1999-02-26 04:25:01 +00:00
|
|
|
.\"
|
|
|
|
.\" ----------------------------------------------------------------------------
|
|
|
|
.\" "THE BEER-WARE LICENSE" (Revision 42):
|
2002-03-25 14:12:49 +00:00
|
|
|
.\" <phk@FreeBSD.org> wrote this file. As long as you retain this notice you
|
1999-02-26 04:25:01 +00:00
|
|
|
.\" can do whatever you want with this stuff. If we meet some day, and you think
|
|
|
|
.\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
|
|
|
|
.\" ----------------------------------------------------------------------------
|
|
|
|
.\"
|
|
|
|
.\" From: Id: mdX.3,v 1.14 1999/02/11 20:31:49 wollman Exp
|
1999-08-28 00:22:10 +00:00
|
|
|
.\" $FreeBSD$
|
1999-02-26 04:25:01 +00:00
|
|
|
.\"
|
2019-05-21 22:11:53 +00:00
|
|
|
.Dd May 21, 2019
|
1999-02-26 18:41:47 +00:00
|
|
|
.Dt SHA 3
|
2001-07-10 13:41:46 +00:00
|
|
|
.Os
|
1999-02-26 04:25:01 +00:00
|
|
|
.Sh NAME
|
|
|
|
.Nm SHA_Init ,
|
|
|
|
.Nm SHA_Update ,
|
|
|
|
.Nm SHA_Final ,
|
|
|
|
.Nm SHA_End ,
|
|
|
|
.Nm SHA_File ,
|
2001-03-17 10:00:50 +00:00
|
|
|
.Nm SHA_FileChunk ,
|
1999-02-26 04:25:01 +00:00
|
|
|
.Nm SHA_Data ,
|
|
|
|
.Nm SHA1_Init ,
|
|
|
|
.Nm SHA1_Update ,
|
|
|
|
.Nm SHA1_Final ,
|
|
|
|
.Nm SHA1_End ,
|
|
|
|
.Nm SHA1_File ,
|
2001-03-17 10:00:50 +00:00
|
|
|
.Nm SHA1_FileChunk ,
|
1999-02-26 04:25:01 +00:00
|
|
|
.Nm SHA1_Data
|
|
|
|
.Nd calculate the FIPS 160 and 160-1 ``SHA'' message digests
|
2000-04-22 16:11:30 +00:00
|
|
|
.Sh LIBRARY
|
|
|
|
.Lb libmd
|
1999-02-26 04:25:01 +00:00
|
|
|
.Sh SYNOPSIS
|
2001-10-01 16:09:29 +00:00
|
|
|
.In sys/types.h
|
|
|
|
.In sha.h
|
1999-02-26 04:25:01 +00:00
|
|
|
.Ft void
|
|
|
|
.Fn SHA_Init "SHA_CTX *context"
|
|
|
|
.Ft void
|
2005-03-09 16:22:21 +00:00
|
|
|
.Fn SHA_Update "SHA_CTX *context" "const unsigned char *data" "size_t len"
|
1999-02-26 04:25:01 +00:00
|
|
|
.Ft void
|
|
|
|
.Fn SHA_Final "unsigned char digest[20]" "SHA_CTX *context"
|
|
|
|
.Ft "char *"
|
|
|
|
.Fn SHA_End "SHA_CTX *context" "char *buf"
|
|
|
|
.Ft "char *"
|
|
|
|
.Fn SHA_File "const char *filename" "char *buf"
|
|
|
|
.Ft "char *"
|
2001-03-17 10:00:50 +00:00
|
|
|
.Fn SHA_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
|
|
|
|
.Ft "char *"
|
1999-02-26 04:25:01 +00:00
|
|
|
.Fn SHA_Data "const unsigned char *data" "unsigned int len" "char *buf"
|
|
|
|
.Ft void
|
|
|
|
.Fn SHA1_Init "SHA_CTX *context"
|
|
|
|
.Ft void
|
2005-03-09 16:22:21 +00:00
|
|
|
.Fn SHA1_Update "SHA_CTX *context" "const unsigned char *data" "size_t len"
|
1999-02-26 04:25:01 +00:00
|
|
|
.Ft void
|
|
|
|
.Fn SHA1_Final "unsigned char digest[20]" "SHA_CTX *context"
|
|
|
|
.Ft "char *"
|
|
|
|
.Fn SHA1_End "SHA_CTX *context" "char *buf"
|
|
|
|
.Ft "char *"
|
|
|
|
.Fn SHA1_File "const char *filename" "char *buf"
|
|
|
|
.Ft "char *"
|
2001-03-17 10:00:50 +00:00
|
|
|
.Fn SHA1_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
|
|
|
|
.Ft "char *"
|
1999-02-26 04:25:01 +00:00
|
|
|
.Fn SHA1_Data "const unsigned char *data" "unsigned int len" "char *buf"
|
|
|
|
.Sh DESCRIPTION
|
|
|
|
The
|
|
|
|
.Li SHA_
|
|
|
|
and
|
|
|
|
.Li SHA1_
|
|
|
|
functions calculate a 160-bit cryptographic checksum (digest)
|
2003-10-09 23:06:06 +00:00
|
|
|
for any number of input bytes.
