Merge various improvements from the OpenSSL 1.1 branch,

which is still under a free license. * document EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags * document EVP_MD_flags, EVP_MD_CTX_md_data * document EVP_MD_CTX_pkey_ctx, EVP_MD_CTX_set_pkey_ctx * correct arg type of EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type * more information about EVP_MD_CTX_ctrl * add missing <string.h> and correct one variable type below EXAMPLES * two orthographic improvements with a few wording tweaks by me
author: schwarze <> 2023-08-11 18:08:43 +0000
committer: schwarze <> 2023-08-11 18:08:43 +0000
commit: b6dc4ae4ee66806e337bd9d7bdae60a258799b9a (patch)
tree: d9b01127ad5615a517a0bd83906553bd4238e630
parent: 2ea556a1c666b7176ccef64d78e376f1bfabef7c (diff)
download: openbsd-b6dc4ae4ee66806e337bd9d7bdae60a258799b9a.tar.gz
openbsd-b6dc4ae4ee66806e337bd9d7bdae60a258799b9a.tar.bz2
openbsd-b6dc4ae4ee66806e337bd9d7bdae60a258799b9a.zip
1 files changed, 148 insertions, 13 deletions
diff --git a/src/lib/libcrypto/man/EVP_DigestInit.3 b/src/lib/libcrypto/man/EVP_DigestInit.3
index ba9d6a0481..08b64b59b2 100644
--- a/src/lib/libcrypto/man/EVP_DigestInit.3
+++ b/src/lib/libcrypto/man/EVP_DigestInit.3
@@ -1,6 +1,6 @@
-.\" $OpenBSD: EVP_DigestInit.3,v 1.25 2023/04/23 18:24:01 job Exp $
+.\" $OpenBSD: EVP_DigestInit.3,v 1.26 2023/08/11 18:08:43 schwarze Exp $
 .\" full merge up to: OpenSSL 7f572e95 Dec 2 13:57:04 2015 +0000
-.\" selective merge up to: OpenSSL a95d7574 Jul 2 12:16:38 2017 -0400
+.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100
 .\"
 .\" This file is a derived work.
 .\" The changes are covered by the following Copyright and license:
@@ -19,9 +19,11 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>
+.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>,
-.\" and Richard Levitte <levitte@openssl.org>.
+.\" Richard Levitte <levitte@openssl.org>,
-.\" Copyright (c) 2000-2004, 2009, 2012-2016 The OpenSSL Project.
+.\" Paul Yang <yang.yang@baishancloud.com>, and
+.\" Antoine Salon <asalon@vmware.com>.
+.\" Copyright (c) 2000-2004, 2009, 2012-2016, 2018, 2019 The OpenSSL Project.
 .\" All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
@@ -68,7 +70,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: April 23 2023 $
+.Dd $Mdocdate: August 11 2023 $
 .Dt EVP_DIGESTINIT 3
 .Os
 .Sh NAME
@@ -80,6 +82,9 @@
 .Nm EVP_MD_CTX_cleanup ,
 .Nm EVP_MD_CTX_destroy ,
 .Nm EVP_MD_CTX_ctrl ,
+.Nm EVP_MD_CTX_set_flags ,
+.Nm EVP_MD_CTX_clear_flags ,
+.Nm EVP_MD_CTX_test_flags ,
 .Nm EVP_DigestInit_ex ,
 .Nm EVP_DigestUpdate ,
 .Nm EVP_DigestFinal_ex ,
@@ -93,10 +98,14 @@
 .Nm EVP_MD_pkey_type ,
 .Nm EVP_MD_size ,
 .Nm EVP_MD_block_size ,
+.Nm EVP_MD_flags ,
 .Nm EVP_MD_CTX_md ,
 .Nm EVP_MD_CTX_size ,
 .Nm EVP_MD_CTX_block_size ,
 .Nm EVP_MD_CTX_type ,
+.Nm EVP_MD_CTX_md_data ,
+.Nm EVP_MD_CTX_pkey_ctx ,
