xref: /freebsd/lib/libmd/sha.3 (revision 42c159fe388a3765f69860c84183700af37aca8a) 
1c177a86bSGarrett Wollman.\"
2c177a86bSGarrett Wollman.\" ----------------------------------------------------------------------------
3c177a86bSGarrett Wollman.\" "THE BEER-WARE LICENSE" (Revision 42):
442c159feSPoul-Henning Kamp.\" <phk@FreeBSD.org> wrote this file.  As long as you retain this notice you
5c177a86bSGarrett Wollman.\" can do whatever you want with this stuff. If we meet some day, and you think
6c177a86bSGarrett Wollman.\" this stuff is worth it, you can buy me a beer in return.   Poul-Henning Kamp
7c177a86bSGarrett Wollman.\" ----------------------------------------------------------------------------
8c177a86bSGarrett Wollman.\"
9c177a86bSGarrett Wollman.\" 	From: Id: mdX.3,v 1.14 1999/02/11 20:31:49 wollman Exp
107f3dea24SPeter Wemm.\" $FreeBSD$
11c177a86bSGarrett Wollman.\"
12c177a86bSGarrett Wollman.Dd February 25, 1999
13d00ed299SGarrett Wollman.Dt SHA 3
14a307d598SRuslan Ermilov.Os
15c177a86bSGarrett Wollman.Sh NAME
16c177a86bSGarrett Wollman.Nm SHA_Init ,
17c177a86bSGarrett Wollman.Nm SHA_Update ,
18c177a86bSGarrett Wollman.Nm SHA_Final ,
19c177a86bSGarrett Wollman.Nm SHA_End ,
20c177a86bSGarrett Wollman.Nm SHA_File ,
218a24546cSPoul-Henning Kamp.Nm SHA_FileChunk ,
22c177a86bSGarrett Wollman.Nm SHA_Data ,
23c177a86bSGarrett Wollman.Nm SHA1_Init ,
24c177a86bSGarrett Wollman.Nm SHA1_Update ,
25c177a86bSGarrett Wollman.Nm SHA1_Final ,
26c177a86bSGarrett Wollman.Nm SHA1_End ,
27c177a86bSGarrett Wollman.Nm SHA1_File ,
288a24546cSPoul-Henning Kamp.Nm SHA1_FileChunk ,
29c177a86bSGarrett Wollman.Nm SHA1_Data
30c177a86bSGarrett Wollman.Nd calculate the FIPS 160 and 160-1 ``SHA'' message digests
319452ceebSAlexey Zelkin.Sh LIBRARY
329452ceebSAlexey Zelkin.Lb libmd
33c177a86bSGarrett Wollman.Sh SYNOPSIS
3432eef9aeSRuslan Ermilov.In sys/types.h
3532eef9aeSRuslan Ermilov.In sha.h
36c177a86bSGarrett Wollman.Ft void
37c177a86bSGarrett Wollman.Fn SHA_Init "SHA_CTX *context"
38c177a86bSGarrett Wollman.Ft void
39c177a86bSGarrett Wollman.Fn SHA_Update "SHA_CTX *context" "const unsigned char *data" "unsigned int len"
40c177a86bSGarrett Wollman.Ft void
41c177a86bSGarrett Wollman.Fn SHA_Final "unsigned char digest[20]" "SHA_CTX *context"
42c177a86bSGarrett Wollman.Ft "char *"
43c177a86bSGarrett Wollman.Fn SHA_End "SHA_CTX *context" "char *buf"
44c177a86bSGarrett Wollman.Ft "char *"
45c177a86bSGarrett Wollman.Fn SHA_File "const char *filename" "char *buf"
46c177a86bSGarrett Wollman.Ft "char *"
478a24546cSPoul-Henning Kamp.Fn SHA_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
488a24546cSPoul-Henning Kamp.Ft "char *"
49c177a86bSGarrett Wollman.Fn SHA_Data "const unsigned char *data" "unsigned int len" "char *buf"
50c177a86bSGarrett Wollman.Ft void
51c177a86bSGarrett Wollman.Fn SHA1_Init "SHA_CTX *context"
52c177a86bSGarrett Wollman.Ft void
53c177a86bSGarrett Wollman.Fn SHA1_Update "SHA_CTX *context" "const unsigned char *data" "unsigned int len"
54c177a86bSGarrett Wollman.Ft void
