1EVP_DIGESTINIT(3) OpenSSL EVP_DIGESTINIT(3)
2
3
4
6 EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy,
7 EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags,
8 EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_Digest,
9 EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate,
10 EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_type,
11 EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_flags,
12 EVP_MD_CTX_md, EVP_MD_CTX_type, EVP_MD_CTX_size, EVP_MD_CTX_block_size,
13 EVP_MD_CTX_md_data, EVP_MD_CTX_update_fn, EVP_MD_CTX_set_update_fn,
14 EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid,
15 EVP_get_digestbyobj, EVP_MD_CTX_pkey_ctx, EVP_MD_CTX_set_pkey_ctx - EVP
16 digest routines
17
19 #include <openssl/evp.h>
20
21 EVP_MD_CTX *EVP_MD_CTX_new(void);
22 int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
23 void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
24 void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
25 void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
26 void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
27 int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
28
29 int EVP_Digest(const void *data, size_t count, unsigned char *md,
30 unsigned int *size, const EVP_MD *type, ENGINE *impl);
31 int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
32 int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
33 int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
34 int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
35
36 int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
37
38 int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
39 int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
40
41 int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
42
43 int EVP_MD_type(const EVP_MD *md);
44 int EVP_MD_pkey_type(const EVP_MD *md);
45 int EVP_MD_size(const EVP_MD *md);
46 int EVP_MD_block_size(const EVP_MD *md);
47 unsigned long EVP_MD_flags(const EVP_MD *md);
48
49 const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
50 int EVP_MD_CTX_size(const EVP_MD_CTX *ctx);
51 int EVP_MD_CTX_block_size(const EVP_MD_CTX *ctx);
52 int EVP_MD_CTX_type(const EVP_MD_CTX *ctx);
53 void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
54 int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx,
55 const void *data, size_t count);
56 void EVP_MD_CTX_set_update_fn(EVP_MD_CTX *ctx,
57 int (*update)(EVP_MD_CTX *ctx,
58 const void *data, size_t count));
59
60 const EVP_MD *EVP_md_null(void);
61
62 const EVP_MD *EVP_get_digestbyname(const char *name);
63 const EVP_MD *EVP_get_digestbynid(int type);
64 const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
65
66 EVP_PKEY_CTX *EVP_MD_CTX_pkey_ctx(const EVP_MD_CTX *ctx);
67 void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);
68
70 The EVP digest routines are a high-level interface to message digests,
71 and should be used instead of the cipher-specific functions.
72
73 EVP_MD_CTX_new()
74 Allocates and returns a digest context.
75
76 EVP_MD_CTX_reset()
77 Resets the digest context ctx. This can be used to reuse an
78 already existing context.
79
80 EVP_MD_CTX_free()
81 Cleans up digest context ctx and frees up the space allocated to
82 it.
83
84 EVP_MD_CTX_ctrl()
85 Performs digest-specific control actions on context ctx. The
86 control command is indicated in cmd and any additional arguments in
87 p1 and p2. EVP_MD_CTX_ctrl() must be called after
88 EVP_DigestInit_ex(). Other restrictions may apply depending on the
89 control type and digest implementation. See "CONTROLS" below for
90 more information.
91
92 EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(),
93 EVP_MD_CTX_test_flags()
94 Sets, clears and tests ctx flags. See "FLAGS" below for more
95 information.
96
97 EVP_Digest()
98 A wrapper around the Digest Init_ex, Update and Final_ex functions.
99 Hashes count bytes of data at data using a digest type from ENGINE
100 impl. The digest value is placed in md and its length is written at
101 size if the pointer is not NULL. At most EVP_MAX_MD_SIZE bytes will
102 be written. If impl is NULL the default implementation of digest
103 type is used.
104
105 EVP_DigestInit_ex()
106 Sets up digest context ctx to use a digest type from ENGINE impl.
107 type will typically be supplied by a function such as EVP_sha1().
108 If impl is NULL then the default implementation of digest type is
109 used.
110
111 EVP_DigestUpdate()
112 Hashes cnt bytes of data at d into the digest context ctx. This
113 function can be called several times on the same ctx to hash
114 additional data.
115
116 EVP_DigestFinal_ex()
117 Retrieves the digest value from ctx and places it in md. If the s
118 parameter is not NULL then the number of bytes of data written
119 (i.e. the length of the digest) will be written to the integer at
120 s, at most EVP_MAX_MD_SIZE bytes will be written. After calling
121 EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can
122 be made, but EVP_DigestInit_ex() can be called to initialize a new
123 digest operation.
