1EVP_DIGESTINIT(3) OpenSSL EVP_DIGESTINIT(3)
2
3
4
6 EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy,
7 EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags,
8 EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_Digest,
9 EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate,
10 EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_type,
11 EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_flags,
12 EVP_MD_CTX_md, EVP_MD_CTX_type, EVP_MD_CTX_size, EVP_MD_CTX_block_size,
13 EVP_MD_CTX_md_data, EVP_MD_CTX_update_fn, EVP_MD_CTX_set_update_fn,
14 EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid,
15 EVP_get_digestbyobj, EVP_MD_CTX_pkey_ctx, EVP_MD_CTX_set_pkey_ctx - EVP
16 digest routines
17
19 #include <openssl/evp.h>
20
21 EVP_MD_CTX *EVP_MD_CTX_new(void);
22 int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
23 void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
24 void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
25 void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
26 void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
27 int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
28
29 int EVP_Digest(const void *data, size_t count, unsigned char *md,
30 unsigned int *size, const EVP_MD *type, ENGINE *impl);
31 int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
32 int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
33 int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
34 int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
35
36 int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
37
38 int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
39 int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
40
41 int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
42
43 int EVP_MD_type(const EVP_MD *md);
44 int EVP_MD_pkey_type(const EVP_MD *md);
45 int EVP_MD_size(const EVP_MD *md);
46 int EVP_MD_block_size(const EVP_MD *md);
47 unsigned long EVP_MD_flags(const EVP_MD *md);
48
49 const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
50 int EVP_MD_CTX_size(const EVP_MD_CTX *ctx);
51 int EVP_MD_CTX_block_size(const EVP_MD_CTX *ctx);
52 int EVP_MD_CTX_type(const EVP_MD_CTX *ctx);
53 void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
54 int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx,
55 const void *data, size_t count);
56 void EVP_MD_CTX_set_update_fn(EVP_MD_CTX *ctx,
57 int (*update)(EVP_MD_CTX *ctx,
58 const void *data, size_t count));
59
60 const EVP_MD *EVP_md_null(void);
61
62 const EVP_MD *EVP_get_digestbyname(const char *name);
63 const EVP_MD *EVP_get_digestbynid(int type);
64 const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
65
66 EVP_PKEY_CTX *EVP_MD_CTX_pkey_ctx(const EVP_MD_CTX *ctx);
67 void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);
68
70 The EVP digest routines are a high-level interface to message digests,
71 and should be used instead of the cipher-specific functions.
72
73 EVP_MD_CTX_new()
74 Allocates and returns a digest context.
75
76 EVP_MD_CTX_reset()
77 Resets the digest context ctx. This can be used to reuse an
78 already existing context.
79
80 EVP_MD_CTX_free()
81 Cleans up digest context ctx and frees up the space allocated to
82 it.
83
84 EVP_MD_CTX_ctrl()
85 Performs digest-specific control actions on context ctx. The
86 control command is indicated in cmd and any additional arguments in
87 p1 and p2. EVP_MD_CTX_ctrl() must be called after
88 EVP_DigestInit_ex(). Other restrictions may apply depending on the
89 control type and digest implementation. See "CONTROLS" below for
90 more information.
91
92 EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(),
93 EVP_MD_CTX_test_flags()
94 Sets, clears and tests ctx flags. See "FLAGS" below for more
95 information.
96
97 EVP_Digest()
98 A wrapper around the Digest Init_ex, Update and Final_ex functions.
99 Hashes count bytes of data at data using a digest type from ENGINE
100 impl. The digest value is placed in md and its length is written at
101 size if the pointer is not NULL. At most EVP_MAX_MD_SIZE bytes will
102 be written. If impl is NULL the default implementation of digest
103 type is used.
104
105 EVP_DigestInit_ex()
106 Sets up digest context ctx to use a digest type from ENGINE impl.
107 type will typically be supplied by a function such as EVP_sha1().
108 If impl is NULL then the default implementation of digest type is
109 used.
110
111 EVP_DigestUpdate()
112 Hashes cnt bytes of data at d into the digest context ctx. This
113 function can be called several times on the same ctx to hash
114 additional data.
115
116 EVP_DigestFinal_ex()
117 Retrieves the digest value from ctx and places it in md. If the s
118 parameter is not NULL then the number of bytes of data written
119 (i.e. the length of the digest) will be written to the integer at
120 s, at most EVP_MAX_MD_SIZE bytes will be written. After calling
121 EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can
122 be made, but EVP_DigestInit_ex() can be called to initialize a new
123 digest operation.
