xref: /openbsd/lib/libc/hash/SHA256Init.3 (revision 771fbea0) 
1.\"	$OpenBSD: SHA256Init.3,v 1.3 2019/12/04 19:01:49 jmc Exp $
2.\"
3.\" Copyright (c) 2003, 2004 Todd C. Miller <millert@openbsd.org>
4.\"
5.\" Permission to use, copy, modify, and distribute this software for any
6.\" purpose with or without fee is hereby granted, provided that the above
7.\" copyright notice and this permission notice appear in all copies.
8.\"
9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\"
17.\" Sponsored in part by the Defense Advanced Research Projects
18.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
19.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
20.\"
21.\" See http://www.nist.gov/sha/ for the detailed standard
22.\"
23.Dd $Mdocdate: December 4 2019 $
24.Dt SHA256INIT 3
25.Os
26.Sh NAME
27.Nm SHA224Init ,
28.Nm SHA224Update ,
29.Nm SHA224Pad ,
30.Nm SHA224Final ,
31.Nm SHA224Transform ,
32.Nm SHA224End ,
33.Nm SHA224File ,
34.Nm SHA224FileChunk ,
35.Nm SHA224Data ,
36.Nm SHA256Init ,
37.Nm SHA256Update ,
38.Nm SHA256Pad ,
39.Nm SHA256Final ,
40.Nm SHA256Transform ,
41.Nm SHA256End ,
42.Nm SHA256File ,
43.Nm SHA256FileChunk ,
44.Nm SHA256Data ,
45.Nm SHA384Init ,
46.Nm SHA384Update ,
47.Nm SHA384Pad ,
48.Nm SHA384Final ,
49.Nm SHA384Transform ,
50.Nm SHA384End ,
51.Nm SHA384File ,
52.Nm SHA384FileChunk ,
53.Nm SHA384Data ,
54.Nm SHA512Init ,
55.Nm SHA512Update ,
56.Nm SHA512Pad ,
57.Nm SHA512Final ,
58.Nm SHA512Transform ,
59.Nm SHA512End ,
60.Nm SHA512File ,
61.Nm SHA512FileChunk ,
62.Nm SHA512Data ,
63.Nm SHA512_256Init ,
64.Nm SHA512_256Update ,
65.Nm SHA512_256Pad ,
66.Nm SHA512_256Final ,
67.Nm SHA512_256Transform ,
68.Nm SHA512_256End ,
69.Nm SHA512_256File ,
70.Nm SHA512_256FileChunk ,
71.Nm SHA512_256Data
72.Nd calculate the NIST Secure Hash Standard (version 2)
73.Sh SYNOPSIS
74.In sys/types.h
75.In sha2.h
76.Ft void
77.Fn SHA224Init "SHA2_CTX *context"
78.Ft void
79.Fn SHA224Update "SHA2_CTX *context" "const u_int8_t *data" "size_t len"
80.Ft void
81.Fn SHA224Pad "SHA2_CTX *context"
82.Ft void
83.Fn SHA224Final "u_int8_t digest[SHA224_DIGEST_LENGTH]" "SHA2_CTX *context"
84.Ft void
85.Fn SHA224Transform "u_int32_t state[8]" "const u_int8_t buffer[SHA224_BLOCK_LENGTH]"
86.Ft "char *"
87.Fn SHA224End "SHA2_CTX *context" "char *buf"
88.Ft "char *"
89.Fn SHA224File "const char *filename" "char *buf"
90.Ft "char *"
91.Fn SHA224FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
92.Ft "char *"
93.Fn SHA224Data "const u_int8_t *data" "size_t len" "char *buf"
94.Ft void
95.Fn SHA256Init "SHA2_CTX *context"
96.Ft void
97.Fn SHA256Update "SHA2_CTX *context" "const u_int8_t *data" "size_t len"
98.Ft void
99.Fn SHA256Pad "SHA2_CTX *context"
100.Ft void
101.Fn SHA256Final "u_int8_t digest[SHA256_DIGEST_LENGTH]" "SHA2_CTX *context"
102.Ft void
103.Fn SHA256Transform "u_int32_t state[8]" "const u_int8_t buffer[SHA256_BLOCK_LENGTH]"
104.Ft "char *"
105.Fn SHA256End "SHA2_CTX *context" "char *buf"
106.Ft "char *"
107.Fn SHA256File "const char *filename" "char *buf"
108.Ft "char *"
109.Fn SHA256FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
110.Ft "char *"
111.Fn SHA256Data "const u_int8_t *data" "size_t len" "char *buf"
112.Ft void
113.Fn SHA384Init "SHA2_CTX *context"
