1*b077aed3SPierre Pronchery=pod 2*b077aed3SPierre Pronchery 3*b077aed3SPierre Pronchery=head1 NAME 4*b077aed3SPierre Pronchery 5*b077aed3SPierre Proncheryprovider-digest - The digest library E<lt>-E<gt> provider functions 6*b077aed3SPierre Pronchery 7*b077aed3SPierre Pronchery=head1 SYNOPSIS 8*b077aed3SPierre Pronchery 9*b077aed3SPierre Pronchery=for openssl multiple includes 10*b077aed3SPierre Pronchery 11*b077aed3SPierre Pronchery #include <openssl/core_dispatch.h> 12*b077aed3SPierre Pronchery #include <openssl/core_names.h> 13*b077aed3SPierre Pronchery 14*b077aed3SPierre Pronchery /* 15*b077aed3SPierre Pronchery * Digests support the following function signatures in OSSL_DISPATCH arrays. 16*b077aed3SPierre Pronchery * (The function signatures are not actual functions). 17*b077aed3SPierre Pronchery */ 18*b077aed3SPierre Pronchery 19*b077aed3SPierre Pronchery /* Context management */ 20*b077aed3SPierre Pronchery void *OSSL_FUNC_digest_newctx(void *provctx); 21*b077aed3SPierre Pronchery void OSSL_FUNC_digest_freectx(void *dctx); 22*b077aed3SPierre Pronchery void *OSSL_FUNC_digest_dupctx(void *dctx); 23*b077aed3SPierre Pronchery 24*b077aed3SPierre Pronchery /* Digest generation */ 25*b077aed3SPierre Pronchery int OSSL_FUNC_digest_init(void *dctx, const OSSL_PARAM params[]); 26*b077aed3SPierre Pronchery int OSSL_FUNC_digest_update(void *dctx, const unsigned char *in, size_t inl); 27*b077aed3SPierre Pronchery int OSSL_FUNC_digest_final(void *dctx, unsigned char *out, size_t *outl, 28*b077aed3SPierre Pronchery size_t outsz); 29*b077aed3SPierre Pronchery int OSSL_FUNC_digest_digest(void *provctx, const unsigned char *in, size_t inl, 30*b077aed3SPierre Pronchery unsigned char *out, size_t *outl, size_t outsz); 31*b077aed3SPierre Pronchery 32*b077aed3SPierre Pronchery /* Digest parameter descriptors */ 33*b077aed3SPierre Pronchery const OSSL_PARAM *OSSL_FUNC_digest_gettable_params(void *provctx); 34*b077aed3SPierre Pronchery 35*b077aed3SPierre Pronchery /* Digest operation parameter descriptors */ 36*b077aed3SPierre Pronchery const OSSL_PARAM *OSSL_FUNC_digest_gettable_ctx_params(void *dctx, 37*b077aed3SPierre Pronchery void *provctx); 38*b077aed3SPierre Pronchery const OSSL_PARAM *OSSL_FUNC_digest_settable_ctx_params(void *dctx, 39*b077aed3SPierre Pronchery void *provctx); 40*b077aed3SPierre Pronchery 41*b077aed3SPierre Pronchery /* Digest parameters */ 42*b077aed3SPierre Pronchery int OSSL_FUNC_digest_get_params(OSSL_PARAM params[]); 43*b077aed3SPierre Pronchery 44*b077aed3SPierre Pronchery /* Digest operation parameters */ 45*b077aed3SPierre Pronchery int OSSL_FUNC_digest_set_ctx_params(void *dctx, const OSSL_PARAM params[]); 46*b077aed3SPierre Pronchery int OSSL_FUNC_digest_get_ctx_params(void *dctx, OSSL_PARAM params[]); 47*b077aed3SPierre Pronchery 48*b077aed3SPierre Pronchery=head1 DESCRIPTION 49*b077aed3SPierre Pronchery 50*b077aed3SPierre ProncheryThis documentation is primarily aimed at provider authors. See L<provider(7)> 51*b077aed3SPierre Proncheryfor further information. 