Document hash functions.

20 files changed, 302 insertions, 22 deletions

diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 5c349bb..23b7c98 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -109,7 +109,7 @@ void HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
 	memcpy(&ctx->md_ctx,&ctx->i_ctx,sizeof(ctx->i_ctx));
 	}
 
-void HMAC_Update(HMAC_CTX *ctx, unsigned char *data, int len)
+void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len)
 	{
 	EVP_DigestUpdate(&(ctx->md_ctx),data,len);
 	}
@@ -134,7 +134,7 @@ void HMAC_cleanup(HMAC_CTX *ctx)
 	}
 
 unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
-		    unsigned char *d, int n, unsigned char *md,
+		    const unsigned char *d, int n, unsigned char *md,
 		    unsigned int *md_len)
 	{
 	HMAC_CTX c;
diff --git a/crypto/hmac/hmac.h b/crypto/hmac/hmac.h
index f928975..223eeda 100644
--- a/crypto/hmac/hmac.h
+++ b/crypto/hmac/hmac.h
@@ -85,11 +85,11 @@ typedef struct hmac_ctx_st
 
 void HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
 	       const EVP_MD *md);
-void HMAC_Update(HMAC_CTX *ctx,unsigned char *key, int len);
+void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
 void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
 void HMAC_cleanup(HMAC_CTX *ctx);
 unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
-		    unsigned char *d, int n, unsigned char *md,
+		    const unsigned char *d, int n, unsigned char *md,
 		    unsigned int *md_len);
 
 
diff --git a/crypto/md2/md2.h b/crypto/md2/md2.h
index 0d35925..582bffb 100644
--- a/crypto/md2/md2.h
+++ b/crypto/md2/md2.h
@@ -81,9 +81,9 @@ typedef struct MD2state_st
 
 const char *MD2_options(void);
 void MD2_Init(MD2_CTX *c);
-void MD2_Update(MD2_CTX *c, register unsigned char *data, unsigned long len);
+void MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len);
 void MD2_Final(unsigned char *md, MD2_CTX *c);
-unsigned char *MD2(unsigned char *d, unsigned long n,unsigned char *md);
+unsigned char *MD2(const unsigned char *d, unsigned long n,unsigned char *md);
 #ifdef  __cplusplus
 }
 #endif
diff --git a/crypto/md2/md2_dgst.c b/crypto/md2/md2_dgst.c
index c7d8d6a..b6c2f15 100644
--- a/crypto/md2/md2_dgst.c
+++ b/crypto/md2/md2_dgst.c
@@ -123,7 +123,7 @@ void MD2_Init(MD2_CTX *c)
 	memset(c->data,0,MD2_BLOCK);
 	}
 
-void MD2_Update(MD2_CTX *c, register unsigned char *data, unsigned long len)
+void MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len)
 	{
 	register UCHAR *p;
 
diff --git a/crypto/md2/md2_one.c b/crypto/md2/md2_one.c
index 7157299..b12c37c 100644
--- a/crypto/md2/md2_one.c
+++ b/crypto/md2/md2_one.c
@@ -63,7 +63,7 @@
 /* This is a separate file so that #defines in cryptlib.h can
  * map my MD functions to different names */
 
-unsigned char *MD2(unsigned char *d, unsigned long n, unsigned char *md)
+unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md)
 	{
 	MD2_CTX c;
 	static unsigned char m[MD2_DIGEST_LENGTH];
diff --git a/crypto/md5/md5.h b/crypto/md5/md5.h
index bdab6d4..d9b7383 100644
--- a/crypto/md5/md5.h
+++ b/crypto/md5/md5.h
@@ -105,7 +105,7 @@ typedef struct MD5state_st
 void MD5_Init(MD5_CTX *c);
 void MD5_Update(MD5_CTX *c, const unsigned char *data, unsigned long len);
 void MD5_Final(unsigned char *md, MD5_CTX *c);
-unsigned char *MD5(unsigned char *d, unsigned long n, unsigned char *md);
+unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md);
 void MD5_Transform(MD5_CTX *c, const unsigned char *b);
 #ifdef  __cplusplus
 }
diff --git a/crypto/md5/md5_one.c b/crypto/md5/md5_one.c
index 4b10e7f..b89dec8 100644
--- a/crypto/md5/md5_one.c
+++ b/crypto/md5/md5_one.c
@@ -64,7 +64,7 @@
 #include <openssl/ebcdic.h>
 #endif
 
