]>
Commit | Line | Data |
---|---|---|
3cbe1980 DSH |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
3fd70262 | 5 | EVP_MD_fetch, EVP_MD_up_ref, EVP_MD_free, |
ae3ff60e | 6 | EVP_MD_get_params, EVP_MD_gettable_params, |
37842dfa | 7 | EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy, |
ae3ff60e RL |
8 | EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, |
9 | EVP_MD_CTX_set_params, EVP_MD_CTX_get_params, | |
e6879a31 | 10 | EVP_MD_settable_ctx_params, EVP_MD_gettable_ctx_params, |
ae3ff60e | 11 | EVP_MD_CTX_settable_params, EVP_MD_CTX_gettable_params, |
d5e5e2ff | 12 | EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, |
4d49b685 | 13 | EVP_Q_digest, EVP_Digest, EVP_DigestInit_ex2, EVP_DigestInit_ex, EVP_DigestInit, |
5a7e9991 | 14 | EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, |
6ea964cd | 15 | EVP_MD_is_a, EVP_MD_get0_name, EVP_MD_get0_description, |
31b7f23d TM |
16 | EVP_MD_names_do_all, EVP_MD_get0_provider, EVP_MD_get_type, |
17 | EVP_MD_get_pkey_type, EVP_MD_get_size, EVP_MD_get_block_size, EVP_MD_get_flags, | |
18 | EVP_MD_CTX_get0_name, EVP_MD_CTX_md, EVP_MD_CTX_get0_md, EVP_MD_CTX_get1_md, | |
ed576acd TM |
19 | EVP_MD_CTX_get_type, EVP_MD_CTX_get_size, EVP_MD_CTX_get_block_size, |
20 | EVP_MD_CTX_get0_md_data, EVP_MD_CTX_update_fn, EVP_MD_CTX_set_update_fn, | |
a9cf71a3 | 21 | EVP_md_null, |
37842dfa | 22 | EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, |
ed576acd | 23 | EVP_MD_CTX_get_pkey_ctx, EVP_MD_CTX_set_pkey_ctx, |
31b7f23d TM |
24 | EVP_MD_do_all_provided, |
25 | EVP_MD_type, EVP_MD_nid, EVP_MD_name, EVP_MD_pkey_type, EVP_MD_size, | |
26 | EVP_MD_block_size, EVP_MD_flags, EVP_MD_CTX_size, EVP_MD_CTX_block_size, | |
27 | EVP_MD_CTX_type, EVP_MD_CTX_pkey_ctx, EVP_MD_CTX_md_data | |
c540f00f | 28 | - EVP digest routines |
3cbe1980 DSH |
29 | |
30 | =head1 SYNOPSIS | |
31 | ||
32 | #include <openssl/evp.h> | |
33 | ||
b4250010 | 34 | EVP_MD *EVP_MD_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, |
2cafb1df | 35 | const char *properties); |
3fd70262 RL |
36 | int EVP_MD_up_ref(EVP_MD *md); |
37 | void EVP_MD_free(EVP_MD *md); | |
ae3ff60e RL |
38 | int EVP_MD_get_params(const EVP_MD *digest, OSSL_PARAM params[]); |
39 | const OSSL_PARAM *EVP_MD_gettable_params(const EVP_MD *digest); | |
25191fff RL |
40 | EVP_MD_CTX *EVP_MD_CTX_new(void); |
41 | int EVP_MD_CTX_reset(EVP_MD_CTX *ctx); | |
42 | void EVP_MD_CTX_free(EVP_MD_CTX *ctx); | |
52ad5b60 | 43 | void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2); |
4e7991b4 | 44 | int EVP_MD_CTX_get_params(EVP_MD_CTX *ctx, OSSL_PARAM params[]); |
d5e5e2ff | 45 | int EVP_MD_CTX_set_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[]); |
e6879a31 MC |
46 | const OSSL_PARAM *EVP_MD_settable_ctx_params(const EVP_MD *md); |
47 | const OSSL_PARAM *EVP_MD_gettable_ctx_params(const EVP_MD *md); | |
48 | const OSSL_PARAM *EVP_MD_CTX_settable_params(EVP_MD_CTX *ctx); | |
49 | const OSSL_PARAM *EVP_MD_CTX_gettable_params(EVP_MD_CTX *ctx); | |
a9cf71a3 RL |
50 | void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags); |
51 | void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags); | |
52 | int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags); | |
e72d734d | 53 | |
4d49b685 | 54 | int EVP_Q_digest(OSSL_LIB_CTX *libctx, const char *name, const char *propq, |
006de767 RL |
55 | const void *data, size_t datalen, |
56 | unsigned char *md, size_t *mdlen); | |
37842dfa AS |
57 | int EVP_Digest(const void *data, size_t count, unsigned char *md, |
58 | unsigned int *size, const EVP_MD *type, ENGINE *impl); | |
5a7e9991 P |
59 | int EVP_DigestInit_ex2(EVP_MD_CTX *ctx, const EVP_MD *type, |
60 | const OSSL_PARAM params[]); | |
e72d734d | 61 | int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); |
109d3123 | 62 | int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); |
e9b77246 | 63 | int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s); |
cd8d1456 | 64 | int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len); |
e72d734d | 65 | |
aebb9aac | 66 | int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in); |
e72d734d DSH |
67 | |
68 | int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); | |
e9b77246 | 69 | int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s); |
3cbe1980 | 70 | |
aebb9aac | 71 | int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in); |
e72d734d | 72 | |
ed576acd TM |
73 | const char *EVP_MD_get0_name(const EVP_MD *md); |
74 | const char *EVP_MD_get0_description(const EVP_MD *md); | |
251e610c | 75 | int EVP_MD_is_a(const EVP_MD *md, const char *name); |
d84f5515 MC |
76 | int EVP_MD_names_do_all(const EVP_MD *md, |