52*b077aed3SPierre Pronchery 53*b077aed3SPierre ProncheryThe DIGEST operation enables providers to implement digest algorithms and make 54*b077aed3SPierre Proncherythem available to applications via the API functions L<EVP_DigestInit_ex(3)>, 55*b077aed3SPierre ProncheryL<EVP_DigestUpdate(3)> and L<EVP_DigestFinal(3)> (and other related functions). 56*b077aed3SPierre Pronchery 57*b077aed3SPierre ProncheryAll "functions" mentioned here are passed as function pointers between 58*b077aed3SPierre ProncheryF<libcrypto> and the provider in L<OSSL_DISPATCH(3)> arrays via 59*b077aed3SPierre ProncheryL<OSSL_ALGORITHM(3)> arrays that are returned by the provider's 60*b077aed3SPierre Proncheryprovider_query_operation() function 61*b077aed3SPierre Pronchery(see L<provider-base(7)/Provider Functions>). 62*b077aed3SPierre Pronchery 63*b077aed3SPierre ProncheryAll these "functions" have a corresponding function type definition 64*b077aed3SPierre Proncherynamed B<OSSL_FUNC_{name}_fn>, and a helper function to retrieve the 65*b077aed3SPierre Proncheryfunction pointer from an L<OSSL_DISPATCH(3)> element named 66*b077aed3SPierre ProncheryB<OSSL_FUNC_{name}>. 67*b077aed3SPierre ProncheryFor example, the "function" OSSL_FUNC_digest_newctx() has these: 68*b077aed3SPierre Pronchery 69*b077aed3SPierre Pronchery typedef void *(OSSL_FUNC_digest_newctx_fn)(void *provctx); 70*b077aed3SPierre Pronchery static ossl_inline OSSL_FUNC_digest_newctx_fn 71*b077aed3SPierre Pronchery OSSL_FUNC_digest_newctx(const OSSL_DISPATCH *opf); 72*b077aed3SPierre Pronchery 73*b077aed3SPierre ProncheryL<OSSL_DISPATCH(3)> arrays are indexed by numbers that are provided as 74*b077aed3SPierre Proncherymacros in L<openssl-core_dispatch.h(7)>, as follows: 75*b077aed3SPierre Pronchery 76*b077aed3SPierre Pronchery OSSL_FUNC_digest_newctx OSSL_FUNC_DIGEST_NEWCTX 77*b077aed3SPierre Pronchery OSSL_FUNC_digest_freectx OSSL_FUNC_DIGEST_FREECTX 78*b077aed3SPierre Pronchery OSSL_FUNC_digest_dupctx OSSL_FUNC_DIGEST_DUPCTX 79*b077aed3SPierre Pronchery 80*b077aed3SPierre Pronchery OSSL_FUNC_digest_init OSSL_FUNC_DIGEST_INIT 81*b077aed3SPierre Pronchery OSSL_FUNC_digest_update OSSL_FUNC_DIGEST_UPDATE 82*b077aed3SPierre Pronchery OSSL_FUNC_digest_final OSSL_FUNC_DIGEST_FINAL 83*b077aed3SPierre Pronchery OSSL_FUNC_digest_digest OSSL_FUNC_DIGEST_DIGEST 84*b077aed3SPierre Pronchery 85*b077aed3SPierre Pronchery OSSL_FUNC_digest_get_params OSSL_FUNC_DIGEST_GET_PARAMS 86*b077aed3SPierre Pronchery OSSL_FUNC_digest_get_ctx_params OSSL_FUNC_DIGEST_GET_CTX_PARAMS 87*b077aed3SPierre Pronchery OSSL_FUNC_digest_set_ctx_params OSSL_FUNC_DIGEST_SET_CTX_PARAMS 88*b077aed3SPierre Pronchery 89*b077aed3SPierre Pronchery OSSL_FUNC_digest_gettable_params OSSL_FUNC_DIGEST_GETTABLE_PARAMS 90*b077aed3SPierre Pronchery OSSL_FUNC_digest_gettable_ctx_params OSSL_FUNC_DIGEST_GETTABLE_CTX_PARAMS 91*b077aed3SPierre Pronchery OSSL_FUNC_digest_settable_ctx_params OSSL_FUNC_DIGEST_SETTABLE_CTX_PARAMS 92*b077aed3SPierre Pronchery 93*b077aed3SPierre ProncheryA digest algorithm implementation may not implement all of these functions. 94*b077aed3SPierre ProncheryIn order to be usable all or none of OSSL_FUNC_digest_newctx, OSSL_FUNC_digest_freectx, 95*b077aed3SPierre ProncheryOSSL_FUNC_digest_init, OSSL_FUNC_digest_update and OSSL_FUNC_digest_final should be implemented. 