=head1 NAME
-dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md4, md5 - message digests
+dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md4, md5, blake2b, blake2s - message digests
=head1 SYNOPSIS
-B<openssl> B<dgst>
-[B<-sha|-sha1|-mdc2|-ripemd160|-sha224|-sha256|-sha384|-sha512|-md4|-md5>]
+B<openssl> B<dgst>
+[B<-help>]
+[B<-I<digest>>]
[B<-c>]
[B<-d>]
[B<-hex>]
[B<-binary>]
[B<-r>]
-[B<-non-fips-allow>]
[B<-out filename>]
[B<-sign filename>]
[B<-keyform arg>]
[B<-prverify filename>]
[B<-signature filename>]
[B<-hmac key>]
-[B<-non-fips-allow>]
[B<-fips-fingerprint>]
+[B<-engine id>]
+[B<-engine_impl>]
[B<file...>]
B<openssl>
The generic name, B<dgst>, may be used with an option specifying the
algorithm to be used.
The default digest is I<sha256>.
-The digest name may also be used as the command name.
-To see the list of supported algorithms, use the <Ilist --digest-commands>
+A supported I<digest> name may also be used as the command name.
+To see the list of supported algorithms, use the I<list --digest-commands>
command.
=head1 OPTIONS
=over 4
+=item B<-help>
+
+Print out a usage message.
+
+=item B<-I<digest>>
+
+Specifies name of a supported digest to be used. To see the list of
+supported digests, use the command I<list --digest-commands>.
+
=item B<-c>
print out the digest in two digit groups separated by colons, only relevant if
output the digest in the "coreutils" format used by programs like B<sha1sum>.
-=item B<-non-fips-allow>
-
-Allow use of non FIPS digest when in FIPS mode. This has no effect when not in
-FIPS mode.
-
=item B<-out filename>
filename to output to, or standard output by default.
Specifies the key format to sign digest with. The DER, PEM, P12,
and ENGINE formats are supported.
-=item B<-engine id>
-
-Use engine B<id> for operations (including private key storage).
-This engine is not used as source for digest algorithms, unless it is
-also specified in the configuration file.
-
=item B<-sigopt nm:v>
Pass options to the signature algorithm during sign or verify operations.
=item B<-verify filename>
-verify the signature using the the public key in "filename".
+verify the signature using the public key in "filename".
The output is either "Verification OK" or "Verification Failure".
=item B<-prverify filename>
-verify the signature using the the private key in "filename".
+verify the signature using the private key in "filename".
=item B<-signature filename>
a file or files containing random data used to seed the random number
generator, or an EGD socket (see L<RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
+Multiple files can be specified separated by an OS-dependent character.
The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<-non-fips-allow>
-
-enable use of non-FIPS algorithms such as MD5 even in FIPS mode.
+all others.
=item B<-fips-fingerprint>
compute HMAC using a specific key
for certain OpenSSL-FIPS operations.
+=item B<-engine id>
+
+Use engine B<id> for operations (including private key storage).
+This engine is not used as source for digest algorithms, unless it is
+also specified in the configuration file or B<-engine_impl> is also
+specified.
+
+=item B<-engine_impl>
+
+When used with the B<-engine> option, it specifies to also use
+engine B<id> for digest operations.
+
=item B<file...>
file or files to digest. If no files are specified then standard input is
=head1 HISTORY
-The default digest was changed from MD5 to SHA256 in Openssl 1.1.
+The default digest was changed from MD5 to SHA256 in OpenSSL 1.1.0
+The FIPS-related options were removed in OpenSSL 1.1.0
+
+=head1 COPYRIGHT
+
+Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
=cut
projects / oweals / openssl.git / blobdiff