+.Nm EVP_MD_CTX_set_pkey_ctx ,
 .Nm EVP_md_null ,
 .Nm EVP_md5 ,
 .Nm EVP_md5_sha1 ,
@@ -145,6 +154,21 @@
 .Fa "int p1"
 .Fa "void* p2"
 .Fc
+.Ft void
+.Fo EVP_MD_CTX_set_flags
+.Fa "EVP_MD_CTX *ctx"
+.Fa "int flags"
+.Fc
+.Ft void
+.Fo EVP_MD_CTX_clear_flags
+.Fa "EVP_MD_CTX *ctx"
+.Fa "int flags"
+.Fc
+.Ft int
+.Fo EVP_MD_CTX_test_flags
+.Fa "const EVP_MD_CTX *ctx"
+.Fa "int flags"
+.Fc
 .Ft int
 .Fo EVP_DigestInit_ex
 .Fa "EVP_MD_CTX *ctx"
@@ -210,21 +234,38 @@
 .Fo EVP_MD_block_size
 .Fa "const EVP_MD *md"
 .Fc
+.Ft unsigned long
+.Fo EVP_MD_flags
+.Fa "const EVP_MD *md"
+.Fc
 .Ft const EVP_MD *
 .Fo EVP_MD_CTX_md
 .Fa "const EVP_MD_CTX *ctx"
 .Fc
 .Ft int
 .Fo EVP_MD_CTX_size
-.Fa "const EVP_MD *ctx"
+.Fa "const EVP_MD_CTX *ctx"
 .Fc
 .Ft int
 .Fo EVP_MD_CTX_block_size
-.Fa "const EVP_MD *ctx"
+.Fa "const EVP_MD_CTX *ctx"
 .Fc
 .Ft int
 .Fo EVP_MD_CTX_type
-.Fa "const EVP_MD *ctx"
+.Fa "const EVP_MD_CTX *ctx"
+.Fc
+.Ft void *
+.Fo EVP_MD_CTX_md_data
+.Fa "const EVP_MD_CTX *ctx"
+.Fc
+.Ft EVP_PKEY_CTX *
+.Fo EVP_MD_CTX_pkey_ctx
+.Fa "const EVP_MD_CTX *ctx"
+.Fc
+.Ft void
+.Fo EVP_MD_CTX_set_pkey_ctx
+.Fa "EVP_MD_CTX *ctx"
+.Fa "EVP_PKEY_CTX *pctx"
 .Fc
 .Ft const EVP_MD *
 .Fn EVP_md_null void
@@ -261,7 +302,7 @@
 .Fa "const ASN1_OBJECT *o"
 .Fc
 .Sh DESCRIPTION
-The EVP digest routines are a high level interface to message digests
+The EVP digest routines are a high-level interface to message digests
 and should be used instead of the cipher-specific functions.
 .Pp
 .Fn EVP_MD_CTX_new
@@ -300,6 +341,42 @@ respectively.
 .Fn EVP_MD_CTX_ctrl
 performs digest-specific control actions on the context
 .Fa ctx .
+The control command is indicated in
+.Fa cmd
+and any additional arguments in
+.Fa p1
+and
+.Fa p2 .
+.Fn EVP_MD_CTX_ctrl
+must be called after
+.Fn EVP_DigestInit_ex .
+Other restrictions may apply depending on the control type
+and digest implementation.
+.Pp
+If the
+.Fa cmd
+is
+.Dv EVP_MD_CTRL_MICALG ,
+the digest Message Integrity Check algorithm string is written to
+.Pf * p2 .
+This is used when creating S/MIME multipart/signed messages
+as specified in RFC 3851.
+.Pp
+.Fn EVP_MD_CTX_set_flags ,
+.Fn EVP_MD_CTX_clear_flags ,
+and
+.Fn EVP_MD_CTX_test_flags
+set, clear and test the following
+.Fa ctx
+flags:
+.Bl -tag -width Ds -offset 2n
+.It Dv EVP_MD_CTX_FLAG_NO_INIT
+Instruct
+.Fn EVP_DigestInit
+and similar functions not to initialise the implementation specific data.
+.It Dv EVP_MD_CTX_FLAG_ONESHOT
+Instruct the digest to optimize for one update only, if possible.
+.El
 .Pp
 .Fn EVP_DigestInit_ex
 sets up the digest context
@@ -431,7 +508,8 @@ or an
 .Vt EVP_MD_CTX
 structure.
 .Pp
-.Fn EVP_MD_type
+.Fn EVP_MD_type ,
+.Fn EVP_MD_pkey_type ,
 and
 .Fn EVP_MD_CTX_type
 return the NID of the OBJECT IDENTIFIER representing the given message
@@ -444,6 +522,23 @@ returns
 .Dv NID_sha1 .
