]>
Commit | Line | Data |
---|---|---|
3cbe1980 DSH |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
3fd70262 | 5 | EVP_MD_fetch, EVP_MD_up_ref, EVP_MD_free, |
ae3ff60e | 6 | EVP_MD_get_params, EVP_MD_gettable_params, |
37842dfa | 7 | EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy, |
ae3ff60e RL |
8 | EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, |
9 | EVP_MD_CTX_set_params, EVP_MD_CTX_get_params, | |
e6879a31 | 10 | EVP_MD_settable_ctx_params, EVP_MD_gettable_ctx_params, |
ae3ff60e | 11 | EVP_MD_CTX_settable_params, EVP_MD_CTX_gettable_params, |
d5e5e2ff | 12 | EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, |
5a7e9991 P |
13 | EVP_Digest, EVP_DigestInit_ex2, EVP_DigestInit_ex, EVP_DigestInit, |
14 | EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, | |
03888233 RL |
15 | EVP_MD_is_a, EVP_MD_name, EVP_MD_description, EVP_MD_number, |
16 | EVP_MD_names_do_all, EVP_MD_provider, | |
37842dfa | 17 | EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_flags, |
c750bc08 | 18 | EVP_MD_CTX_name, |
f6c95e46 RS |
19 | EVP_MD_CTX_md, EVP_MD_CTX_get0_md, EVP_MD_CTX_get1_md, |
20 | EVP_MD_CTX_type, EVP_MD_CTX_size, EVP_MD_CTX_block_size, | |
37842dfa | 21 | EVP_MD_CTX_md_data, EVP_MD_CTX_update_fn, EVP_MD_CTX_set_update_fn, |
a9cf71a3 | 22 | EVP_md_null, |
37842dfa | 23 | EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, |
c540f00f | 24 | EVP_MD_CTX_pkey_ctx, EVP_MD_CTX_set_pkey_ctx, |
251e610c | 25 | EVP_MD_do_all_provided |
c540f00f | 26 | - EVP digest routines |
3cbe1980 DSH |
27 | |
28 | =head1 SYNOPSIS | |
29 | ||
30 | #include <openssl/evp.h> | |
31 | ||
b4250010 | 32 | EVP_MD *EVP_MD_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, |
2cafb1df | 33 | const char *properties); |
3fd70262 RL |
34 | int EVP_MD_up_ref(EVP_MD *md); |
35 | void EVP_MD_free(EVP_MD *md); | |
ae3ff60e RL |
36 | int EVP_MD_get_params(const EVP_MD *digest, OSSL_PARAM params[]); |
37 | const OSSL_PARAM *EVP_MD_gettable_params(const EVP_MD *digest); | |
25191fff RL |
38 | EVP_MD_CTX *EVP_MD_CTX_new(void); |
39 | int EVP_MD_CTX_reset(EVP_MD_CTX *ctx); | |
40 | void EVP_MD_CTX_free(EVP_MD_CTX *ctx); | |
52ad5b60 | 41 | void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2); |
4e7991b4 | 42 | int EVP_MD_CTX_get_params(EVP_MD_CTX *ctx, OSSL_PARAM params[]); |
d5e5e2ff | 43 | int EVP_MD_CTX_set_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[]); |
e6879a31 MC |
44 | const OSSL_PARAM *EVP_MD_settable_ctx_params(const EVP_MD *md); |
45 | const OSSL_PARAM *EVP_MD_gettable_ctx_params(const EVP_MD *md); | |
46 | const OSSL_PARAM *EVP_MD_CTX_settable_params(EVP_MD_CTX *ctx); | |
47 | const OSSL_PARAM *EVP_MD_CTX_gettable_params(EVP_MD_CTX *ctx); | |
a9cf71a3 RL |
48 | void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags); |
49 | void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags); | |
50 | int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags); | |
e72d734d | 51 | |
37842dfa AS |
52 | int EVP_Digest(const void *data, size_t count, unsigned char *md, |
53 | unsigned int *size, const EVP_MD *type, ENGINE *impl); | |
5a7e9991 P |
54 | int EVP_DigestInit_ex2(EVP_MD_CTX *ctx, const EVP_MD *type, |
55 | const OSSL_PARAM params[]); | |
e72d734d | 56 | int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); |
109d3123 | 57 | int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); |
e9b77246 | 58 | int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s); |
cd8d1456 | 59 | int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len); |
e72d734d | 60 | |
aebb9aac | 61 | int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in); |
e72d734d DSH |
62 | |
63 | int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); | |
e9b77246 | 64 | int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s); |
3cbe1980 | 65 | |
aebb9aac | 66 | int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in); |
e72d734d | 67 | |
c750bc08 | 68 | const char *EVP_MD_name(const EVP_MD *md); |
03888233 | 69 | const char *EVP_MD_description(const EVP_MD *md); |
506cb0f6 | 70 | int EVP_MD_number(const EVP_MD *md); |
251e610c | 71 | int EVP_MD_is_a(const EVP_MD *md, const char *name); |
d84f5515 MC |