55c177a86bSGarrett Wollman.Fn SHA1_Final "unsigned char digest[20]" "SHA_CTX *context"
56c177a86bSGarrett Wollman.Ft "char *"
57c177a86bSGarrett Wollman.Fn SHA1_End "SHA_CTX *context" "char *buf"
58c177a86bSGarrett Wollman.Ft "char *"
59c177a86bSGarrett Wollman.Fn SHA1_File "const char *filename" "char *buf"
60c177a86bSGarrett Wollman.Ft "char *"
618a24546cSPoul-Henning Kamp.Fn SHA1_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
628a24546cSPoul-Henning Kamp.Ft "char *"
63c177a86bSGarrett Wollman.Fn SHA1_Data "const unsigned char *data" "unsigned int len" "char *buf"
64c177a86bSGarrett Wollman.Sh DESCRIPTION
65c177a86bSGarrett WollmanThe
66c177a86bSGarrett Wollman.Li SHA_
67c177a86bSGarrett Wollmanand
68c177a86bSGarrett Wollman.Li SHA1_
69c177a86bSGarrett Wollmanfunctions calculate a 160-bit cryptographic checksum (digest)
70c177a86bSGarrett Wollmanfor any number of input bytes.  A cryptographic checksum is a one-way
71c177a86bSGarrett Wollmanhash function; that is, it is computationally impractical to find
72c177a86bSGarrett Wollmanthe input corresponding to a particular output.  This net result is
73c177a86bSGarrett Wollmana ``fingerprint'' of the input-data, which doesn't disclose the actual
74c177a86bSGarrett Wollmaninput.
75c177a86bSGarrett Wollman.Pp
76c177a86bSGarrett Wollman.Tn SHA
77c4d9468eSRuslan Ermilov(or
78c4d9468eSRuslan Ermilov.Tn SHA-0 )
79c177a86bSGarrett Wollmanis the original Secure Hash Algorithm specified in
80c177a86bSGarrett Wollman.Tn FIPS
81c177a86bSGarrett Wollman160.  It was quickly proven insecure, and has been superseded by
82c177a86bSGarrett Wollman.Tn SHA-1 .
83c177a86bSGarrett Wollman.Tn SHA-0
84c177a86bSGarrett Wollmanis included for compatibility purposes only.
85c177a86bSGarrett Wollman.Pp
86c177a86bSGarrett WollmanThe
87c177a86bSGarrett Wollman.Fn SHA1_Init  ,
88c177a86bSGarrett Wollman.Fn SHA1_Update ,
89c177a86bSGarrett Wollmanand
90c177a86bSGarrett Wollman.Fn SHA1_Final
91c177a86bSGarrett Wollmanfunctions are the core functions.  Allocate an SHA_CTX, initialize it with
92c177a86bSGarrett Wollman.Fn SHA1_Init ,
93c177a86bSGarrett Wollmanrun over the data with
94c177a86bSGarrett Wollman.Fn SHA1_Update ,
95c177a86bSGarrett Wollmanand finally extract the result using
96c177a86bSGarrett Wollman.Fn SHA1_Final .
97c177a86bSGarrett Wollman.Pp
98c177a86bSGarrett Wollman.Fn SHA1_End
99c177a86bSGarrett Wollmanis a wrapper for
100c177a86bSGarrett Wollman.Fn SHA1_Final
101c177a86bSGarrett Wollmanwhich converts the return value to a 41-character
102c177a86bSGarrett Wollman(including the terminating '\e0')
103c177a86bSGarrett Wollman.Tn ASCII
104c177a86bSGarrett Wollmanstring which represents the 160 bits in hexadecimal.
105c177a86bSGarrett Wollman.Pp
106c177a86bSGarrett Wollman.Fn SHA1_File
107c177a86bSGarrett Wollmancalculates the digest of a file, and uses
108c177a86bSGarrett Wollman.Fn SHA1_End
109c177a86bSGarrett Wollmanto return the result.
110c177a86bSGarrett WollmanIf the file cannot be opened, a null pointer is returned.
