159191Skris=pod
259191Skris
359191Skris=head1 NAME
459191Skris
5273149Sjkimdgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md2, md4, md5, dss1 - message digests
659191Skris
759191Skris=head1 SYNOPSIS
859191Skris
959191SkrisB<openssl> B<dgst> 
10273149Sjkim[B<-sha|-sha1|-mdc2|-ripemd160|-sha224|-sha256|-sha384|-sha512|-md2|-md4|-md5|-dss1>]
1159191Skris[B<-c>]
1259191Skris[B<-d>]
1368651Skris[B<-hex>]
1468651Skris[B<-binary>]
15273149Sjkim[B<-r>]
16276864Sjkim[B<-hmac arg>]
17276864Sjkim[B<-non-fips-allow>]
1868651Skris[B<-out filename>]
1968651Skris[B<-sign filename>]
20238405Sjkim[B<-keyform arg>]
21160814Ssimon[B<-passin arg>]
2268651Skris[B<-verify filename>]
2368651Skris[B<-prverify filename>]
2468651Skris[B<-signature filename>]
25194206Ssimon[B<-hmac key>]
26273149Sjkim[B<-non-fips-allow>]
27273149Sjkim[B<-fips-fingerprint>]
2859191Skris[B<file...>]
2959191Skris
30273149SjkimB<openssl>
31273149Sjkim[I<digest>]
32273149Sjkim[B<...>]
3359191Skris
3459191Skris=head1 DESCRIPTION
3559191Skris
3668651SkrisThe digest functions output the message digest of a supplied file or files
37273149Sjkimin hexadecimal.  The digest functions also generate and verify digital
38273149Sjkimsignatures using message digests.
3959191Skris
4059191Skris=head1 OPTIONS
4159191Skris
4259191Skris=over 4
4359191Skris
4459191Skris=item B<-c>
4559191Skris
4668651Skrisprint out the digest in two digit groups separated by colons, only relevant if
4768651SkrisB<hex> format output is used.
4859191Skris
4959191Skris=item B<-d>
5059191Skris
5159191Skrisprint out BIO debugging information.
5259191Skris
5368651Skris=item B<-hex>
5468651Skris
5568651Skrisdigest is to be output as a hex dump. This is the default case for a "normal"
56273149Sjkimdigest as opposed to a digital signature.  See NOTES below for digital
57273149Sjkimsignatures using B<-hex>.
5868651Skris
5968651Skris=item B<-binary>
6068651Skris
6168651Skrisoutput the digest or signature in binary form.
6268651Skris
63273149Sjkim=item B<-r>
64273149Sjkim
65273149Sjkimoutput the digest in the "coreutils" format used by programs like B<sha1sum>.
66273149Sjkim
67276864Sjkim=item B<-hmac arg>
68276864Sjkim
69276864Sjkimset the HMAC key to "arg".
70276864Sjkim
71276864Sjkim=item B<-non-fips-allow>
72276864Sjkim
73276864SjkimAllow use of non FIPS digest when in FIPS mode.  This has no effect when not in
74276864SjkimFIPS mode.
75276864Sjkim
7668651Skris=item B<-out filename>
7768651Skris
7868651Skrisfilename to output to, or standard output by default.
7968651Skris
8068651Skris=item B<-sign filename>
8168651Skris
8268651Skrisdigitally sign the digest using the private key in "filename".
8368651Skris
84238405Sjkim=item B<-keyform arg>
85238405Sjkim
86273149SjkimSpecifies the key format to sign digest with. The DER, PEM, P12,
87273149Sjkimand ENGINE formats are supported.
88238405Sjkim
89238405Sjkim=item B<-engine id>
90238405Sjkim
91238405SjkimUse engine B<id> for operations (including private key storage).
92238405SjkimThis engine is not used as source for digest algorithms, unless it is
93238405Sjkimalso specified in the configuration file.
94238405Sjkim
95238405Sjkim=item B<-sigopt nm:v>
96238405Sjkim
97238405SjkimPass options to the signature algorithm during sign or verify operations.
98238405SjkimNames and values of these options are algorithm-specific.
99238405Sjkim
100238405Sjkim
101160814Ssimon=item B<-passin arg>
102160814Ssimon
103160814Ssimonthe private key password source. For more information about the format of B<arg>
104160814Ssimonsee the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
105160814Ssimon
10668651Skris=item B<-verify filename>
10768651Skris
108237658Sjkimverify the signature using the public key in "filename".
10968651SkrisThe output is either "Verification OK" or "Verification Failure".
11068651Skris
11168651Skris=item B<-prverify filename>
11268651Skris
113246771Sjkimverify the signature using the private key in "filename".
