1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
The Message Digest subroutines.
These routines require "evp.h" to be included.
These functions are a higher level interface to the various message digest
routines found in this library. As such, they allow the same code to be
used to digest via different algorithms with only a change in an initial
parameter. They are basically just a front-end to the MD2, MD5, SHA
and SHA1
routines.
These routines all take a pointer to the following structure to specify
which message digest algorithm to use.
typedef struct evp_md_st
{
int type;
int pkey_type;
int md_size;
void (*init)();
void (*update)();
void (*final)();
int required_pkey_type; /*EVP_PKEY_xxx */
int (*sign)();
int (*verify)();
} EVP_MD;
If additional message digest algorithms are to be supported, a structure of
this type needs to be declared and populated and then the Digest routines
can be used with that algorithm. The type field is the object NID of the
digest type (read the section on Objects for an explanation). The pkey_type
is the Object type to use when the a message digest is generated by there
routines and then is to be signed with the pkey algorithm. Md_size is
the size of the message digest returned. Init, update
and final are the relevant functions to perform the message digest function
by parts. One reason for specifying the message digest to use via this
mechanism is that if you only use md5, only the md5 routines will
be included in you linked program. If you passed an integer
that specified which message digest to use, the routine that mapped that
integer to a set of message digest functions would cause all the message
digests functions to be link into the code. This setup also allows new
message digest functions to be added by the application.
The six message digests defined in this library are
EVP_MD *EVP_md2(void); /* RSA sign/verify */
EVP_MD *EVP_md5(void); /* RSA sign/verify */
EVP_MD *EVP_sha(void); /* RSA sign/verify */
EVP_MD *EVP_sha1(void); /* RSA sign/verify */
EVP_MD *EVP_dss(void); /* DSA sign/verify */
EVP_MD *EVP_dss1(void); /* DSA sign/verify */
All the message digest routines take a EVP_MD_CTX pointer as an argument.
The state of the message digest is kept in this structure.
typedef struct pem_md_ctx_st
{
EVP_MD *digest;
union {
unsigned char base[4]; /* this is used in my library as a
* 'pointer' to all union elements
* structures. */
MD2_CTX md2;
MD5_CTX md5;
SHA_CTX sha;
} md;
} EVP_MD_CTX;
The Digest functions are as follows.
void EVP_DigestInit(
EVP_MD_CTX *ctx,
EVP_MD *type);
This function is used to initialise the EVP_MD_CTX. The message
digest that will associated with 'ctx' is specified by 'type'.
void EVP_DigestUpdate(
EVP_MD_CTX *ctx,
unsigned char *data,
unsigned int cnt);
This function is used to pass more data to the message digest
function. 'cnt' bytes are digested from 'data'.
void EVP_DigestFinal(
EVP_MD_CTX *ctx,
unsigned char *md,
unsigned int *len);
This function finishes the digestion and puts the message digest
into 'md'. The length of the message digest is put into len;
EVP_MAX_MD_SIZE is the size of the largest message digest that
can be returned from this function. Len can be NULL if the
size of the digest is not required.
|