77 | void (*fn)(const char *name, void *data), | |
78 | void *data); | |
ed576acd TM |
79 | const OSSL_PROVIDER *EVP_MD_get0_provider(const EVP_MD *md); |
80 | int EVP_MD_get_type(const EVP_MD *md); | |
81 | int EVP_MD_get_pkey_type(const EVP_MD *md); | |
82 | int EVP_MD_get_size(const EVP_MD *md); | |
83 | int EVP_MD_get_block_size(const EVP_MD *md); | |
84 | unsigned long EVP_MD_get_flags(const EVP_MD *md); | |
3cbe1980 | 85 | |
f6c95e46 RS |
86 | const EVP_MD *EVP_MD_CTX_get0_md(const EVP_MD_CTX *ctx); |
87 | EVP_MD *EVP_MD_CTX_get1_md(EVP_MD_CTX *ctx); | |
ed576acd TM |
88 | const char *EVP_MD_CTX_get0_name(const EVP_MD_CTX *ctx); |
89 | int EVP_MD_CTX_get_size(const EVP_MD_CTX *ctx); | |
90 | int EVP_MD_CTX_get_block_size(const EVP_MD_CTX *ctx); | |
91 | int EVP_MD_CTX_get_type(const EVP_MD_CTX *ctx); | |
92 | void *EVP_MD_CTX_get0_md_data(const EVP_MD_CTX *ctx); | |
3cbe1980 | 93 | |
13588350 | 94 | const EVP_MD *EVP_md_null(void); |
e4adad92 | 95 | |
3cbe1980 | 96 | const EVP_MD *EVP_get_digestbyname(const char *name); |
25191fff RL |
97 | const EVP_MD *EVP_get_digestbynid(int type); |
98 | const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o); | |
3cbe1980 | 99 | |
ed576acd | 100 | EVP_PKEY_CTX *EVP_MD_CTX_get_pkey_ctx(const EVP_MD_CTX *ctx); |
675f4cee PY |
101 | void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx); |
102 | ||
b4250010 | 103 | void EVP_MD_do_all_provided(OSSL_LIB_CTX *libctx, |
251e610c RL |
104 | void (*fn)(EVP_MD *mac, void *arg), |
105 | void *arg); | |
c540f00f | 106 | |
31b7f23d TM |
107 | #define EVP_MD_type EVP_MD_get_type |
108 | #define EVP_MD_nid EVP_MD_get_type | |
109 | #define EVP_MD_name EVP_MD_get0_name | |
110 | #define EVP_MD_pkey_type EVP_MD_get_pkey_type | |
111 | #define EVP_MD_size EVP_MD_get_size | |
112 | #define EVP_MD_block_size EVP_MD_get_block_size | |
113 | #define EVP_MD_flags EVP_MD_get_flags | |
114 | #define EVP_MD_CTX_size EVP_MD_CTX_get_size | |
115 | #define EVP_MD_CTX_block_size EVP_MD_CTX_get_block_size | |
116 | #define EVP_MD_CTX_type EVP_MD_CTX_get_type | |
117 | #define EVP_MD_CTX_pkey_ctx EVP_MD_CTX_get_pkey_ctx | |
118 | #define EVP_MD_CTX_md_data EVP_MD_CTX_get0_md_data | |
119 | ||
3dbf8243 MC |
120 | The following functions have been deprecated since OpenSSL 3.0, and can be |
121 | hidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value, | |
122 | see L<openssl_user_macros(7)>: | |
1409b5f6 | 123 | |
f6c95e46 RS |
124 | const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx); |
125 | ||
1409b5f6 RS |
126 | int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx, |
127 | const void *data, size_t count); | |
128 | ||
129 | void EVP_MD_CTX_set_update_fn(EVP_MD_CTX *ctx, | |
130 | int (*update)(EVP_MD_CTX *ctx, | |
131 | const void *data, size_t count)); | |
132 | ||
3cbe1980 DSH |
133 | =head1 DESCRIPTION |
134 | ||
8c1cbc72 | 135 | The EVP digest routines are a high-level interface to message digests, |
3fd70262 RL |
136 | and should be used instead of the digest-specific functions. |
137 | ||
138 | The B<EVP_MD> type is a structure for digest method implementation. | |
3cbe1980 | 139 | |
bbda8ce9 | 140 | =over 4 |
25191fff | 141 | |
2cafb1df RL |
142 | =item EVP_MD_fetch() |
143 | ||
041a96e7 RL |
144 | Fetches the digest implementation for the given I<algorithm> from any |
145 | provider offering it, within the criteria given by the I<properties>. | |
906bced1 | 146 | See L<crypto(7)/ALGORITHM FETCHING> for further information. |
2cafb1df | 147 | |
3fd70262 RL |
148 | The returned value must eventually be freed with EVP_MD_free(). |
149 | ||
150 | Fetched B<EVP_MD> structures are reference counted. | |
151 | ||
152 | =item EVP_MD_up_ref() | |
153 | ||
154 | Increments the reference count for an B<EVP_MD> structure. | |
155 | ||
156 | =item EVP_MD_free() | |
157 | ||
158 | Decrements the reference count for the fetched B<EVP_MD> structure. | |
159 | If the reference count drops to 0 then the structure is freed. | |
2cafb1df | 160 | |
bbda8ce9 | 161 | =item EVP_MD_CTX_new() |
e72d734d | 162 | |
b45497c3 | 163 | Allocates and returns a digest context. |
e72d734d | 164 | |
bbda8ce9 | 165 | =item EVP_MD_CTX_reset() |
52ad5b60 | 166 | |
041a96e7 | 167 | Resets the digest context I<ctx>. This can be used to reuse an already |
bbda8ce9 | 168 | existing context. |
3cbe1980 | 169 | |
bbda8ce9 | 170 | =item EVP_MD_CTX_free() |
3cbe1980 | 171 | |
041a96e7 | 172 | Cleans up digest context I<ctx> and frees up the space allocated to it. |
3cbe1980 | 173 | |
bbda8ce9 RT |
174 | =item EVP_MD_CTX_ctrl() |
175 | ||
