mirror of
https://git.FreeBSD.org/src.git
synced 2024-11-21 07:15:49 +00:00
fd3ced1507
PR: 280784 (exp-run)
Fixes: de13c2427d
("libmd: introduce functions that operate on an fd")
Reviewed by: manpages (bcr), fuz
Differential Revision: https://reviews.freebsd.org/D34502
212 lines
5.1 KiB
Groff
212 lines
5.1 KiB
Groff
.\"
|
|
.\" ----------------------------------------------------------------------------
|
|
.\" "THE BEER-WARE LICENSE" (Revision 42):
|
|
.\" <phk@FreeBSD.org> wrote this file. As long as you retain this notice you
|
|
.\" can do whatever you want with this stuff. If we meet some day, and you think
|
|
.\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
|
|
.\" ----------------------------------------------------------------------------
|
|
.\"
|
|
.\" From: Id: mdX.3,v 1.14 1999/02/11 20:31:49 wollman Exp
|
|
.\"
|
|
.Dd February 12, 2023
|
|
.Dt SHA 3
|
|
.Os
|
|
.Sh NAME
|
|
.Nm SHA_Init ,
|
|
.Nm SHA_Update ,
|
|
.Nm SHA_Final ,
|
|
.Nm SHA_End ,
|
|
.Nm SHA_Fd ,
|
|
.Nm SHA_FdChunk ,
|
|
.Nm SHA_File ,
|
|
.Nm SHA_FileChunk ,
|
|
.Nm SHA_Data ,
|
|
.Nm SHA1_Init ,
|
|
.Nm SHA1_Update ,
|
|
.Nm SHA1_Final ,
|
|
.Nm SHA1_End ,
|
|
.Nm SHA1_Fd ,
|
|
.Nm SHA1_FdChunk ,
|
|
.Nm SHA1_File ,
|
|
.Nm SHA1_FileChunk ,
|
|
.Nm SHA1_Data
|
|
.Nd calculate the FIPS 160 and 160-1 ``SHA'' message digests
|
|
.Sh LIBRARY
|
|
.Lb libmd
|
|
.Sh SYNOPSIS
|
|
.In sys/types.h
|
|
.In sha.h
|
|
.Ft void
|
|
.Fn SHA_Init "SHA_CTX *context"
|
|
.Ft void
|
|
.Fn SHA_Update "SHA_CTX *context" "const unsigned char *data" "size_t len"
|
|
.Ft void
|
|
.Fn SHA_Final "unsigned char digest[20]" "SHA_CTX *context"
|
|
.Ft "char *"
|
|
.Fn SHA_End "SHA_CTX *context" "char *buf"
|
|
.Ft "char *"
|
|
.Fn SHA_Fd "int fd" "char *buf"
|
|
.Ft "char *"
|
|
.Fn SHA_FdChunk "int fd" "char *buf" "off_t offset" "off_t length"
|
|
.Ft "char *"
|
|
.Fn SHA_File "const char *filename" "char *buf"
|
|
.Ft "char *"
|
|
.Fn SHA_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
|
|
.Ft "char *"
|
|
.Fn SHA_Data "const unsigned char *data" "unsigned int len" "char *buf"
|
|
.Ft void
|
|
.Fn SHA1_Init "SHA_CTX *context"
|
|
.Ft void
|
|
.Fn SHA1_Update "SHA_CTX *context" "const unsigned char *data" "size_t len"
|
|
.Ft void
|
|
.Fn SHA1_Final "unsigned char digest[20]" "SHA_CTX *context"
|
|
.Ft "char *"
|
|
.Fn SHA1_End "SHA_CTX *context" "char *buf"
|
|
.Ft "char *"
|
|
.Fn SHA1_Fd "int fd" "char *buf"
|
|
.Ft "char *"
|
|
.Fn SHA1_FdChunk "int fd" "char *buf" "off_t offset" "off_t length"
|
|
.Ft "char *"
|
|
.Fn SHA1_File "const char *filename" "char *buf"
|
|
.Ft "char *"
|
|
.Fn SHA1_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
|
|
.Ft "char *"
|
|
.Fn SHA1_Data "const unsigned char *data" "unsigned int len" "char *buf"
|
|
.Sh DESCRIPTION
|
|
The
|
|
.Li SHA_
|
|
and
|
|
.Li SHA1_
|
|
functions calculate a 160-bit cryptographic checksum (digest)
|
|
for any number of input bytes.
|
|
A cryptographic checksum is a one-way
|
|
hash function; that is, it is computationally impractical to find
|
|
the input corresponding to a particular output.