-unsigned char *MD5(unsigned char *d, unsigned long n, unsigned char *md)
+unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md)
 	{
 	MD5_CTX c;
 	static unsigned char m[MD5_DIGEST_LENGTH];
diff --git a/crypto/mdc2/mdc2.h b/crypto/mdc2/mdc2.h
index ec8e159..00acd70 100644
--- a/crypto/mdc2/mdc2.h
+++ b/crypto/mdc2/mdc2.h
@@ -82,9 +82,10 @@ typedef struct mdc2_ctx_st
 
 
 void MDC2_Init(MDC2_CTX *c);
-void MDC2_Update(MDC2_CTX *c, unsigned char *data, unsigned long len);
+void MDC2_Update(MDC2_CTX *c, const unsigned char *data, unsigned long len);
 void MDC2_Final(unsigned char *md, MDC2_CTX *c);
-unsigned char *MDC2(unsigned char *d, unsigned long n, unsigned char *md);
+unsigned char *MDC2(const unsigned char *d, unsigned long n,
+	unsigned char *md);
 
 #ifdef  __cplusplus
 }
diff --git a/crypto/mdc2/mdc2_one.c b/crypto/mdc2/mdc2_one.c
index 1c3a093..6cd141b 100644
--- a/crypto/mdc2/mdc2_one.c
+++ b/crypto/mdc2/mdc2_one.c
@@ -60,7 +60,7 @@
 #include "cryptlib.h"
 #include <openssl/mdc2.h>
 
-unsigned char *MDC2(unsigned char *d, unsigned long n, unsigned char *md)
+unsigned char *MDC2(const unsigned char *d, unsigned long n, unsigned char *md)
 	{
 	MDC2_CTX c;
 	static unsigned char m[MDC2_DIGEST_LENGTH];
diff --git a/crypto/mdc2/mdc2dgst.c b/crypto/mdc2/mdc2dgst.c
index aed715c..c630a24 100644
--- a/crypto/mdc2/mdc2dgst.c
+++ b/crypto/mdc2/mdc2dgst.c
@@ -74,7 +74,7 @@
 			*((c)++)=(unsigned char)(((l)>>16L)&0xff), \
 			*((c)++)=(unsigned char)(((l)>>24L)&0xff))
 
-static void mdc2_body(MDC2_CTX *c, unsigned char *in, unsigned int len);
+static void mdc2_body(MDC2_CTX *c, const unsigned char *in, unsigned int len);
 void MDC2_Init(MDC2_CTX *c)
 	{
 	c->num=0;
@@ -83,7 +83,7 @@ void MDC2_Init(MDC2_CTX *c)
 	memset(&(c->hh[0]),0x25,MDC2_BLOCK);
 	}
 
-void MDC2_Update(MDC2_CTX *c, register unsigned char *in, unsigned long len)
+void MDC2_Update(MDC2_CTX *c, const unsigned char *in, unsigned long len)
 	{
 	int i,j;
 
@@ -118,7 +118,7 @@ void MDC2_Update(MDC2_CTX *c, register unsigned char *in, unsigned long len)
 		}
 	}
 
-static void mdc2_body(MDC2_CTX *c, unsigned char *in, unsigned int len)
+static void mdc2_body(MDC2_CTX *c, const unsigned char *in, unsigned int len)
 	{
 	register DES_LONG tin0,tin1;
 	register DES_LONG ttin0,ttin1;
diff --git a/crypto/ripemd/ripemd.h b/crypto/ripemd/ripemd.h
index 4420c13..730bf7a 100644
--- a/crypto/ripemd/ripemd.h
+++ b/crypto/ripemd/ripemd.h
@@ -91,7 +91,8 @@ typedef struct RIPEMD160state_st
 void RIPEMD160_Init(RIPEMD160_CTX *c);
 void RIPEMD160_Update(RIPEMD160_CTX *c, const unsigned char *data, unsigned long len);
 void RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
-unsigned char *RIPEMD160(unsigned char *d, unsigned long n, unsigned char *md);
+unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
+	unsigned char *md);
 void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b);
 #ifdef  __cplusplus
 }
diff --git a/crypto/ripemd/rmd_one.c b/crypto/ripemd/rmd_one.c
index 3d08499..efdf2dd 100644
--- a/crypto/ripemd/rmd_one.c
+++ b/crypto/ripemd/rmd_one.c
@@ -60,7 +60,7 @@
 #include <string.h>
 #include <openssl/ripemd.h>
 
