some meaninful fashion.
|
|
.if \nF \{
|
|
.de IX
|
|
.tm Index:\\$1\t\\n%\t"\\$2"
|
|
..
|
|
.nr % 0
|
|
.rr F
|
|
.\}
|
|
.TH EVP_DigestInit 3 "0.9.5a" "22/Jul/2000" "OpenSSL"
|
|
.UC
|
|
.if n .hy 0
|
|
.if n .na
|
|
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
|
.de CQ \" put $1 in typewriter font
|
|
.ft CW
|
|
'if n "\c
|
|
'if t \\&\\$1\c
|
|
'if n \\&\\$1\c
|
|
'if n \&"
|
|
\\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7
|
|
'.ft R
|
|
..
|
|
.\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2
|
|
. \" AM - accent mark definitions
|
|
.bd B 3
|
|
. \" fudge factors for nroff and troff
|
|
.if n \{\
|
|
. ds #H 0
|
|
. ds #V .8m
|
|
. ds #F .3m
|
|
. ds #[ \f1
|
|
. ds #] \fP
|
|
.\}
|
|
.if t \{\
|
|
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
|
. ds #V .6m
|
|
. ds #F 0
|
|
. ds #[ \&
|
|
. ds #] \&
|
|
.\}
|
|
. \" simple accents for nroff and troff
|
|
.if n \{\
|
|
. ds ' \&
|
|
. ds ` \&
|
|
. ds ^ \&
|
|
. ds , \&
|
|
. ds ~ ~
|
|
. ds ? ?
|
|
. ds ! !
|
|
. ds /
|
|
. ds q
|
|
.\}
|
|
.if t \{\
|
|
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
|
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
|
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
|
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
|
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
|
. ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10'
|
|
. ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m'
|
|
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
|
. ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10'
|
|
.\}
|
|
. \" troff and (daisy-wheel) nroff accents
|
|
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
|
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
|
.ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#]
|
|
.ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u'
|
|
.ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u'
|
|
.ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#]
|
|
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
|
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
|
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
|
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
|
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
|
.ds ae a\h'-(\w'a'u*4/10)'e
|
|
.ds Ae A\h'-(\w'A'u*4/10)'E
|
|
.ds oe o\h'-(\w'o'u*4/10)'e
|
|
.ds Oe O\h'-(\w'O'u*4/10)'E
|
|
. \" corrections for vroff
|
|
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
|
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
|
. \" for low resolution devices (crt and lpr)
|
|
.if \n(.H>23 .if \n(.V>19 \
|
|
\{\
|
|
. ds : e
|
|
. ds 8 ss
|
|
. ds v \h'-1'\o'\(aa\(ga'
|
|
. ds _ \h'-1'^
|
|
. ds . \h'-1'.
|
|
. ds 3 3
|
|
. ds o a
|
|
. ds d- d\h'-1'\(ga
|
|
. ds D- D\h'-1'\(hy
|
|
. ds th \o'bp'
|
|
. ds Th \o'LP'
|
|
. ds ae ae
|
|
. ds Ae AE
|
|
. ds oe oe
|
|
. ds Oe OE
|
|
.\}
|
|
.rm #[ #] #H #V #F C
|
|
.SH "NAME"
|
|
EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal \- EVP digest routines
|
|
.SH "LIBRARY"
|
|
libcrypto, -lcrypto
|
|
.SH "SYNOPSIS"
|
|
.PP
|
|
.Vb 1
|
|
\& #include <openssl/evp.h>
|
|
.Ve
|
|
.Vb 4
|
|
\& void EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
|
|
\& void EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
