diff options
author | cperciva <cperciva@FreeBSD.org> | 2005-03-09 19:23:04 +0000 |
---|---|---|
committer | cperciva <cperciva@FreeBSD.org> | 2005-03-09 19:23:04 +0000 |
commit | 180357cd92d662043a6a43cdca0e95a9d7cc2abe (patch) | |
tree | 93545178ed2cf6089bb2b9ecddb45ad729186e96 /lib/libmd/sha256.3 | |
parent | a601ac81480a3fa885a89ae7890ff410cf797d87 (diff) | |
download | FreeBSD-src-180357cd92d662043a6a43cdca0e95a9d7cc2abe.zip FreeBSD-src-180357cd92d662043a6a43cdca0e95a9d7cc2abe.tar.gz |
In light of the recent 2^69 operation collision-finding attack on SHA1,
add support for SHA256.
Tested on: i386, sparc64
Tested using: NIST test vectors, built-in tests
X-MFC-after: 5.4-RELEASE
Diffstat (limited to 'lib/libmd/sha256.3')
-rw-r--r-- | lib/libmd/sha256.3 | 140 |
1 files changed, 140 insertions, 0 deletions
diff --git a/lib/libmd/sha256.3 b/lib/libmd/sha256.3 new file mode 100644 index 0000000..f6de8c7 --- /dev/null +++ b/lib/libmd/sha256.3 @@ -0,0 +1,140 @@ +.\" +.\" ---------------------------------------------------------------------------- +.\" "THE BEER-WARE LICENSE" (Revision 42): +.\" <phk@FreeBSD.org> wrote this file. As long as you retain this notice you +.\" can do whatever you want with this stuff. If we meet some day, and you think +.\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp +.\" ---------------------------------------------------------------------------- +.\" +.\" From: Id: mdX.3,v 1.14 1999/02/11 20:31:49 wollman Exp +.\" $FreeBSD$ +.\" +.Dd March 9, 2005 +.Dt SHA256 3 +.Os +.Sh NAME +.Nm SHA256_Init , +.Nm SHA256_Update , +.Nm SHA256_Final , +.Nm SHA256_End , +.Nm SHA256_File , +.Nm SHA256_FileChunk , +.Nm SHA256_Data +.Nd calculate the FIPS 180-2 ``SHA-256'' message digest +.Sh LIBRARY +.Lb libmd +.Sh SYNOPSIS +.In sys/types.h +.In sha256.h +.Ft void +.Fn SHA256_Init "SHA_CTX *context" +.Ft void +.Fn SHA256_Update "SHA_CTX *context" "const unsigned char *data" "size_t len" +.Ft void +.Fn SHA256_Final "unsigned char digest[32]" "SHA_CTX *context" +.Ft "char *" +.Fn SHA256_End "SHA_CTX *context" "char *buf" +.Ft "char *" +.Fn SHA256_File "const char *filename" "char *buf" +.Ft "char *" +.Fn SHA256_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" +.Ft "char *" +.Fn SHA256_Data "const unsigned char *data" "unsigned int len" "char *buf" +.Sh DESCRIPTION +The +.Li SHA256_ +functions calculate a 256-bit cryptographic checksum (digest) +for any number of input bytes. +A cryptographic checksum is a one-way +hash function; that is, it is computationally impractical to find +the input corresponding to a particular output. +This net result is +a +.Dq fingerprint +of the input-data, which does not disclose the actual input. +.Pp +The +.Fn SHA256_Init , +.Fn SHA256_Update , +and +.Fn SHA256_Final +functions are the core functions. +Allocate an +.Vt SHA256_CTX , +initialize it with +.Fn SHA256_Init , +run over the data with +.Fn SHA256_Update , +and finally extract the result using +.Fn SHA256_Final . +.Pp +.Fn SHA256_End +is a wrapper for +.Fn SHA256_Final +which converts the return value to a 65-character +(including the terminating '\e0') +.Tn ASCII +string which represents the 256 bits in hexadecimal. +.Pp +.Fn SHA256_File +calculates the digest of a file, and uses +.Fn SHA256_End +to return the result. +If the file cannot be opened, a null pointer is returned. +.Fn SHA256_FileChunk +is similar to +.Fn SHA256_File , +but it only calculates the digest over a byte-range of the file specified, +starting at +.Fa offset +and spanning +.Fa length +bytes. +If the +.Fa length +parameter is specified as 0, or more than the length of the remaining part +of the file, +.Fn SHA256_FileChunk +calculates the digest from +.Fa offset +to the end of file. +.Fn SHA256_Data +calculates the digest of a chunk of data in memory, and uses +.Fn SHA256_End +to return the result. +.Pp +When using +.Fn SHA256_End , +.Fn SHA256_File , +or +.Fn SHA256_Data , +the +.Fa buf +argument can be a null pointer, in which case the returned string +is allocated with +.Xr malloc 3 +and subsequently must be explicitly deallocated using +.Xr free 3 +after use. +If the +.Fa buf +argument is non-null it must point to at least 65 characters of buffer space. +.Sh SEE ALSO +.Xr md2 3 , +.Xr md4 3 , +.Xr md5 3 , +.Xr ripemd 3 , +.Xr sha 3 +.Sh HISTORY +These functions appeared in +.Fx 4.0 . +.Sh AUTHORS +The core hash routines were implemented by Colin Percival based on +the published +.Tn FIPS 180-2 +standard. +.Sh BUGS +No method is known to exist which finds two files having the same hash value, +nor to find a file with a specific hash value. +There is on the other hand no guarantee that such a method does not exist. + |