dgst.pod revision 246771
1206917Smarius=pod 2206917Smarius 3206917Smarius=head1 NAME 4206917Smarius 5206917Smariusdgst, md5, md4, md2, sha1, sha, mdc2, ripemd160 - message digests 6206917Smarius 7206917Smarius=head1 SYNOPSIS 8206917Smarius 9206917SmariusB<openssl> B<dgst> 10206917Smarius[B<-md5|-md4|-md2|-sha1|-sha|-mdc2|-ripemd160|-dss1>] 11206917Smarius[B<-c>] 12206917Smarius[B<-d>] 13206917Smarius[B<-hex>] 14206917Smarius[B<-binary>] 15206917Smarius[B<-out filename>] 16206917Smarius[B<-sign filename>] 17206917Smarius[B<-keyform arg>] 18206917Smarius[B<-passin arg>] 19206917Smarius[B<-verify filename>] 20206917Smarius[B<-prverify filename>] 21206917Smarius[B<-signature filename>] 22206917Smarius[B<-hmac key>] 23206917Smarius[B<file...>] 24206917Smarius 25206917Smarius[B<md5|md4|md2|sha1|sha|mdc2|ripemd160>] 26206917Smarius[B<-c>] 27206917Smarius[B<-d>] 28206917Smarius[B<file...>] 29206917Smarius 30206917Smarius=head1 DESCRIPTION 31206917Smarius 32206917SmariusThe digest functions output the message digest of a supplied file or files 33206917Smariusin hexadecimal form. They can also be used for digital signing and verification. 34206917Smarius 35206917Smarius=head1 OPTIONS 36206917Smarius 37206917Smarius=over 4 38206917Smarius 39206917Smarius=item B<-c> 40206917Smarius 41206917Smariusprint out the digest in two digit groups separated by colons, only relevant if 42206917SmariusB<hex> format output is used. 43206917Smarius 44206917Smarius=item B<-d> 45206917Smarius 46206917Smariusprint out BIO debugging information. 47206917Smarius 48206917Smarius=item B<-hex> 49228975Suqs 50206917Smariusdigest is to be output as a hex dump. This is the default case for a "normal" 51206917Smariusdigest as opposed to a digital signature. 52206917Smarius 53206917Smarius=item B<-binary> 54206917Smarius 55206917Smariusoutput the digest or signature in binary form. 56206917Smarius 57206917Smarius=item B<-out filename> 58206917Smarius 59206917Smariusfilename to output to, or standard output by default. 60206917Smarius 61206917Smarius=item B<-sign filename> 62206917Smarius 63206917Smariusdigitally sign the digest using the private key in "filename". 64206917Smarius 65206917Smarius=item B<-keyform arg> 66206917Smarius 67206917SmariusSpecifies the key format to sign digest with. Only PEM and ENGINE 68206917Smariusformats are supported by the B<dgst> command. 69206917Smarius 70206917Smarius=item B<-engine id> 71206917Smarius 72206917SmariusUse engine B<id> for operations (including private key storage). 73206917SmariusThis engine is not used as source for digest algorithms, unless it is 74206917Smariusalso specified in the configuration file. 75206917Smarius 76206917Smarius=item B<-sigopt nm:v> 77206917Smarius 78206917SmariusPass options to the signature algorithm during sign or verify operations. 79206917SmariusNames and values of these options are algorithm-specific. 80206917Smarius 81206917Smarius 82206917Smarius=item B<-passin arg> 83206917Smarius 84206917Smariusthe private key password source. For more information about the format of B<arg> 85206917Smariussee the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>. 86206917Smarius 87206917Smarius=item B<-verify filename> 88206917Smarius 89206917Smariusverify the signature using the public key in "filename". 90206917SmariusThe output is either "Verification OK" or "Verification Failure". 91206917Smarius 92206917Smarius=item B<-prverify filename> 93206917Smarius 94206917Smariusverify the signature using the private key in "filename". 95206917Smarius 96206917Smarius=item B<-signature filename> 97206917Smarius 98206917Smariusthe actual signature to verify. 99206917Smarius 100206917Smarius=item B<-hmac key> 101206917Smarius 102206917Smariuscreate a hashed MAC using "key". 103206917Smarius 104206917Smarius=item B<-mac alg> 105206917Smarius 106206917Smariuscreate MAC (keyed Message Authentication Code). The most popular MAC 107206917Smariusalgorithm is HMAC (hash-based MAC), but there are other MAC algorithms 108206917Smariuswhich are not based on hash, for instance B<gost-mac> algorithm, 109206917Smariussupported by B<ccgost> engine. MAC keys and other options should be set 110206917Smariusvia B<-macopt> parameter. 111206917Smarius 112206917Smarius=item B<-macopt nm:v> 113206917Smarius 114206917SmariusPasses options to MAC algorithm, specified by B<-mac> key. 115206917SmariusFollowing options are supported by both by B<HMAC> and B<gost-mac>: 116206917Smarius 117206917Smarius=over 8 118206917Smarius 119206917Smarius=item B<key:string> 120206917Smarius 121206917SmariusSpecifies MAC key as alphnumeric string (use if key contain printable 122206917Smariuscharacters only). String length must conform to any restrictions of 123206917Smariusthe MAC algorithm for example exactly 32 chars for gost-mac. 124206917Smarius 125206917Smarius=item B<hexkey:string> 126206917Smarius 127206917SmariusSpecifies MAC key in hexadecimal form (two hex digits per byte). 128206917SmariusKey length must conform to any restrictions of the MAC algorithm 129206917Smariusfor example exactly 32 chars for gost-mac. 130206917Smarius 131206917Smarius=back 132206917Smarius 133206917Smarius=item B<-rand file(s)> 134206917Smarius 135206917Smariusa file or files containing random data used to seed the random number 136206917Smariusgenerator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>). 137206917SmariusMultiple files can be specified separated by a OS-dependent character. 138206917SmariusThe separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for 139206917Smariusall others. 140206917Smarius 141206917Smarius=item B<file...> 142206917Smarius 143206917Smariusfile or files to digest. If no files are specified then standard input is 144206917Smariusused. 145206917Smarius 146206917Smarius=back 147206917Smarius 148206917Smarius=head1 NOTES 149206917Smarius 150206917SmariusThe digest of choice for all new applications is SHA1. Other digests are 151206917Smariushowever still widely used. 152206917Smarius 153206917SmariusIf you wish to sign or verify data using the DSA algorithm then the dss1 154206917Smariusdigest must be used. 155206917Smarius 156206917SmariusA source of random numbers is required for certain signing algorithms, in 157206917Smariusparticular DSA. 158206917Smarius 159206917SmariusThe signing and verify options should only be used if a single file is 160206917Smariusbeing signed or verified. 161206917Smarius 162206917Smarius=cut 163206917Smarius