-unsigned char *RIPEMD160(unsigned char *d, unsigned long n,
+unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
 	     unsigned char *md)
 	{
 	RIPEMD160_CTX c;
diff --git a/doc/crypto/DSA_generate_parameters.pod b/doc/crypto/DSA_generate_parameters.pod
index 44c38b9..c6c0ee3 100644
--- a/doc/crypto/DSA_generate_parameters.pod
+++ b/doc/crypto/DSA_generate_parameters.pod
@@ -10,7 +10,7 @@ DSA_generate_parameters - Generate DSA parameters
 
  DSA *DSA_generate_parameters(int bits, unsigned char *seed,
                 int seed_len, int *counter_ret, unsigned long *h_ret,
-		void (*callback)(), void *cb_arg);
+		void (*callback)(int, int, void *), void *cb_arg);
 
 =head1 DESCRIPTION
 
diff --git a/doc/crypto/dsa.pod b/doc/crypto/dsa.pod
index e5ae42f..2c09244 100644
--- a/doc/crypto/dsa.pod
+++ b/doc/crypto/dsa.pod
@@ -15,7 +15,7 @@ dsa - Digital Signature Algorithm
 
  DSA *	DSA_generate_parameters(int bits, unsigned char *seed,
                 int seed_len, int *counter_ret, unsigned long *h_ret,
-		void (*callback)(), void *cb_arg);
+		void (*callback)(int, int, void *), void *cb_arg);
 
  DH *	DSA_dup_DH(DSA *r);
 
diff --git a/doc/crypto/err.pod b/doc/crypto/err.pod
index 6273a62..a74b4ee 100644
--- a/doc/crypto/err.pod
+++ b/doc/crypto/err.pod
@@ -91,7 +91,7 @@ for an appropriate function name, if none is found it just uses
 the capitalized form such as "SSL23_READ" in the above example.
 
 The trailing section of a reason code (after the "_R_") is translated
-into lower case and and underscores changed to spaces.
+into lower case and underscores changed to spaces.
 
