Message Digest (-DIGEST)
Use the Message Digest adapter command (-DIGEST) to calculate the message digest for the specified data. The MD5 and SHA1 message digests can be calculated. The syntax is:
-DIGEST
This is an optional command.
The following table illustrates the usage of the -DIGEST adapter command depending on if the -ACTION and -SIGALG commands are specified:
-SIGALG algorithm_id |
-SIGALG not specified |
|
---|---|---|
-ACTION VERIFY_AND_DECRYPT or DECRYPT | The message is first verified (and/or decrypted), and the message digest is calculated for the original data using the algorithm specified with algorithm_id. | The message is first verified (and/or decrypted) and the message digest is calculated for the original data using SHA1 algorithm. |
-ACTION not specified | The message digest is calculated directly for the input data using the algorithm_id algorithm. | The message digest is calculated directly for the input data using SHA1 algorithm. |
-ACTION VERIFY or SIGN or ENCRYPT or SIGN_AND_ENCRYPT | invalid usage | invalid usage |
The -ACTION VERIFY command is not supported because it does not return any data. If no data is returned, there is no information on which to calculate the message digest.
To verify the signature in a signed message and calculate the message digest for the originally signed data, -ACTION VERIFY_AND_DECRYPT or -ACTION DECRYPT should be used in combination with the -DIGEST command.