 This function is normally used when setting ASN.1 OIDs.
 .Pp
+.Fn EVP_MD_CTX_md_data
+returns the digest method private data of
+.Fa ctx .
+The space was allocated and its size set with
+.Xr EVP_MD_meth_set_app_datasize 3 .
+.Pp
+.Fn EVP_MD_flags
+returns the
+.Fa md
+flags.
+These are different from the
+.Vt EVP_MD_CTX
+ones.
+See
+.Xr EVP_MD_meth_set_flags 3
+for more information.
+.Pp
 .Fn EVP_MD_pkey_type
 returns the NID of the public key signing algorithm associated with this
 digest.
@@ -454,6 +549,40 @@ is associated with RSA so this will return
 Since digests and signature algorithms are no longer linked, this
 function is only retained for compatibility reasons.
 .Pp
+.Fn EVP_MD_CTX_pkey_ctx
+returns the
+.Vt EVP_PKEY_CTX
+assigned to
+.Fa ctx .
+The returned pointer should not be freed by the caller.
+.Pp
+.Fn EVP_MD_CTX_set_pkey_ctx
+assigns
+.Fa pctx
+to
+.Fa ctx .
+This is usually used to provide a customized
+.Vt EVP_PKEY_CTX
+to
+.Xr EVP_DigestSignInit 3
+or
+.Xr EVP_DigestVerifyInit 3 .
+The
+.Fa pctx
+passed to this function should be freed by the caller.
+A
+.Dv NULL
+.Fa pctx
+pointer is also allowed to clear the
+.Vt EVP_PKEY_CTX
+assigned to
+.Fa ctx .
+In this case, freeing the cleared
+.Vt EVP_PKEY_CTX
+or not depends on how the
+.Vt EVP_PKEY_CTX
+was created.
+.Pp
 .Fn EVP_md5 ,
 .Fn EVP_sha1 ,
 .Fn EVP_sha224 ,
@@ -502,7 +631,7 @@ and
 are implemented as macros.
 .Pp
 The EVP interface to message digests should almost always be used
-in preference to the low level interfaces.
+in preference to the low-level interfaces.
 This is because the code then becomes transparent to the digest used and
 much more flexible.
 .Pp
@@ -610,6 +739,7 @@ This example digests the data "Test Message\en" and "Hello World\en",
 using the digest name passed on the command line.
 .Bd -literal -offset indent
 #include <stdio.h>
+#include <string.h>
 #include <openssl/evp.h>
 int
@@ -620,7 +750,7 @@ main(int argc, char *argv[])
        const char mess1[] = "Test Message\en";
        const char mess2[] = "Hello World\en";
        unsigned char md_value[EVP_MAX_MD_SIZE];
-        int md_len, i;
+        unsigned int md_len, i;
        if (argc <= 1) {
                printf("Usage: mdtest digestname\en");
@@ -655,6 +785,7 @@ main(int argc, char *argv[])
 .Xr EVP_BytesToKey 3 ,
 .Xr EVP_DigestSignInit 3 ,
 .Xr EVP_DigestVerifyInit 3 ,
+.Xr EVP_MD_meth_new 3 ,
 .Xr EVP_PKEY_CTX_set_signature_md 3 ,
 .Xr EVP_PKEY_meth_set_signctx 3 ,
 .Xr EVP_SignInit 3 ,
@@ -750,6 +881,10 @@ and
 first appeared in OpenSSL 1.1.0 and have been available since
 .Ox 6.3 .
 .Pp
+.Fn EVP_MD_CTX_set_pkey_ctx
+first appeared in OpenSSL 1.1.1 and has been available since
+.Ox 7.1 .