|
|
|
|
A cryptographic checksum is a one-way
|
1999-02-26 04:25:01 +00:00
|
|
|
hash function; that is, it is computationally impractical to find
|
2003-10-09 23:06:06 +00:00
|
|
|
the input corresponding to a particular output.
|
|
|
|
This net result is
|
|
|
|
a
|
|
|
|
.Dq fingerprint
|
2005-02-13 22:25:33 +00:00
|
|
|
of the input-data, which does not disclose the actual input.
|
1999-02-26 04:25:01 +00:00
|
|
|
.Pp
|
|
|
|
.Tn SHA
|
2001-08-07 15:48:51 +00:00
|
|
|
(or
|
|
|
|
.Tn SHA-0 )
|
1999-02-26 04:25:01 +00:00
|
|
|
is the original Secure Hash Algorithm specified in
|
|
|
|
.Tn FIPS
|
2003-10-09 23:06:06 +00:00
|
|
|
160.
|
|
|
|
It was quickly proven insecure, and has been superseded by
|
1999-02-26 04:25:01 +00:00
|
|
|
.Tn SHA-1 .
|
|
|
|
.Tn SHA-0
|
|
|
|
is included for compatibility purposes only.
|
|
|
|
.Pp
|
|
|
|
The
|
2004-07-03 22:30:10 +00:00
|
|
|
.Fn SHA1_Init ,
|
1999-02-26 04:25:01 +00:00
|
|
|
.Fn SHA1_Update ,
|
|
|
|
and
|
|
|
|
.Fn SHA1_Final
|
2003-10-09 23:06:06 +00:00
|
|
|
functions are the core functions.
|
|
|
|
Allocate an
|
|
|
|
.Vt SHA_CTX ,
|
|
|
|
initialize it with
|
1999-02-26 04:25:01 +00:00
|
|
|
.Fn SHA1_Init ,
|
|
|
|
run over the data with
|
|
|
|
.Fn SHA1_Update ,
|
|
|
|
and finally extract the result using
|
2018-07-20 07:01:28 +00:00
|
|
|
.Fn SHA1_Final ,
|
|
|
|
which will also erase the
|
|
|
|
.Vt SHA_CTX .
|
1999-02-26 04:25:01 +00:00
|
|
|
.Pp
|
|
|
|
.Fn SHA1_End
|
|
|
|
is a wrapper for
|
|
|
|
.Fn SHA1_Final
|
|
|
|
which converts the return value to a 41-character
|
|
|
|
(including the terminating '\e0')
|
|
|
|
.Tn ASCII
|
|
|
|
string which represents the 160 bits in hexadecimal.
|
|
|
|
.Pp
|
|
|
|
.Fn SHA1_File
|
2001-07-15 07:53:42 +00:00
|
|
|
calculates the digest of a file, and uses
|
1999-02-26 04:25:01 +00:00
|
|
|
.Fn SHA1_End
|
|
|
|
to return the result.
|
|
|
|
If the file cannot be opened, a null pointer is returned.
|
2001-03-17 10:00:50 +00:00
|
|
|
.Fn SHA1_FileChunk
|
|
|
|
is similar to
|
|
|
|
.Fn SHA1_File ,
|
|
|
|
but it only calculates the digest over a byte-range of the file specified,
|
|
|
|
starting at
|
2001-04-04 10:23:27 +00:00
|
|
|
.Fa offset
|
2001-03-17 10:00:50 +00:00
|
|
|
and spanning
|
2001-04-04 10:23:27 +00:00
|
|
|
.Fa length
|
2001-03-17 10:00:50 +00:00
|
|
|
bytes.