|
|
\& void EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
|
|
\& unsigned int *s);
|
|
.Ve
|
|
.Vb 1
|
|
\& #define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
|
|
.Ve
|
|
.Vb 1
|
|
\& int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
|
|
.Ve
|
|
.Vb 4
|
|
\& #define EVP_MD_type(e) ((e)->type)
|
|
\& #define EVP_MD_pkey_type(e) ((e)->pkey_type)
|
|
\& #define EVP_MD_size(e) ((e)->md_size)
|
|
\& #define EVP_MD_block_size(e) ((e)->block_size)
|
|
.Ve
|
|
.Vb 4
|
|
\& #define EVP_MD_CTX_md(e) (e)->digest)
|
|
\& #define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest)
|
|
\& #define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest)
|
|
\& #define EVP_MD_CTX_type(e) EVP_MD_type((e)->digest)
|
|
.Ve
|
|
.Vb 9
|
|
\& EVP_MD *EVP_md_null(void);
|
|
\& EVP_MD *EVP_md2(void);
|
|
\& EVP_MD *EVP_md5(void);
|
|
\& EVP_MD *EVP_sha(void);
|
|
\& EVP_MD *EVP_sha1(void);
|
|
\& EVP_MD *EVP_dss(void);
|
|
\& EVP_MD *EVP_dss1(void);
|
|
\& EVP_MD *EVP_mdc2(void);
|
|
\& EVP_MD *EVP_ripemd160(void);
|
|
.Ve
|
|
.Vb 3
|
|
\& const EVP_MD *EVP_get_digestbyname(const char *name);
|
|
\& #define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
|
|
\& #define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
|
|
.Ve
|
|
.SH "DESCRIPTION"
|
|
The EVP digest routines are a high level interface to message digests.
|
|
.PP
|
|
\fIEVP_DigestInit()\fR initialises a digest context \fBctx\fR to use a digest
|
|
\fBtype\fR: this will typically be supplied by a function such as
|
|
\fIEVP_sha1()\fR.
|
|
.PP
|
|
\fIEVP_DigestUpdate()\fR hashes \fBcnt\fR bytes of data at \fBd\fR into the
|
|
digest context \fBctx\fR. This funtion can be called several times on the
|
|
same \fBctx\fR to hash additional data.
|
|
.PP
|
|
\fIEVP_DigestFinal()\fR retrieves the digest value from \fBctx\fR and places
|
|
it in \fBmd\fR. If the \fBs\fR parameter is not NULL then the number of
|
|
bytes of data written (i.e. the length of the digest) will be written
|
|
to the integer at \fBs\fR, at most \fBEVP_MAX_MD_SIZE\fR bytes will be written.
|
|
After calling \fIEVP_DigestFinal()\fR no additional calls to \fIEVP_DigestUpdate()\fR
|
|
can be made, but \fIEVP_DigestInit()\fR can be called to initialiase a new
|
|
digest operation.
|
|
.PP
|
|
\fIEVP_MD_CTX_copy()\fR can be used to copy the message digest state from
|
|
\fBin\fR to \fBout\fR. This is useful if large amounts of data are to be
|
|
hashed which only differ in the last few bytes.
|
|
.PP
|
|
\fIEVP_MD_size()\fR and \fIEVP_MD_CTX_size()\fR return the size of the message digest
|
|
when passed an \fBEVP_MD\fR or an \fBEVP_MD_CTX\fR structure, i.e. the size of the
|
|
hash.
|
|
.PP
|
|
\fIEVP_MD_block_size()\fR and \fIEVP_MD_CTX_block_size()\fR return the block size of the
|
|
message digest when passed an \fBEVP_MD\fR or an \fBEVP_MD_CTX\fR structure.
|
|
.PP
|
|
\fIEVP_MD_type()\fR and \fIEVP_MD_CTX_type()\fR return the NID of the OBJECT IDENTIFIER
|
|
representing the given message digest when passed an \fBEVP_MD\fR structure.
|
|
For example \fIEVP_MD_type\fR\|(\fIEVP_sha1()\fR) returns \fBNID_sha1\fR. This function is
|
|
normally used when setting ASN1 OIDs.
|
|
.PP
|
|
\fIEVP_MD_CTX_md()\fR returns the \fBEVP_MD\fR structure corresponding to the passed
|
|
\fBEVP_MD_CTX\fR.