+.Pp
 The link between digests and signing algorithms was fixed in OpenSSL 1.0
 and later, so now
 .Fn EVP_sha1
author	schwarze <>	2023-08-11 18:08:43 +0000
committer	schwarze <>	2023-08-11 18:08:43 +0000
commit	b6dc4ae4ee66806e337bd9d7bdae60a258799b9a (patch)
tree	d9b01127ad5615a517a0bd83906553bd4238e630
parent	2ea556a1c666b7176ccef64d78e376f1bfabef7c (diff)
download	openbsd-b6dc4ae4ee66806e337bd9d7bdae60a258799b9a.tar.gz openbsd-b6dc4ae4ee66806e337bd9d7bdae60a258799b9a.tar.bz2 openbsd-b6dc4ae4ee66806e337bd9d7bdae60a258799b9a.zip

diff --git a/src/lib/libcrypto/man/EVP_DigestInit.3 b/src/lib/libcrypto/man/EVP_DigestInit.3 index ba9d6a0481..08b64b59b2 100644 --- a/src/lib/libcrypto/man/EVP_DigestInit.3 +++ b/src/lib/libcrypto/man/EVP_DigestInit.3
@@ -1,6 +1,6 @@
1	.\" $OpenBSD: EVP_DigestInit.3,v 1.25 2023/04/23 18:24:01 job Exp $	1	.\" $OpenBSD: EVP_DigestInit.3,v 1.26 2023/08/11 18:08:43 schwarze Exp $
2	.\" full merge up to: OpenSSL 7f572e95 Dec 2 13:57:04 2015 +0000	2	.\" full merge up to: OpenSSL 7f572e95 Dec 2 13:57:04 2015 +0000
3	.\" selective merge up to: OpenSSL a95d7574 Jul 2 12:16:38 2017 -0400	3	.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100
4	.\"	4	.\"
5	.\" This file is a derived work.	5	.\" This file is a derived work.
6	.\" The changes are covered by the following Copyright and license:	6	.\" The changes are covered by the following Copyright and license:
@@ -19,9 +19,11 @@
19	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF	19	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
20	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.	20	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
21	.\"	21	.\"
22	.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>	22	.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>,
23	.\" and Richard Levitte <levitte@openssl.org>.	23	.\" Richard Levitte <levitte@openssl.org>,
24	.\" Copyright (c) 2000-2004, 2009, 2012-2016 The OpenSSL Project.	24	.\" Paul Yang <yang.yang@baishancloud.com>, and
		25	.\" Antoine Salon <asalon@vmware.com>.
		26	.\" Copyright (c) 2000-2004, 2009, 2012-2016, 2018, 2019 The OpenSSL Project.
25	.\" All rights reserved.	27	.\" All rights reserved.
26	.\"	28	.\"
27	.\" Redistribution and use in source and binary forms, with or without	29	.\" Redistribution and use in source and binary forms, with or without
@@ -68,7 +70,7 @@
68	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	70	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
69	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	71	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
70	.\"	72	.\"
71	.Dd $Mdocdate: April 23 2023 $	73	.Dd $Mdocdate: August 11 2023 $
72	.Dt EVP_DIGESTINIT 3	74	.Dt EVP_DIGESTINIT 3
73	.Os	75	.Os
74	.Sh NAME	76	.Sh NAME
@@ -80,6 +82,9 @@
80	.Nm EVP_MD_CTX_cleanup ,	82	.Nm EVP_MD_CTX_cleanup ,
81	.Nm EVP_MD_CTX_destroy ,	83	.Nm EVP_MD_CTX_destroy ,
82	.Nm EVP_MD_CTX_ctrl ,	84	.Nm EVP_MD_CTX_ctrl ,
		85	.Nm EVP_MD_CTX_set_flags ,
		86	.Nm EVP_MD_CTX_clear_flags ,
		87	.Nm EVP_MD_CTX_test_flags ,
