159191Skris=pod 259191Skris 359191Skris=head1 NAME 459191Skris 5273149Sjkimdgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md2, md4, md5, dss1 - message digests 659191Skris 759191Skris=head1 SYNOPSIS 859191Skris 959191SkrisB<openssl> B<dgst> 10273149Sjkim[B<-sha|-sha1|-mdc2|-ripemd160|-sha224|-sha256|-sha384|-sha512|-md2|-md4|-md5|-dss1>] 1159191Skris[B<-c>] 1259191Skris[B<-d>] 1368651Skris[B<-hex>] 1468651Skris[B<-binary>] 15273149Sjkim[B<-r>] 16276864Sjkim[B<-hmac arg>] 17276864Sjkim[B<-non-fips-allow>] 1868651Skris[B<-out filename>] 1968651Skris[B<-sign filename>] 20238405Sjkim[B<-keyform arg>] 21160814Ssimon[B<-passin arg>] 2268651Skris[B<-verify filename>] 2368651Skris[B<-prverify filename>] 2468651Skris[B<-signature filename>] 25194206Ssimon[B<-hmac key>] 26273149Sjkim[B<-non-fips-allow>] 27273149Sjkim[B<-fips-fingerprint>] 2859191Skris[B<file...>] 2959191Skris 30273149SjkimB<openssl> 31273149Sjkim[I<digest>] 32273149Sjkim[B<...>] 3359191Skris 3459191Skris=head1 DESCRIPTION 3559191Skris 3668651SkrisThe digest functions output the message digest of a supplied file or files 37273149Sjkimin hexadecimal. The digest functions also generate and verify digital 38273149Sjkimsignatures using message digests. 3959191Skris 4059191Skris=head1 OPTIONS 4159191Skris 4259191Skris=over 4 4359191Skris 4459191Skris=item B<-c> 4559191Skris 4668651Skrisprint out the digest in two digit groups separated by colons, only relevant if 4768651SkrisB<hex> format output is used. 4859191Skris 4959191Skris=item B<-d> 5059191Skris 5159191Skrisprint out BIO debugging information. 5259191Skris 5368651Skris=item B<-hex> 5468651Skris 5568651Skrisdigest is to be output as a hex dump. This is the default case for a "normal" 56273149Sjkimdigest as opposed to a digital signature. See NOTES below for digital 57273149Sjkimsignatures using B<-hex>. 5868651Skris 5968651Skris=item B<-binary> 6068651Skris 6168651Skrisoutput the digest or signature in binary form. 6268651Skris 63273149Sjkim=item B<-r> 64273149Sjkim 65273149Sjkimoutput the digest in the "coreutils" format used by programs like B<sha1sum>. 66273149Sjkim 67276864Sjkim=item B<-hmac arg> 68276864Sjkim 69276864Sjkimset the HMAC key to "arg". 70276864Sjkim 71276864Sjkim=item B<-non-fips-allow> 72276864Sjkim 73276864SjkimAllow use of non FIPS digest when in FIPS mode. This has no effect when not in 74276864SjkimFIPS mode. 75276864Sjkim 7668651Skris=item B<-out filename> 7768651Skris 7868651Skrisfilename to output to, or standard output by default. 7968651Skris 8068651Skris=item B<-sign filename> 8168651Skris 8268651Skrisdigitally sign the digest using the private key in "filename". 8368651Skris 84238405Sjkim=item B<-keyform arg> 85238405Sjkim 86273149SjkimSpecifies the key format to sign digest with. The DER, PEM, P12, 87273149Sjkimand ENGINE formats are supported. 88238405Sjkim 89238405Sjkim=item B<-engine id> 90238405Sjkim 91238405SjkimUse engine B<id> for operations (including private key storage). 92238405SjkimThis engine is not used as source for digest algorithms, unless it is 93238405Sjkimalso specified in the configuration file. 94238405Sjkim 95238405Sjkim=item B<-sigopt nm:v> 96238405Sjkim 97238405SjkimPass options to the signature algorithm during sign or verify operations. 98238405SjkimNames and values of these options are algorithm-specific. 99238405Sjkim 100238405Sjkim 101160814Ssimon=item B<-passin arg> 102160814Ssimon 103160814Ssimonthe private key password source. For more information about the format of B<arg> 104160814Ssimonsee the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>. 105160814Ssimon 10668651Skris=item B<-verify filename> 10768651Skris 108237658Sjkimverify the signature using the public key in "filename". 10968651SkrisThe output is either "Verification OK" or "Verification Failure". 11068651Skris 11168651Skris=item B<-prverify filename> 11268651Skris 113246771Sjkimverify the signature using the private key in "filename". 11468651Skris 11568651Skris=item B<-signature filename> 11668651Skris 11768651Skristhe actual signature to verify. 