11468651Skris
11568651Skris=item B<-signature filename>
11668651Skris
11768651Skristhe actual signature to verify.
11868651Skris
119194206Ssimon=item B<-hmac key>
120194206Ssimon
121194206Ssimoncreate a hashed MAC using "key".
122194206Ssimon
123238405Sjkim=item B<-mac alg>
124238405Sjkim
125238405Sjkimcreate MAC (keyed Message Authentication Code). The most popular MAC
126238405Sjkimalgorithm is HMAC (hash-based MAC), but there are other MAC algorithms
127238405Sjkimwhich are not based on hash, for instance B<gost-mac> algorithm,
128238405Sjkimsupported by B<ccgost> engine. MAC keys and other options should be set
129238405Sjkimvia B<-macopt> parameter.
130238405Sjkim
131238405Sjkim=item B<-macopt nm:v>
132238405Sjkim
133238405SjkimPasses options to MAC algorithm, specified by B<-mac> key.
134238405SjkimFollowing options are supported by both by B<HMAC> and B<gost-mac>:
135238405Sjkim
136238405Sjkim=over 8
137238405Sjkim
138238405Sjkim=item B<key:string>
139273149Sjkim
140238405SjkimSpecifies MAC key as alphnumeric string (use if key contain printable
141238405Sjkimcharacters only). String length must conform to any restrictions of
142238405Sjkimthe MAC algorithm for example exactly 32 chars for gost-mac.
143238405Sjkim
144238405Sjkim=item B<hexkey:string>
145238405Sjkim
146238405SjkimSpecifies MAC key in hexadecimal form (two hex digits per byte).
147238405SjkimKey length must conform to any restrictions of the MAC algorithm
148238405Sjkimfor example exactly 32 chars for gost-mac.
149238405Sjkim
150238405Sjkim=back
151238405Sjkim
15268651Skris=item B<-rand file(s)>
15368651Skris
15468651Skrisa file or files containing random data used to seed the random number
15568651Skrisgenerator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
15668651SkrisMultiple files can be specified separated by a OS-dependent character.
15768651SkrisThe separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
15868651Skrisall others. 
15968651Skris
160273149Sjkim=item B<-non-fips-allow>
161273149Sjkim
162273149Sjkimenable use of non-FIPS algorithms such as MD5 even in FIPS mode.
163273149Sjkim
164273149Sjkim=item B<-fips-fingerprint>
165273149Sjkim
166273149Sjkimcompute HMAC using a specific key
167273149Sjkimfor certain OpenSSL-FIPS operations.
168273149Sjkim
16959191Skris=item B<file...>
17059191Skris
17159191Skrisfile or files to digest. If no files are specified then standard input is
17259191Skrisused.
17359191Skris
17459191Skris=back
17559191Skris
176273149Sjkim
177273149Sjkim=head1 EXAMPLES
178273149Sjkim
179273149SjkimTo create a hex-encoded message digest of a file:
180273149Sjkim openssl dgst -md5 -hex file.txt
181273149Sjkim
182273149SjkimTo sign a file using SHA-256 with binary file output:
183273149Sjkim openssl dgst -sha256 -sign privatekey.pem -out signature.sign file.txt
184273149Sjkim
185273149SjkimTo verify a signature:
186273149Sjkim openssl dgst -sha256 -verify publickey.pem \
187273149Sjkim -signature signature.sign \
188273149Sjkim file.txt
189273149Sjkim
190273149Sjkim
19159191Skris=head1 NOTES
19259191Skris
19359191SkrisThe digest of choice for all new applications is SHA1. Other digests are
19459191Skrishowever still widely used.
19559191Skris
196273149SjkimWhen signing a file, B<dgst> will automatically determine the algorithm
197273149Sjkim(RSA, ECC, etc) to use for signing based on the private key's ASN.1 info.
198273149SjkimWhen verifying signatures, it only handles the RSA, DSA, or ECDSA signature
199273149Sjkimitself, not the related data to identify the signer and algorithm used in
200273149Sjkimformats such as x.509, CMS, and S/MIME.
20168651Skris
20268651SkrisA source of random numbers is required for certain signing algorithms, in
203273149Sjkimparticular ECDSA and DSA.
20468651Skris
20568651SkrisThe signing and verify options should only be used if a single file is
20668651Skrisbeing signed or verified.
20768651Skris
208273149SjkimHex signatures cannot be verified using B<openssl>.  Instead, use "xxd -r"
209273149Sjkimor similar program to transform the hex signature into a binary signature
210273149Sjkimprior to verification.
211273149Sjkim
212273149Sjkim
21359191Skris=cut
214