b5b91a79 | 176 | I<This is a legacy method. EVP_MD_CTX_set_params() and EVP_MD_CTX_get_params() |
d5e5e2ff | 177 | is the mechanism that should be used to set and get parameters that are used by |
b5b91a79 RL |
178 | providers.> |
179 | ||
041a96e7 RL |
180 | Performs digest-specific control actions on context I<ctx>. The control command |
181 | is indicated in I<cmd> and any additional arguments in I<p1> and I<p2>. | |
5a7e9991 | 182 | EVP_MD_CTX_ctrl() must be called after EVP_DigestInit_ex2(). Other restrictions |
37842dfa | 183 | may apply depending on the control type and digest implementation. |
b5b91a79 RL |
184 | |
185 | If this function happens to be used with a fetched B<EVP_MD>, it will | |
186 | translate the controls that are known to OpenSSL into L<OSSL_PARAM(3)> | |
187 | parameters with keys defined by OpenSSL and call EVP_MD_CTX_get_params() or | |
188 | EVP_MD_CTX_set_params() as is appropriate for each control command. | |
189 | ||
190 | See L</CONTROLS> below for more information, including what translations are | |
191 | being done. | |
bbda8ce9 | 192 | |
ae3ff60e RL |
193 | =item EVP_MD_get_params() |
194 | ||
041a96e7 | 195 | Retrieves the requested list of I<params> from a MD I<md>. |
2710e8a8 | 196 | See L</PARAMETERS> below for more information. |
ae3ff60e RL |
197 | |
198 | =item EVP_MD_CTX_get_params() | |
d5e5e2ff | 199 | |
041a96e7 | 200 | Retrieves the requested list of I<params> from a MD context I<ctx>. |
2710e8a8 | 201 | See L</PARAMETERS> below for more information. |
d5e5e2ff | 202 | |
ae3ff60e | 203 | =item EVP_MD_CTX_set_params() |
d5e5e2ff | 204 | |
041a96e7 | 205 | Sets the list of I<params> into a MD context I<ctx>. |
2710e8a8 | 206 | See L</PARAMETERS> below for more information. |
d5e5e2ff | 207 | |
d618ac6f P |
208 | =item EVP_MD_gettable_params() |
209 | ||
210 | Get a constant B<OSSL_PARAM> array that describes the retrievable parameters | |
211 | that can be used with EVP_MD_get_params(). See L<OSSL_PARAM(3)> for the | |
212 | use of B<OSSL_PARAM> as a parameter descriptor. | |
213 | ||
214 | =item EVP_MD_gettable_ctx_params(), EVP_MD_CTX_gettable_params() | |
215 | ||
216 | Get a constant B<OSSL_PARAM> array that describes the retrievable parameters | |
217 | that can be used with EVP_MD_CTX_get_params(). EVP_MD_gettable_ctx_params() | |
218 | returns the parameters that can be retrieved from the algorithm, whereas | |
219 | EVP_MD_CTX_gettable_params() returns the parameters that can be retrieved | |
220 | in the context's current state. See L<OSSL_PARAM(3)> for the use of | |
221 | B<OSSL_PARAM> as a parameter descriptor. | |
222 | ||
223 | =item EVP_MD_settable_ctx_params(), EVP_MD_CTX_settable_params() | |
224 | ||
225 | Get a constant B<OSSL_PARAM> array that describes the settable parameters | |
226 | that can be used with EVP_MD_CTX_set_params(). EVP_MD_settable_ctx_params() | |
227 | returns the parameters that can be set from the algorithm, whereas | |
228 | EVP_MD_CTX_settable_params() returns the parameters that can be set in the | |
229 | context's current state. See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> | |
230 | as a parameter descriptor. | |
ae3ff60e | 231 | |
a9cf71a3 RL |
232 | =item EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags() |
233 | ||
041a96e7 | 234 | Sets, clears and tests I<ctx> flags. See L</FLAGS> below for more information. |
a9cf71a3 | 235 | |
4d49b685 | 236 | =item EVP_Q_digest() is a quick one-shot digest function. |
006de767 RL |
237 | |
238 | It hashes I<datalen> bytes of data at I<data> using the digest algorithm | |
239 | I<name>, which is fetched using the optional I<libctx> and I<propq> parameters. | |
240 | The digest value is placed in I<md> and its length is written at I<mdlen> | |
4d49b685 DDO |
241 | if the pointer is not NULL. At most B<EVP_MAX_MD_SIZE> bytes will be written. |
242 | ||
37842dfa AS |
243 | =item EVP_Digest() |
244 | ||
245 | A wrapper around the Digest Init_ex, Update and Final_ex functions. | |
041a96e7 RL |
246 | Hashes I<count> bytes of data at I<data> using a digest I<type> from ENGINE |
247 | I<impl>. The digest value is placed in I<md> and its length is written at I<size> | |
37842dfa | 248 | if the pointer is not NULL. At most B<EVP_MAX_MD_SIZE> bytes will be written. |
041a96e7 | 249 | If I<impl> is NULL the default implementation of digest I<type> is used. |
37842dfa | 250 | |
5a7e9991 P |
251 | =item EVP_DigestInit_ex2() |
252 | ||
253 | Sets up digest context I<ctx> to use a digest I<type>. | |
254 | I<type> is typically supplied by a function such as EVP_sha1(), or a | |
255 | value explicitly fetched with EVP_MD_fetch(). | |
256 | ||
