NAME
EVP_sha1, EVP_md5,
EVP_md5_sha1, EVP_md4
— legacy message digest
algorithms
SYNOPSIS
#include
<openssl/evp.h>
const EVP_MD *
EVP_sha1(void);
const EVP_MD *
EVP_md5(void);
const EVP_MD *
EVP_md5_sha1(void);
const EVP_MD *
EVP_md4(void);
DESCRIPTION
The following message digest algorithms are cryptographically broken. None of them should be used in new code unless there is no way around it.
EVP_sha1()
implements the SHA-1 algorithm and produces 160 bits of output from a given
input. Examples of protocols and software still requiring it include OCSP,
DNS, and the
git version
control system.
EVP_md5()
implements the MD5 algorithm and produces 128 bits of output from a given
input. It is still occasionally used when no security is required but a fast
hash algorithm is beneficial.
EVP_md5_sha1()
produces concatenated MD5 and SHA-1 message digests. Do not use this except
where it is required for the historic SSLv3 protocol.
EVP_md4()
implements the MD4 algorithm and produces 128 bits of output from a given
input. It has been marked as “historic” by the Internet
Engineering Task Force since 2011.
RETURN VALUES
These functions return pointers to static EVP_MD objects implementing the hash functions.
SEE ALSO
STANDARDS
T. Polk, L. Chen, S. Turner, and P. Hoffman, Security Considerations for the SHA-0 and SHA-1 Message-Digest Algorithms, RFC 6194, March 2011.
S. Turner and L. Chen, Updated Security Considerations for the MD5 Message-Digest and the HMAC-MD5 Algorithms, RFC 6151, March 2011.
S. Turner and L. Chen, MD4 to Historic Status, RFC 6150, March 2011.
P. Kocher, P. Karlton, and A. Freier, The Secure Sockets Layer (SSL) Protocol Version 3.0, RFC 6101, August 2011.
HISTORY
EVP_sha1() and
EVP_md5() first appeared in SSLeay 0.5.1 and have
been available since OpenBSD 2.4.
EVP_md4() first appeared in OpenSSL 0.9.6
and has been available since OpenBSD 2.9.
EVP_md5_sha1() first appeared in OpenSSL
1.1.0 and has been available since OpenBSD 6.3.