83	.Nm EVP_DigestInit_ex ,	88	.Nm EVP_DigestInit_ex ,
84	.Nm EVP_DigestUpdate ,	89	.Nm EVP_DigestUpdate ,
85	.Nm EVP_DigestFinal_ex ,	90	.Nm EVP_DigestFinal_ex ,
@@ -93,10 +98,14 @@
93	.Nm EVP_MD_pkey_type ,	98	.Nm EVP_MD_pkey_type ,
94	.Nm EVP_MD_size ,	99	.Nm EVP_MD_size ,
95	.Nm EVP_MD_block_size ,	100	.Nm EVP_MD_block_size ,
		101	.Nm EVP_MD_flags ,
96	.Nm EVP_MD_CTX_md ,	102	.Nm EVP_MD_CTX_md ,
97	.Nm EVP_MD_CTX_size ,	103	.Nm EVP_MD_CTX_size ,
98	.Nm EVP_MD_CTX_block_size ,	104	.Nm EVP_MD_CTX_block_size ,
99	.Nm EVP_MD_CTX_type ,	105	.Nm EVP_MD_CTX_type ,
		106	.Nm EVP_MD_CTX_md_data ,
		107	.Nm EVP_MD_CTX_pkey_ctx ,
		108	.Nm EVP_MD_CTX_set_pkey_ctx ,
100	.Nm EVP_md_null ,	109	.Nm EVP_md_null ,
101	.Nm EVP_md5 ,	110	.Nm EVP_md5 ,
102	.Nm EVP_md5_sha1 ,	111	.Nm EVP_md5_sha1 ,
@@ -145,6 +154,21 @@
145	.Fa "int p1"	154	.Fa "int p1"
146	.Fa "void* p2"	155	.Fa "void* p2"
147	.Fc	156	.Fc
		157	.Ft void
		158	.Fo EVP_MD_CTX_set_flags
		159	.Fa "EVP_MD_CTX *ctx"
		160	.Fa "int flags"
		161	.Fc
		162	.Ft void
		163	.Fo EVP_MD_CTX_clear_flags
		164	.Fa "EVP_MD_CTX *ctx"
		165	.Fa "int flags"
		166	.Fc
		167	.Ft int
		168	.Fo EVP_MD_CTX_test_flags
		169	.Fa "const EVP_MD_CTX *ctx"
		170	.Fa "int flags"
		171	.Fc
148	.Ft int	172	.Ft int
149	.Fo EVP_DigestInit_ex	173	.Fo EVP_DigestInit_ex
150	.Fa "EVP_MD_CTX *ctx"	174	.Fa "EVP_MD_CTX *ctx"
@@ -210,21 +234,38 @@
210	.Fo EVP_MD_block_size	234	.Fo EVP_MD_block_size
211	.Fa "const EVP_MD *md"	235	.Fa "const EVP_MD *md"
212	.Fc	236	.Fc
		237	.Ft unsigned long
		238	.Fo EVP_MD_flags
		239	.Fa "const EVP_MD *md"
		240	.Fc
213	.Ft const EVP_MD *	241	.Ft const EVP_MD *
214	.Fo EVP_MD_CTX_md	242	.Fo EVP_MD_CTX_md
215	.Fa "const EVP_MD_CTX *ctx"	243	.Fa "const EVP_MD_CTX *ctx"
216	.Fc	244	.Fc
217	.Ft int	245	.Ft int
218	.Fo EVP_MD_CTX_size	246	.Fo EVP_MD_CTX_size
219	.Fa "const EVP_MD *ctx"	247	.Fa "const EVP_MD_CTX *ctx"
220	.Fc	248	.Fc
221	.Ft int	249	.Ft int
222	.Fo EVP_MD_CTX_block_size	250	.Fo EVP_MD_CTX_block_size
223	.Fa "const EVP_MD *ctx"	251	.Fa "const EVP_MD_CTX *ctx"
224	.Fc	252	.Fc
225	.Ft int	253	.Ft int
226	.Fo EVP_MD_CTX_type	254	.Fo EVP_MD_CTX_type
227	.Fa "const EVP_MD *ctx"	255	.Fa "const EVP_MD_CTX *ctx"
		256	.Fc
		257	.Ft void *
		258	.Fo EVP_MD_CTX_md_data
		259	.Fa "const EVP_MD_CTX *ctx"
		260	.Fc
		261	.Ft EVP_PKEY_CTX *
		262	.Fo EVP_MD_CTX_pkey_ctx
		263	.Fa "const EVP_MD_CTX *ctx"
		264	.Fc
		265	.Ft void
		266	.Fo EVP_MD_CTX_set_pkey_ctx
		267	.Fa "EVP_MD_CTX *ctx"
		268	.Fa "EVP_PKEY_CTX *pctx"
228	.Fc	269	.Fc
229	.Ft const EVP_MD *	270	.Ft const EVP_MD *
230	.Fn EVP_md_null void	271	.Fn EVP_md_null void
@@ -261,7 +302,7 @@
261	.Fa "const ASN1_OBJECT *o"	302	.Fa "const ASN1_OBJECT *o"
262	.Fc	303	.Fc
263	.Sh DESCRIPTION	304	.Sh DESCRIPTION
264	The EVP digest routines are a high level interface to message digests	305	The EVP digest routines are a high-level interface to message digests
265	and should be used instead of the cipher-specific functions.	306	and should be used instead of the cipher-specific functions.