257 | The parameters B<params> are set on the context after initialisation. | |
258 | ||
259 | The I<type> parameter can be NULL if I<ctx> has been already initialized | |
260 | with another EVP_DigestInit_ex() call and has not been reset with | |
261 | EVP_MD_CTX_reset(). | |
262 | ||
bbda8ce9 RT |
263 | =item EVP_DigestInit_ex() |
264 | ||
041a96e7 RL |
265 | Sets up digest context I<ctx> to use a digest I<type>. |
266 | I<type> is typically supplied by a function such as EVP_sha1(), or a | |
2cafb1df RL |
267 | value explicitly fetched with EVP_MD_fetch(). |
268 | ||
041a96e7 | 269 | If I<impl> is non-NULL, its implementation of the digest I<type> is used if |
2cafb1df | 270 | there is one, and if not, the default implementation is used. |
bbda8ce9 | 271 | |
2b407d05 TM |
272 | The I<type> parameter can be NULL if I<ctx> has been already initialized |
273 | with another EVP_DigestInit_ex() call and has not been reset with | |
274 | EVP_MD_CTX_reset(). | |
275 | ||
bbda8ce9 RT |
276 | =item EVP_DigestUpdate() |
277 | ||
041a96e7 RL |
278 | Hashes I<cnt> bytes of data at I<d> into the digest context I<ctx>. This |
279 | function can be called several times on the same I<ctx> to hash additional | |
bbda8ce9 RT |
280 | data. |
281 | ||
282 | =item EVP_DigestFinal_ex() | |
283 | ||
041a96e7 | 284 | Retrieves the digest value from I<ctx> and places it in I<md>. If the I<s> |
bbda8ce9 | 285 | parameter is not NULL then the number of bytes of data written (i.e. the |
041a96e7 | 286 | length of the digest) will be written to the integer at I<s>, at most |
bbda8ce9 | 287 | B<EVP_MAX_MD_SIZE> bytes will be written. After calling EVP_DigestFinal_ex() |
cd8d1456 | 288 | no additional calls to EVP_DigestUpdate() can be made, but |
5a7e9991 | 289 | EVP_DigestInit_ex2() can be called to initialize a new digest operation. |
bbda8ce9 RT |
290 | |
291 | =item EVP_DigestFinalXOF() | |
292 | ||
293 | Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. | |
3f2a8d97 | 294 | It retrieves the digest value from I<ctx> and places it in I<len>-sized I<md>. |
bbda8ce9 | 295 | After calling this function no additional calls to EVP_DigestUpdate() can be |
5a7e9991 | 296 | made, but EVP_DigestInit_ex2() can be called to initialize a new operation. |
bbda8ce9 RT |
297 | |
298 | =item EVP_MD_CTX_copy_ex() | |
299 | ||
041a96e7 | 300 | Can be used to copy the message digest state from I<in> to I<out>. This is |
bbda8ce9 | 301 | useful if large amounts of data are to be hashed which only differ in the last |
b45497c3 | 302 | few bytes. |
bbda8ce9 RT |
303 | |
304 | =item EVP_DigestInit() | |
305 | ||
5a7e9991 P |
306 | Behaves in the same way as EVP_DigestInit_ex2() except it doesn't set any |
307 | parameters and calls EVP_MD_CTX_reset() so it cannot be used with an I<type> | |
308 | of NULL. | |
bbda8ce9 RT |
309 | |
310 | =item EVP_DigestFinal() | |
311 | ||
2b407d05 TM |
312 | Similar to EVP_DigestFinal_ex() except after computing the digest |
313 | the digest context I<ctx> is automatically cleaned up with EVP_MD_CTX_reset(). | |
bbda8ce9 RT |
314 | |
315 | =item EVP_MD_CTX_copy() | |
cd8d1456 | 316 | |
041a96e7 | 317 | Similar to EVP_MD_CTX_copy_ex() except the destination I<out> does not have to |
bbda8ce9 | 318 | be initialized. |
e72d734d | 319 | |
251e610c RL |
320 | =item EVP_MD_is_a() |
321 | ||
322 | Returns 1 if I<md> is an implementation of an algorithm that's | |
323 | identifiable with I<name>, otherwise 0. | |
324 | ||
e4a1d023 RL |
325 | If I<md> is a legacy digest (it's the return value from the likes of |
326 | EVP_sha256() rather than the result of an EVP_MD_fetch()), only cipher | |
327 | names registered with the default library context (see | |
b4250010 | 328 | L<OSSL_LIB_CTX(3)>) will be considered. |
e4a1d023 | 329 | |
ed576acd TM |
330 | =item EVP_MD_get0_name(), |
331 | EVP_MD_CTX_get0_name() | |
c750bc08 | 332 | |
251e610c | 333 | Return the name of the given message digest. For fetched message |
f651c727 RL |
334 | digests with multiple names, only one of them is returned; it's |
335 | recommended to use EVP_MD_names_do_all() instead. | |
336 | ||
337 | =item EVP_MD_names_do_all() | |
338 | ||
339 | Traverses all names for the I<md>, and calls I<fn> with each name and | |
340 | I<data>. This is only useful with fetched B<EVP_MD>s. | |
c750bc08 | 341 | |
ed576acd | 342 | =item EVP_MD_get0_description() |
03888233 RL |
343 | |
344 | Returns a description of the digest, meant for display and human consumption. | |
345 | The description is at the discretion of the digest implementation. | |
346 | ||
ed576acd | 347 | =item EVP_MD_get0_provider() |
1d2622d4 RL |
348 | |