72 | int EVP_MD_names_do_all(const EVP_MD *md, |
73 | void (*fn)(const char *name, void *data), | |
74 | void *data); | |
1d2622d4 | 75 | const OSSL_PROVIDER *EVP_MD_provider(const EVP_MD *md); |
5a34fcd7 | 76 | int EVP_MD_type(const EVP_MD *md); |
05ea606a | 77 | int EVP_MD_pkey_type(const EVP_MD *md); |
5a34fcd7 DSH |
78 | int EVP_MD_size(const EVP_MD *md); |
79 | int EVP_MD_block_size(const EVP_MD *md); | |
37842dfa | 80 | unsigned long EVP_MD_flags(const EVP_MD *md); |
3cbe1980 | 81 | |
f6c95e46 RS |
82 | const EVP_MD *EVP_MD_CTX_get0_md(const EVP_MD_CTX *ctx); |
83 | EVP_MD *EVP_MD_CTX_get1_md(EVP_MD_CTX *ctx); | |
c750bc08 | 84 | const char *EVP_MD_CTX_name(const EVP_MD_CTX *ctx); |
7c2a981f RL |
85 | int EVP_MD_CTX_size(const EVP_MD_CTX *ctx); |
86 | int EVP_MD_CTX_block_size(const EVP_MD_CTX *ctx); | |
87 | int EVP_MD_CTX_type(const EVP_MD_CTX *ctx); | |
a9cf71a3 | 88 | void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx); |
3cbe1980 | 89 | |
13588350 | 90 | const EVP_MD *EVP_md_null(void); |
e4adad92 | 91 | |
3cbe1980 | 92 | const EVP_MD *EVP_get_digestbyname(const char *name); |
25191fff RL |
93 | const EVP_MD *EVP_get_digestbynid(int type); |
94 | const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o); | |
3cbe1980 | 95 | |
37842dfa | 96 | EVP_PKEY_CTX *EVP_MD_CTX_pkey_ctx(const EVP_MD_CTX *ctx); |
675f4cee PY |
97 | void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx); |
98 | ||
b4250010 | 99 | void EVP_MD_do_all_provided(OSSL_LIB_CTX *libctx, |
251e610c RL |
100 | void (*fn)(EVP_MD *mac, void *arg), |
101 | void *arg); | |
c540f00f | 102 | |
1409b5f6 RS |
103 | Deprecated since OpenSSL 3.0, can be hidden entirely by defining |
104 | B<OPENSSL_API_COMPAT> with a suitable version value, see | |
105 | L<openssl_user_macros(7)>: | |
106 | ||
f6c95e46 RS |
107 | const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx); |
108 | ||
1409b5f6 RS |
109 | int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx, |
110 | const void *data, size_t count); | |
111 | ||
112 | void EVP_MD_CTX_set_update_fn(EVP_MD_CTX *ctx, | |
113 | int (*update)(EVP_MD_CTX *ctx, | |
114 | const void *data, size_t count)); | |
115 | ||
3cbe1980 DSH |
116 | =head1 DESCRIPTION |
117 | ||
8c1cbc72 | 118 | The EVP digest routines are a high-level interface to message digests, |
3fd70262 RL |
119 | and should be used instead of the digest-specific functions. |
120 | ||
121 | The B<EVP_MD> type is a structure for digest method implementation. | |
3cbe1980 | 122 | |
bbda8ce9 | 123 | =over 4 |
25191fff | 124 | |
2cafb1df RL |
125 | =item EVP_MD_fetch() |
126 | ||
041a96e7 RL |
127 | Fetches the digest implementation for the given I<algorithm> from any |
128 | provider offering it, within the criteria given by the I<properties>. | |
906bced1 | 129 | See L<crypto(7)/ALGORITHM FETCHING> for further information. |
2cafb1df | 130 | |
3fd70262 RL |
131 | The returned value must eventually be freed with EVP_MD_free(). |
132 | ||
133 | Fetched B<EVP_MD> structures are reference counted. | |
134 | ||
135 | =item EVP_MD_up_ref() | |
136 | ||
137 | Increments the reference count for an B<EVP_MD> structure. | |
138 | ||
139 | =item EVP_MD_free() | |
140 | ||
141 | Decrements the reference count for the fetched B<EVP_MD> structure. | |
142 | If the reference count drops to 0 then the structure is freed. | |
2cafb1df | 143 | |
bbda8ce9 | 144 | =item EVP_MD_CTX_new() |
e72d734d | 145 | |
b45497c3 | 146 | Allocates and returns a digest context. |
e72d734d | 147 | |
bbda8ce9 | 148 | =item EVP_MD_CTX_reset() |
52ad5b60 | 149 | |
041a96e7 | 150 | Resets the digest context I<ctx>. This can be used to reuse an already |
bbda8ce9 | 151 | existing context. |
3cbe1980 | 152 | |
bbda8ce9 | 153 | =item EVP_MD_CTX_free() |
3cbe1980 | 154 | |
041a96e7 | 155 | Cleans up digest context I<ctx> and frees up the space allocated to it. |
3cbe1980 | 156 | |
bbda8ce9 RT |
157 | =item EVP_MD_CTX_ctrl() |
158 | ||
b5b91a79 | 159 | I<This is a legacy method. EVP_MD_CTX_set_params() and EVP_MD_CTX_get_params() |
d5e5e2ff | 160 | is the mechanism that should be used to set and get parameters that are used by |
b5b91a79 RL |
161 | providers.> |
162 | ||
041a96e7 RL |