|
|
This net result is
|
|
a
|
|
.Dq fingerprint
|
|
of the input-data, which does not disclose the actual input.
|
|
.Pp
|
|
SHA (or SHA-0) is the original Secure Hash Algorithm specified in FIPS 160.
|
|
It was quickly proven insecure, and has been superseded by SHA-1.
|
|
SHA-0 is included for compatibility purposes only.
|
|
.Pp
|
|
The
|
|
.Fn SHA1_Init ,
|
|
.Fn SHA1_Update ,
|
|
and
|
|
.Fn SHA1_Final
|
|
functions are the core functions.
|
|
Allocate an
|
|
.Vt SHA_CTX ,
|
|
initialize it with
|
|
.Fn SHA1_Init ,
|
|
run over the data with
|
|
.Fn SHA1_Update ,
|
|
and finally extract the result using
|
|
.Fn SHA1_Final ,
|
|
which will also erase the
|
|
.Vt SHA_CTX .
|
|
.Pp
|
|
.Fn SHA1_End
|
|
is a wrapper for
|
|
.Fn SHA1_Final
|
|
which converts the return value to a 41-character
|
|
(including the terminating '\e0')
|
|
ASCII string which represents the 160 bits in hexadecimal.
|
|
.Pp
|
|
.Fn SHA1_File
|
|
calculates the digest of a file, and uses
|
|
.Fn SHA1_End
|
|
to return the result.
|
|
If the file cannot be opened, a null pointer is returned.
|
|
.Fn SHA1_FileChunk
|
|
is similar to
|
|
.Fn SHA1_File ,
|
|
but it only calculates the digest over a byte-range of the file specified,
|
|
starting at
|
|
.Fa offset
|
|
and spanning
|
|
.Fa length
|
|
bytes.
|
|
If the
|
|
.Fa length
|
|
parameter is specified as 0, or more than the length of the remaining part
|
|
of the file,
|
|
.Fn SHA1_FileChunk
|
|
calculates the digest from
|
|
.Fa offset
|
|
to the end of file.
|
|
.Fn SHA1_Data
|
|
calculates the digest of a chunk of data in memory, and uses
|
|
.Fn SHA1_End
|
|
to return the result.
|
|
.Pp
|
|
The
|
|
.Fn SHA1_Fd
|
|
and
|
|
.Fn SHA1_FdChunk
|
|
functions are identical to their
|
|
.Fn SHA1_File
|
|
and
|
|
.Fn SHA1_FileChunk
|
|
counterparts, with the exception that the first argument is an
|
|
.Fa fd
|
|
instead of a
|
|
.Fa filename .
|
|
.Pp
|
|
When using
|
|
.Fn SHA1_End ,
|
|
.Fn SHA1_File ,
|
|
or
|
|
.Fn SHA1_Data ,
|
|
the
|
|
.Fa buf
|
|
argument can be a null pointer, in which case the returned string
|
|
is allocated with
|
|
.Xr malloc 3
|
|
and subsequently must be explicitly deallocated using
|
|
.Xr free 3
|
|
after use.
|
|
If the
|
|
.Fa buf
|
|
argument is non-null it must point to at least 41 characters of buffer space.
|
|
.Sh ERRORS
|
|
The
|
|
.Fn SHA1_End
|
|
function called with a null buf argument may fail and return NULL if:
|
|
.Bl -tag -width Er
|
|
.It Bq Er ENOMEM
|
|
Insufficient storage space is available.
|
|
.El
|
|
.Pp
|
|
The
|
|
.Fn SHA1_File
|
|
and
|
|
.Fn SHA1_FileChunk
|
|
may return NULL when underlying
|
|
.Xr open 2 ,
|
|
.Xr fstat 2 ,
|
|
.Xr lseek 2 ,
|
|
or
|
|
.Xr SHA1_End 3
|
|
fail.
|
|
.Sh SEE ALSO
|
|
.Xr md4 3 ,
|
|
.Xr md5 3 ,
|
|
.Xr ripemd 3 ,
|
|
.Xr sha256 3 ,
|
|
.Xr sha512 3 ,
|
|
.Xr skein 3
|
|
.Sh HISTORY
|
|
These functions appeared in
|
|
.Fx 4.0 .
|
|
.Sh AUTHORS
|
|
The core hash routines were implemented by Eric Young based on the
|
|
published
|
|
FIPS standards.
|
|
.Sh BUGS
|
|
The SHA1 algorithm has been proven to be vulnerable to practical collision
|
|
attacks and should not be relied upon to produce unique outputs,
|
|
.Em nor should it be used as part of a new cryptographic signature scheme.
|