349 | Returns an B<OSSL_PROVIDER> pointer to the provider that implements the given | |
350 | B<EVP_MD>. | |
351 | ||
ed576acd TM |
352 | =item EVP_MD_get_size(), |
353 | EVP_MD_CTX_get_size() | |
e72d734d | 354 | |
bbda8ce9 RT |
355 | Return the size of the message digest when passed an B<EVP_MD> or an |
356 | B<EVP_MD_CTX> structure, i.e. the size of the hash. | |
e72d734d | 357 | |
ed576acd TM |
358 | =item EVP_MD_get_block_size(), |
359 | EVP_MD_CTX_get_block_size() | |
3cbe1980 | 360 | |
bbda8ce9 RT |
361 | Return the block size of the message digest when passed an B<EVP_MD> or an |
362 | B<EVP_MD_CTX> structure. | |
3cbe1980 | 363 | |
ed576acd TM |
364 | =item EVP_MD_get_type(), |
365 | EVP_MD_CTX_get_type() | |
3cbe1980 | 366 | |
bbda8ce9 | 367 | Return the NID of the OBJECT IDENTIFIER representing the given message digest |
ed576acd | 368 | when passed an B<EVP_MD> structure. For example, C<EVP_MD_get_type(EVP_sha1())> |
bbda8ce9 | 369 | returns B<NID_sha1>. This function is normally used when setting ASN1 OIDs. |
3cbe1980 | 370 | |
ed576acd | 371 | =item EVP_MD_CTX_get0_md_data() |
a9cf71a3 RL |
372 | |
373 | Return the digest method private data for the passed B<EVP_MD_CTX>. | |
374 | The space is allocated by OpenSSL and has the size originally set with | |
375 | EVP_MD_meth_set_app_datasize(). | |
376 | ||
f6c95e46 | 377 | =item EVP_MD_CTX_get0_md(), EVP_MD_CTX_get1_md() |
3cbe1980 | 378 | |
f6c95e46 RS |
379 | EVP_MD_CTX_get0_md() returns |
380 | the B<EVP_MD> structure corresponding to the passed B<EVP_MD_CTX>. This | |
5a7e9991 | 381 | will be the same B<EVP_MD> object originally passed to EVP_DigestInit_ex2() (or |
b7c913c8 MC |
382 | other similar function) when the EVP_MD_CTX was first initialised. Note that |
383 | where explicit fetch is in use (see L<EVP_MD_fetch(3)>) the value returned from | |
384 | this function will not have its reference count incremented and therefore it | |
385 | should not be used after the EVP_MD_CTX is freed. | |
f6c95e46 RS |
386 | EVP_MD_CTX_get1_md() is the same except the ownership is passed to the |
387 | caller and is from the passed B<EVP_MD_CTX>. | |
3cbe1980 | 388 | |
37842dfa AS |
389 | =item EVP_MD_CTX_set_update_fn() |
390 | ||
041a96e7 | 391 | Sets the update function for I<ctx> to I<update>. |
1409b5f6 | 392 | This is the function that is called by EVP_DigestUpdate(). If not set, the |
37842dfa AS |
393 | update function from the B<EVP_MD> type specified at initialization is used. |
394 | ||
395 | =item EVP_MD_CTX_update_fn() | |
396 | ||
041a96e7 | 397 | Returns the update function for I<ctx>. |
37842dfa | 398 | |
ed576acd | 399 | =item EVP_MD_get_flags() |
37842dfa | 400 | |
041a96e7 | 401 | Returns the I<md> flags. Note that these are different from the B<EVP_MD_CTX> |
37842dfa AS |
402 | ones. See L<EVP_MD_meth_set_flags(3)> for more information. |
403 | ||
ed576acd | 404 | =item EVP_MD_get_pkey_type() |
3cbe1980 | 405 | |
bbda8ce9 RT |
406 | Returns the NID of the public key signing algorithm associated with this |
407 | digest. For example EVP_sha1() is associated with RSA so this will return | |
408 | B<NID_sha1WithRSAEncryption>. Since digests and signature algorithms are no | |
409 | longer linked this function is only retained for compatibility reasons. | |
3cbe1980 | 410 | |
bbda8ce9 RT |
411 | =item EVP_md_null() |
412 | ||
413 | A "null" message digest that does nothing: i.e. the hash it returns is of zero | |
414 | length. | |
415 | ||
416 | =item EVP_get_digestbyname(), | |
417 | EVP_get_digestbynid(), | |
418 | EVP_get_digestbyobj() | |
419 | ||
420 | Returns an B<EVP_MD> structure when passed a digest name, a digest B<NID> or an | |
421 | B<ASN1_OBJECT> structure respectively. | |
422 | ||
971dbab4 MC |
423 | The EVP_get_digestbyname() function is present for backwards compatibility with |
424 | OpenSSL prior to version 3 and is different to the EVP_MD_fetch() function | |
425 | since it does not attempt to "fetch" an implementation of the cipher. | |
426 | Additionally, it only knows about digests that are built-in to OpenSSL and have | |
427 | an associated NID. Similarly EVP_get_digestbynid() and EVP_get_digestbyobj() | |
428 | also return objects without an associated implementation. | |
429 | ||
430 | When the digest objects returned by these functions are used (such as in a call | |
431 | to EVP_DigestInit_ex()) an implementation of the digest will be implicitly | |
432 | fetched from the loaded providers. This fetch could fail if no suitable | |
433 | implementation is available. Use EVP_MD_fetch() instead to explicitly fetch | |
434 | the algorithm and an associated implementation from a provider. | |
