1SHA1(3)                  BSD Library Functions Manual                  SHA1(3)
2

NAME

4     SHA1Init, SHA1Update, SHA1Pad, SHA1Final, SHA1Transform, SHA1End,
5     SHA1File, SHA1FileChunk, SHA1Data — calculate the NIST Secure Hash Algo‐
6     rithm
7

LIBRARY

9     Message Digest (MD4, MD5, etc.) Support Library (libmd, -lmd)
10

SYNOPSIS

12     #include <sys/types.h>
13     #include <sha1.h>
14
15     void
16     SHA1Init(SHA1_CTX *context);
17
18     void
19     SHA1Update(SHA1_CTX *context, const uint8_t *data, size_t len);
20
21     void
22     SHA1Pad(SHA1_CTX *context);
23
24     void
25     SHA1Final(uint8_t digest[SHA1_DIGEST_LENGTH], SHA1_CTX *context);
26
27     void
28     SHA1Transform(uint32_t state[5],
29         const uint8_t buffer[SHA1_BLOCK_LENGTH]);
30
31     char *
32     SHA1End(SHA1_CTX *context, char *buf);
33
34     char *
35     SHA1File(const char *filename, char *buf);
36
37     char *
38     SHA1FileChunk(const char *filename, char *buf, off_t offset,
39         off_t length);
40
41     char *
42     SHA1Data(const uint8_t *data, size_t len, char *buf);
43

DESCRIPTION

45     The SHA1 functions implement the NIST Secure Hash Algorithm (SHA-1), FIPS
46     PUB 180-1.  SHA-1 is used to generate a condensed representation of a
47     message called a message digest.  The algorithm takes a message less than
48     2^64 bits as input and produces a 160-bit digest suitable for use as a
49     digital signature.
50
51     While the SHA1 functions are considered to be more secure than the md4(3)
52     and md5(3) functions with which they share a similar interface, they are
53     considered insecure as of 2005, and as of 2020 chosen-prefix attacks have
54     become practical, thus these must not be used in cryptographic contexts.
55
56     The SHA1Init() function initializes a SHA1_CTX context for use with
57     SHA1Update(), and SHA1Final().  The SHA1Update() function adds data of
58     length len to the SHA1_CTX specified by context.  SHA1Final() is called
59     when all data has been added via SHA1Update() and stores a message digest
60     in the digest parameter.
61
62     The SHA1Pad() function can be used to apply padding to the message digest
63     as in SHA1Final(), but the current context can still be used with
64     SHA1Update().
65
66     The SHA1Transform() function is used by SHA1Update() to hash 512-bit
67     blocks and forms the core of the algorithm.  Most programs should use the
68     interface provided by SHA1Init(), SHA1Update() and SHA1Final() instead of
69     calling SHA1Transform() directly.
70
71     The SHA1End() function is a front end for SHA1Final() which converts the
72     digest into an ASCII representation of the 160 bit digest in hexadecimal.
73
74     The SHA1File() function calculates the digest for a file and returns the
75     result via SHA1End().  If SHA1File() is unable to open the file a NULL
76     pointer is returned.
77
78     SHA1FileChunk() behaves like SHA1File() but calculates the digest only
79     for that portion of the file starting at offset and continuing for length
80     bytes or until end of file is reached, whichever comes first.  A zero
81     length can be specified to read until end of file.  A negative length or
82     offset will be ignored.
83
84     The SHA1Data() function calculates the digest of an arbitrary string and
85     returns the result via SHA1End().
86
87     For each of the SHA1End(), SHA1File(), and SHA1Data() functions the buf
88     parameter should either be a string of at least 41 characters in size or
89     a NULL pointer.  In the latter case, space will be dynamically allocated
90     via malloc(3) and should be freed using free(3) when it is no longer
91     needed.
92

EXAMPLES

94     The follow code fragment will calculate the digest for the string "abc"
95     which is ``0xa9993e364706816aba3e25717850c26c9cd0d89d''.
96
97           SHA1_CTX sha;
98           uint8_t results[SHA1_DIGEST_LENGTH];
99           char *buf;
100           int n;
101
102           buf = "abc";
103           n = strlen(buf);
104           SHA1Init(&sha);
105           SHA1Update(&sha, (uint8_t *)buf, n);
106           SHA1Final(results, &sha);
107
108           /* Print the digest as one long hex value */
109           printf("0x");
110           for (n = 0; n < SHA1_DIGEST_LENGTH; n++)
111                   printf("%02x", results[n]);
112           putchar('\n');
113
114     Alternately, the helper functions could be used in the following way:
115
116           uint8_t output[SHA1_DIGEST_STRING_LENGTH];
117           char *buf = "abc";
118
119           printf("0x%s\n", SHA1Data(buf, strlen(buf), output));
120

SEE ALSO

122     cksum(1), sha1(1), md4(3), md5(3), rmd160(3), sha2(3)
123
124     J. Burrows, The Secure Hash Standard, FIPS PUB 180-1.
125
126     D. Eastlake and P. Jones, US Secure Hash Algorithm 1, RFC 3174.
127

HISTORY

129     The SHA-1 functions appeared in OpenBSD 2.0.
130

AUTHORS

132     This implementation of SHA-1 was written by Steve Reid.
133
134     The SHA1End(), SHA1File(), SHA1FileChunk(), and SHA1Data() helper func‐
135     tions are derived from code written by Poul-Henning Kamp.
136

CAVEATS

138     This implementation of SHA-1 has not been validated by NIST and as such
139     is not in official compliance with the standard.
140
141     If a message digest is to be copied to a multi-byte type (ie: an array of
142     five 32-bit integers) it will be necessary to perform byte swapping on
143     little endian machines such as the i386, alpha, and vax.
144
145BSD                            February 13, 2008                           BSD
Impressum