1999-11-10 10:52:17 +08:00
|
|
|
=pod
|
2000-01-07 09:39:59 +08:00
|
|
|
|
1999-11-10 10:52:17 +08:00
|
|
|
=head1 NAME
|
|
|
|
|
2014-08-29 07:11:42 +08:00
|
|
|
dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md2, md4, md5, dss1 - message digests
|
1999-11-10 10:52:17 +08:00
|
|
|
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
|
2000-03-19 06:00:26 +08:00
|
|
|
B<openssl> B<dgst>
|
2014-08-29 07:11:42 +08:00
|
|
|
[B<-sha|-sha1|-mdc2|-ripemd160|-sha224|-sha256|-sha384|-sha512|-md2|-md4|-md5|-dss1>]
|
1999-11-10 10:52:17 +08:00
|
|
|
[B<-c>]
|
|
|
|
[B<-d>]
|
2000-09-04 07:13:48 +08:00
|
|
|
[B<-hex>]
|
|
|
|
[B<-binary>]
|
2014-08-29 07:11:42 +08:00
|
|
|
[B<-r>]
|
2000-09-04 07:13:48 +08:00
|
|
|
[B<-out filename>]
|
|
|
|
[B<-sign filename>]
|
2009-04-15 23:27:03 +08:00
|
|
|
[B<-keyform arg>]
|
2004-12-03 20:26:56 +08:00
|
|
|
[B<-passin arg>]
|
2000-09-04 07:13:48 +08:00
|
|
|
[B<-verify filename>]
|
|
|
|
[B<-prverify filename>]
|
|
|
|
[B<-signature filename>]
|
2008-05-19 15:43:34 +08:00
|
|
|
[B<-hmac key>]
|
2014-08-29 07:11:42 +08:00
|
|
|
[B<-non-fips-allow>]
|
|
|
|
[B<-fips-fingerprint>]
|
1999-11-10 10:52:17 +08:00
|
|
|
[B<file...>]
|
|
|
|
|
2014-08-29 07:11:42 +08:00
|
|
|
B<openssl>
|
|
|
|
[I<digest>]
|
|
|
|
[B<...>]
|
1999-11-10 10:52:17 +08:00
|
|
|
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
|
2000-09-04 07:13:48 +08:00
|
|
|
The digest functions output the message digest of a supplied file or files
|
2014-08-29 07:11:42 +08:00
|
|
|
in hexadecimal. The digest functions also generate and verify digital
|
|
|
|
signatures using message digests.
|
1999-11-10 10:52:17 +08:00
|
|
|
|
|
|
|
=head1 OPTIONS
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
=item B<-c>
|
|
|
|
|
2000-09-04 07:13:48 +08:00
|
|
|
print out the digest in two digit groups separated by colons, only relevant if
|
|
|
|
B<hex> format output is used.
|
1999-11-10 10:52:17 +08:00
|
|
|
|
|
|
|
=item B<-d>
|
|
|
|
|
|
|
|
print out BIO debugging information.
|
|
|
|
|
2000-09-04 07:13:48 +08:00
|
|
|
=item B<-hex>
|
|
|
|
|
|
|
|
digest is to be output as a hex dump. This is the default case for a "normal"
|
2014-08-29 07:11:42 +08:00
|
|
|
digest as opposed to a digital signature. See NOTES below for digital
|
|
|
|
signatures using B<-hex>.
|
2000-09-04 07:13:48 +08:00
|
|
|
|
|
|
|
=item B<-binary>
|
|
|
|
|
|
|
|
output the digest or signature in binary form.
|
|
|
|
|
2014-08-29 07:11:42 +08:00
|
|
|
=item B<-r>
|
|
|
|
|
|
|
|
output the digest in the "coreutils" format used by programs like B<sha1sum>.
|
|
|
|
|
2000-09-04 07:13:48 +08:00
|
|
|
=item B<-out filename>
|
|
|
|
|
|
|
|
filename to output to, or standard output by default.
|
|
|
|
|
|
|
|
=item B<-sign filename>
|
|
|
|
|
|
|
|
digitally sign the digest using the private key in "filename".
|
|
|
|
|
2009-04-15 23:27:03 +08:00
|
|
|
=item B<-keyform arg>
|
|
|
|
|
2014-08-29 07:11:42 +08:00
|
|
|
Specifies the key format to sign digest with. The DER, PEM, P12,
|
|
|
|
and ENGINE formats are supported.
|
2009-04-15 23:27:03 +08:00
|
|
|
|
|
|
|
=item B<-engine id>
|
|
|
|
|
|
|
|
Use engine B<id> for operations (including private key storage).
|
|
|
|
This engine is not used as source for digest algorithms, unless it is
|
|
|
|
also specified in the configuration file.
|
|
|
|
|
|
|
|
=item B<-sigopt nm:v>
|
|
|
|
|
|
|
|
Pass options to the signature algorithm during sign or verify operations.
|
|
|
|
Names and values of these options are algorithm-specific.
|
|
|
|
|
|
|
|
|
2004-12-03 20:26:56 +08:00
|
|
|
=item B<-passin arg>
|
|
|
|
|
|
|
|
the private key password source. For more information about the format of B<arg>
|
|
|
|
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
|
|
|
|
|
2000-09-04 07:13:48 +08:00
|
|
|
=item B<-verify filename>
|
|
|
|
|
|
|
|
verify the signature using the the public key in "filename".
|
|
|
|
The output is either "Verification OK" or "Verification Failure".