435 | ||
436 | See L<crypto(7)/ALGORITHM FETCHING> for more information about fetching. | |
437 | ||
438 | The digest objects returned from these functions do not need to be freed with | |
439 | EVP_MD_free(). | |
440 | ||
ed576acd | 441 | =item EVP_MD_CTX_get_pkey_ctx() |
37842dfa | 442 | |
041a96e7 | 443 | Returns the B<EVP_PKEY_CTX> assigned to I<ctx>. The returned pointer should not |
37842dfa AS |
444 | be freed by the caller. |
445 | ||
675f4cee PY |
446 | =item EVP_MD_CTX_set_pkey_ctx() |
447 | ||
448 | Assigns an B<EVP_PKEY_CTX> to B<EVP_MD_CTX>. This is usually used to provide | |
37842dfa | 449 | a customized B<EVP_PKEY_CTX> to L<EVP_DigestSignInit(3)> or |
041a96e7 RL |
450 | L<EVP_DigestVerifyInit(3)>. The I<pctx> passed to this function should be freed |
451 | by the caller. A NULL I<pctx> pointer is also allowed to clear the B<EVP_PKEY_CTX> | |
452 | assigned to I<ctx>. In such case, freeing the cleared B<EVP_PKEY_CTX> or not | |
81c79453 | 453 | depends on how the B<EVP_PKEY_CTX> is created. |
675f4cee | 454 | |
251e610c | 455 | =item EVP_MD_do_all_provided() |
c540f00f RL |
456 | |
457 | Traverses all messages digests implemented by all activated providers | |
458 | in the given library context I<libctx>, and for each of the implementations, | |
459 | calls the given function I<fn> with the implementation method and the given | |
460 | I<arg> as argument. | |
461 | ||
bbda8ce9 | 462 | =back |
3cbe1980 | 463 | |
2710e8a8 | 464 | =head1 PARAMETERS |
d5e5e2ff SL |
465 | |
466 | See L<OSSL_PARAM(3)> for information about passing parameters. | |
467 | ||
468 | EVP_MD_CTX_set_params() can be used with the following OSSL_PARAM keys: | |
469 | ||
470 | =over 4 | |
471 | ||
af53092c | 472 | =item "xoflen" (B<OSSL_DIGEST_PARAM_XOFLEN>) <unsigned integer> |
d5e5e2ff SL |
473 | |
474 | Sets the digest length for extendable output functions. | |
7b6b194b P |
475 | It is used by the SHAKE algorithm and should not exceed what can be given |
476 | using a B<size_t>. | |
d5e5e2ff | 477 | |
af53092c | 478 | =item "pad-type" (B<OSSL_DIGEST_PARAM_PAD_TYPE>) <unsigned integer> |
d5e5e2ff | 479 | |
041a96e7 | 480 | Sets the padding type. |
d5e5e2ff SL |
481 | It is used by the MDC2 algorithm. |
482 | ||
483 | =back | |
484 | ||
485 | EVP_MD_CTX_get_params() can be used with the following OSSL_PARAM keys: | |
486 | ||
487 | =over 4 | |
488 | ||
0c452a51 | 489 | =item "micalg" (B<OSSL_PARAM_DIGEST_KEY_MICALG>) <UTF8 string>. |
d5e5e2ff SL |
490 | |
491 | Gets the digest Message Integrity Check algorithm string. This is used when | |
492 | creating S/MIME multipart/signed messages, as specified in RFC 3851. | |
493 | It may be used by external engines or providers. | |
494 | ||
495 | =back | |
496 | ||
37842dfa AS |
497 | =head1 CONTROLS |
498 | ||
499 | EVP_MD_CTX_ctrl() can be used to send the following standard controls: | |
500 | ||
501 | =over 4 | |
502 | ||
503 | =item EVP_MD_CTRL_MICALG | |
504 | ||
505 | Gets the digest Message Integrity Check algorithm string. This is used when | |
506 | creating S/MIME multipart/signed messages, as specified in RFC 3851. | |
041a96e7 | 507 | The string value is written to I<p2>. |
37842dfa | 508 | |
b5b91a79 RL |
509 | When used with a fetched B<EVP_MD>, EVP_MD_CTX_get_params() gets called with |
510 | an L<OSSL_PARAM(3)> item with the key "micalg" (B<OSSL_DIGEST_PARAM_MICALG>). | |
511 | ||
37842dfa AS |
512 | =item EVP_MD_CTRL_XOF_LEN |
513 | ||
041a96e7 | 514 | This control sets the digest length for extendable output functions to I<p1>. |
37842dfa | 515 | Sending this control directly should not be necessary, the use of |
041a96e7 | 516 | EVP_DigestFinalXOF() is preferred. |
37842dfa AS |
517 | Currently used by SHAKE. |
518 | ||
b5b91a79 RL |
519 | When used with a fetched B<EVP_MD>, EVP_MD_CTX_get_params() gets called with |
520 | an L<OSSL_PARAM(3)> item with the key "xoflen" (B<OSSL_DIGEST_PARAM_XOFLEN>). | |
521 | ||
37842dfa AS |
522 | =back |
523 | ||
a9cf71a3 RL |
524 | =head1 FLAGS |
525 | ||
526 | EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() | |
527 | can be used the manipulate and test these B<EVP_MD_CTX> flags: | |
528 | ||
529 | =over 4 | |
530 | ||
531 | =item EVP_MD_CTX_FLAG_ONESHOT | |
532 | ||
533 | This flag instructs the digest to optimize for one update only, if possible. | |
534 | ||
535 | =for comment EVP_MD_CTX_FLAG_CLEANED is internal, don't mention it | |
536 | ||
537 | =for comment EVP_MD_CTX_FLAG_REUSE is internal, don't mention it | |
538 | ||
539 | =for comment We currently avoid documenting flags that are only bit holder: | |
