openssl/doc/man3/EVP_DigestInit.pod

325 lines
9.2 KiB
Plaintext
Raw Normal View History

2000-02-07 01:44:54 +08:00
=pod
=head1 NAME
EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex,
EVP_MD_CTX_ctrl, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate,
EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal,
EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size,
EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size,
EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null,
EVP_get_digestbyname, EVP_get_digestbynid,
EVP_get_digestbyobj - EVP digest routines
2000-02-07 01:44:54 +08:00
=head1 SYNOPSIS
#include <openssl/evp.h>
EVP_MD_CTX *EVP_MD_CTX_new(void);
int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
2001-10-16 10:22:59 +08:00
int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
2001-10-16 10:22:59 +08:00
int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
2001-10-16 10:22:59 +08:00
int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
2000-02-07 01:44:54 +08:00
int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
2001-10-16 10:22:59 +08:00
int EVP_MD_type(const EVP_MD *md);
int EVP_MD_pkey_type(const EVP_MD *md);
int EVP_MD_size(const EVP_MD *md);
int EVP_MD_block_size(const EVP_MD *md);
2000-02-07 01:44:54 +08:00
const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
int EVP_MD_CTX_size(const EVP_MD *ctx);
int EVP_MD_CTX_block_size(const EVP_MD *ctx);
int EVP_MD_CTX_type(const EVP_MD *ctx);
2000-02-07 01:44:54 +08:00
const EVP_MD *EVP_md_null(void);
2000-02-07 01:44:54 +08:00
const EVP_MD *EVP_get_digestbyname(const char *name);
const EVP_MD *EVP_get_digestbynid(int type);
const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
2000-02-07 01:44:54 +08:00
=head1 DESCRIPTION
The EVP digest routines are a high level interface to message digests,
and should be used instead of the cipher-specific functions.
2000-02-07 01:44:54 +08:00
=over 4
=item EVP_MD_CTX_new()
2001-10-16 10:22:59 +08:00
Allocates and returns a digest context.
2001-10-16 10:22:59 +08:00
=item EVP_MD_CTX_reset()
Resets the digest context B<ctx>. This can be used to reuse an already
existing context.
2000-02-07 01:44:54 +08:00
=item EVP_MD_CTX_free()
2000-02-07 01:44:54 +08:00
Cleans up digest context B<ctx> and frees up the space allocated to it.
2000-02-07 01:44:54 +08:00
=item EVP_MD_CTX_ctrl()
Performs digest-specific control actions on context B<ctx>.
=item EVP_DigestInit_ex()
Sets up digest context B<ctx> to use a digest B<type> from ENGINE B<impl>.
B<type> will typically be supplied by a function such as EVP_sha1(). If
B<impl> is NULL then the default implementation of digest B<type> is used.
=item EVP_DigestUpdate()
Hashes B<cnt> bytes of data at B<d> into the digest context B<ctx>. This
function can be called several times on the same B<ctx> to hash additional
data.
=item EVP_DigestFinal_ex()
Retrieves the digest value from B<ctx> and places it in B<md>. If the B<s>
parameter is not NULL then the number of bytes of data written (i.e. the
length of the digest) will be written to the integer at B<s>, at most
B<EVP_MAX_MD_SIZE> bytes will be written. After calling EVP_DigestFinal_ex()
no additional calls to EVP_DigestUpdate() can be made, but
EVP_DigestInit_ex() can be called to initialize a new digest operation.
=item EVP_DigestFinalXOF()
Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256.
It retrieves the digest value from B<ctx> and places it in B<len>-sized <B>md.
After calling this function no additional calls to EVP_DigestUpdate() can be
made, but EVP_DigestInit_ex() can be called to initialize a new operation.
=item EVP_MD_CTX_copy_ex()
Can be used to copy the message digest state from B<in> to B<out>. This is
useful if large amounts of data are to be hashed which only differ in the last
few bytes.
=item EVP_DigestInit()
Behaves in the same way as EVP_DigestInit_ex() except it always uses the
default digest implementation.
=item EVP_DigestFinal()
Similar to EVP_DigestFinal_ex() except the digest context B<ctx> is
automatically cleaned up.
=item EVP_MD_CTX_copy()
Similar to EVP_MD_CTX_copy_ex() except the destination B<out> does not have to
be initialized.
2001-10-16 10:22:59 +08:00
=item EVP_MD_size(),
EVP_MD_CTX_size()
2001-10-16 10:22:59 +08:00
Return the size of the message digest when passed an B<EVP_MD> or an
B<EVP_MD_CTX> structure, i.e. the size of the hash.
2001-10-16 10:22:59 +08:00
=item EVP_MD_block_size(),
EVP_MD_CTX_block_size()
2000-02-07 01:44:54 +08:00
Return the block size of the message digest when passed an B<EVP_MD> or an
B<EVP_MD_CTX> structure.
2000-02-07 01:44:54 +08:00
=item EVP_MD_type(),
EVP_MD_CTX_type()
2000-02-07 01:44:54 +08:00
Return the NID of the OBJECT IDENTIFIER representing the given message digest
when passed an B<EVP_MD> structure. For example, C<EVP_MD_type(EVP_sha1())>
returns B<NID_sha1>. This function is normally used when setting ASN1 OIDs.