96*b077aed3SPierre ProncheryAll other functions are optional. 97*b077aed3SPierre Pronchery 98*b077aed3SPierre Pronchery=head2 Context Management Functions 99*b077aed3SPierre Pronchery 100*b077aed3SPierre ProncheryOSSL_FUNC_digest_newctx() should create and return a pointer to a provider side 101*b077aed3SPierre Proncherystructure for holding context information during a digest operation. 102*b077aed3SPierre ProncheryA pointer to this context will be passed back in a number of the other digest 103*b077aed3SPierre Proncheryoperation function calls. 104*b077aed3SPierre ProncheryThe parameter I<provctx> is the provider context generated during provider 105*b077aed3SPierre Proncheryinitialisation (see L<provider(7)>). 106*b077aed3SPierre Pronchery 107*b077aed3SPierre ProncheryOSSL_FUNC_digest_freectx() is passed a pointer to the provider side digest context in 108*b077aed3SPierre Proncherythe I<dctx> parameter. 109*b077aed3SPierre ProncheryThis function should free any resources associated with that context. 110*b077aed3SPierre Pronchery 111*b077aed3SPierre ProncheryOSSL_FUNC_digest_dupctx() should duplicate the provider side digest context in the 112*b077aed3SPierre ProncheryI<dctx> parameter and return the duplicate copy. 113*b077aed3SPierre Pronchery 114*b077aed3SPierre Pronchery=head2 Digest Generation Functions 115*b077aed3SPierre Pronchery 116*b077aed3SPierre ProncheryOSSL_FUNC_digest_init() initialises a digest operation given a newly created 117*b077aed3SPierre Proncheryprovider side digest context in the I<dctx> parameter. 118*b077aed3SPierre ProncheryThe I<params>, if not NULL, should be set on the context in a manner similar to 119*b077aed3SPierre Proncheryusing OSSL_FUNC_digest_set_ctx_params(). 120*b077aed3SPierre Pronchery 121*b077aed3SPierre ProncheryOSSL_FUNC_digest_update() is called to supply data to be digested as part of a 122*b077aed3SPierre Proncherypreviously initialised digest operation. 123*b077aed3SPierre ProncheryThe I<dctx> parameter contains a pointer to a previously initialised provider 124*b077aed3SPierre Proncheryside context. 125*b077aed3SPierre ProncheryOSSL_FUNC_digest_update() should digest I<inl> bytes of data at the location pointed to 126*b077aed3SPierre Proncheryby I<in>. 127*b077aed3SPierre ProncheryOSSL_FUNC_digest_update() may be called multiple times for a single digest operation. 128*b077aed3SPierre Pronchery 129*b077aed3SPierre ProncheryOSSL_FUNC_digest_final() generates a digest started through previous OSSL_FUNC_digest_init() 130*b077aed3SPierre Proncheryand OSSL_FUNC_digest_update() calls. 131*b077aed3SPierre ProncheryThe I<dctx> parameter contains a pointer to the provider side context. 132*b077aed3SPierre ProncheryThe digest should be written to I<*out> and the length of the digest to 133*b077aed3SPierre ProncheryI<*outl>. 134*b077aed3SPierre ProncheryThe digest should not exceed I<outsz> bytes. 135*b077aed3SPierre Pronchery 136*b077aed3SPierre ProncheryOSSL_FUNC_digest_digest() is a "oneshot" digest function. 137*b077aed3SPierre ProncheryNo provider side digest context is used. 138*b077aed3SPierre ProncheryInstead the provider context that was created during provider initialisation is 139*b077aed3SPierre Proncherypassed in the I<provctx> parameter (see L<provider(7)>). 