124
125 EVP_DigestFinalXOF()
126 Interfaces to extendable-output functions, XOFs, such as SHAKE128
127 and SHAKE256. It retrieves the digest value from ctx and places it
128 in len-sized <B>md. After calling this function no additional
129 calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex()
130 can be called to initialize a new operation.
131
132 EVP_MD_CTX_copy_ex()
133 Can be used to copy the message digest state from in to out. This
134 is useful if large amounts of data are to be hashed which only
135 differ in the last few bytes.
136
137 EVP_DigestInit()
138 Behaves in the same way as EVP_DigestInit_ex() except it always
139 uses the default digest implementation and calls
140 EVP_MD_CTX_reset().
141
142 EVP_DigestFinal()
143 Similar to EVP_DigestFinal_ex() except the digest context ctx is
144 automatically cleaned up.
145
146 EVP_MD_CTX_copy()
147 Similar to EVP_MD_CTX_copy_ex() except the destination out does not
148 have to be initialized.
149
150 EVP_MD_size(), EVP_MD_CTX_size()
151 Return the size of the message digest when passed an EVP_MD or an
152 EVP_MD_CTX structure, i.e. the size of the hash.
153
154 EVP_MD_block_size(), EVP_MD_CTX_block_size()
155 Return the block size of the message digest when passed an EVP_MD
156 or an EVP_MD_CTX structure.
157
158 EVP_MD_type(), EVP_MD_CTX_type()
159 Return the NID of the OBJECT IDENTIFIER representing the given
160 message digest when passed an EVP_MD structure. For example,
161 "EVP_MD_type(EVP_sha1())" returns NID_sha1. This function is
162 normally used when setting ASN1 OIDs.
163
164 EVP_MD_CTX_md_data()
165 Return the digest method private data for the passed EVP_MD_CTX.
166 The space is allocated by OpenSSL and has the size originally set
167 with EVP_MD_meth_set_app_datasize().
168
169 EVP_MD_CTX_md()
170 Returns the EVP_MD structure corresponding to the passed
171 EVP_MD_CTX.
172
173 EVP_MD_CTX_set_update_fn()
174 Sets the update function for ctx to update. This is the function
175 that is called by EVP_DigestUpdate. If not set, the update function
176 from the EVP_MD type specified at initialization is used.
177
178 EVP_MD_CTX_update_fn()
179 Returns the update function for ctx.
180
181 EVP_MD_flags()
182 Returns the md flags. Note that these are different from the
183 EVP_MD_CTX ones. See EVP_MD_meth_set_flags(3) for more information.
184
185 EVP_MD_pkey_type()
186 Returns the NID of the public key signing algorithm associated with
187 this digest. For example EVP_sha1() is associated with RSA so this
188 will return NID_sha1WithRSAEncryption. Since digests and signature
189 algorithms are no longer linked this function is only retained for
190 compatibility reasons.
191
192 EVP_md_null()
193 A "null" message digest that does nothing: i.e. the hash it returns
194 is of zero length.
195
196 EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()
197 Returns an EVP_MD structure when passed a digest name, a digest NID
198 or an ASN1_OBJECT structure respectively.
199
200 EVP_MD_CTX_pkey_ctx()
201 Returns the EVP_PKEY_CTX assigned to ctx. The returned pointer
202 should not be freed by the caller.
203
204 EVP_MD_CTX_set_pkey_ctx()
205 Assigns an EVP_PKEY_CTX to EVP_MD_CTX. This is usually used to
206 provide a customized EVP_PKEY_CTX to EVP_DigestSignInit(3) or
207 EVP_DigestVerifyInit(3). The pctx passed to this function should be
208 freed by the caller. A NULL pctx pointer is also allowed to clear
209 the EVP_PKEY_CTX assigned to ctx. In such case, freeing the cleared
210 EVP_PKEY_CTX or not depends on how the EVP_PKEY_CTX is created.
211
213 EVP_MD_CTX_ctrl() can be used to send the following standard controls:
214
215 EVP_MD_CTRL_MICALG
216 Gets the digest Message Integrity Check algorithm string. This is
217 used when creating S/MIME multipart/signed messages, as specified
218 in RFC 3851. The string value is written to p2.
219
220 EVP_MD_CTRL_XOF_LEN
221 This control sets the digest length for extendable output functions
222 to p1. Sending this control directly should not be necessary, the
223 use of EVP_DigestFinalXOF() is preferred. Currently used by SHAKE.
224
226 EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and
227 EVP_MD_CTX_test_flags() can be used the manipulate and test these
228 EVP_MD_CTX flags:
229
230 EVP_MD_CTX_FLAG_ONESHOT
231 This flag instructs the digest to optimize for one update only, if
232 possible.