540 | EVP_MD_CTX_FLAG_NON_FIPS_ALLOW, EVP_MD_CTX_FLAGS_PAD_* | |
541 | ||
542 | =item EVP_MD_CTX_FLAG_NO_INIT | |
543 | ||
544 | This flag instructs EVP_DigestInit() and similar not to initialise the | |
545 | implementation specific data. | |
546 | ||
547 | =item EVP_MD_CTX_FLAG_FINALISE | |
548 | ||
549 | Some functions such as EVP_DigestSign only finalise copies of internal | |
550 | contexts so additional data can be included after the finalisation call. | |
551 | This is inefficient if this functionality is not required, and can be | |
552 | disabled with this flag. | |
553 | ||
554 | =back | |
555 | ||
3cbe1980 DSH |
556 | =head1 RETURN VALUES |
557 | ||
bbda8ce9 RT |
558 | =over 4 |
559 | ||
2cafb1df RL |
560 | =item EVP_MD_fetch() |
561 | ||
562 | Returns a pointer to a B<EVP_MD> for success or NULL for failure. | |
563 | ||
3fd70262 RL |
564 | =item EVP_MD_up_ref() |
565 | ||
566 | Returns 1 for success or 0 for failure. | |
567 | ||
4d49b685 DDO |
568 | =item EVP_Q_digest(), |
569 | EVP_Digest(), | |
570 | EVP_DigestInit_ex2(), | |
5a7e9991 | 571 | EVP_DigestInit_ex(), |
bbda8ce9 | 572 | EVP_DigestUpdate(), |
4d49b685 DDO |
573 | EVP_DigestFinal_ex(), |
574 | EVP_DigestFinalXOF(), and | |
575 | EVP_DigestFinal() | |
bbda8ce9 | 576 | |
4d49b685 | 577 | return 1 for |
13588350 | 578 | success and 0 for failure. |
3cbe1980 | 579 | |
bbda8ce9 RT |
580 | =item EVP_MD_CTX_ctrl() |
581 | ||
582 | Returns 1 if successful or 0 for failure. | |
583 | ||
d5e5e2ff SL |
584 | =item EVP_MD_CTX_set_params(), |
585 | EVP_MD_CTX_get_params() | |
586 | ||
587 | Returns 1 if successful or 0 for failure. | |
588 | ||
ae3ff60e RL |
589 | =item EVP_MD_CTX_settable_params(), |
590 | EVP_MD_CTX_gettable_params() | |
591 | ||
592 | Return an array of constant B<OSSL_PARAM>s, or NULL if there is none | |
593 | to get. | |
594 | ||
bbda8ce9 | 595 | =item EVP_MD_CTX_copy_ex() |
52ad5b60 | 596 | |
bbda8ce9 | 597 | Returns 1 if successful or 0 for failure. |
3cbe1980 | 598 | |
ed576acd TM |
599 | =item EVP_MD_get_type(), |
600 | EVP_MD_get_pkey_type() | |
3cbe1980 | 601 | |
bbda8ce9 RT |
602 | Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none |
603 | exists. | |
3cbe1980 | 604 | |
ed576acd TM |
605 | =item EVP_MD_get_size(), |
606 | EVP_MD_get_block_size(), | |
607 | EVP_MD_CTX_get_size(), | |
608 | EVP_MD_CTX_get_block_size() | |
3cbe1980 | 609 | |
bbda8ce9 RT |
610 | Returns the digest or block size in bytes. |
611 | ||
612 | =item EVP_md_null() | |
613 | ||
614 | Returns a pointer to the B<EVP_MD> structure of the "null" message digest. | |
615 | ||
616 | =item EVP_get_digestbyname(), | |
617 | EVP_get_digestbynid(), | |
618 | EVP_get_digestbyobj() | |
619 | ||
620 | Returns either an B<EVP_MD> structure or NULL if an error occurs. | |
621 | ||
675f4cee PY |
622 | =item EVP_MD_CTX_set_pkey_ctx() |
623 | ||
624 | This function has no return value. | |
625 | ||
d84f5515 MC |
626 | =item EVP_MD_names_do_all() |
627 | ||
628 | Returns 1 if the callback was called for all names. A return value of 0 means | |
629 | that the callback was not called for any names. | |
630 | ||
bbda8ce9 | 631 | =back |
3cbe1980 DSH |
632 | |
633 | =head1 NOTES | |
634 | ||
635 | The B<EVP> interface to message digests should almost always be used in | |
8c1cbc72 | 636 | preference to the low-level interfaces. This is because the code then becomes |
3cbe1980 DSH |
637 | transparent to the digest used and much more flexible. |
638 | ||
bbda8ce9 | 639 | New applications should use the SHA-2 (such as L<EVP_sha256(3)>) or the SHA-3 |
89f66fe2 | 640 | digest algorithms (such as L<EVP_sha3_512(3)>). The other digest algorithms |
641 | are still in common use. | |
3cbe1980 | 642 | |
041a96e7 | 643 | For most applications the I<impl> parameter to EVP_DigestInit_ex() will be |
e72d734d DSH |
644 | set to NULL to use the default digest implementation. |
645 | ||
7b3e11c5 | 646 | The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are |
e72d734d | 647 | obsolete but are retained to maintain compatibility with existing code. New |
7b3e11c5 | 648 | applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and |
e72d734d DSH |
649 | EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context |
650 | instead of initializing and cleaning it up on each call and allow non default | |
651 | implementations of digests to be specified. | |
652 | ||
fa332bba | 653 | If digest contexts are not cleaned up after use, |
7b3e11c5 | 654 | memory leaks will occur. |
13588350 | 655 | |
ed576acd TM |
656 | EVP_MD_CTX_get0_name(), EVP_MD_CTX_get_size(), EVP_MD_CTX_get_block_size(), |
657 | EVP_MD_CTX_get_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are | |