 When you are using new function or reason codes, run B<make errors>.
 The necessary B<#define>s will then automatically be added to the
diff --git a/doc/crypto/hmac.pod b/doc/crypto/hmac.pod
new file mode 100644
index 0000000..45b6108
--- /dev/null
+++ b/doc/crypto/hmac.pod
@@ -0,0 +1,75 @@
+=pod
+
+=head1 NAME
+
+HMAC, HMAC_Init, HMAC_Update, HMAC_Final - HMAC message authentication code
+
+=head1 SYNOPSIS
+
+ #include <openssl/hmac.h>
+
+ unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
+               int key_len, const unsigned char *d, int n,
+               unsigned char *md, unsigned int *md_len);
+
+ void HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
+               const EVP_MD *md);
+ void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
+ void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+
+ void HMAC_cleanup(HMAC_CTX *ctx);
+
+=head1 DESCRIPTION
+
+HMAC is a MAC (message authentication code), i.e. a keyed hash
+function used for message authentication, which is based on a hash
+function.
+
+HMAC() computes the message authentication code of the B<n> bytes at
+B<d> using the hash function B<evp_md> and the key B<key> which is
+B<key_len> bytes long.
+
+It places the result in B<md> (which must have space for the output of
+the hash function, which is no more than B<EVP_MAX_MD_SIZE> bytes).
+If B<md> is NULL, the digest is placed in a static array.  The size of
+the output is placed in B<md_len>, unless it is B<NULL>.
+
+B<evp_md> can be EVP_sha1(), EVP_ripemd160() etc.
+B<key> and B<evp_md> may be B<NULL> if a key and hash function have
+been set in a previous call to HMAC_Init() for that B<HMAC_CTX>.
+
+HMAC_cleanup() erases the key and other data from the B<HMAC_CTX>.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+HMAC_Init() initializes a B<HMAC_CTX> structure to use the hash
+function B<evp_md> and the key B<key> which is B<key_len> bytes long.
+
+HMAC_Update() can be called repeatedly with chunks of the message to
+be authenticated (B<len> bytes at B<data>).
+
+HMAC_Final() places the message authentication code in B<md>, which
+must have space for the hash function output.
+
+=head1 RETURN VALUES
+
+HMAC() returns a pointer to the message authentication code.
+
+HMAC_Init(), HMAC_Update(), HMAC_Final() and HMAC_cleanup() do not
+return values.
+
+=head1 CONFORMING TO
+
+RFC 2104
+
+=head1 SEE ALSO
+
+L<sha(3)|sha(3)>, L<evp(3)|evp(3)>
+
+=head1 HISTORY
+
+HMAC(), HMAC_Init(), HMAC_Update(), HMAC_Final() and HMAC_cleanup()
+are available since SSLeay 0.9.0.
+
+=cut
diff --git a/doc/crypto/md5.pod b/doc/crypto/md5.pod
new file mode 100644
index 0000000..8993004
--- /dev/null
+++ b/doc/crypto/md5.pod
@@ -0,0 +1,81 @@
+=pod
+
+=head1 NAME
+
+MD2, MD5, MD2_Init, MD2_Update, MD2_Final, MD5_Init, MD5_Update,
+MD5_Final - MD2 and MD5 hash functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/md2.h>
+
+ unsigned char *MD2(const unsigned char *d, unsigned long n,
+                  unsigned char *md);
+
+ void MD2_Init(MD2_CTX *c);
+ void MD2_Update(MD2_CTX *c, const unsigned char *data,
+                  unsigned long len);
+ void MD2_Final(unsigned char *md, MD2_CTX *c);
+
+
+ #include <openssl/md5.h>
+
+ unsigned char *MD5(const unsigned char *d, unsigned long n,
+                  unsigned char *md);
+
+ void MD5_Init(MD5_CTX *c);
+ void MD5_Update(MD5_CTX *c, const unsigned char *data,
+                  unsigned long len);
+ void MD5_Final(unsigned char *md, MD5_CTX *c);
+
+=head1 DESCRIPTION
+
+MD2 and MD5 are cryptographic hashs function with a 128 bit output.
+
+MD2() and MD5() compute the MD2 and MD5 message digest of the B<n>
+bytes at B<d> and place it in B<md> (which must have space for
+MD2_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16 bytes of output). If
+B<md> is NULL, the digest is placed in a static array.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+MD2_Init() initializes a B<MD2_CTX> structure.
+
+MD2_Update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+MD2_Final() places the message digest in B<md>, which must have space
+for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the B<MD2_CTX>.
+
+MD5_Init(), MD5_Update() and MD5_Final() are analogous using an
+B<MD5_CTX> structure.