163 | Performs digest-specific control actions on context I<ctx>. The control command |
164 | is indicated in I<cmd> and any additional arguments in I<p1> and I<p2>. | |
5a7e9991 | 165 | EVP_MD_CTX_ctrl() must be called after EVP_DigestInit_ex2(). Other restrictions |
37842dfa | 166 | may apply depending on the control type and digest implementation. |
b5b91a79 RL |
167 | |
168 | If this function happens to be used with a fetched B<EVP_MD>, it will | |
169 | translate the controls that are known to OpenSSL into L<OSSL_PARAM(3)> | |
170 | parameters with keys defined by OpenSSL and call EVP_MD_CTX_get_params() or | |
171 | EVP_MD_CTX_set_params() as is appropriate for each control command. | |
172 | ||
173 | See L</CONTROLS> below for more information, including what translations are | |
174 | being done. | |
bbda8ce9 | 175 | |
ae3ff60e RL |
176 | =item EVP_MD_get_params() |
177 | ||
041a96e7 | 178 | Retrieves the requested list of I<params> from a MD I<md>. |
2710e8a8 | 179 | See L</PARAMETERS> below for more information. |
ae3ff60e RL |
180 | |
181 | =item EVP_MD_CTX_get_params() | |
d5e5e2ff | 182 | |
041a96e7 | 183 | Retrieves the requested list of I<params> from a MD context I<ctx>. |
2710e8a8 | 184 | See L</PARAMETERS> below for more information. |
d5e5e2ff | 185 | |
ae3ff60e | 186 | =item EVP_MD_CTX_set_params() |
d5e5e2ff | 187 | |
041a96e7 | 188 | Sets the list of I<params> into a MD context I<ctx>. |
2710e8a8 | 189 | See L</PARAMETERS> below for more information. |
d5e5e2ff | 190 | |
d618ac6f P |
191 | =item EVP_MD_gettable_params() |
192 | ||
193 | Get a constant B<OSSL_PARAM> array that describes the retrievable parameters | |
194 | that can be used with EVP_MD_get_params(). See L<OSSL_PARAM(3)> for the | |
195 | use of B<OSSL_PARAM> as a parameter descriptor. | |
196 | ||
197 | =item EVP_MD_gettable_ctx_params(), EVP_MD_CTX_gettable_params() | |
198 | ||
199 | Get a constant B<OSSL_PARAM> array that describes the retrievable parameters | |
200 | that can be used with EVP_MD_CTX_get_params(). EVP_MD_gettable_ctx_params() | |
201 | returns the parameters that can be retrieved from the algorithm, whereas | |
202 | EVP_MD_CTX_gettable_params() returns the parameters that can be retrieved | |
203 | in the context's current state. See L<OSSL_PARAM(3)> for the use of | |
204 | B<OSSL_PARAM> as a parameter descriptor. | |
205 | ||
206 | =item EVP_MD_settable_ctx_params(), EVP_MD_CTX_settable_params() | |
207 | ||
208 | Get a constant B<OSSL_PARAM> array that describes the settable parameters | |
209 | that can be used with EVP_MD_CTX_set_params(). EVP_MD_settable_ctx_params() | |
210 | returns the parameters that can be set from the algorithm, whereas | |
211 | EVP_MD_CTX_settable_params() returns the parameters that can be set in the | |
212 | context's current state. See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> | |
213 | as a parameter descriptor. | |
ae3ff60e | 214 | |
a9cf71a3 RL |
215 | =item EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags() |
216 | ||
041a96e7 | 217 | Sets, clears and tests I<ctx> flags. See L</FLAGS> below for more information. |
a9cf71a3 | 218 | |
37842dfa AS |
219 | =item EVP_Digest() |
220 | ||
221 | A wrapper around the Digest Init_ex, Update and Final_ex functions. | |
041a96e7 RL |
222 | Hashes I<count> bytes of data at I<data> using a digest I<type> from ENGINE |
223 | I<impl>. The digest value is placed in I<md> and its length is written at I<size> | |
37842dfa | 224 | if the pointer is not NULL. At most B<EVP_MAX_MD_SIZE> bytes will be written. |
041a96e7 | 225 | If I<impl> is NULL the default implementation of digest I<type> is used. |
37842dfa | 226 | |
5a7e9991 P |
227 | =item EVP_DigestInit_ex2() |
228 | ||
229 | Sets up digest context I<ctx> to use a digest I<type>. | |
230 | I<type> is typically supplied by a function such as EVP_sha1(), or a | |
231 | value explicitly fetched with EVP_MD_fetch(). | |
232 | ||
233 | The parameters B<params> are set on the context after initialisation. | |
234 | ||
235 | The I<type> parameter can be NULL if I<ctx> has been already initialized | |
236 | with another EVP_DigestInit_ex() call and has not been reset with | |
237 | EVP_MD_CTX_reset(). | |
238 | ||
