SHA2(3EXT) Extended Library Functions SHA2(3EXT)
NAME
sha2, SHA2Init, SHA2Update, SHA2Final, SHA256Init, SHA256Update,
SHA256Final, SHA384Init, SHA384Update, SHA384Final, SHA512Init,
SHA512Update, SHA512Final - SHA2 digest functions
SYNOPSIS
cc [
flag ... ]
file ...
-lmd [
library ... ]
#include <sha2.h>
void SHA2Init(
uint64_t mech,
SHA2_CTX *context);
void SHA2Update(
SHA2_CTX *context,
unsigned char *input,
size_t inlen);
void SHA2Final(
unsigned char *output,
SHA2_CTX *context);
void SHA256Init(
SHA256_CTX *context);
void SHA256Update(
SHA256_CTX *context,
unsigned char *input,
size_t inlen);
void SHA256Final(
unsigned char *output,
SHA256_CTX *context);
void SHA384Init(
SHA384_CTX *context);
void SHA384Update(
SHA384_CTX *context,
unsigned char *input,
size_t inlen);
void SHA384Final(
unsigned char *output,
384_CTX *context);
void SHA512Init(
SHA512_CTX *context);
void SHA512Update(
SHA512_CTX *context,
unsigned char *input,
size_t inlen);
void SHA512Final(
unsigned char *output,
512_CTX *context);
DESCRIPTION
The
SHA2Init(),
SHA2Update(),
SHA2Final() functions implement the
SHA256,
SHA384,
SHA512,
SHA512/224 and
SHA512/256 message-digest
algorithms. The algorithms take as input a message of arbitrary
length and produce a 200-bit "fingerprint" or "message digest" as
output. The
SHA2 message-digest algorithms are intended for digital
signature applications in which large files are "compressed" in a
secure manner before being encrypted with a private (secret) key
under a public-key cryptosystem such as RSA.
SHA2Init(),
SHA2Update(),
SHA2Final() The
SHA2Init(),
SHA2Update(), and
SHA2Final() functions allow an
SHA2 digest to be computed over multiple message blocks. Between
blocks, the state of the
SHA2 computation is held in an
SHA2 context structure allocated by the caller. A complete digest
computation consists of calls to
SHA2 functions in the following
order: one call to
SHA2Init(), one or more calls to
SHA2Update(),
and one call to
SHA2Final().
The
SHA2Init() function initializes the SHA2 context structure
pointed to by
context. The
mech argument is one of
SHA256,
SHA512,
SHA384,
SHA512_224,
SHA512_256.
The
SHA2Update() function computes a partial
SHA2 digest on the
inlen-byte message block pointed to by
input, and updates the
SHA2 context structure pointed to by
context accordingly.
The
SHA2Final() function generates the final
SHA2Final digest,
using the
SHA2 context structure pointed to by
context. The
SHA2 digest is written to output. After a call to
SHA2Final(), the
state of the context structure is undefined. It must be
reinitialized with
SHA2Init() before it can be used again.
SHA256Init(),
SHA256Update(),
SHA256Final(),
SHA384Init(),
SHA384Update(),
SHA384Final(),
SHA512Init(),
SHA512Update(),
SHA512Final() Alternative APIs exist as named above. The
Update() and
Final() sets of functions operate exactly as the previously described
SHA2Update() and
SHA2Final() functions. The
SHA256Init(),
SHA384Init(), and
SHA512Init() functions do not take the
mech argument as it is implicit in the function names.
RETURN VALUES
These functions do not return a value.
EXAMPLES
Example 1: Authenticate a message found in multiple buffers
The following is a sample function that authenticates a message found
in multiple buffers. The calling function provides an authentication
buffer to contain the result of the
SHA2 digest.
#include <sys/types.h>
#include <sys/uio.h>
#include <sha2.h>
int
AuthenticateMsg(unsigned char *auth_buffer, struct iovec
*messageIov, unsigned int num_buffers)
{
SHA2_CTX sha2_context;
unsigned int i;
SHA2Init(SHA384, &sha2_context);
for(i=0; i<num_buffers; i++)
{
SHA2Update(&sha2_context, messageIov->iov_base,
messageIov->iov_len);
messageIov += sizeof(struct iovec);
}
SHA2Final(auth_buffer, &sha2_context);
return 0;
}
Example 2: Authenticate a message found in multiple buffers
The following is a sample function that authenticates a message found
in multiple buffers. The calling function provides an authentication
buffer that will contain the result of the
SHA384 digest, using
alternative interfaces.
int
AuthenticateMsg(unsigned char *auth_buffer, struct iovec
*messageIov, unsigned int num_buffers)
{
SHA384_CTX ctx;
unsigned int i;
SHA384Init(&ctx);
for(i=0, i<num_buffers; i++
{
SHA384Update(&ctx, messageIov->iov_base,
messageIov->iov_len);
messageIov += sizeof(struct iovec);
}
SHA384Final(auth_buffer, &ctx);
return 0;
}
ATTRIBUTES
See
attributes(7) for descriptions of the following attributes:
+--------------------+-----------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+--------------------+-----------------+
|Interface Stability | Committed |
+--------------------+-----------------+
|MT-Level | MT-Safe |
+--------------------+-----------------+
SEE ALSO
libmd(3LIB) FIPS 180-2
February 28, 2024 SHA2(3EXT)