658 | defined as macros. | |
5a34fcd7 | 659 | |
52ad5b60 TS |
660 | EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration |
661 | or control. | |
5a34fcd7 | 662 | |
cda77422 | 663 | =head1 EXAMPLES |
3cbe1980 DSH |
664 | |
665 | This example digests the data "Test Message\n" and "Hello World\n", using the | |
666 | digest name passed on the command line. | |
667 | ||
668 | #include <stdio.h> | |
19ac1bf2 | 669 | #include <string.h> |
3cbe1980 DSH |
670 | #include <openssl/evp.h> |
671 | ||
19ac1bf2 | 672 | int main(int argc, char *argv[]) |
3cbe1980 | 673 | { |
2947af32 BB |
674 | EVP_MD_CTX *mdctx; |
675 | const EVP_MD *md; | |
676 | char mess1[] = "Test Message\n"; | |
677 | char mess2[] = "Hello World\n"; | |
678 | unsigned char md_value[EVP_MAX_MD_SIZE]; | |
19ac1bf2 | 679 | unsigned int md_len, i; |
2947af32 BB |
680 | |
681 | if (argv[1] == NULL) { | |
682 | printf("Usage: mdtest digestname\n"); | |
683 | exit(1); | |
684 | } | |
685 | ||
686 | md = EVP_get_digestbyname(argv[1]); | |
687 | if (md == NULL) { | |
688 | printf("Unknown message digest %s\n", argv[1]); | |
689 | exit(1); | |
690 | } | |
691 | ||
692 | mdctx = EVP_MD_CTX_new(); | |
5a7e9991 | 693 | EVP_DigestInit_ex2(mdctx, md, NULL); |
2947af32 BB |
694 | EVP_DigestUpdate(mdctx, mess1, strlen(mess1)); |
695 | EVP_DigestUpdate(mdctx, mess2, strlen(mess2)); | |
696 | EVP_DigestFinal_ex(mdctx, md_value, &md_len); | |
697 | EVP_MD_CTX_free(mdctx); | |
698 | ||
699 | printf("Digest is: "); | |
700 | for (i = 0; i < md_len; i++) | |
701 | printf("%02x", md_value[i]); | |
702 | printf("\n"); | |
703 | ||
704 | exit(0); | |
3cbe1980 DSH |
705 | } |
706 | ||
3cbe1980 DSH |
707 | =head1 SEE ALSO |
708 | ||
37842dfa | 709 | L<EVP_MD_meth_new(3)>, |
1903a9b7 | 710 | L<openssl-dgst(1)>, |
d5e5e2ff SL |
711 | L<evp(7)>, |
712 | L<OSSL_PROVIDER(3)>, | |
8809fdff P |
713 | L<OSSL_PARAM(3)>, |
714 | L<property(7)>, | |
715 | L<crypto(7)/ALGORITHM FETCHING>, | |
716 | L<provider-digest(7)>, | |
717 | L<life_cycle-digest(7)> | |
4facdbb5 | 718 | |
bbda8ce9 RT |
719 | The full list of digest algorithms are provided below. |
720 | ||
721 | L<EVP_blake2b512(3)>, | |
722 | L<EVP_md2(3)>, | |
723 | L<EVP_md4(3)>, | |
724 | L<EVP_md5(3)>, | |
725 | L<EVP_mdc2(3)>, | |
726 | L<EVP_ripemd160(3)>, | |
727 | L<EVP_sha1(3)>, | |
728 | L<EVP_sha224(3)>, | |
729 | L<EVP_sha3_224(3)>, | |
67e247fa | 730 | L<EVP_sm3(3)>, |
bbda8ce9 RT |
731 | L<EVP_whirlpool(3)> |
732 | ||
3cbe1980 DSH |
733 | =head1 HISTORY |
734 | ||
fc5ecadd DMSP |
735 | The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to |
736 | EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively. | |
25191fff | 737 | |
3fa39ed7 | 738 | The link between digests and signing algorithms was fixed in OpenSSL 1.0 and |
a95d7574 RS |
739 | later, so now EVP_sha1() can be used with RSA and DSA. |
740 | ||
fc5ecadd | 741 | The EVP_dss1() function was removed in OpenSSL 1.1.0. |
3fa39ed7 | 742 | |
1409b5f6 | 743 | The EVP_MD_CTX_set_pkey_ctx() function was added in OpenSSL 1.1.1. |
675f4cee | 744 | |
4d49b685 DDO |
745 | The EVP_Q_digest(), EVP_DigestInit_ex2(), |
746 | EVP_MD_fetch(), EVP_MD_free(), EVP_MD_up_ref(), | |
d618ac6f P |
747 | EVP_MD_get_params(), EVP_MD_CTX_set_params(), EVP_MD_CTX_get_params(), |
748 | EVP_MD_gettable_params(), EVP_MD_gettable_ctx_params(), | |
749 | EVP_MD_settable_ctx_params(), EVP_MD_CTX_settable_params() and | |
750 | EVP_MD_CTX_gettable_params() functions were added in OpenSSL 3.0. | |
751 | ||
31b7f23d TM |
752 | The EVP_MD_type(), EVP_MD_nid(), EVP_MD_name(), EVP_MD_pkey_type(), |
753 | EVP_MD_size(), EVP_MD_block_size(), EVP_MD_flags(), EVP_MD_CTX_size(), | |
754 | EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), and EVP_MD_CTX_md_data() | |
755 | functions were renamed to include C<get> or C<get0> in their names in | |
756 | OpenSSL 3.0, respectively. The old names are kept as non-deprecated | |
757 | alias macros. | |
758 | ||
f6c95e46 RS |
759 | The EVP_MD_CTX_md() function was deprecated in OpenSSL 3.0; use |
760 | EVP_MD_CTX_get0_md() instead. | |
761 | EVP_MD_CTX_update_fn() and EVP_MD_CTX_set_update_fn() were deprecated | |
1409b5f6 | 762 | in OpenSSL 3.0. |
d5e5e2ff | 763 | |
e2f92610 RS |
764 | =head1 COPYRIGHT |
765 | ||
a28d06f3 | 766 | Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 767 | |
4746f25a | 768 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
769 | this file except in compliance with the License. You can obtain a copy |
770 | in the file LICENSE in the source distribution or at | |
771 | L<https://www.openssl.org/source/license.html>. | |
772 | ||
773 | =cut |