bbda8ce9 RT |
239 | =item EVP_DigestInit_ex() |
240 | ||
041a96e7 RL |
241 | Sets up digest context I<ctx> to use a digest I<type>. |
242 | I<type> is typically supplied by a function such as EVP_sha1(), or a | |
2cafb1df RL |
243 | value explicitly fetched with EVP_MD_fetch(). |
244 | ||
041a96e7 | 245 | If I<impl> is non-NULL, its implementation of the digest I<type> is used if |
2cafb1df | 246 | there is one, and if not, the default implementation is used. |
bbda8ce9 | 247 | |
2b407d05 TM |
248 | The I<type> parameter can be NULL if I<ctx> has been already initialized |
249 | with another EVP_DigestInit_ex() call and has not been reset with | |
250 | EVP_MD_CTX_reset(). | |
251 | ||
bbda8ce9 RT |
252 | =item EVP_DigestUpdate() |
253 | ||
041a96e7 RL |
254 | Hashes I<cnt> bytes of data at I<d> into the digest context I<ctx>. This |
255 | function can be called several times on the same I<ctx> to hash additional | |
bbda8ce9 RT |
256 | data. |
257 | ||
258 | =item EVP_DigestFinal_ex() | |
259 | ||
041a96e7 | 260 | Retrieves the digest value from I<ctx> and places it in I<md>. If the I<s> |
bbda8ce9 | 261 | parameter is not NULL then the number of bytes of data written (i.e. the |
041a96e7 | 262 | length of the digest) will be written to the integer at I<s>, at most |
bbda8ce9 | 263 | B<EVP_MAX_MD_SIZE> bytes will be written. After calling EVP_DigestFinal_ex() |
cd8d1456 | 264 | no additional calls to EVP_DigestUpdate() can be made, but |
5a7e9991 | 265 | EVP_DigestInit_ex2() can be called to initialize a new digest operation. |
bbda8ce9 RT |
266 | |
267 | =item EVP_DigestFinalXOF() | |
268 | ||
269 | Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. | |
3f2a8d97 | 270 | It retrieves the digest value from I<ctx> and places it in I<len>-sized I<md>. |
bbda8ce9 | 271 | After calling this function no additional calls to EVP_DigestUpdate() can be |
5a7e9991 | 272 | made, but EVP_DigestInit_ex2() can be called to initialize a new operation. |
bbda8ce9 RT |
273 | |
274 | =item EVP_MD_CTX_copy_ex() | |
275 | ||
041a96e7 | 276 | Can be used to copy the message digest state from I<in> to I<out>. This is |
bbda8ce9 | 277 | useful if large amounts of data are to be hashed which only differ in the last |
b45497c3 | 278 | few bytes. |
bbda8ce9 RT |
279 | |
280 | =item EVP_DigestInit() | |
281 | ||
5a7e9991 P |
282 | Behaves in the same way as EVP_DigestInit_ex2() except it doesn't set any |
283 | parameters and calls EVP_MD_CTX_reset() so it cannot be used with an I<type> | |
284 | of NULL. | |
bbda8ce9 RT |
285 | |
286 | =item EVP_DigestFinal() | |
287 | ||
2b407d05 TM |
288 | Similar to EVP_DigestFinal_ex() except after computing the digest |
289 | the digest context I<ctx> is automatically cleaned up with EVP_MD_CTX_reset(). | |
bbda8ce9 RT |
290 | |
291 | =item EVP_MD_CTX_copy() | |
cd8d1456 | 292 | |
041a96e7 | 293 | Similar to EVP_MD_CTX_copy_ex() except the destination I<out> does not have to |
bbda8ce9 | 294 | be initialized. |
e72d734d | 295 | |
251e610c RL |
296 | =item EVP_MD_is_a() |
297 | ||
298 | Returns 1 if I<md> is an implementation of an algorithm that's | |
299 | identifiable with I<name>, otherwise 0. | |
300 | ||
e4a1d023 RL |
301 | If I<md> is a legacy digest (it's the return value from the likes of |
302 | EVP_sha256() rather than the result of an EVP_MD_fetch()), only cipher | |
303 | names registered with the default library context (see | |
b4250010 | 304 | L<OSSL_LIB_CTX(3)>) will be considered. |
e4a1d023 | 305 | |
506cb0f6 RL |
306 | =item EVP_MD_number() |
307 | ||
308 | Returns the internal dynamic number assigned to the I<md>. This is | |
309 | only useful with fetched B<EVP_MD>s. | |
310 | ||
c750bc08 RL |
311 | =item EVP_MD_name(), |
312 | EVP_MD_CTX_name() | |
313 | ||
251e610c | 314 | Return the name of the given message digest. For fetched message |
f651c727 RL |
315 | digests with multiple names, only one of them is returned; it's |
316 | recommended to use EVP_MD_names_do_all() instead. | |
317 | ||
318 | =item EVP_MD_names_do_all() | |
319 | ||
320 | Traverses all names for the I<md>, and calls I<fn> with each name and | |
321 | I<data>. This is only useful with fetched B<EVP_MD>s. | |
c750bc08 | 322 | |