2000-02-07 01:44:54 +08:00
=item EVP_MD_CTX_md()
2000-02-07 01:44:54 +08:00
Returns the B<EVP_MD> structure corresponding to the passed B<EVP_MD_CTX>.
2000-02-07 01:44:54 +08:00
=item EVP_MD_pkey_type()
2000-02-07 01:44:54 +08:00
Returns the NID of the public key signing algorithm associated with this
digest. For example EVP_sha1() is associated with RSA so this will return
B<NID_sha1WithRSAEncryption>. Since digests and signature algorithms are no
longer linked this function is only retained for compatibility reasons.
2000-02-07 01:44:54 +08:00
=item EVP_md_null()
A "null" message digest that does nothing: i.e. the hash it returns is of zero
length.
=item EVP_get_digestbyname(),
EVP_get_digestbynid(),
EVP_get_digestbyobj()
Returns an B<EVP_MD> structure when passed a digest name, a digest B<NID> or an
B<ASN1_OBJECT> structure respectively.
=back
2000-02-07 01:44:54 +08:00
=head1 RETURN VALUES
=over 4
=item EVP_DigestInit_ex(),
EVP_DigestUpdate(),
EVP_DigestFinal_ex()
Returns 1 for
success and 0 for failure.
2000-02-07 01:44:54 +08:00
=item EVP_MD_CTX_ctrl()
Returns 1 if successful or 0 for failure.
=item EVP_MD_CTX_copy_ex()
Returns 1 if successful or 0 for failure.
2000-02-07 01:44:54 +08:00
=item EVP_MD_type(),
EVP_MD_pkey_type(),
EVP_MD_type()
2000-02-07 01:44:54 +08:00
Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none
exists.
2000-02-07 01:44:54 +08:00
=item EVP_MD_size(),
EVP_MD_block_size(),
EVP_MD_CTX_size(),
EVP_MD_CTX_block_size()
2000-02-07 01:44:54 +08:00
Returns the digest or block size in bytes.
=item EVP_md_null()
Returns a pointer to the B<EVP_MD> structure of the "null" message digest.
=item EVP_get_digestbyname(),
EVP_get_digestbynid(),
EVP_get_digestbyobj()
Returns either an B<EVP_MD> structure or NULL if an error occurs.
=back
2000-02-07 01:44:54 +08:00
=head1 NOTES
The B<EVP> interface to message digests should almost always be used in
preference to the low level interfaces. This is because the code then becomes
transparent to the digest used and much more flexible.
New applications should use the SHA-2 (such as L<EVP_sha256(3)>) or the SHA-3
digest algorithms (such as L<EVP_sha3_512(3)>). The other digest algorithms
are still in common use.
2000-02-07 01:44:54 +08:00
2001-10-16 10:22:59 +08:00
For most applications the B<impl> parameter to EVP_DigestInit_ex() will be
set to NULL to use the default digest implementation.
The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are
2001-10-16 10:22:59 +08:00
obsolete but are retained to maintain compatibility with existing code. New
applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and
2001-10-16 10:22:59 +08:00
EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context
instead of initializing and cleaning it up on each call and allow non default
implementations of digests to be specified.
If digest contexts are not cleaned up after use
memory leaks will occur.
EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(),
EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as
macros.
EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration
or control.
2000-02-07 01:44:54 +08:00
=head1 EXAMPLE
This example digests the data "Test Message\n" and "Hello World\n", using the
digest name passed on the command line.
#include <stdio.h>
#include <openssl/evp.h>
main(int argc, char *argv[])
{
EVP_MD_CTX *mdctx;
const EVP_MD *md;
char mess1[] = "Test Message\n";
char mess2[] = "Hello World\n";
unsigned char md_value[EVP_MAX_MD_SIZE];
int md_len, i;
if (argv[1] == NULL) {
printf("Usage: mdtest digestname\n");
exit(1);
}
md = EVP_get_digestbyname(argv[1]);
if (md == NULL) {
printf("Unknown message digest %s\n", argv[1]);
exit(1);
}
mdctx = EVP_MD_CTX_new();
EVP_DigestInit_ex(mdctx, md, NULL);
EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
EVP_DigestFinal_ex(mdctx, md_value, &md_len);
EVP_MD_CTX_free(mdctx);
printf("Digest is: ");
for (i = 0; i < md_len; i++)
printf("%02x", md_value[i]);
printf("\n");
exit(0);
2000-02-07 01:44:54 +08:00
}
=head1 SEE ALSO
L<dgst(1)>,
L<evp(7)>
The full list of digest algorithms are provided below.
L<EVP_blake2b512(3)>,
L<EVP_md2(3)>,
L<EVP_md4(3)>,
L<EVP_md5(3)>,
L<EVP_mdc2(3)>,
L<EVP_ripemd160(3)>,
L<EVP_sha1(3)>,
L<EVP_sha224(3)>,
L<EVP_sha3_224(3)>,
L<EVP_sm3(3)>,
L<EVP_whirlpool(3)>
2000-02-07 01:44:54 +08:00
=head1 HISTORY
EVP_MD_CTX_create() and EVP_MD_CTX_destroy() were renamed to
EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0.
The link between digests and signing algorithms was fixed in OpenSSL 1.0 and
later, so now EVP_sha1() can be used with RSA and DSA.
EVP_dss1() was removed in OpenSSL 1.1.0.
=head1 COPYRIGHT
Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut