1.\" $OpenBSD: EVP_sha1.3,v 1.2 2024/03/05 17:21:40 tb Exp $ 2.\" 3.\" Copyright (c) 2023 Ingo Schwarze <schwarze@openbsd.org> 4.\" 5.\" Permission to use, copy, modify, and distribute this software for any 6.\" purpose with or without fee is hereby granted, provided that the above 7.\" copyright notice and this permission notice appear in all copies. 8.\" 9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16.\" 17.Dd $Mdocdate: March 5 2024 $ 18.Dt EVP_SHA1 3 19.Os 20.Sh NAME 21.Nm EVP_sha1 , 22.Nm EVP_md5 , 23.Nm EVP_md5_sha1 , 24.Nm EVP_md4 25.Nd legacy message digest algorithms 26.Sh SYNOPSIS 27.In openssl/evp.h 28.Ft const EVP_MD * 29.Fn EVP_sha1 void 30.Ft const EVP_MD * 31.Fn EVP_md5 void 32.Ft const EVP_MD * 33.Fn EVP_md5_sha1 void 34.Ft const EVP_MD * 35.Fn EVP_md4 void 36.Sh DESCRIPTION 37The following message digest algorithms are cryptographically broken. 38None of them should be used in new code unless there is no way around it. 39.Pp 40.Fn EVP_sha1 41implements the SHA-1 algorithm and produces 160 bits of output 42from a given input. 43Examples of protocols and software still requiring it 44include OCSP, DNS, and the 45.Sy git 46version control system. 47.Pp 48.Fn EVP_md5 49implements the MD5 algorithm and produces 128 bits of output 50from a given input. 51It is still occasionally used when no security is required 52but a fast hash algorithm is beneficial. 53.Pp 54.Fn EVP_md5_sha1 55produces concatenated MD5 and SHA-1 message digests. 56Do not use this except where it is required for the historic SSLv3 protocol. 57.Pp 58.Fn EVP_md4 59implements the MD4 algorithm and produces 128 bits of output 60from a given input. 61It has been marked as 62.Dq historic 63by the Internet Engineering Task Force since 2011. 64.Sh RETURN VALUES 65These functions return pointers to static 66.Vt EVP_MD 67objects implementing the hash functions. 68.Sh SEE ALSO 69.Xr evp 3 , 70.Xr EVP_DigestInit 3 71.Sh STANDARDS 72.Rs 73.%A T. Polk 74.%A L. Chen 75.%A S. Turner 76.%A P. Hoffman 77.%T Security Considerations for the SHA-0 and SHA-1 Message-Digest Algorithms 78.%R RFC 6194 79.%D March 2011 80.Re 81.Pp 82.Rs 83.%A S. Turner 84.%A L. Chen 85.%T Updated Security Considerations for the MD5 Message-Digest\ 86 and the HMAC-MD5 Algorithms 87.%R RFC 6151 88.%D March 2011 89.Re 90.Pp 91.Rs 92.%A S. Turner 93.%A L. Chen 94.%T MD4 to Historic Status 95.%R RFC 6150 96.%D March 2011 97.Re 98.Pp 99.Rs 100.%A P. Kocher 101.%A P. Karlton 102.%A A. Freier 103.%T The Secure Sockets Layer (SSL) Protocol Version 3.0 104.%R RFC 6101 105.%D August 2011 106.Re 107.Sh HISTORY 108.Fn EVP_sha1 109and 110.Fn EVP_md5 111first appeared in SSLeay 0.5.1 and have been available since 112.Ox 2.4 . 113.Pp 114.Fn EVP_md4 115first appeared in OpenSSL 0.9.6 and has been available since 116.Ox 2.9 . 117.Pp 118.Fn EVP_md5_sha1 119first appeared in OpenSSL 1.1.0 and has been available since 120.Ox 6.3 . 121