233
234 EVP_MD_CTX_FLAG_NO_INIT
235 This flag instructs EVP_DigestInit() and similar not to initialise
236 the implementation specific data.
237
238 EVP_MD_CTX_FLAG_FINALISE
239 Some functions such as EVP_DigestSign only finalise copies of
240 internal contexts so additional data can be included after the
241 finalisation call. This is inefficient if this functionality is
242 not required, and can be disabled with this flag.
243
245 EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()
246 Returns 1 for success and 0 for failure.
247
248 EVP_MD_CTX_ctrl()
249 Returns 1 if successful or 0 for failure.
250
251 EVP_MD_CTX_copy_ex()
252 Returns 1 if successful or 0 for failure.
253
254 EVP_MD_type(), EVP_MD_pkey_type()
255 Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef
256 if none exists.
257
258 EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(),
259 EVP_MD_CTX_block_size()
260 Returns the digest or block size in bytes.
261
262 EVP_md_null()
263 Returns a pointer to the EVP_MD structure of the "null" message
264 digest.
265
266 EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()
267 Returns either an EVP_MD structure or NULL if an error occurs.
268
269 EVP_MD_CTX_set_pkey_ctx()
270 This function has no return value.
271
273 The EVP interface to message digests should almost always be used in
274 preference to the low-level interfaces. This is because the code then
275 becomes transparent to the digest used and much more flexible.
276
277 New applications should use the SHA-2 (such as EVP_sha256(3)) or the
278 SHA-3 digest algorithms (such as EVP_sha3_512(3)). The other digest
279 algorithms are still in common use.
280
281 For most applications the impl parameter to EVP_DigestInit_ex() will be
282 set to NULL to use the default digest implementation.
283
284 The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy()
285 are obsolete but are retained to maintain compatibility with existing
286 code. New applications should use EVP_DigestInit_ex(),
287 EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can
288 efficiently reuse a digest context instead of initializing and cleaning
289 it up on each call and allow non default implementations of digests to
290 be specified.
291
292 If digest contexts are not cleaned up after use, memory leaks will
293 occur.
294
295 EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(),
296 EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.
297
298 EVP_MD_CTX_ctrl() sends commands to message digests for additional
299 configuration or control.
300
302 This example digests the data "Test Message\n" and "Hello World\n",
303 using the digest name passed on the command line.
304
305 #include <stdio.h>
306 #include <string.h>
307 #include <openssl/evp.h>
308
309 int main(int argc, char *argv[])
310 {
311 EVP_MD_CTX *mdctx;
312 const EVP_MD *md;
313 char mess1[] = "Test Message\n";
314 char mess2[] = "Hello World\n";
315 unsigned char md_value[EVP_MAX_MD_SIZE];
316 unsigned int md_len, i;
317
318 if (argv[1] == NULL) {
319 printf("Usage: mdtest digestname\n");
320 exit(1);
321 }
322
323 md = EVP_get_digestbyname(argv[1]);
324 if (md == NULL) {
325 printf("Unknown message digest %s\n", argv[1]);
326 exit(1);
327 }
328
329 mdctx = EVP_MD_CTX_new();
330 EVP_DigestInit_ex(mdctx, md, NULL);
331 EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
332 EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
333 EVP_DigestFinal_ex(mdctx, md_value, &md_len);
334 EVP_MD_CTX_free(mdctx);
335
336 printf("Digest is: ");
337 for (i = 0; i < md_len; i++)
338 printf("%02x", md_value[i]);
339 printf("\n");
340
341 exit(0);
342 }
343
345 EVP_MD_meth_new(3), dgst(1), evp(7)
346
347 The full list of digest algorithms are provided below.
348
349 EVP_blake2b512(3), EVP_md2(3), EVP_md4(3), EVP_md5(3), EVP_mdc2(3),
350 EVP_ripemd160(3), EVP_sha1(3), EVP_sha224(3), EVP_sha3_224(3),
351 EVP_sm3(3), EVP_whirlpool(3)
352
354 The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed
355 to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0,
356 respectively.
357
358 The link between digests and signing algorithms was fixed in OpenSSL
359 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.
360
361 The EVP_dss1() function was removed in OpenSSL 1.1.0.
362
363 The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.
364
366 Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
367
368 Licensed under the OpenSSL license (the "License"). You may not use
369 this file except in compliance with the License. You can obtain a copy
370 in the file LICENSE in the source distribution or at
371 <https://www.openssl.org/source/license.html>.
372
373
374
3751.1.1q 2023-02-06 EVP_DIGESTINIT(3)