| SHA2(3) | Library Functions Manual | SHA2(3) | 
SHA224_Init, SHA224_Update,
  SHA224_Final,
  SHA224_Transform, SHA224_End,
  SHA224_File, SHA224_FileChunk,
  SHA224_Data, SHA256_Init,
  SHA256_Update, SHA256_Final,
  SHA256_Transform, SHA256_End,
  SHA256_File, SHA256_FileChunk,
  SHA256_Data, SHA384_Init,
  SHA384_Update, SHA384_Final,
  SHA384_Transform, SHA384_End,
  SHA384_File, SHA384_FileChunk,
  SHA384_Data, SHA512_Init,
  SHA512_Update, SHA512_Final,
  SHA512_Transform, SHA512_End,
  SHA512_File, SHA512_FileChunk,
  SHA512_Data —
#include <sys/types.h>
#include <sha2.h>
void
  
  SHA224_Init(SHA224_CTX
    *context);
void
  
  SHA224_Update(SHA224_CTX
    *context, const uint8_t
    *data, size_t
  len);
void
  
  SHA224_Final(uint8_t
    digest[SHA224_DIGEST_LENGTH],
    SHA224_CTX *context);
void
  
  SHA224_Transform(uint32_t
    state[8], const uint8_t
    buffer[SHA224_BLOCK_LENGTH]);
char *
  
  SHA224_End(SHA224_CTX
    *context, char
    *buf);
char *
  
  SHA224_File(const
    char *filename, char
    *buf);
char *
  
  SHA224_FileChunk(const
    char *filename, char
    *buf, off_t offset,
    off_t length);
char *
  
  SHA224_Data(uint8_t
    *data, size_t len,
    char *buf);
void
  
  SHA256_Init(SHA256_CTX
    *context);
void
  
  SHA256_Update(SHA256_CTX
    *context, const uint8_t
    *data, size_t
  len);
void
  
  SHA256_Final(uint8_t
    digest[SHA256_DIGEST_LENGTH],
    SHA256_CTX *context);
void
  
  SHA256_Transform(uint32_t
    state[8], const uint8_t
    buffer[SHA256_BLOCK_LENGTH]);
char *
  
  SHA256_End(SHA256_CTX
    *context, char
    *buf);
char *
  
  SHA256_File(const
    char *filename, char
    *buf);
char *
  
  SHA256_FileChunk(const
    char *filename, char
    *buf, off_t offset,
    off_t length);
char *
  
  SHA256_Data(uint8_t
    *data, size_t len,
    char *buf);
void
  
  SHA384_Init(SHA384_CTX
    *context);
void
  
  SHA384_Update(SHA384_CTX
    *context, const uint8_t
    *data, size_t
  len);
void
  
  SHA384_Final(uint8_t
    digest[SHA384_DIGEST_LENGTH],
    SHA384_CTX *context);
void
  
  SHA384_Transform(uint64_t
    state[8], const uint8_t
    buffer[SHA384_BLOCK_LENGTH]);
char *
  
  SHA384_End(SHA384_CTX
    *context, char
    *buf);
char *
  
  SHA384_File(char
    *filename, char
    *buf);
char *
  
  SHA384_FileChunk(char
    *filename, char
    *buf, off_t offset,
    off_t length);
char *
  
  SHA384_Data(uint8_t
    *data, size_t len,
    char *buf);
void
  
  SHA512_Init(SHA512_CTX
    *context);
void
  
  SHA512_Update(SHA512_CTX
    *context, const uint8_t
    *data, size_t
  len);
void
  
  SHA512_Final(uint8_t
    digest[SHA512_DIGEST_LENGTH],
    SHA512_CTX *context);
void
  
  SHA512_Transform(uint64_t
    state[8], const uint8_t
    buffer[SHA512_BLOCK_LENGTH]);
char *
  
  SHA512_End(SHA512_CTX
    *context, char
    *buf);
char *
  
  SHA512_File(char
    *filename, char
    *buf);
char *
  
  SHA512_FileChunk(char
    *filename, char
    *buf, off_t offset,
    off_t length);
char *
  
  SHA512_Data(uint8_t
    *data, size_t len,
    char *buf);
The SHA2 functions are considered to be more secure than the sha1(3) functions with which they share a similar interface. The 224, 256, 384, and 512-bit versions of SHA2 share the same interface. For brevity, only the 256-bit variants are described below.
The SHA256_Init() function initializes a
    SHA256_CTX context for use with
    SHA256_Update(), and
    SHA256_Final(). The
    SHA256_Update() function adds
    data of length len to the
    SHA256_CTX specified by context.
    SHA256_Final() is called when all data has been
    added via SHA256_Update() and stores a message
    digest in the digest parameter.
The SHA256_Transform() function is used by
    SHA256_Update() to hash 512-bit blocks and forms the
    core of the algorithm. Most programs should use the interface provided by
    SHA256_Init(),
    SHA256_Update(), and
    SHA256_Final() instead of calling
    SHA256_Transform() directly.
The SHA256_End() function is a front end
    for SHA256_Final() which converts the digest into an
    ASCII representation of the digest in hexadecimal.
The SHA256_File() function calculates the
    digest for a file and returns the result via
    SHA256_End(). If
    SHA256_File() is unable to open the file, a
    NULL pointer is returned.
SHA256_FileChunk() behaves like
    SHA256_File() but calculates the digest only for
    that portion of the file starting at offset and
    continuing for length bytes or until end of file is
    reached, whichever comes first. A zero length can be
    specified to read until end of file. A negative length
    or offset will be ignored.
The SHA256_Data() function calculates the
    digest of an arbitrary string and returns the result via
    SHA256_End().
For each of the SHA256_End(),
    SHA256_File(),
    SHA256_FileChunk(), and
    SHA256_Data() functions the
    buf parameter should either be a string large enough
    to hold the resulting digest (e.g.,
    SHA224_DIGEST_STRING_LENGTH,
    SHA256_DIGEST_STRING_LENGTH,
    SHA384_DIGEST_STRING_LENGTH, or
    SHA512_DIGEST_STRING_LENGTH, depending on the
    function being used) or a NULL pointer. In the
    latter case, space will be dynamically allocated via
    malloc(3) and should be freed
    using free(3) when it is no
    longer needed.
SHA256_CTX ctx;
uint8_t results[SHA256_DIGEST_LENGTH];
char *buf;
int n;
buf = "abc";
n = strlen(buf);
SHA256_Init(&ctx);
SHA256_Update(&ctx, (uint8_t *)buf, n);
SHA256_Final(results, &ctx);
/* Print the digest as one long hex value */
printf("0x");
for (n = 0; n < SHA256_DIGEST_LENGTH; n++)
	printf("%02x", results[n]);
putchar('\n');
Alternately, the helper functions could be used in the following way:
SHA256_CTX ctx;
uint8_t output[SHA256_DIGEST_STRING_LENGTH];
char *buf = "abc";
printf("0x%s\n", SHA256_Data(buf, strlen(buf), output));
Secure Hash Standard, FIPS PUB 180-2.
The SHA256_End(),
    SHA256_File(),
    SHA256_FileChunk(), and
    SHA256_Data() helper functions are derived from code
    written by Poul-Henning Kamp.
If a message digest is to be copied to a multi-byte type (i.e.: an array of five 32-bit integers) it will be necessary to perform byte swapping on little endian machines such as the i386, alpha, and vax.
| October 9, 2018 | NetBSD 9.4 |