140*b077aed3SPierre ProncheryI<inl> bytes at I<in> should be digested and the result should be stored at 141*b077aed3SPierre ProncheryI<out>. The length of the digest should be stored in I<*outl> which should not 142*b077aed3SPierre Proncheryexceed I<outsz> bytes. 143*b077aed3SPierre Pronchery 144*b077aed3SPierre Pronchery=head2 Digest Parameters 145*b077aed3SPierre Pronchery 146*b077aed3SPierre ProncherySee L<OSSL_PARAM(3)> for further details on the parameters structure used by 147*b077aed3SPierre Proncherythese functions. 148*b077aed3SPierre Pronchery 149*b077aed3SPierre ProncheryOSSL_FUNC_digest_get_params() gets details of the algorithm implementation 150*b077aed3SPierre Proncheryand stores them in I<params>. 151*b077aed3SPierre Pronchery 152*b077aed3SPierre ProncheryOSSL_FUNC_digest_set_ctx_params() sets digest operation parameters for the 153*b077aed3SPierre Proncheryprovider side digest context I<dctx> to I<params>. 154*b077aed3SPierre ProncheryAny parameter settings are additional to any that were previously set. 155*b077aed3SPierre ProncheryPassing NULL for I<params> should return true. 156*b077aed3SPierre Pronchery 157*b077aed3SPierre ProncheryOSSL_FUNC_digest_get_ctx_params() gets digest operation details details from 158*b077aed3SPierre Proncherythe given provider side digest context I<dctx> and stores them in I<params>. 159*b077aed3SPierre ProncheryPassing NULL for I<params> should return true. 160*b077aed3SPierre Pronchery 161*b077aed3SPierre ProncheryOSSL_FUNC_digest_gettable_params() returns a constant L<OSSL_PARAM(3)> array 162*b077aed3SPierre Proncherycontaining descriptors of the parameters that OSSL_FUNC_digest_get_params() 163*b077aed3SPierre Proncherycan handle. 164*b077aed3SPierre Pronchery 165*b077aed3SPierre ProncheryOSSL_FUNC_digest_gettable_ctx_params() and 166*b077aed3SPierre ProncheryOSSL_FUNC_digest_settable_ctx_params() both return constant 167*b077aed3SPierre ProncheryL<OSSL_PARAM(3)> arrays as descriptors of the parameters that 168*b077aed3SPierre ProncheryOSSL_FUNC_digest_get_ctx_params() and OSSL_FUNC_digest_set_ctx_params() 169*b077aed3SPierre Proncherycan handle, respectively. The array is based on the current state of 170*b077aed3SPierre Proncherythe provider side context if I<dctx> is not NULL and on the provider 171*b077aed3SPierre Proncheryside algorithm I<provctx> otherwise. 172*b077aed3SPierre Pronchery 173*b077aed3SPierre ProncheryParameters currently recognised by built-in digests with this function 174*b077aed3SPierre Proncheryare as follows. Not all parameters are relevant to, or are understood 175*b077aed3SPierre Proncheryby all digests: 176*b077aed3SPierre Pronchery 177*b077aed3SPierre Pronchery=over 4 178*b077aed3SPierre Pronchery 179*b077aed3SPierre Pronchery=item "blocksize" (B<OSSL_DIGEST_PARAM_BLOCK_SIZE>) <unsigned integer> 180*b077aed3SPierre Pronchery 181*b077aed3SPierre ProncheryThe digest block size. 182*b077aed3SPierre ProncheryThe length of the "blocksize" parameter should not exceed that of a B<size_t>. 