|
|
.PP
|
|
\fIEVP_MD_pkey_type()\fR returns the NID of the public key signing algorithm associated
|
|
with this digest. For example \fIEVP_sha1()\fR is associated with RSA so this will
|
|
return \fBNID_sha1WithRSAEncryption\fR. This \*(L"link\*(R" between digests and signature
|
|
algorithms may not be retained in future versions of OpenSSL.
|
|
.PP
|
|
\fIEVP_md2()\fR, \fIEVP_md5()\fR, \fIEVP_sha()\fR, \fIEVP_sha1()\fR, \fIEVP_mdc2()\fR and \fIEVP_ripemd160()\fR
|
|
return \fBEVP_MD\fR structures for the MD2, MD5, SHA, SHA1, MDC2 and RIPEMD160 digest
|
|
algorithms respectively. The associated signature algorithm is RSA in each case.
|
|
.PP
|
|
\fIEVP_dss()\fR and \fIEVP_dss1()\fR return \fBEVP_MD\fR structures for SHA and SHA1 digest
|
|
algorithms but using DSS (DSA) for the signature algorithm.
|
|
.PP
|
|
\fIEVP_md_null()\fR is a \*(L"null\*(R" message digest that does nothing: i.e. the hash it
|
|
returns is of zero length.
|
|
.PP
|
|
\fIEVP_get_digestbyname()\fR, \fIEVP_get_digestbynid()\fR and \fIEVP_get_digestbyobj()\fR
|
|
return an \fBEVP_MD\fR structure when passed a digest name, a digest NID or
|
|
an ASN1_OBJECT structure respectively. The digest table must be initialised
|
|
using, for example, \fIOpenSSL_add_all_digests()\fR for these functions to work.
|
|
.SH "RETURN VALUES"
|
|
\fIEVP_DigestInit()\fR, \fIEVP_DigestUpdate()\fR and \fIEVP_DigestFinal()\fR do not return values.
|
|
.PP
|
|
\fIEVP_MD_CTX_copy()\fR returns 1 if successful or 0 for failure.
|
|
.PP
|
|
\fIEVP_MD_type()\fR, \fIEVP_MD_pkey_type()\fR and \fIEVP_MD_type()\fR return the NID of the
|
|
corresponding OBJECT IDENTIFIER or NID_undef if none exists.
|
|
.PP
|
|
\fIEVP_MD_size()\fR, \fIEVP_MD_block_size()\fR, \fIEVP_MD_CTX_size\fR\|(e), \fIEVP_MD_size()\fR,
|
|
\fIEVP_MD_CTX_block_size()\fR and \fIEVP_MD_block_size()\fR return the digest or block
|
|
size in bytes.
|
|
.PP
|
|
\fIEVP_md_null()\fR, \fIEVP_md2()\fR, \fIEVP_md5()\fR, \fIEVP_sha()\fR, \fIEVP_sha1()\fR, \fIEVP_dss()\fR,
|
|
\fIEVP_dss1()\fR, \fIEVP_mdc2()\fR and \fIEVP_ripemd160()\fR return pointers to the
|
|
corresponding EVP_MD structures.
|
|
.PP
|
|
\fIEVP_get_digestbyname()\fR, \fIEVP_get_digestbynid()\fR and \fIEVP_get_digestbyobj()\fR
|
|
return either an \fBEVP_MD\fR structure or NULL if an error occurs.
|
|
.SH "NOTES"
|
|
The \fBEVP\fR interface to message digests should almost always be used in
|
|
preference to the low level interfaces. This is because the code then becomes
|
|
transparent to the digest used and much more flexible.
|
|
.PP
|
|
SHA1 is the digest of choice for new applications. The other digest algorithms
|
|
are still in common use.
|
|
.SH "EXAMPLE"
|
|
This example digests the data \*(L"Test Message\en\*(R" and \*(L"Hello World\en\*(R", using the
|
|
digest name passed on the command line.