03888233 RL |
323 | =item EVP_MD_description() |
324 | ||
325 | Returns a description of the digest, meant for display and human consumption. | |
326 | The description is at the discretion of the digest implementation. | |
327 | ||
1d2622d4 RL |
328 | =item EVP_MD_provider() |
329 | ||
330 | Returns an B<OSSL_PROVIDER> pointer to the provider that implements the given | |
331 | B<EVP_MD>. | |
332 | ||
bbda8ce9 RT |
333 | =item EVP_MD_size(), |
334 | EVP_MD_CTX_size() | |
e72d734d | 335 | |
bbda8ce9 RT |
336 | Return the size of the message digest when passed an B<EVP_MD> or an |
337 | B<EVP_MD_CTX> structure, i.e. the size of the hash. | |
e72d734d | 338 | |
bbda8ce9 RT |
339 | =item EVP_MD_block_size(), |
340 | EVP_MD_CTX_block_size() | |
3cbe1980 | 341 | |
bbda8ce9 RT |
342 | Return the block size of the message digest when passed an B<EVP_MD> or an |
343 | B<EVP_MD_CTX> structure. | |
3cbe1980 | 344 | |
bbda8ce9 RT |
345 | =item EVP_MD_type(), |
346 | EVP_MD_CTX_type() | |
3cbe1980 | 347 | |
bbda8ce9 RT |
348 | Return the NID of the OBJECT IDENTIFIER representing the given message digest |
349 | when passed an B<EVP_MD> structure. For example, C<EVP_MD_type(EVP_sha1())> | |
350 | returns B<NID_sha1>. This function is normally used when setting ASN1 OIDs. | |
3cbe1980 | 351 | |
a9cf71a3 RL |
352 | =item EVP_MD_CTX_md_data() |
353 | ||
354 | Return the digest method private data for the passed B<EVP_MD_CTX>. | |
355 | The space is allocated by OpenSSL and has the size originally set with | |
356 | EVP_MD_meth_set_app_datasize(). | |
357 | ||
f6c95e46 | 358 | =item EVP_MD_CTX_get0_md(), EVP_MD_CTX_get1_md() |
3cbe1980 | 359 | |
f6c95e46 RS |
360 | EVP_MD_CTX_get0_md() returns |
361 | the B<EVP_MD> structure corresponding to the passed B<EVP_MD_CTX>. This | |
5a7e9991 | 362 | will be the same B<EVP_MD> object originally passed to EVP_DigestInit_ex2() (or |
b7c913c8 MC |
363 | other similar function) when the EVP_MD_CTX was first initialised. Note that |
364 | where explicit fetch is in use (see L<EVP_MD_fetch(3)>) the value returned from | |
365 | this function will not have its reference count incremented and therefore it | |
366 | should not be used after the EVP_MD_CTX is freed. | |
f6c95e46 RS |
367 | EVP_MD_CTX_get1_md() is the same except the ownership is passed to the |
368 | caller and is from the passed B<EVP_MD_CTX>. | |
3cbe1980 | 369 | |
37842dfa AS |
370 | =item EVP_MD_CTX_set_update_fn() |
371 | ||
041a96e7 | 372 | Sets the update function for I<ctx> to I<update>. |
1409b5f6 | 373 | This is the function that is called by EVP_DigestUpdate(). If not set, the |
37842dfa AS |
374 | update function from the B<EVP_MD> type specified at initialization is used. |
375 | ||
376 | =item EVP_MD_CTX_update_fn() | |
377 | ||
041a96e7 | 378 | Returns the update function for I<ctx>. |
37842dfa AS |
379 | |
380 | =item EVP_MD_flags() | |
381 | ||
041a96e7 | 382 | Returns the I<md> flags. Note that these are different from the B<EVP_MD_CTX> |
37842dfa AS |
383 | ones. See L<EVP_MD_meth_set_flags(3)> for more information. |
384 | ||
bbda8ce9 | 385 | =item EVP_MD_pkey_type() |
3cbe1980 | 386 | |
bbda8ce9 RT |
387 | Returns the NID of the public key signing algorithm associated with this |
388 | digest. For example EVP_sha1() is associated with RSA so this will return | |
389 | B<NID_sha1WithRSAEncryption>. Since digests and signature algorithms are no | |
390 | longer linked this function is only retained for compatibility reasons. | |
3cbe1980 | 391 | |
bbda8ce9 RT |
392 | =item EVP_md_null() |
393 | ||
394 | A "null" message digest that does nothing: i.e. the hash it returns is of zero | |
395 | length. | |
396 | ||
397 | =item EVP_get_digestbyname(), | |
398 | EVP_get_digestbynid(), | |
399 | EVP_get_digestbyobj() | |
400 | ||
401 | Returns an B<EVP_MD> structure when passed a digest name, a digest B<NID> or an | |
402 | B<ASN1_OBJECT> structure respectively. | |
403 | ||
37842dfa AS |
404 | =item EVP_MD_CTX_pkey_ctx() |
405 | ||
041a96e7 | 406 | Returns the B<EVP_PKEY_CTX> assigned to I<ctx>. The returned pointer should not |
37842dfa AS |
407 | be freed by the caller. |
408 | ||
675f4cee PY |
409 | =item EVP_MD_CTX_set_pkey_ctx() |