266	.Pp	307	.Pp
267	.Fn EVP_MD_CTX_new	308	.Fn EVP_MD_CTX_new
@@ -300,6 +341,42 @@ respectively.
300	.Fn EVP_MD_CTX_ctrl	341	.Fn EVP_MD_CTX_ctrl
301	performs digest-specific control actions on the context	342	performs digest-specific control actions on the context
302	.Fa ctx .	343	.Fa ctx .
		344	The control command is indicated in
		345	.Fa cmd
		346	and any additional arguments in
		347	.Fa p1
		348	and
		349	.Fa p2 .
		350	.Fn EVP_MD_CTX_ctrl
		351	must be called after
		352	.Fn EVP_DigestInit_ex .
		353	Other restrictions may apply depending on the control type
		354	and digest implementation.
		355	.Pp
		356	If the
		357	.Fa cmd
		358	is
		359	.Dv EVP_MD_CTRL_MICALG ,
		360	the digest Message Integrity Check algorithm string is written to
		361	.Pf * p2 .
		362	This is used when creating S/MIME multipart/signed messages
		363	as specified in RFC 3851.
		364	.Pp
		365	.Fn EVP_MD_CTX_set_flags ,
		366	.Fn EVP_MD_CTX_clear_flags ,
		367	and
		368	.Fn EVP_MD_CTX_test_flags
		369	set, clear and test the following
		370	.Fa ctx
		371	flags:
		372	.Bl -tag -width Ds -offset 2n
		373	.It Dv EVP_MD_CTX_FLAG_NO_INIT
		374	Instruct
		375	.Fn EVP_DigestInit
		376	and similar functions not to initialise the implementation specific data.
		377	.It Dv EVP_MD_CTX_FLAG_ONESHOT
		378	Instruct the digest to optimize for one update only, if possible.
		379	.El
303	.Pp	380	.Pp
304	.Fn EVP_DigestInit_ex	381	.Fn EVP_DigestInit_ex
305	sets up the digest context	382	sets up the digest context
@@ -431,7 +508,8 @@ or an
431	.Vt EVP_MD_CTX	508	.Vt EVP_MD_CTX
432	structure.	509	structure.
433	.Pp	510	.Pp
434	.Fn EVP_MD_type	511	.Fn EVP_MD_type ,
		512	.Fn EVP_MD_pkey_type ,
435	and	513	and
436	.Fn EVP_MD_CTX_type	514	.Fn EVP_MD_CTX_type
437	return the NID of the OBJECT IDENTIFIER representing the given message	515	return the NID of the OBJECT IDENTIFIER representing the given message
@@ -444,6 +522,23 @@ returns
444	.Dv NID_sha1 .	522	.Dv NID_sha1 .
445	This function is normally used when setting ASN.1 OIDs.	523	This function is normally used when setting ASN.1 OIDs.
446	.Pp	524	.Pp
		525	.Fn EVP_MD_CTX_md_data
		526	returns the digest method private data of
		527	.Fa ctx .
		528	The space was allocated and its size set with
		529	.Xr EVP_MD_meth_set_app_datasize 3 .
		530	.Pp
		531	.Fn EVP_MD_flags
		532	returns the
		533	.Fa md
		534	flags.
		535	These are different from the
		536	.Vt EVP_MD_CTX
		537	ones.
		538	See
		539	.Xr EVP_MD_meth_set_flags 3
		540	for more information.
		541	.Pp
447	.Fn EVP_MD_pkey_type	542	.Fn EVP_MD_pkey_type
448	returns the NID of the public key signing algorithm associated with this	543	returns the NID of the public key signing algorithm associated with this
449	digest.	544	digest.
@@ -454,6 +549,40 @@ is associated with RSA so this will return
454	Since digests and signature algorithms are no longer linked, this	549	Since digests and signature algorithms are no longer linked, this
455	function is only retained for compatibility reasons.	550	function is only retained for compatibility reasons.
456	.Pp	551	.Pp
		552	.Fn EVP_MD_CTX_pkey_ctx
		553	returns the
		554	.Vt EVP_PKEY_CTX
		555	assigned to
		556	.Fa ctx .