|
|
.PP
|
|
.Vb 2
|
|
\& #include <stdio.h>
|
|
\& #include <openssl/evp.h>
|
|
.Ve
|
|
.Vb 8
|
|
\& main(int argc, char *argv[])
|
|
\& {
|
|
\& EVP_MD_CTX mdctx;
|
|
\& const EVP_MD *md;
|
|
\& char mess1[] = "Test Message\en";
|
|
\& char mess2[] = "Hello World\en";
|
|
\& unsigned char md_value[EVP_MAX_MD_SIZE];
|
|
\& int md_len, i;
|
|
.Ve
|
|
.Vb 1
|
|
\& OpenSSL_add_all_digests();
|
|
.Ve
|
|
.Vb 4
|
|
\& if(!argv[1]) {
|
|
\& printf("Usage: mdtest digestname\en");
|
|
\& exit(1);
|
|
\& }
|
|
.Ve
|
|
.Vb 1
|
|
\& md = EVP_get_digestbyname(argv[1]);
|
|
.Ve
|
|
.Vb 4
|
|
\& if(!md) {
|
|
\& printf("Unknown message digest %s\en", argv[1]);
|
|
\& exit(1);
|
|
\& }
|
|
.Ve
|
|
.Vb 4
|
|
\& EVP_DigestInit(&mdctx, md);
|
|
\& EVP_DigestUpdate(&mdctx, mess1, strlen(mess1));
|
|
\& EVP_DigestUpdate(&mdctx, mess2, strlen(mess2));
|
|
\& EVP_DigestFinal(&mdctx, md_value, &md_len);
|
|
.Ve
|
|
.Vb 4
|
|
\& printf("Digest is: ");
|
|
\& for(i = 0; i < md_len; i++) printf("%02x", md_value[i]);
|
|
\& printf("\en");
|
|
\& }
|
|
.Ve
|
|
.SH "BUGS"
|
|
Several of the functions do not return values: maybe they should. Although the
|
|
internal digest operations will never fail some future hardware based operations
|
|
might.
|
|
.PP
|
|
The link between digests and signing algorithms results in a situation where
|
|
\fIEVP_sha1()\fR must be used with RSA and \fIEVP_dss1()\fR must be used with DSS
|
|
even though they are identical digests.
|
|
.PP
|
|
The size of an \fBEVP_MD_CTX\fR structure is determined at compile time: this results
|
|
in code that must be recompiled if the size of \fBEVP_MD_CTX\fR increases.
|
|
.SH "SEE ALSO"
|
|
the \fIevp(3)|evp(3)\fR manpage, the \fIhmac(3)|hmac(3)\fR manpage, the \fImd2(3)|md2(3)\fR manpage,
|
|
the \fImd5(3)|md5(3)\fR manpage, the \fImdc2(3)|mdc2(3)\fR manpage, the \fIripemd(3)|ripemd(3)\fR manpage,
|
|
the \fIsha(3)|sha(3)\fR manpage, the \fIdigest(1)|digest(1)\fR manpage
|
|
.SH "HISTORY"
|
|
\fIEVP_DigestInit()\fR, \fIEVP_DigestUpdate()\fR and \fIEVP_DigestFinal()\fR are
|
|
available in all versions of SSLeay and OpenSSL.
|
|
|
|
.rn }` ''
|
|
.IX Title "EVP_DigestInit 3"
|
|
.IX Name "EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal - EVP digest routines"
|
|
|
|
.IX Header "NAME"
|
|
|
|
.IX Header "SYNOPSIS"
|
|
|
|
.IX Header "DESCRIPTION"
|
|
|
|
.IX Header "RETURN VALUES"
|
|
|
|
.IX Header "NOTES"
|
|
|
|
.IX Header "EXAMPLE"
|
|
|
|
.IX Header "BUGS"
|
|
|
|
.IX Header "SEE ALSO"
|
|
|
|
.IX Header "HISTORY"
|
|
|