183*b077aed3SPierre Pronchery 184*b077aed3SPierre Pronchery=item "size" (B<OSSL_DIGEST_PARAM_SIZE>) <unsigned integer> 185*b077aed3SPierre Pronchery 186*b077aed3SPierre ProncheryThe digest output size. 187*b077aed3SPierre ProncheryThe length of the "size" parameter should not exceed that of a B<size_t>. 188*b077aed3SPierre Pronchery 189*b077aed3SPierre Pronchery=item "flags" (B<OSSL_DIGEST_PARAM_FLAGS>) <unsigned integer> 190*b077aed3SPierre Pronchery 191*b077aed3SPierre ProncheryDiverse flags that describe exceptional behaviour for the digest: 192*b077aed3SPierre Pronchery 193*b077aed3SPierre Pronchery=over 4 194*b077aed3SPierre Pronchery 195*b077aed3SPierre Pronchery=item B<EVP_MD_FLAG_ONESHOT> 196*b077aed3SPierre Pronchery 197*b077aed3SPierre ProncheryThis digest method can only handle one block of input. 198*b077aed3SPierre Pronchery 199*b077aed3SPierre Pronchery=item B<EVP_MD_FLAG_XOF> 200*b077aed3SPierre Pronchery 201*b077aed3SPierre ProncheryThis digest method is an extensible-output function (XOF) and supports 202*b077aed3SPierre Proncherysetting the B<OSSL_DIGEST_PARAM_XOFLEN> parameter. 203*b077aed3SPierre Pronchery 204*b077aed3SPierre Pronchery=item B<EVP_MD_FLAG_DIGALGID_NULL> 205*b077aed3SPierre Pronchery 206*b077aed3SPierre ProncheryWhen setting up a DigestAlgorithmIdentifier, this flag will have the 207*b077aed3SPierre Proncheryparameter set to NULL by default. Use this for PKCS#1. I<Note: if 208*b077aed3SPierre Proncherycombined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.> 209*b077aed3SPierre Pronchery 210*b077aed3SPierre Pronchery=item B<EVP_MD_FLAG_DIGALGID_ABSENT> 211*b077aed3SPierre Pronchery 212*b077aed3SPierre ProncheryWhen setting up a DigestAlgorithmIdentifier, this flag will have the 213*b077aed3SPierre Proncheryparameter be left absent by default. I<Note: if combined with 214*b077aed3SPierre ProncheryEVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.> 215*b077aed3SPierre Pronchery 216*b077aed3SPierre Pronchery=item B<EVP_MD_FLAG_DIGALGID_CUSTOM> 217*b077aed3SPierre Pronchery 218*b077aed3SPierre ProncheryCustom DigestAlgorithmIdentifier handling via ctrl, with 219*b077aed3SPierre ProncheryB<EVP_MD_FLAG_DIGALGID_ABSENT> as default. I<Note: if combined with 220*b077aed3SPierre ProncheryEVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.> 221*b077aed3SPierre ProncheryCurrently unused. 222*b077aed3SPierre Pronchery 223*b077aed3SPierre Pronchery=back 224*b077aed3SPierre Pronchery 225*b077aed3SPierre ProncheryThe length of the "flags" parameter should equal that of an 226*b077aed3SPierre ProncheryB<unsigned long int>. 227*b077aed3SPierre Pronchery 228*b077aed3SPierre Pronchery=back 229*b077aed3SPierre Pronchery 230*b077aed3SPierre Pronchery=head2 Digest Context Parameters 231*b077aed3SPierre Pronchery 232*b077aed3SPierre ProncheryOSSL_FUNC_digest_set_ctx_params() sets digest parameters associated with the 233*b077aed3SPierre Proncherygiven provider side digest context I<dctx> to I<params>. 234*b077aed3SPierre ProncheryAny parameter settings are additional to any that were previously set. 235*b077aed3SPierre ProncherySee L<OSSL_PARAM(3)> for further details on the parameters structure. 