X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=doc%2Fcrypto%2FEVP_DigestInit.pod;h=3fb9b4c6137e1ba1e8d5aec656a95fbdf52fa67c;hp=1ef69ec54b54bf5987264d1543a7f4fe98267780;hb=8fdc3734c063146b038608c2412a0f2c9b21b6d6;hpb=aafbe1ccd28439d0eb484f5b889272cbc71d62b5 diff --git a/doc/crypto/EVP_DigestInit.pod b/doc/crypto/EVP_DigestInit.pod index 1ef69ec54b..3fb9b4c613 100644 --- a/doc/crypto/EVP_DigestInit.pod +++ b/doc/crypto/EVP_DigestInit.pod @@ -6,8 +6,8 @@ EVP_MD_CTX_init, EVP_MD_CTX_create, EVP_DigestInit_ex, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, EVP_MAX_MD_SIZE, EVP_MD_CTX_copy_ex, EVP_DigestInit, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, -EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, -EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha512, EVP_dss, EVP_dss1, EVP_mdc2, +EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5, EVP_sha1, +EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha512, EVP_dss1, EVP_mdc2, EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj - EVP digest routines @@ -26,13 +26,13 @@ EVP digest routines int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx); void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); - int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in); + int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in); int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s); - int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in); + int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in); #define EVP_MAX_MD_SIZE 64 /* SHA512 */ @@ -49,9 +49,7 @@ EVP digest routines const EVP_MD *EVP_md_null(void); const EVP_MD *EVP_md2(void); const EVP_MD *EVP_md5(void); - const EVP_MD *EVP_sha(void); const EVP_MD *EVP_sha1(void); - const EVP_MD *EVP_dss(void); const EVP_MD *EVP_dss1(void); const EVP_MD *EVP_mdc2(void); const EVP_MD *EVP_ripemd160(void); @@ -67,7 +65,8 @@ EVP digest routines =head1 DESCRIPTION -The EVP digest routines are a high level interface to message digests. +The EVP digest routines are a high level interface to message digests, +and should be used instead of the cipher-specific functions. EVP_MD_CTX_init() initializes digest context B. @@ -133,13 +132,13 @@ return B. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons. -EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_sha224(), EVP_sha256(), +EVP_md2(), EVP_md5(), EVP_sha1(), EVP_sha224(), EVP_sha256(), EVP_sha384(), EVP_sha512(), EVP_mdc2() and EVP_ripemd160() return B -structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384, SHA512, MDC2 -and RIPEMD160 digest algorithms respectively. +structures for the MD2, MD5, SHA1, SHA224, SHA256, SHA384, SHA512, MDC2 +and RIPEMD160 digest algorithms respectively. -EVP_dss() and EVP_dss1() return B structures for SHA and SHA1 digest -algorithms but using DSS (DSA) for the signature algorithm. Note: there is +EVP_dss1() returns B an structure the SHA1 digest +algorithm but using DSS (DSA) for the signature algorithm. Note: there is no need to use these pseudo-digests in OpenSSL 1.0.0 and later, they are however retained for compatibility. @@ -161,11 +160,10 @@ EVP_MD_CTX_copy_ex() returns 1 if successful or 0 for failure. EVP_MD_type(), EVP_MD_pkey_type() and EVP_MD_type() return the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists. -EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(e), EVP_MD_size(), -EVP_MD_CTX_block_size() and EVP_MD_block_size() return the digest or block -size in bytes. +EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size() and +EVP_MD_CTX_block_size() return the digest or block size in bytes. -EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(), +EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha1(), EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the corresponding EVP_MD structures. @@ -178,21 +176,21 @@ The B interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible. -New applications should use the SHA2 digest algorithms such as SHA256. +New applications should use the SHA2 digest algorithms such as SHA256. The other digest algorithms are still in common use. For most applications the B parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation. -The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are +The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New -applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and +applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified. In OpenSSL 0.9.7 and later if digest contexts are not cleaned up after use -memory leaks will occur. +memory leaks will occur. Stack allocation of EVP_MD_CTX structures is common, for example: @@ -246,15 +244,19 @@ digest name passed on the command line. EVP_MD_CTX_destroy(mdctx); printf("Digest is: "); - for(i = 0; i < md_len; i++) printf("%02x", md_value[i]); + for(i = 0; i < md_len; i++) + printf("%02x", md_value[i]); printf("\n"); + + /* Call this once before exit. */ + EVP_cleanup(); + exit(0); } =head1 SEE ALSO -L, L, L, -L, L, L, -L, L +L, +L =head1 HISTORY @@ -265,12 +267,12 @@ EVP_MD_CTX_init(), EVP_MD_CTX_create(), EVP_MD_CTX_copy_ex(), EVP_MD_CTX_cleanup(), EVP_MD_CTX_destroy(), EVP_DigestInit_ex() and EVP_DigestFinal_ex() were added in OpenSSL 0.9.7. -EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), -EVP_dss(), EVP_dss1(), EVP_mdc2() and EVP_ripemd160() were -changed to return truely const EVP_MD * in OpenSSL 0.9.7. +EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha1(), +EVP_dss1(), EVP_mdc2() and EVP_ripemd160() were +changed to return truly const EVP_MD * in OpenSSL 0.9.7. The link between digests and signing algorithms was fixed in OpenSSL 1.0 and -later, so now EVP_sha1() can be used with RSA and DSA, there is no need to +later, so now EVP_sha1() can be used with RSA and DSA; there is no need to use EVP_dss1() any more. OpenSSL 1.0 and later does not include the MD2 digest algorithm in the