410 | ||
411 | Assigns an B<EVP_PKEY_CTX> to B<EVP_MD_CTX>. This is usually used to provide | |
37842dfa | 412 | a customized B<EVP_PKEY_CTX> to L<EVP_DigestSignInit(3)> or |
041a96e7 RL |
413 | L<EVP_DigestVerifyInit(3)>. The I<pctx> passed to this function should be freed |
414 | by the caller. A NULL I<pctx> pointer is also allowed to clear the B<EVP_PKEY_CTX> | |
415 | assigned to I<ctx>. In such case, freeing the cleared B<EVP_PKEY_CTX> or not | |
81c79453 | 416 | depends on how the B<EVP_PKEY_CTX> is created. |
675f4cee | 417 | |
251e610c | 418 | =item EVP_MD_do_all_provided() |
c540f00f RL |
419 | |
420 | Traverses all messages digests implemented by all activated providers | |
421 | in the given library context I<libctx>, and for each of the implementations, | |
422 | calls the given function I<fn> with the implementation method and the given | |
423 | I<arg> as argument. | |
424 | ||
bbda8ce9 | 425 | =back |
3cbe1980 | 426 | |
2710e8a8 | 427 | =head1 PARAMETERS |
d5e5e2ff SL |
428 | |
429 | See L<OSSL_PARAM(3)> for information about passing parameters. | |
430 | ||
431 | EVP_MD_CTX_set_params() can be used with the following OSSL_PARAM keys: | |
432 | ||
433 | =over 4 | |
434 | ||
af53092c | 435 | =item "xoflen" (B<OSSL_DIGEST_PARAM_XOFLEN>) <unsigned integer> |
d5e5e2ff SL |
436 | |
437 | Sets the digest length for extendable output functions. | |
7b6b194b P |
438 | It is used by the SHAKE algorithm and should not exceed what can be given |
439 | using a B<size_t>. | |
d5e5e2ff | 440 | |
af53092c | 441 | =item "pad-type" (B<OSSL_DIGEST_PARAM_PAD_TYPE>) <unsigned integer> |
d5e5e2ff | 442 | |
041a96e7 | 443 | Sets the padding type. |
d5e5e2ff SL |
444 | It is used by the MDC2 algorithm. |
445 | ||
446 | =back | |
447 | ||
448 | EVP_MD_CTX_get_params() can be used with the following OSSL_PARAM keys: | |
449 | ||
450 | =over 4 | |
451 | ||
0c452a51 | 452 | =item "micalg" (B<OSSL_PARAM_DIGEST_KEY_MICALG>) <UTF8 string>. |
d5e5e2ff SL |
453 | |
454 | Gets the digest Message Integrity Check algorithm string. This is used when | |
455 | creating S/MIME multipart/signed messages, as specified in RFC 3851. | |
456 | It may be used by external engines or providers. | |
457 | ||
458 | =back | |
459 | ||
37842dfa AS |
460 | =head1 CONTROLS |
461 | ||
462 | EVP_MD_CTX_ctrl() can be used to send the following standard controls: | |
463 | ||
464 | =over 4 | |
465 | ||
466 | =item EVP_MD_CTRL_MICALG | |
467 | ||
468 | Gets the digest Message Integrity Check algorithm string. This is used when | |
469 | creating S/MIME multipart/signed messages, as specified in RFC 3851. | |
041a96e7 | 470 | The string value is written to I<p2>. |
37842dfa | 471 | |
b5b91a79 RL |
472 | When used with a fetched B<EVP_MD>, EVP_MD_CTX_get_params() gets called with |
473 | an L<OSSL_PARAM(3)> item with the key "micalg" (B<OSSL_DIGEST_PARAM_MICALG>). | |
474 | ||
37842dfa AS |
475 | =item EVP_MD_CTRL_XOF_LEN |
476 | ||
041a96e7 | 477 | This control sets the digest length for extendable output functions to I<p1>. |
37842dfa | 478 | Sending this control directly should not be necessary, the use of |
041a96e7 | 479 | EVP_DigestFinalXOF() is preferred. |
37842dfa AS |
480 | Currently used by SHAKE. |
481 | ||
b5b91a79 RL |
482 | When used with a fetched B<EVP_MD>, EVP_MD_CTX_get_params() gets called with |
483 | an L<OSSL_PARAM(3)> item with the key "xoflen" (B<OSSL_DIGEST_PARAM_XOFLEN>). | |
484 | ||
37842dfa AS |
485 | =back |
486 | ||
a9cf71a3 RL |
487 | =head1 FLAGS |
488 | ||
489 | EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() | |
490 | can be used the manipulate and test these B<EVP_MD_CTX> flags: | |
491 | ||
492 | =over 4 | |
493 | ||
494 | =item EVP_MD_CTX_FLAG_ONESHOT | |
495 | ||
496 | This flag instructs the digest to optimize for one update only, if possible. | |
497 | ||
498 | =for comment EVP_MD_CTX_FLAG_CLEANED is internal, don't mention it | |
499 | ||
500 | =for comment EVP_MD_CTX_FLAG_REUSE is internal, don't mention it | |
501 | ||
502 | =for comment We currently avoid documenting flags that are only bit holder: | |
503 | EVP_MD_CTX_FLAG_NON_FIPS_ALLOW, EVP_MD_CTX_FLAGS_PAD_* | |
504 | ||
505 | =item EVP_MD_CTX_FLAG_NO_INIT | |
506 | ||