236*b077aed3SPierre Pronchery 237*b077aed3SPierre ProncheryOSSL_FUNC_digest_get_ctx_params() gets details of currently set parameters 238*b077aed3SPierre Proncheryvalues associated with the give provider side digest context I<dctx> 239*b077aed3SPierre Proncheryand stores them in I<params>. 240*b077aed3SPierre ProncherySee L<OSSL_PARAM(3)> for further details on the parameters structure. 241*b077aed3SPierre Pronchery 242*b077aed3SPierre Pronchery=head1 RETURN VALUES 243*b077aed3SPierre Pronchery 244*b077aed3SPierre ProncheryOSSL_FUNC_digest_newctx() and OSSL_FUNC_digest_dupctx() should return the newly created 245*b077aed3SPierre Proncheryprovider side digest context, or NULL on failure. 246*b077aed3SPierre Pronchery 247*b077aed3SPierre ProncheryOSSL_FUNC_digest_init(), OSSL_FUNC_digest_update(), OSSL_FUNC_digest_final(), OSSL_FUNC_digest_digest(), 248*b077aed3SPierre ProncheryOSSL_FUNC_digest_set_params() and OSSL_FUNC_digest_get_params() should return 1 for success or 249*b077aed3SPierre Pronchery0 on error. 250*b077aed3SPierre Pronchery 251*b077aed3SPierre ProncheryOSSL_FUNC_digest_size() should return the digest size. 252*b077aed3SPierre Pronchery 253*b077aed3SPierre ProncheryOSSL_FUNC_digest_block_size() should return the block size of the underlying digest 254*b077aed3SPierre Proncheryalgorithm. 255*b077aed3SPierre Pronchery 256*b077aed3SPierre Pronchery=head1 BUGS 257*b077aed3SPierre Pronchery 258*b077aed3SPierre ProncheryThe EVP_Q_digest(), EVP_Digest() and EVP_DigestFinal_ex() API calls do not 259*b077aed3SPierre Proncheryexpect the digest size to be larger than EVP_MAX_MD_SIZE. Any algorithm which 260*b077aed3SPierre Proncheryproduces larger digests is unusable with those API calls. 261*b077aed3SPierre Pronchery 262*b077aed3SPierre Pronchery=head1 SEE ALSO 263*b077aed3SPierre Pronchery 264*b077aed3SPierre ProncheryL<provider(7)>, L<OSSL_PROVIDER-FIPS(7)>, L<OSSL_PROVIDER-default(7)>, 265*b077aed3SPierre ProncheryL<OSSL_PROVIDER-legacy(7)>, 266*b077aed3SPierre ProncheryL<EVP_MD-common(7)>, L<EVP_MD-BLAKE2(7)>, L<EVP_MD-MD2(7)>, 267*b077aed3SPierre ProncheryL<EVP_MD-MD4(7)>, L<EVP_MD-MD5(7)>, L<EVP_MD-MD5-SHA1(7)>, 268*b077aed3SPierre ProncheryL<EVP_MD-MDC2(7)>, L<EVP_MD-RIPEMD160(7)>, L<EVP_MD-SHA1(7)>, 269*b077aed3SPierre ProncheryL<EVP_MD-SHA2(7)>, L<EVP_MD-SHA3(7)>, L<EVP_MD-SHAKE(7)>, 270*b077aed3SPierre ProncheryL<EVP_MD-SM3(7)>, L<EVP_MD-WHIRLPOOL(7)>, 271*b077aed3SPierre ProncheryL<EVP_MD-NULL(7)>, 272*b077aed3SPierre ProncheryL<life_cycle-digest(7)>, L<EVP_DigestInit(3)> 273*b077aed3SPierre Pronchery 274*b077aed3SPierre Pronchery=head1 HISTORY 275*b077aed3SPierre Pronchery 276*b077aed3SPierre ProncheryThe provider DIGEST interface was introduced in OpenSSL 3.0. 277*b077aed3SPierre Pronchery 278*b077aed3SPierre Pronchery=head1 COPYRIGHT 279*b077aed3SPierre Pronchery 280*b077aed3SPierre ProncheryCopyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. 281*b077aed3SPierre Pronchery 282*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 283*b077aed3SPierre Proncherythis file except in compliance with the License. You can obtain a copy 284*b077aed3SPierre Proncheryin the file LICENSE in the source distribution or at 285*b077aed3SPierre ProncheryL<https://www.openssl.org/source/license.html>. 286*b077aed3SPierre Pronchery 287*b077aed3SPierre Pronchery=cut 288