11868651Skris 119194206Ssimon=item B<-hmac key> 120194206Ssimon 121194206Ssimoncreate a hashed MAC using "key". 122194206Ssimon 123238405Sjkim=item B<-mac alg> 124238405Sjkim 125238405Sjkimcreate MAC (keyed Message Authentication Code). The most popular MAC 126238405Sjkimalgorithm is HMAC (hash-based MAC), but there are other MAC algorithms 127238405Sjkimwhich are not based on hash, for instance B<gost-mac> algorithm, 128238405Sjkimsupported by B<ccgost> engine. MAC keys and other options should be set 129238405Sjkimvia B<-macopt> parameter. 130238405Sjkim 131238405Sjkim=item B<-macopt nm:v> 132238405Sjkim 133238405SjkimPasses options to MAC algorithm, specified by B<-mac> key. 134238405SjkimFollowing options are supported by both by B<HMAC> and B<gost-mac>: 135238405Sjkim 136238405Sjkim=over 8 137238405Sjkim 138238405Sjkim=item B<key:string> 139273149Sjkim 140238405SjkimSpecifies MAC key as alphnumeric string (use if key contain printable 141238405Sjkimcharacters only). String length must conform to any restrictions of 142238405Sjkimthe MAC algorithm for example exactly 32 chars for gost-mac. 143238405Sjkim 144238405Sjkim=item B<hexkey:string> 145238405Sjkim 146238405SjkimSpecifies MAC key in hexadecimal form (two hex digits per byte). 147238405SjkimKey length must conform to any restrictions of the MAC algorithm 148238405Sjkimfor example exactly 32 chars for gost-mac. 149238405Sjkim 150238405Sjkim=back 151238405Sjkim 15268651Skris=item B<-rand file(s)> 15368651Skris 15468651Skrisa file or files containing random data used to seed the random number 15568651Skrisgenerator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>). 15668651SkrisMultiple files can be specified separated by a OS-dependent character. 15768651SkrisThe separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for 15868651Skrisall others. 15968651Skris 160273149Sjkim=item B<-non-fips-allow> 161273149Sjkim 162273149Sjkimenable use of non-FIPS algorithms such as MD5 even in FIPS mode. 163273149Sjkim 164273149Sjkim=item B<-fips-fingerprint> 165273149Sjkim 166273149Sjkimcompute HMAC using a specific key 167273149Sjkimfor certain OpenSSL-FIPS operations. 168273149Sjkim 16959191Skris=item B<file...> 17059191Skris 17159191Skrisfile or files to digest. If no files are specified then standard input is 17259191Skrisused. 17359191Skris 17459191Skris=back 17559191Skris 176273149Sjkim 177273149Sjkim=head1 EXAMPLES 178273149Sjkim 179273149SjkimTo create a hex-encoded message digest of a file: 180273149Sjkim openssl dgst -md5 -hex file.txt 181273149Sjkim 182273149SjkimTo sign a file using SHA-256 with binary file output: 183273149Sjkim openssl dgst -sha256 -sign privatekey.pem -out signature.sign file.txt 184273149Sjkim 185273149SjkimTo verify a signature: 186273149Sjkim openssl dgst -sha256 -verify publickey.pem \ 187273149Sjkim -signature signature.sign \ 188273149Sjkim file.txt 189273149Sjkim 190273149Sjkim 19159191Skris=head1 NOTES 19259191Skris 19359191SkrisThe digest of choice for all new applications is SHA1. Other digests are 19459191Skrishowever still widely used. 19559191Skris 196273149SjkimWhen signing a file, B<dgst> will automatically determine the algorithm 197273149Sjkim(RSA, ECC, etc) to use for signing based on the private key's ASN.1 info. 198273149SjkimWhen verifying signatures, it only handles the RSA, DSA, or ECDSA signature 199273149Sjkimitself, not the related data to identify the signer and algorithm used in 200273149Sjkimformats such as x.509, CMS, and S/MIME. 20168651Skris 20268651SkrisA source of random numbers is required for certain signing algorithms, in 203273149Sjkimparticular ECDSA and DSA. 20468651Skris 20568651SkrisThe signing and verify options should only be used if a single file is 20668651Skrisbeing signed or verified. 20768651Skris 208273149SjkimHex signatures cannot be verified using B<openssl>. Instead, use "xxd -r" 209273149Sjkimor similar program to transform the hex signature into a binary signature 210273149Sjkimprior to verification. 211273149Sjkim 212273149Sjkim 21359191Skris=cut 214