EVP_DigestInit(3)EVP_DigestInit(3)NAME
EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal, EVP_MAX_MD_SIZE,
EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size,
EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size,
EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5,
EVP_sha, EVP_sha1, EVP_dss, EVP_dss1, EVP_mdc2, EVP_ripemd160,
EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj - EVP
digest routines
SYNOPSIS
#include <openssl/evp.h>
void EVP_DigestInit(
EVP_MD_CTX *ctx, const EVP_MD *type ); void EVP_DigestUpdate(
EVP_MD_CTX *ctx, const void *d, unsigned int cnt ); void
EVP_DigestFinal(
EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s );
#define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
int EVP_MD_CTX_copy(
EVP_MD_CTX *out,EVP_MD_CTX *in ); #define
EVP_MD_type(e) ((e)->type) #define
EVP_MD_pkey_type(e) ((e)->pkey_type)
#define EVP_MD_size(e)
((e)->md_size) #define
EVP_MD_block_size(e) ((e)->block_size)
#define EVP_MD_CTX_md(e) (e)->digest)
#define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest)
#define EVP_MD_CTX_block_size(e)
EVP_MD_block_size((e)->digest) #define
EVP_MD_CTX_type(e) EVP_MD_type((e)->digest)
EVP_MD *EVP_md_null(
void ); EVP_MD *EVP_md2(
void ); EVP_MD *EVP_md5(
void ); EVP_MD *EVP_sha(
void ); EVP_MD *EVP_sha1(
void ); EVP_MD *EVP_dss(
void ); EVP_MD *EVP_dss1(
void ); EVP_MD *EVP_mdc2(
void ); EVP_MD *EVP_ripemd160(
void ); const EVP_MD *EVP_get_digestbyname(
const char *name ); #define EVP_get_digestbynid(a)
EVP_get_digestbyname(OBJ_nid2sn(a)) #define EVP_get_digestbyobj(a)
EVP_get_digestbynid(OBJ_obj2nid(a))
DESCRIPTION
The EVP digest routines are a high level interface to message digests.
The EVP_DigestInit() function initializes a digest context ctx to use a
digest type. This will typically be supplied by a function such as
EVP_sha1().
The EVP_DigestUpdate() function hashes cnt bytes of data at d into the
digest context ctx. This function can be called several times on the
same ctx to hash additional data.
The EVP_DigestFinal() function retrieves the digest value from ctx and
places it in md. If the s parameter is not NULL then the number of
bytes of data written (i.e. the length of the digest) will be written
to the integer at s. At most EVP_MAX_MD_SIZE bytes will be written.
After calling EVP_DigestFinal() no additional calls to EVP_DigestUp‐
date() can be made, but EVP_DigestInit() can be called to initialize a
new digest operation.
The EVP_MD_CTX_copy() function can be used to copy the message digest
state from in to out. This is useful to hash large amounts of data
which only differ in the last few bytes.
The EVP_MD_size() and EVP_MD_CTX_size() functions return the size of
the message digest when passed an EVP_MD or an EVP_MD_CTX structure,
i.e. the size of the hash.
The EVP_MD_block_size() and EVP_MD_CTX_block_size() functions return
the block size of the message digest when passed an EVP_MD or an
EVP_MD_CTX structure.
The EVP_MD_type() and EVP_MD_CTX_type() functions return the NID of the
OBJECT IDENTIFIER representing the given message digest when passed an
EVP_MD structure. For example, EVP_MD_type(EVP_sha1()) returns
NID_sha1. This function is normally used when setting ASN1 OIDs.
The EVP_MD_CTX_md() function returns the EVP_MD structure corresponding
to the passed EVP_MD_CTX.
The EVP_MD_pkey_type() function returns the NID of the public key sign‐
ing algorithm associated with this digest. For example, EVP_sha1() is
associated with RSA so this will return NID_sha1WithRSAEncryption.
The EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_mdc2(), and
EVP_ripemd160() functions return EVP_MD structures for the MD2, MD5,
SHA, SHA1, MDC2 and RIPEMD160 digest algorithms respectively. The asso‐
ciated signature algorithm is RSA in each case.
The EVP_dss() and EVP_dss1() functions return EVP_MD structures for SHA
and SHA1 digest algorithms but using DSS (DSA) for the signature algo‐
rithm.
The EVP_md_null() function is a null message digest that does nothing.
The hash it returns is of zero length.
The EVP_get_digestbyname(), EVP_get_digestbynid(), and EVP_get_digest‐
byobj() functions return an EVP_MD structure when passed a digest name,
a digest NID or an ASN1_OBJECT structure respectively. The digest table
must be initialized using, for example, OpenSSL_add_all_digests(), for
these functions to work.
NOTES
The EVP interface to message digests should almost always be used in
preference to the low level interfaces. This is because the code then
becomes transparent to the digest used and much more flexible.
SHA1 is the digest of choice for new applications. The other digest
algorithms are still in common use.
RESTRICTIONS
Several of the functions do not return values. Although the internal
digest operations will never fail some future hardware based operations
might.
The link between digests and signing algorithms results in a situation
where the EVP_sha1() function must be used with RSA, and the EVP_dss1()
function must be used with DSS even though they are identical digests.
The size of an EVP_MD_CTX structure is determined at compile time. This
results in code that must be recompiled if the size of EVP_MD_CTX
increases.
RETURN VALUES
The EVP_DigestInit(), EVP_DigestUpdate(), and EVP_DigestFinal() func‐
tions do not return values.
The EVP_MD_CTX_copy() function returns 1 if successful or 0 for fail‐
ure.
The EVP_MD_type(), EVP_MD_pkey_type(), and EVP_MD_type() functions
return the NID of the corresponding OBJECT IDENTIFIER or NID_undef if
none exists.
The EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(),
EVP_MD_size(), EVP_MD_CTX_block_size(), and EVP_MD_block_size() func‐
tions return the digest or block size in bytes.
The EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(),
EVP_dss(), EVP_dss1(), EVP_mdc2(), and EVP_ripemd160() functions return
pointers to the corresponding EVP_MD structures.
The EVP_get_digestbyname(), EVP_get_digestbynid(), and EVP_get_digest‐
byobj() functions return either an EVP_MD structure or NULL if an error
occurs.
EXAMPLE
The following example digests the data "Test Message\n" and "Hello
World\n", using the digest name passed on the command line:
#include <stdio.h>
#include <openssl/evp.h>
main(int argc, char *argv[])
{
EVP_MD_CTX mdctx;
const EVP_MD *md;
char mess1[] = "Test Message\n";
char mess2[] = "Hello World\n";
unsigned char md_value[EVP_MAX_MD_SIZE];
int md_len, i;
OpenSSL_add_all_digests();
if(!argv[1]) {
printf("Usage: mdtest digestname\n"); exit (1);
}
md = EVP_get_digestbyname(argv[1]);
if(!md) {
printf("Unknown message digest %s\n", argv[1]);
exit (1);
}
EVP_DigestInit(&mdctx, md);
EVP_DigestUpdate(&mdctx, mess1, strlen(mess1));
EVP_DigestUpdate(&mdctx, mess2, strlen(mess2));
EVP_DigestFinal(&mdctx, md_value, &md_len);
printf("Digest is: ");
for(i = 0; i < md_len; i++) printf("%02x", md_value[i]);
printf("\n");
}
HISTORYEVP_DigestInit(), EVP_DigestUpdate(), and EVP_DigestFinal() are avail‐
able in all versions of SSLeay and OpenSSL.
SEE ALSO
Commands: dgst(1)
Functions: evp(3), hmac(3), md2(3), md5(3), mdc2(3), ripemd(3), sha(3),
EVP_DigestInit(3)