SHA256(3) FreeBSD Library Functions Manual SHA256(3)


SHA256_Init, SHA256_Update, SHA256_Final, SHA256_End, SHA256_File, SHA256_FileChunk, SHA256_Datacalculate the FIPS 180-2 ``SHA-256'' message digest


Message Digest (MD4, MD5, etc.) Support Library (libmd, -lmd)


#include < sys/types.h>
#include < sha256.h>

SHA256_Init( SHA256_CTX *context);

SHA256_Update( SHA256_CTX *context, const unsigned char *data, size_t len);

SHA256_Final( unsigned char digest[32], SHA256_CTX *context);

char *
SHA256_End( SHA256_CTX *context, char *buf);

char *
SHA256_File( const char *filename, char *buf);

char *
SHA256_FileChunk( const char *filename, char *buf, off_t offset, off_t length);

char *
SHA256_Data( const unsigned char *data, unsigned int len, char *buf);


The SHA256_ functions calculate a 256-bit cryptographic checksum (digest) for any number of input bytes. A cryptographic checksum is a one-way hash function; that is, it is computationally impractical to find the input corresponding to a particular output. This net result is a “fingerprint” of the input-data, which does not disclose the actual input.

The SHA256_Init(), SHA256_Update(), and SHA256_Final() functions are the core functions. Allocate an SHA256_CTX, initialize it with SHA256_Init(), run over the data with SHA256_Update(), and finally extract the result using SHA256_Final().

SHA256_End() is a wrapper for SHA256_Final() which converts the return value to a 65-character (including the terminating '\0') ASCII string which represents the 256 bits in hexadecimal.

SHA256_File() calculates the digest of a file, and uses SHA256_End() to return the result. If the file cannot be opened, a null pointer is returned. SHA256_FileChunk() is similar to SHA256_File(), but it only calculates the digest over a byte-range of the file specified, starting at offset and spanning length bytes. If the length parameter is specified as 0, or more than the length of the remaining part of the file, SHA256_FileChunk() calculates the digest from offset to the end of file. SHA256_Data() calculates the digest of a chunk of data in memory, and uses SHA256_End() to return the result.

When using SHA256_End(), SHA256_File(), or SHA256_Data(), the buf argument can be a null pointer, in which case the returned string is allocated with malloc(3) and subsequently must be explicitly deallocated using free(3) after use. If the buf argument is non-null it must point to at least 65 characters of buffer space.


These functions appeared in FreeBSD 6.0.


The core hash routines were implemented by Colin Percival based on the published FIPS 180-2 standard.


No method is known to exist which finds two files having the same hash value, nor to find a file with a specific hash value. There is on the other hand no guarantee that such a method does not exist.
March 28, 2014 FreeBSD