+
+=head1 NOTE
+
+MD2 and MD5 are recommended only for compatibility with existing
+applications. In new applications, SHA-1 or RIPEMD-160 should be
+preferred.
+
+=head1 RETURN VALUES
+
+MD2() and MD5() return pointers to the hash value. 
+
+MD2_Init(), MD2_Update() MD2_Final(), MD5_Init(), MD5_Update() and
+MD5_Final() do not return values.
+
+=head1 CONFORMING TO
+
+RFC 1319, RFC 1321
+
+=head1 SEE ALSO
+
+L<sha(3)|sha(3)>, L<ripemd(3)|ripemd(3)>
+
+=head1 HISTORY
+
+MD2(), MD2_Init(), MD2_Update() MD2_Final(), MD5(), MD5_Init(),
+MD5_Update() and MD5_Final() are available in all versions of SSLeay
+and OpenSSL.
+
+=cut
diff --git a/doc/crypto/mdc2.pod b/doc/crypto/mdc2.pod
new file mode 100644
index 0000000..1deeb7f
--- /dev/null
+++ b/doc/crypto/mdc2.pod
@@ -0,0 +1,60 @@
+=pod
+
+=head1 NAME
+
+MDC2, MDC2_Init, MDC2_Update, MDC2_Final - MDC2 hash function
+
+=head1 SYNOPSIS
+
+ #include <openssl/mdc2.h>
+
+ unsigned char *MDC2(const unsigned char *d, unsigned long n,
+                  unsigned char *md);
+
+ void MDC2_Init(MDC2_CTX *c);
+ void MDC2_Update(MDC2_CTX *c, const unsigned char *data,
+                  unsigned long len);
+ void MDC2_Final(unsigned char *md, MDC2_CTX *c);
+
+=head1 DESCRIPTION
+
+MDC2 is a method to construct hash functions with 128 bit output from
+block ciphers.  These functions are an implementation of MDC2 with
+DES.
+
+MDC2() computes the MDC2 message digest of the B<n>
+bytes at B<d> and places it in B<md> (which must have space for
+MDC2_DIGEST_LENGTH == 16 bytes of output). If B<md> is NULL, the digest
+is placed in a static array.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+MDC2_Init() initializes a B<MDC2_CTX> structure.
+
+MDC2_Update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+MDC2_Final() places the message digest in B<md>, which must have space
+for MDC2_DIGEST_LENGTH == 16 bytes of output, and erases the B<MDC2_CTX>.
+
+=head1 RETURN VALUES
+
+MDC2() returns a pointer to the hash value. 
+
+MDC2_Init(), MDC2_Update() and MDC2_Final() do not return values.
+
+=head1 CONFORMING TO
+
+ISO/IEC 10118-2, with DES
+
+=head1 SEE ALSO
+
+L<sha(3)|sha(3)>
+
+=head1 HISTORY
+
+MDC2(), MDC2_Init(), MDC2_Update() and MDC2_Final() are available since
+SSLeay 0.8.
+
+=cut
diff --git a/doc/crypto/ripemd.pod b/doc/crypto/ripemd.pod
new file mode 100644
index 0000000..4a6a7e1
--- /dev/null
+++ b/doc/crypto/ripemd.pod
@@ -0,0 +1,62 @@
+=pod
+
+=head1 NAME
+
+RIPEMD160, RIPEMD160_Init, RIPEMD160_Update, RIPEMD160_Final -
+RIPEMD-160 hash function
+
+=head1 SYNOPSIS
+
+ #include <openssl/ripemd.h>
+
+ unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
+                  unsigned char *md);
+
+ void RIPEMD160_Init(RIPEMD160_CTX *c);
+ void RIPEMD160_Update(RIPEMD_CTX *c, const unsigned char *data,
+                  unsigned long len);
+ void RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
+
+=head1 DESCRIPTION
+
+RIPEMD-160 is a cryptographic hash function with a
+160 bit output.
+
+RIPEMD160() computes the RIPEMD-160 message digest of the B<n>
+bytes at B<d> and places it in B<md> (which must have space for
+RIPEMD160_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
+is placed in a static array.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+RIPEMD160_Init() initializes a B<RIPEMD160_CTX> structure.
+
+RIPEMD160_Update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+RIPEMD160_Final() places the message digest in B<md>, which must have
+space for RIPEMD160_DIGEST_LENGTH == 20 bytes of output, and erases
+the B<RIPEMD160_CTX>.
+
+=head1 RETURN VALUES
+
+RIPEMD160() returns a pointer to the hash value. 
+
+RIPEMD160_Init(), RIPEMD160_Update() and RIPEMD160_Final() do not
+return values.
+
+=head1 CONFORMING TO
+
+ISO/IEC 10118-3 (draft) (??)
+
+=head1 SEE ALSO
+
+L<sha(3)|sha(3)>, L<hmac(3)|hmac(3)>
+
+=head1 HISTORY
+
+RIPEMD160(), RIPEMD160_Init(), RIPEMD160_Update() and
+RIPEMD160_Final() are available since SSLeay 0.9.0.
+
+=cut
diff --git a/doc/crypto/sha.pod b/doc/crypto/sha.pod
index defc442..39ceb5c 100644
--- a/doc/crypto/sha.pod
+++ b/doc/crypto/sha.pod
@@ -56,7 +56,7 @@ ANSI X9.30
 
 =head1 SEE ALSO
 
-L<ripemd(3)|ripemd(3)>
+L<ripemd(3)|ripemd(3)>, L<hmac(3)|hmac(3)>
 
 =head1 HISTORY