507 | This flag instructs EVP_DigestInit() and similar not to initialise the | |
508 | implementation specific data. | |
509 | ||
510 | =item EVP_MD_CTX_FLAG_FINALISE | |
511 | ||
512 | Some functions such as EVP_DigestSign only finalise copies of internal | |
513 | contexts so additional data can be included after the finalisation call. | |
514 | This is inefficient if this functionality is not required, and can be | |
515 | disabled with this flag. | |
516 | ||
517 | =back | |
518 | ||
3cbe1980 DSH |
519 | =head1 RETURN VALUES |
520 | ||
bbda8ce9 RT |
521 | =over 4 |
522 | ||
2cafb1df RL |
523 | =item EVP_MD_fetch() |
524 | ||
525 | Returns a pointer to a B<EVP_MD> for success or NULL for failure. | |
526 | ||
3fd70262 RL |
527 | =item EVP_MD_up_ref() |
528 | ||
529 | Returns 1 for success or 0 for failure. | |
530 | ||
5a7e9991 P |
531 | =item EVP_DigestInit_ex2(), |
532 | EVP_DigestInit_ex(), | |
bbda8ce9 RT |
533 | EVP_DigestUpdate(), |
534 | EVP_DigestFinal_ex() | |
535 | ||
536 | Returns 1 for | |
13588350 | 537 | success and 0 for failure. |
3cbe1980 | 538 | |
bbda8ce9 RT |
539 | =item EVP_MD_CTX_ctrl() |
540 | ||
541 | Returns 1 if successful or 0 for failure. | |
542 | ||
d5e5e2ff SL |
543 | =item EVP_MD_CTX_set_params(), |
544 | EVP_MD_CTX_get_params() | |
545 | ||
546 | Returns 1 if successful or 0 for failure. | |
547 | ||
ae3ff60e RL |
548 | =item EVP_MD_CTX_settable_params(), |
549 | EVP_MD_CTX_gettable_params() | |
550 | ||
551 | Return an array of constant B<OSSL_PARAM>s, or NULL if there is none | |
552 | to get. | |
553 | ||
bbda8ce9 | 554 | =item EVP_MD_CTX_copy_ex() |
52ad5b60 | 555 | |
bbda8ce9 | 556 | Returns 1 if successful or 0 for failure. |
3cbe1980 | 557 | |
bbda8ce9 | 558 | =item EVP_MD_type(), |
37842dfa | 559 | EVP_MD_pkey_type() |
3cbe1980 | 560 | |
bbda8ce9 RT |
561 | Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none |
562 | exists. | |
3cbe1980 | 563 | |
bbda8ce9 RT |
564 | =item EVP_MD_size(), |
565 | EVP_MD_block_size(), | |
566 | EVP_MD_CTX_size(), | |
567 | EVP_MD_CTX_block_size() | |
3cbe1980 | 568 | |
bbda8ce9 RT |
569 | Returns the digest or block size in bytes. |
570 | ||
571 | =item EVP_md_null() | |
572 | ||
573 | Returns a pointer to the B<EVP_MD> structure of the "null" message digest. | |
574 | ||
575 | =item EVP_get_digestbyname(), | |
576 | EVP_get_digestbynid(), | |
577 | EVP_get_digestbyobj() | |
578 | ||
579 | Returns either an B<EVP_MD> structure or NULL if an error occurs. | |
580 | ||
675f4cee PY |
581 | =item EVP_MD_CTX_set_pkey_ctx() |
582 | ||
583 | This function has no return value. | |
584 | ||
d84f5515 MC |
585 | =item EVP_MD_names_do_all() |
586 | ||
587 | Returns 1 if the callback was called for all names. A return value of 0 means | |
588 | that the callback was not called for any names. | |
589 | ||
bbda8ce9 | 590 | =back |
3cbe1980 DSH |
591 | |
592 | =head1 NOTES | |
593 | ||
594 | The B<EVP> interface to message digests should almost always be used in | |
8c1cbc72 | 595 | preference to the low-level interfaces. This is because the code then becomes |
3cbe1980 DSH |
596 | transparent to the digest used and much more flexible. |
597 | ||
bbda8ce9 | 598 | New applications should use the SHA-2 (such as L<EVP_sha256(3)>) or the SHA-3 |
89f66fe2 | 599 | digest algorithms (such as L<EVP_sha3_512(3)>). The other digest algorithms |
600 | are still in common use. | |
3cbe1980 | 601 | |
041a96e7 | 602 | For most applications the I<impl> parameter to EVP_DigestInit_ex() will be |
e72d734d DSH |
603 | set to NULL to use the default digest implementation. |
604 | ||
7b3e11c5 | 605 | The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are |
e72d734d | 606 | obsolete but are retained to maintain compatibility with existing code. New |
7b3e11c5 | 607 | applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and |
e72d734d DSH |
608 | EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context |
609 | instead of initializing and cleaning it up on each call and allow non default | |
610 | implementations of digests to be specified. | |
611 | ||
fa332bba | 612 | If digest contexts are not cleaned up after use, |
7b3e11c5 | 613 | memory leaks will occur. |
13588350 | 614 | |