1118a24546cSPoul-Henning Kamp.Fn SHA1_FileChunk
1128a24546cSPoul-Henning Kampis similar to
1138a24546cSPoul-Henning Kamp.Fn SHA1_File ,
1148a24546cSPoul-Henning Kampbut it only calculates the digest over a byte-range of the file specified,
1158a24546cSPoul-Henning Kampstarting at
1167e5d6de0SRuslan Ermilov.Fa offset
1178a24546cSPoul-Henning Kampand spanning
1187e5d6de0SRuslan Ermilov.Fa length
1198a24546cSPoul-Henning Kampbytes.
1208a24546cSPoul-Henning KampIf the
1217e5d6de0SRuslan Ermilov.Fa length
1228a24546cSPoul-Henning Kampparameter is specified as 0, or more than the length of the remaining part
1238a24546cSPoul-Henning Kampof the file,
1248a24546cSPoul-Henning Kamp.Fn SHA1_FileChunk
1258a24546cSPoul-Henning Kampcalculates the digest from
1267e5d6de0SRuslan Ermilov.Fa offset
1278a24546cSPoul-Henning Kampto the end of file.
128c177a86bSGarrett Wollman.Fn SHA1_Data
129c177a86bSGarrett Wollmancalculates the digest of a chunk of data in memory, and uses
130c177a86bSGarrett Wollman.Fn SHA1_End
131c177a86bSGarrett Wollmanto return the result.
132c177a86bSGarrett Wollman.Pp
133c177a86bSGarrett WollmanWhen using
134c177a86bSGarrett Wollman.Fn SHA1_End ,
135c177a86bSGarrett Wollman.Fn SHA1_File ,
136c177a86bSGarrett Wollmanor
137c177a86bSGarrett Wollman.Fn SHA1_Data ,
138c177a86bSGarrett Wollmanthe
1397e5d6de0SRuslan Ermilov.Fa buf
140c177a86bSGarrett Wollmanargument can be a null pointer, in which case the returned string
141c177a86bSGarrett Wollmanis allocated with
142c177a86bSGarrett Wollman.Xr malloc 3
143c177a86bSGarrett Wollmanand subsequently must be explicitly deallocated using
144c177a86bSGarrett Wollman.Xr free 3
145c177a86bSGarrett Wollmanafter use.
146c177a86bSGarrett WollmanIf the
1477e5d6de0SRuslan Ermilov.Fa buf
148c177a86bSGarrett Wollmanargument is non-null it must point to at least 41 characters of buffer space.
149c177a86bSGarrett Wollman.Sh SEE ALSO
150c177a86bSGarrett Wollman.Xr md2 3 ,
151c177a86bSGarrett Wollman.Xr md4 3 ,
152d00ed299SGarrett Wollman.Xr md5 3 ,
153d00ed299SGarrett Wollman.Xr ripemd 3
154c177a86bSGarrett Wollman.Sh AUTHORS
155c177a86bSGarrett WollmanThe core hash routines were implemented by Eric Young based on the
156c177a86bSGarrett Wollmanpublished
157c177a86bSGarrett Wollman.Tn FIPS
158c177a86bSGarrett Wollmanstandards.
159c177a86bSGarrett Wollman.Sh HISTORY
160c177a86bSGarrett WollmanThese functions appeared in
161c177a86bSGarrett Wollman.Fx 4.0 .
162c177a86bSGarrett Wollman.Sh BUGS
163c177a86bSGarrett WollmanNo method is known to exist which finds two files having the same hash value,
164c177a86bSGarrett Wollmannor to find a file with a specific hash value.
165c177a86bSGarrett WollmanThere is on the other hand no guarantee that such a method doesn't exist.
166303dec3bSGarrett Wollman.Pp
167303dec3bSGarrett WollmanThe
168303dec3bSGarrett Wollman.Tn IA32
169303dec3bSGarrett Wollman(Intel) implementation of
170303dec3bSGarrett Wollman.Tn SHA-1
171303dec3bSGarrett Wollmanmakes heavy use of the
172303dec3bSGarrett Wollman.Ql bswapl
173303dec3bSGarrett Wollmaninstruction, which is not present on the original 80386.  Attempts
174303dec3bSGarrett Wollmanto use
175303dec3bSGarrett Wollman.Tn SHA-1
176303dec3bSGarrett Wollmanon those processors will cause an illegal instruction trap.
177303dec3bSGarrett Wollman(Arguably, the kernel should simply emulate this instruction.)
178