Difference between revisions of "EVP Message Digests"
From OpenSSLWiki
Jump to navigationJump to searchm (Add links to all EVP articles.) |
|||
| Line 28: | Line 28: | ||
EVP_MD_CTX *mdctx; | EVP_MD_CTX *mdctx; | ||
| − | if((mdctx = | + | if((mdctx = EVP_MD_CTX_new()) == NULL) |
handleErrors(); | handleErrors(); | ||
| Line 43: | Line 43: | ||
handleErrors(); | handleErrors(); | ||
| − | + | EVP_MD_CTX_free(mdctx); | |
} | } | ||
</pre> | </pre> | ||
Revision as of 09:15, 27 January 2020
| Documentation |
| #include <openssl/evp.h> |
A Message Digest or Hash Function takes any arbitrary message (with any content or length) as an input and provides a fixed size hash value as a result. Specifically the function exhibits the following properties:
- It is simple to create a hash value for any given message
- It is computationally infeasible to calculate a message from any given hash (i.e. the function is one-way)
- It is infeasible to modify a message without also modifying the hash value
- It is infeasible to find two messages that result in the same hash
The OpenSSL library supports a wide number of different hash functions including the popular Category:SHA-2 set of hash functions (i.e. SHA-224, SHA-256, SHA-384 and SHA-512).
An Example use of a Hash Function
Using an OpenSSL message digest/hash function, consists of the following steps:
- Create a Message Digest context
- Initialise the context by identifying the algorithm to be used (built-in algorithms are defined in
evp.h) - Provide the message whose digest needs to be calculated. Messages can be divided into sections and provided over a number of calls to the library if necessary
- Caclulate the digest
- Clean up the context if no longer required
Message digest algorithms are identified using an EVP_MD object. These are built-in to the library and obtained through appropriate library calls (e.g. such as EVP_sha256() or EVP_sha512()).
void digest_message(const unsigned char *message, size_t message_len, unsigned char **digest, unsigned int *digest_len)
{
EVP_MD_CTX *mdctx;
if((mdctx = EVP_MD_CTX_new()) == NULL)
handleErrors();
if(1 != EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL))
handleErrors();
if(1 != EVP_DigestUpdate(mdctx, message, message_len))
handleErrors();
if((*digest = (unsigned char *)OPENSSL_malloc(EVP_MD_size(EVP_sha256()))) == NULL)
handleErrors();
if(1 != EVP_DigestFinal_ex(mdctx, *digest, digest_len))
handleErrors();
EVP_MD_CTX_free(mdctx);
}
Refer to the OpenSSL manual page for further details Manual:EVP_DigestInit(3)