|
|
|
|
If the
|
2001-04-04 10:23:27 +00:00
|
|
|
.Fa length
|
2001-03-17 10:00:50 +00:00
|
|
|
parameter is specified as 0, or more than the length of the remaining part
|
|
|
|
of the file,
|
|
|
|
.Fn SHA1_FileChunk
|
|
|
|
calculates the digest from
|
2001-04-04 10:23:27 +00:00
|
|
|
.Fa offset
|
2001-03-17 10:00:50 +00:00
|
|
|
to the end of file.
|
1999-02-26 04:25:01 +00:00
|
|
|
.Fn SHA1_Data
|
|
|
|
calculates the digest of a chunk of data in memory, and uses
|
|
|
|
.Fn SHA1_End
|
|
|
|
to return the result.
|
|
|
|
.Pp
|
|
|
|
When using
|
|
|
|
.Fn SHA1_End ,
|
|
|
|
.Fn SHA1_File ,
|
|
|
|
or
|
|
|
|
.Fn SHA1_Data ,
|
2001-07-15 07:53:42 +00:00
|
|
|
the
|
2001-04-04 10:23:27 +00:00
|
|
|
.Fa buf
|
1999-02-26 04:25:01 +00:00
|
|
|
argument can be a null pointer, in which case the returned string
|
|
|
|
is allocated with
|
|
|
|
.Xr malloc 3
|
|
|
|
and subsequently must be explicitly deallocated using
|
|
|
|
.Xr free 3
|
|
|
|
after use.
|
2001-07-15 07:53:42 +00:00
|
|
|
If the
|
2001-04-04 10:23:27 +00:00
|
|
|
.Fa buf
|
1999-02-26 04:25:01 +00:00
|
|
|
argument is non-null it must point to at least 41 characters of buffer space.
|
2019-05-21 22:11:53 +00:00
|
|
|
.Sh ERRORS
|
|
|
|
The
|
|
|
|
.Fn SHA1_End
|
|
|
|
function called with a null buf argument may fail and return NULL if:
|
|
|
|
.Bl -tag -width Er
|
|
|
|
.It Bq Er ENOMEM
|
|
|
|
Insufficient storage space is available.
|
|
|
|
.El
|
|
|
|
.Pp
|
|
|
|
The
|
|
|
|
.Fn SHA1_File
|
|
|
|
and
|
|
|
|
.Fn SHA1_FileChunk
|
|
|
|
may return NULL when underlying
|
|
|
|
.Xr open 2 ,
|
|
|
|
.Xr fstat 2 ,
|
|
|
|
.Xr lseek 2 ,
|
|
|
|
or
|
|
|
|
.Xr SHA1_End 2
|
|
|
|
fail.
|
1999-02-26 04:25:01 +00:00
|
|
|
.Sh SEE ALSO
|
|
|
|
.Xr md4 3 ,
|
1999-02-26 18:41:47 +00:00
|
|
|
.Xr md5 3 ,
|
2005-06-16 19:01:07 +00:00
|
|
|
.Xr ripemd 3 ,
|
2016-05-29 01:15:36 +00:00
|
|
|
.Xr sha256 3 ,
|
|
|
|
.Xr sha512 3 ,
|
|
|
|
.Xr skein 3
|
2005-01-20 09:17:07 +00:00
|
|
|
.Sh HISTORY
|
|
|
|
These functions appeared in
|
|
|
|
.Fx 4.0 .
|
1999-02-26 04:25:01 +00:00
|
|
|
.Sh AUTHORS
|
|
|
|
The core hash routines were implemented by Eric Young based on the
|
|
|
|
published
|
|
|
|
.Tn FIPS
|
|
|
|
standards.
|
|
|
|
.Sh BUGS
|
2019-05-21 22:17:00 +00:00
|
|
|
The
|
|
|
|
.Tn SHA1
|
|
|
|
algorithm has been proven to be vulnerable to practical collision
|
|
|
|
attacks and should not be relied upon to produce unique outputs,
|
2019-06-05 20:18:08 +00:00
|
|
|
.Em nor should it be used as part of a new cryptographic signature scheme.
|
1999-03-01 02:39:45 +00:00
|
|
|
.Pp
|
|
|
|
The
|
|
|
|
.Tn IA32
|
|
|
|
(Intel) implementation of
|
|
|
|
.Tn SHA-1
|
|
|
|
makes heavy use of the
|
|
|
|
.Ql bswapl
|
2003-10-09 23:06:06 +00:00
|
|
|
instruction, which is not present on the original 80386.
|
|
|
|
Attempts to use
|
1999-03-01 02:39:45 +00:00
|
|
|
.Tn SHA-1
|
|
|
|
on those processors will cause an illegal instruction trap.
|
|
|
|
(Arguably, the kernel should simply emulate this instruction.)
|