|
|
|
|
|
|
|
|
=item B<-prverify filename>
|
|
|
|
|
|
|
|
verify the signature using the the private key in "filename".
|
|
|
|
|
|
|
|
=item B<-signature filename>
|
|
|
|
|
|
|
|
the actual signature to verify.
|
|
|
|
|
2008-05-19 15:43:34 +08:00
|
|
|
=item B<-hmac key>
|
|
|
|
|
|
|
|
create a hashed MAC using "key".
|
|
|
|
|
2009-04-15 23:27:03 +08:00
|
|
|
=item B<-mac alg>
|
|
|
|
|
|
|
|
create MAC (keyed Message Authentication Code). The most popular MAC
|
|
|
|
algorithm is HMAC (hash-based MAC), but there are other MAC algorithms
|
|
|
|
which are not based on hash, for instance B<gost-mac> algorithm,
|
|
|
|
supported by B<ccgost> engine. MAC keys and other options should be set
|
|
|
|
via B<-macopt> parameter.
|
|
|
|
|
|
|
|
=item B<-macopt nm:v>
|
|
|
|
|
|
|
|
Passes options to MAC algorithm, specified by B<-mac> key.
|
|
|
|
Following options are supported by both by B<HMAC> and B<gost-mac>:
|
|
|
|
|
|
|
|
=over 8
|
|
|
|
|
|
|
|
=item B<key:string>
|
2014-08-29 07:11:42 +08:00
|
|
|
|
2009-04-15 23:27:03 +08:00
|
|
|
Specifies MAC key as alphnumeric string (use if key contain printable
|
|
|
|
characters only). String length must conform to any restrictions of
|
|
|
|
the MAC algorithm for example exactly 32 chars for gost-mac.
|
|
|
|
|
|
|
|
=item B<hexkey:string>
|
|
|
|
|
|
|
|
Specifies MAC key in hexadecimal form (two hex digits per byte).
|
|
|
|
Key length must conform to any restrictions of the MAC algorithm
|
|
|
|
for example exactly 32 chars for gost-mac.
|
|
|
|
|
|
|
|
=back
|
|
|
|
|
2000-09-04 07:13:48 +08:00
|
|
|
=item B<-rand file(s)>
|
|
|
|
|
|
|
|
a file or files containing random data used to seed the random number
|
|
|
|
generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
|
|
|
|
Multiple files can be specified separated by a OS-dependent character.
|
|
|
|
The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
|
|
|
|
all others.
|
|
|
|
|
2014-08-29 07:11:42 +08:00
|
|
|
=item B<-non-fips-allow>
|
|
|
|
|
|
|
|
enable use of non-FIPS algorithms such as MD5 even in FIPS mode.
|
|
|
|
|
|
|
|
=item B<-fips-fingerprint>
|
|
|
|
|
|
|
|
compute HMAC using a specific key
|
|
|
|
for certain OpenSSL-FIPS operations.
|
|
|
|
|
1999-11-10 10:52:17 +08:00
|
|
|
=item B<file...>
|
|
|
|
|
|
|
|
file or files to digest. If no files are specified then standard input is
|
|
|
|
used.
|
|
|
|
|
|
|
|
=back
|
|
|
|
|
2014-08-29 07:11:42 +08:00
|
|
|
|
|
|
|
=head1 EXAMPLES
|
|
|
|
|
|
|
|
To create a hex-encoded message digest of a file:
|
|
|
|
openssl dgst -md5 -hex file.txt
|
|
|
|
|
|
|
|
To sign a file using SHA-256 with binary file output:
|
|
|
|
openssl dgst -sha256 -sign privatekey.pem -out signature.sign file.txt
|
|
|
|
|
|
|
|
To verify a signature:
|
|
|
|
openssl dgst -sha256 -verify publickey.pem \
|
|
|
|
-signature signature.sign \
|
|
|
|
file.txt
|
|
|
|
|
|
|
|
|
1999-11-10 10:52:17 +08:00
|
|
|
=head1 NOTES
|
|
|
|
|
2014-08-29 07:11:42 +08:00
|
|
|
New or agile applications should use probably use SHA-256. Other digests,
|
|
|
|
particularly SHA-1 and MD5, are still widely used for interoperating
|
|
|
|
with existing formats and protocols.
|
1999-11-10 10:52:17 +08:00
|
|
|
|
2014-08-29 07:11:42 +08:00
|
|
|
When signing a file, B<dgst> will automatically determine the algorithm
|
|
|
|
(RSA, ECC, etc) to use for signing based on the private key's ASN.1 info.
|
|
|
|
When verifying signatures, it only handles the RSA, DSA, or ECDSA signature
|
|
|
|
itself, not the related data to identify the signer and algorithm used in
|
|
|
|
formats such as x.509, CMS, and S/MIME.
|
2000-09-04 07:13:48 +08:00
|
|
|
|
|
|
|
A source of random numbers is required for certain signing algorithms, in
|
2014-08-29 07:11:42 +08:00
|
|
|
particular ECDSA and DSA.
|
2000-09-04 07:13:48 +08:00
|
|
|
|
|
|
|
The signing and verify options should only be used if a single file is
|
|
|
|
being signed or verified.
|
|
|
|
|
2014-08-29 07:11:42 +08:00
|
|
|
Hex signatures cannot be verified using B<openssl>. Instead, use "xxd -r"
|
|
|
|
or similar program to transform the hex signature into a binary signature
|
|
|
|
prior to verification.
|
|
|
|
|
|
|
|
|
1999-11-10 10:52:17 +08:00
|
|
|
=cut
|