124
125 EVP_DigestFinalXOF()
126 Interfaces to extendable-output functions, XOFs, such as SHAKE128
127 and SHAKE256. It retrieves the digest value from ctx and places it
128 in len-sized <B>md. After calling this function no additional
129 calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex()
130 can be called to initialize a new operation.
131
132 EVP_MD_CTX_copy_ex()
133 Can be used to copy the message digest state from in to out. This
134 is useful if large amounts of data are to be hashed which only
135 differ in the last few bytes.
136
137 EVP_DigestInit()
138 Behaves in the same way as EVP_DigestInit_ex() except it always
139 uses the default digest implementation and calls
140 EVP_MD_CTX_reset().
141
142 EVP_DigestFinal()
143 Similar to EVP_DigestFinal_ex() except the digest context ctx is
144 automatically cleaned up.
145
146 EVP_MD_CTX_copy()
147 Similar to EVP_MD_CTX_copy_ex() except the destination out does not
148 have to be initialized.
149
150 EVP_MD_size(), EVP_MD_CTX_size()
151 Return the size of the message digest when passed an EVP_MD or an
152 EVP_MD_CTX structure, i.e. the size of the hash.
153
154 EVP_MD_block_size(), EVP_MD_CTX_block_size()
155 Return the block size of the message digest when passed an EVP_MD
156 or an EVP_MD_CTX structure.
157
158 EVP_MD_type(), EVP_MD_CTX_type()
159 Return the NID of the OBJECT IDENTIFIER representing the given
160 message digest when passed an EVP_MD structure. For example,
161 "EVP_MD_type(EVP_sha1())" returns NID_sha1. This function is
162 normally used when setting ASN1 OIDs.
163
164 EVP_MD_CTX_md_data()
165 Return the digest method private data for the passed EVP_MD_CTX.
166 The space is allocated by OpenSSL and has the size originally set
167 with EVP_MD_meth_set_app_datasize().
168
169 EVP_MD_CTX_md()
170 Returns the EVP_MD structure corresponding to the passed
171 EVP_MD_CTX.
172
173 EVP_MD_CTX_set_update_fn()
174 Sets the update function for ctx to update. This is the function
175 that is called by EVP_DigestUpdate. If not set, the update function
176 from the EVP_MD type specified at initialization is used.
177
178 EVP_MD_CTX_update_fn()
179 Returns the update function for ctx.
180
181 EVP_MD_flags()
182 Returns the md flags. Note that these are different from the
183 EVP_MD_CTX ones. See EVP_MD_meth_set_flags(3) for more information.
184
185 EVP_MD_pkey_type()
186 Returns the NID of the public key signing algorithm associated with
187 this digest. For example EVP_sha1() is associated with RSA so this
188 will return NID_sha1WithRSAEncryption. Since digests and signature
189 algorithms are no longer linked this function is only retained for
190 compatibility reasons.
191
192 EVP_md_null()
193 A "null" message digest that does nothing: i.e. the hash it returns
194 is of zero length.
195
196 EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()
197 Returns an EVP_MD structure when passed a digest name, a digest NID
198 or an ASN1_OBJECT structure respectively.
199
200 EVP_MD_CTX_pkey_ctx()
201 Returns the EVP_PKEY_CTX assigned to ctx. The returned pointer
202 should not be freed by the caller.
203
204 EVP_MD_CTX_set_pkey_ctx()
205 Assigns an EVP_PKEY_CTX to EVP_MD_CTX. This is usually used to
206 provide a customized EVP_PKEY_CTX to EVP_DigestSignInit(3) or
207 EVP_DigestVerifyInit(3). The pctx passed to this function should be
208 freed by the caller. A NULL pctx pointer is also allowed to clear
209 the EVP_PKEY_CTX assigned to ctx. In such case, freeing the cleared
210 EVP_PKEY_CTX or not depends on how the EVP_PKEY_CTX is created.
211
213 EVP_MD_CTX_ctrl() can be used to send the following standard controls:
214
215 EVP_MD_CTRL_MICALG
216 Gets the digest Message Integrity Check algorithm string. This is
217 used when creating S/MIME multipart/signed messages, as specified
218 in RFC 3851. The string value is written to p2.
219
220 EVP_MD_CTRL_XOF_LEN
221 This control sets the digest length for extendable output functions
222 to p1. Sending this control directly should not be necessary, the
223 use of "EVP_DigestFinalXOF()" is preferred. Currently used by
224 SHAKE.
225
227 EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and
228 EVP_MD_CTX_test_flags() can be used the manipulate and test these
229 EVP_MD_CTX flags:
230
231 EVP_MD_CTX_FLAG_ONESHOT
232 This flag instructs the digest to optimize for one update only, if
233 possible.
