Difference between revisions of "EVP Message Digests"

Latest revision as of 01:51, 12 January 2022

Message Digests
Documentation
`#include <openssl/evp.h>`

A Message Digest or Hash Function takes any arbitrary message (with any content or length) as an input and provides a fixed size hash value as a result. Specifically the function exhibits the following properties:

It is simple to create a hash value for any given message
It is computationally infeasible to calculate a message from any given hash (i.e. the function is one-way)
It is infeasible to modify a message without also modifying the hash value
It is infeasible to find two messages that result in the same hash

The OpenSSL library supports a wide number of different hash functions including the popular Category:SHA-2 set of hash functions (i.e. SHA-224, SHA-256, SHA-384 and SHA-512).

An Example use of a Hash Function[edit]

Using an OpenSSL message digest/hash function, consists of the following steps:

Create a Message Digest context
Initialise the context by identifying the algorithm to be used (built-in algorithms are defined in evp.h)
Provide the message whose digest needs to be calculated. Messages can be divided into sections and provided over a number of calls to the library if necessary
Caclulate the digest
Clean up the context if no longer required

Message digest algorithms are identified using an EVP_MD object. These are built-in to the library and obtained through appropriate library calls (e.g. such as EVP_sha256() or EVP_sha512()).

void digest_message(const unsigned char *message, size_t message_len, unsigned char **digest, unsigned int *digest_len)
{
	EVP_MD_CTX *mdctx;

	if((mdctx = EVP_MD_CTX_new()) == NULL)
		handleErrors();

	if(1 != EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL))
		handleErrors();

	if(1 != EVP_DigestUpdate(mdctx, message, message_len))
		handleErrors();

	if((*digest = (unsigned char *)OPENSSL_malloc(EVP_MD_size(EVP_sha256()))) == NULL)
		handleErrors();

	if(1 != EVP_DigestFinal_ex(mdctx, *digest, digest_len))
		handleErrors();

	EVP_MD_CTX_free(mdctx);
}

If you need to support both OpenSSL 1.0.x and OpenSSL 1.1.x, then use a define for EVP_MD_CTX_new and EVP_MD_CTX_free as shown below.

#if OPENSSL_VERSION_NUMBER < 0x10100000L
#  define EVP_MD_CTX_new   EVP_MD_CTX_create
#  define EVP_MD_CTX_free  EVP_MD_CTX_destroy
#endif

Refer to the OpenSSL manual page for further details Manual:EVP_DigestInit(3)

@@ Line 1: / Line 1: @@
+{{DocInclude
+|Name=Message Digests
+|Url=http://wiki.openssl.org/index.php/Manual:Evp(3)
+|Include=evp.h}}
 A Message Digest or Hash Function takes any arbitrary message (with any content or length) as an input and provides a fixed size hash value as a result. Specifically the function exhibits the following properties:
 * It is simple to create a hash value for any given message
@@ Line 23: / Line 28: @@
 	EVP_MD_CTX *mdctx;
-	if((mdctx = EVP_MD_CTX_create()) == NULL)
+	if((mdctx = EVP_MD_CTX_new()) == NULL)
 		handleErrors();
@@ Line 38: / Line 43: @@
 		handleErrors();
-	EVP_MD_CTX_destroy(mdctx);
+	EVP_MD_CTX_free(mdctx);
 }
+</pre>
+If you need to support both OpenSSL 1.0.x and OpenSSL 1.1.x, then use a <tt>define</tt> for <tt>EVP_MD_CTX_new</tt> and <tt>EVP_MD_CTX_free</tt> as shown below.
+<pre>#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#  define EVP_MD_CTX_new   EVP_MD_CTX_create
+#  define EVP_MD_CTX_free  EVP_MD_CTX_destroy
+#endif
 </pre>
@@ Line 47: / Line 60: @@
 * [[EVP]]
 * [[Libcrypto API]]
+* [[EVP Symmetric Encryption and Decryption]]
+* [[EVP Authenticated Encryption and Decryption]]
+* [[EVP Asymmetric Encryption and Decryption of an Envelope]]
+* [[EVP Key Agreement]]
+* [[EVP Key and Parameter Generation]]
 [[Category:Crypto API]]
 [[Category:C level]]
 [[Category:Examples]]

Difference between revisions of "EVP Message Digests"

Latest revision as of 01:51, 12 January 2022

An Example use of a Hash Function[edit]

See also[edit]

Navigation menu

Page actions

Page actions

Personal tools

Navigation

Search

Tools