114.Ft void
115.Fn SHA384Update "SHA2_CTX *context" "const u_int8_t *data" "size_t len"
116.Ft void
117.Fn SHA384Pad "SHA2_CTX *context"
118.Ft void
119.Fn SHA384Final "u_int8_t digest[SHA384_DIGEST_LENGTH]" "SHA2_CTX *context"
120.Ft void
121.Fn SHA384Transform "u_int64_t state[8]" "const u_int8_t buffer[SHA384_BLOCK_LENGTH]"
122.Ft "char *"
123.Fn SHA384End "SHA2_CTX *context" "char *buf"
124.Ft "char *"
125.Fn SHA384File "const char *filename" "char *buf"
126.Ft "char *"
127.Fn SHA384FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
128.Ft "char *"
129.Fn SHA384Data "const u_int8_t *data" "size_t len" "char *buf"
130.Ft void
131.Fn SHA512Init "SHA2_CTX *context"
132.Ft void
133.Fn SHA512Update "SHA2_CTX *context" "const u_int8_t *data" "size_t len"
134.Ft void
135.Fn SHA512Pad "SHA2_CTX *context"
136.Ft void
137.Fn SHA512Final "u_int8_t digest[SHA512_DIGEST_LENGTH]" "SHA2_CTX *context"
138.Ft void
139.Fn SHA512Transform "u_int64_t state[8]" "const u_int8_t buffer[SHA512_BLOCK_LENGTH]"
140.Ft "char *"
141.Fn SHA512End "SHA2_CTX *context" "char *buf"
142.Ft "char *"
143.Fn SHA512File "const char *filename" "char *buf"
144.Ft "char *"
145.Fn SHA512FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
146.Ft "char *"
147.Fn SHA512Data "const u_int8_t *data" "size_t len" "char *buf"
148.Ft void
149.Fn SHA512_256Init "SHA2_CTX *context"
150.Ft void
151.Fn SHA512_256Update "SHA2_CTX *context" "const u_int8_t *data" "size_t len"
152.Ft void
153.Fn SHA512_256Pad "SHA2_CTX *context"
154.Ft void
155.Fn SHA512_256Final "u_int8_t digest[SHA512_256_DIGEST_LENGTH]" "SHA2_CTX *context"
156.Ft void
157.Fn SHA512_256Transform "u_int64_t state[8]" "const u_int8_t buffer[SHA512_256_BLOCK_LENGTH]"
158.Ft "char *"
159.Fn SHA512_256End "SHA2_CTX *context" "char *buf"
160.Ft "char *"
161.Fn SHA512_256File "const char *filename" "char *buf"
162.Ft "char *"
163.Fn SHA512_256FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
164.Ft "char *"
165.Fn SHA512_256Data "const u_int8_t *data" "size_t len" "char *buf"
166.Sh DESCRIPTION
167The SHA2 functions implement the NIST Secure Hash Standard,
168FIPS PUB 180-2.
169The SHA2 functions are used to generate a condensed representation of a
170message called a message digest, suitable for use as a digital signature.
171There are four families of functions, with names corresponding to
172the number of bits in the resulting message digest.
173The SHA-224 and SHA-256 functions are limited to processing a message of less
174than 2^64 bits as input.
175The SHA-384 and SHA-512 functions can process a message of at most 2^128 - 1
176bits as input.
177.Pp
178The SHA2 functions are considered to be more secure than the SHA1 functions,
179with which they share a similar interface.
180The 224, 256, 384, and 512-bit versions of SHA2 share the same interface.
181SHA512/256, a truncated version of SHA512, is also supported.
182For brevity, only the 256-bit variants are described below.
183.Pp
184The
185.Fn SHA256Init
186function initializes a SHA2_CTX
187.Fa context
188for use with
189.Fn SHA256Update
190and
191.Fn SHA256Final .
192The
193.Fn SHA256Update
194function adds
195.Fa data
196of length
197.Fa len
198to the SHA2_CTX specified by
199.Fa context .