234
235 EVP_MD_CTX_FLAG_NO_INIT
236 This flag instructs EVP_DigestInit() and similar not to initialise
237 the implementation specific data.
238
239 EVP_MD_CTX_FLAG_FINALISE
240 Some functions such as EVP_DigestSign only finalise copies of
241 internal contexts so additional data can be included after the
242 finalisation call. This is inefficient if this functionality is
243 not required, and can be disabled with this flag.
244
246 EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()
247 Returns 1 for success and 0 for failure.
248
249 EVP_MD_CTX_ctrl()
250 Returns 1 if successful or 0 for failure.
251
252 EVP_MD_CTX_copy_ex()
253 Returns 1 if successful or 0 for failure.
254
255 EVP_MD_type(), EVP_MD_pkey_type()
256 Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef
257 if none exists.
258
259 EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(),
260 EVP_MD_CTX_block_size()
261 Returns the digest or block size in bytes.
262
263 EVP_md_null()
264 Returns a pointer to the EVP_MD structure of the "null" message
265 digest.
266
267 EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()
268 Returns either an EVP_MD structure or NULL if an error occurs.
269
270 EVP_MD_CTX_set_pkey_ctx()
271 This function has no return value.
272
274 The EVP interface to message digests should almost always be used in
275 preference to the low-level interfaces. This is because the code then
276 becomes transparent to the digest used and much more flexible.
277
278 New applications should use the SHA-2 (such as EVP_sha256(3)) or the
279 SHA-3 digest algorithms (such as EVP_sha3_512(3)). The other digest
280 algorithms are still in common use.
281
282 For most applications the impl parameter to EVP_DigestInit_ex() will be
283 set to NULL to use the default digest implementation.
284
285 The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy()
286 are obsolete but are retained to maintain compatibility with existing
287 code. New applications should use EVP_DigestInit_ex(),
288 EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can
289 efficiently reuse a digest context instead of initializing and cleaning
290 it up on each call and allow non default implementations of digests to
291 be specified.
292
293 If digest contexts are not cleaned up after use, memory leaks will
294 occur.
295
296 EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(),
297 EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.
298
299 EVP_MD_CTX_ctrl() sends commands to message digests for additional
300 configuration or control.
301
303 This example digests the data "Test Message\n" and "Hello World\n",
304 using the digest name passed on the command line.
305
306 #include <stdio.h>
307 #include <string.h>
308 #include <openssl/evp.h>
309
310 int main(int argc, char *argv[])
311 {
312 EVP_MD_CTX *mdctx;
313 const EVP_MD *md;
314 char mess1[] = "Test Message\n";
315 char mess2[] = "Hello World\n";
316 unsigned char md_value[EVP_MAX_MD_SIZE];
317 unsigned int md_len, i;
318
319 if (argv[1] == NULL) {
320 printf("Usage: mdtest digestname\n");
321 exit(1);
322 }
323
324 md = EVP_get_digestbyname(argv[1]);
325 if (md == NULL) {
326 printf("Unknown message digest %s\n", argv[1]);
327 exit(1);
328 }
329
330 mdctx = EVP_MD_CTX_new();
331 EVP_DigestInit_ex(mdctx, md, NULL);
332 EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
333 EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
334 EVP_DigestFinal_ex(mdctx, md_value, &md_len);
335 EVP_MD_CTX_free(mdctx);
336
337 printf("Digest is: ");
338 for (i = 0; i < md_len; i++)
339 printf("%02x", md_value[i]);
340 printf("\n");
341
342 exit(0);
343 }
344
346 EVP_MD_meth_new(3), dgst(1), evp(7)
347
348 The full list of digest algorithms are provided below.
349
350 EVP_blake2b512(3), EVP_md2(3), EVP_md4(3), EVP_md5(3), EVP_mdc2(3),
351 EVP_ripemd160(3), EVP_sha1(3), EVP_sha224(3), EVP_sha3_224(3),
352 EVP_sm3(3), EVP_whirlpool(3)
353
355 The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed
356 to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0,
357 respectively.
358
359 The link between digests and signing algorithms was fixed in OpenSSL
360 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.
361
362 The EVP_dss1() function was removed in OpenSSL 1.1.0.
363
364 The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.
365
367 Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
368
369 Licensed under the OpenSSL license (the "License"). You may not use
370 this file except in compliance with the License. You can obtain a copy
371 in the file LICENSE in the source distribution or at
372 <https://www.openssl.org/source/license.html>.
373
374
375
3761.1.1k 2021-03-26 EVP_DIGESTINIT(3)