		557	The returned pointer should not be freed by the caller.
		558	.Pp
		559	.Fn EVP_MD_CTX_set_pkey_ctx
		560	assigns
		561	.Fa pctx
		562	to
		563	.Fa ctx .
		564	This is usually used to provide a customized
		565	.Vt EVP_PKEY_CTX
		566	to
		567	.Xr EVP_DigestSignInit 3
		568	or
		569	.Xr EVP_DigestVerifyInit 3 .
		570	The
		571	.Fa pctx
		572	passed to this function should be freed by the caller.
		573	A
		574	.Dv NULL
		575	.Fa pctx
		576	pointer is also allowed to clear the
		577	.Vt EVP_PKEY_CTX
		578	assigned to
		579	.Fa ctx .
		580	In this case, freeing the cleared
		581	.Vt EVP_PKEY_CTX
		582	or not depends on how the
		583	.Vt EVP_PKEY_CTX
		584	was created.
		585	.Pp
457	.Fn EVP_md5 ,	586	.Fn EVP_md5 ,
458	.Fn EVP_sha1 ,	587	.Fn EVP_sha1 ,
459	.Fn EVP_sha224 ,	588	.Fn EVP_sha224 ,
@@ -502,7 +631,7 @@ and
502	are implemented as macros.	631	are implemented as macros.
503	.Pp	632	.Pp
504	The EVP interface to message digests should almost always be used	633	The EVP interface to message digests should almost always be used
505	in preference to the low level interfaces.	634	in preference to the low-level interfaces.
506	This is because the code then becomes transparent to the digest used and	635	This is because the code then becomes transparent to the digest used and
507	much more flexible.	636	much more flexible.
508	.Pp	637	.Pp
@@ -610,6 +739,7 @@ This example digests the data "Test Message\en" and "Hello World\en",
610	using the digest name passed on the command line.	739	using the digest name passed on the command line.
611	.Bd -literal -offset indent	740	.Bd -literal -offset indent
612	#include <stdio.h>	741	#include <stdio.h>
		742	#include <string.h>
613	#include <openssl/evp.h>	743	#include <openssl/evp.h>
614		744
615	int	745	int
@@ -620,7 +750,7 @@ main(int argc, char *argv[])
620	const char mess1[] = "Test Message\en";	750	const char mess1[] = "Test Message\en";
621	const char mess2[] = "Hello World\en";	751	const char mess2[] = "Hello World\en";
622	unsigned char md_value[EVP_MAX_MD_SIZE];	752	unsigned char md_value[EVP_MAX_MD_SIZE];
623	int md_len, i;	753	unsigned int md_len, i;
624		754
625	if (argc <= 1) {	755	if (argc <= 1) {
626	printf("Usage: mdtest digestname\en");	756	printf("Usage: mdtest digestname\en");
@@ -655,6 +785,7 @@ main(int argc, char *argv[])
655	.Xr EVP_BytesToKey 3 ,	785	.Xr EVP_BytesToKey 3 ,
656	.Xr EVP_DigestSignInit 3 ,	786	.Xr EVP_DigestSignInit 3 ,
657	.Xr EVP_DigestVerifyInit 3 ,	787	.Xr EVP_DigestVerifyInit 3 ,
		788	.Xr EVP_MD_meth_new 3 ,
658	.Xr EVP_PKEY_CTX_set_signature_md 3 ,	789	.Xr EVP_PKEY_CTX_set_signature_md 3 ,
659	.Xr EVP_PKEY_meth_set_signctx 3 ,	790	.Xr EVP_PKEY_meth_set_signctx 3 ,
660	.Xr EVP_SignInit 3 ,	791	.Xr EVP_SignInit 3 ,
@@ -750,6 +881,10 @@ and
750	first appeared in OpenSSL 1.1.0 and have been available since	881	first appeared in OpenSSL 1.1.0 and have been available since
751	.Ox 6.3 .	882	.Ox 6.3 .
752	.Pp	883	.Pp
		884	.Fn EVP_MD_CTX_set_pkey_ctx
		885	first appeared in OpenSSL 1.1.1 and has been available since
		886	.Ox 7.1 .
		887	.Pp
753	The link between digests and signing algorithms was fixed in OpenSSL 1.0	888	The link between digests and signing algorithms was fixed in OpenSSL 1.0
754	and later, so now	889	and later, so now
755	.Fn EVP_sha1	890	.Fn EVP_sha1