200.Fn SHA256Final
201is called when all data has been added via
202.Fn SHA256Update
203and stores a message digest in the
204.Fa digest
205parameter.
206.Pp
207The
208.Fn SHA256Pad
209function can be used to apply padding to the message digest as in
210.Fn SHA256Final ,
211but the current context can still be used with
212.Fn SHA256Update .
213.Pp
214The
215.Fn SHA256Transform
216function is used by
217.Fn SHA256Update
218to hash 512-bit blocks and forms the core of the algorithm.
219Most programs should use the interface provided by
220.Fn SHA256Init ,
221.Fn SHA256Update ,
222and
223.Fn SHA256Final
224instead of calling
225.Fn SHA256Transform
226directly.
227.Pp
228The
229.Fn SHA256End
230function is a front end for
231.Fn SHA256Final
232which converts the digest into an ASCII representation
233of the digest in hexadecimal.
234.Pp
235The
236.Fn SHA256File
237function calculates the digest for a file and returns the result via
238.Fn SHA256End .
239If
240.Fn SHA256File
241is unable to open the file, a
242.Dv NULL
243pointer is returned.
244.Pp
245.Fn SHA256FileChunk
246behaves like
247.Fn SHA256File
248but calculates the digest only for that portion of the file starting at
249.Fa offset
250and continuing for
251.Fa length
252bytes or until end of file is reached, whichever comes first.
253A zero
254.Fa length
255can be specified to read until end of file.
256A negative
257.Fa length
258or
259.Fa offset
260will be ignored.
261.Pp
262The
263.Fn SHA256Data
264function
265calculates the digest of an arbitrary string and returns the result via
266.Fn SHA256End .
267.Pp
268For each of the
269.Fn SHA256End ,
270.Fn SHA256File ,
271.Fn SHA256FileChunk ,
272and
273.Fn SHA256Data
274functions the
275.Fa buf
276parameter should either be a string large enough to hold the resulting digest
277(e.g.\&
278.Dv SHA224_DIGEST_STRING_LENGTH ,
279.Dv SHA256_DIGEST_STRING_LENGTH ,
280.Dv SHA384_DIGEST_STRING_LENGTH ,
281.Dv SHA512_DIGEST_STRING_LENGTH ,
282or
283.Dv SHA512_256_DIGEST_STRING_LENGTH ,
284depending on the function being used)
285or a
286.Dv NULL
287pointer.
288In the latter case, space will be dynamically allocated via
289.Xr malloc 3
290and should be freed using
291.Xr free 3
292when it is no longer needed.
293.Sh EXAMPLES
294The following code fragment will calculate the SHA-256 digest for the string
295.Qq abc ,
296which is
297.Dq 0xba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad .
298.Bd -literal -offset indent
299SHA2_CTX ctx;
300u_int8_t results[SHA256_DIGEST_LENGTH];
301char *buf;
302int n;
303
304buf = "abc";
305n = strlen(buf);
306SHA256Init(&ctx);
307SHA256Update(&ctx, (u_int8_t *)buf, n);
308SHA256Final(results, &ctx);
309
310/* Print the digest as one long hex value */
311printf("0x");
312for (n = 0; n \*(Lt SHA256_DIGEST_LENGTH; n++)
313	printf("%02x", results[n]);
314putchar('\en');
315.Ed
316.Pp
317Alternately, the helper functions could be used in the following way:
318.Bd -literal -offset indent
319u_int8_t output[SHA256_DIGEST_STRING_LENGTH];
320char *buf = "abc";
321
322printf("0x%s\en", SHA256Data(buf, strlen(buf), output));
323.Ed
324.Sh SEE ALSO
325.Xr cksum 1 ,
326.Xr sha256 1 ,
327.Xr MD5Init 3 ,
328.Xr RMD160Init 3 ,
329.Xr SHA1Init 3
330.Rs
331.%T Secure Hash Standard
332.%O FIPS PUB 180-2
333.Re
334.Sh HISTORY
335The SHA2 functions appeared in
336.Ox 3.4 .
337.Sh AUTHORS
338.An -nosplit
339This implementation of the SHA functions was written by
340.An Aaron D. Gifford .
341.Pp
342The
343.Fn SHA256End ,
344.Fn SHA256File ,
345.Fn SHA256FileChunk ,
346and
347.Fn SHA256Data
348helper functions are derived from code written by
349.An Poul-Henning Kamp .
350