c750bc08 RL |
615 | EVP_MD_CTX_name(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), |
616 | EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined | |
617 | as macros. | |
5a34fcd7 | 618 | |
52ad5b60 TS |
619 | EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration |
620 | or control. | |
5a34fcd7 | 621 | |
cda77422 | 622 | =head1 EXAMPLES |
3cbe1980 DSH |
623 | |
624 | This example digests the data "Test Message\n" and "Hello World\n", using the | |
625 | digest name passed on the command line. | |
626 | ||
627 | #include <stdio.h> | |
19ac1bf2 | 628 | #include <string.h> |
3cbe1980 DSH |
629 | #include <openssl/evp.h> |
630 | ||
19ac1bf2 | 631 | int main(int argc, char *argv[]) |
3cbe1980 | 632 | { |
2947af32 BB |
633 | EVP_MD_CTX *mdctx; |
634 | const EVP_MD *md; | |
635 | char mess1[] = "Test Message\n"; | |
636 | char mess2[] = "Hello World\n"; | |
637 | unsigned char md_value[EVP_MAX_MD_SIZE]; | |
19ac1bf2 | 638 | unsigned int md_len, i; |
2947af32 BB |
639 | |
640 | if (argv[1] == NULL) { | |
641 | printf("Usage: mdtest digestname\n"); | |
642 | exit(1); | |
643 | } | |
644 | ||
645 | md = EVP_get_digestbyname(argv[1]); | |
646 | if (md == NULL) { | |
647 | printf("Unknown message digest %s\n", argv[1]); | |
648 | exit(1); | |
649 | } | |
650 | ||
651 | mdctx = EVP_MD_CTX_new(); | |
5a7e9991 | 652 | EVP_DigestInit_ex2(mdctx, md, NULL); |
2947af32 BB |
653 | EVP_DigestUpdate(mdctx, mess1, strlen(mess1)); |
654 | EVP_DigestUpdate(mdctx, mess2, strlen(mess2)); | |
655 | EVP_DigestFinal_ex(mdctx, md_value, &md_len); | |
656 | EVP_MD_CTX_free(mdctx); | |
657 | ||
658 | printf("Digest is: "); | |
659 | for (i = 0; i < md_len; i++) | |
660 | printf("%02x", md_value[i]); | |
661 | printf("\n"); | |
662 | ||
663 | exit(0); | |
3cbe1980 DSH |
664 | } |
665 | ||
3cbe1980 DSH |
666 | =head1 SEE ALSO |
667 | ||
37842dfa | 668 | L<EVP_MD_meth_new(3)>, |
1903a9b7 | 669 | L<openssl-dgst(1)>, |
d5e5e2ff SL |
670 | L<evp(7)>, |
671 | L<OSSL_PROVIDER(3)>, | |
672 | L<OSSL_PARAM(3)> | |
4facdbb5 | 673 | |
bbda8ce9 RT |
674 | The full list of digest algorithms are provided below. |
675 | ||
676 | L<EVP_blake2b512(3)>, | |
677 | L<EVP_md2(3)>, | |
678 | L<EVP_md4(3)>, | |
679 | L<EVP_md5(3)>, | |
680 | L<EVP_mdc2(3)>, | |
681 | L<EVP_ripemd160(3)>, | |
682 | L<EVP_sha1(3)>, | |
683 | L<EVP_sha224(3)>, | |
684 | L<EVP_sha3_224(3)>, | |
67e247fa | 685 | L<EVP_sm3(3)>, |
bbda8ce9 | 686 | L<EVP_whirlpool(3)> |
906bced1 | 687 | L<crypto(7)/ALGORITHM FETCHING> |
bbda8ce9 | 688 | |
3cbe1980 DSH |
689 | =head1 HISTORY |
690 | ||
fc5ecadd DMSP |
691 | The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to |
692 | EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively. | |
25191fff | 693 | |
3fa39ed7 | 694 | The link between digests and signing algorithms was fixed in OpenSSL 1.0 and |
a95d7574 RS |
695 | later, so now EVP_sha1() can be used with RSA and DSA. |
696 | ||
fc5ecadd | 697 | The EVP_dss1() function was removed in OpenSSL 1.1.0. |
3fa39ed7 | 698 | |
1409b5f6 | 699 | The EVP_MD_CTX_set_pkey_ctx() function was added in OpenSSL 1.1.1. |
675f4cee | 700 | |
5a7e9991 | 701 | The EVP_DigestInit_ex2(), EVP_MD_fetch(), EVP_MD_free(), EVP_MD_up_ref(), |
d618ac6f P |
702 | EVP_MD_get_params(), EVP_MD_CTX_set_params(), EVP_MD_CTX_get_params(), |
703 | EVP_MD_gettable_params(), EVP_MD_gettable_ctx_params(), | |
704 | EVP_MD_settable_ctx_params(), EVP_MD_CTX_settable_params() and | |
705 | EVP_MD_CTX_gettable_params() functions were added in OpenSSL 3.0. | |
706 | ||
f6c95e46 RS |
707 | The EVP_MD_CTX_md() function was deprecated in OpenSSL 3.0; use |
708 | EVP_MD_CTX_get0_md() instead. | |
709 | EVP_MD_CTX_update_fn() and EVP_MD_CTX_set_update_fn() were deprecated | |
1409b5f6 | 710 | in OpenSSL 3.0. |
d5e5e2ff | 711 | |
e2f92610 RS |
712 | =head1 COPYRIGHT |
713 | ||
a28d06f3 | 714 | Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 715 | |
4746f25a | 716 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
717 | this file except in compliance with the License. You can obtain a copy |
718 | in the file LICENSE in the source distribution or at | |
719 | L<https://www.openssl.org/source/license.html>. | |
720 | ||
721 | =cut |