| |
| The Message Digest subroutines. |
| |
| These routines require "evp.h" to be included. |
| |
| These functions are a higher level interface to the various message digest |
| routines found in this library. As such, they allow the same code to be |
| used to digest via different algorithms with only a change in an initial |
| parameter. They are basically just a front-end to the MD2, MD5, SHA |
| and SHA1 |
| routines. |
| |
| These routines all take a pointer to the following structure to specify |
| which message digest algorithm to use. |
| typedef struct evp_md_st |
| { |
| int type; |
| int pkey_type; |
| int md_size; |
| void (*init)(); |
| void (*update)(); |
| void (*final)(); |
| |
| int required_pkey_type; /*EVP_PKEY_xxx */ |
| int (*sign)(); |
| int (*verify)(); |
| } EVP_MD; |
| |
| If additional message digest algorithms are to be supported, a structure of |
| this type needs to be declared and populated and then the Digest routines |
| can be used with that algorithm. The type field is the object NID of the |
| digest type (read the section on Objects for an explanation). The pkey_type |
| is the Object type to use when the a message digest is generated by there |
| routines and then is to be signed with the pkey algorithm. Md_size is |
| the size of the message digest returned. Init, update |
| and final are the relevant functions to perform the message digest function |
| by parts. One reason for specifying the message digest to use via this |
| mechanism is that if you only use md5, only the md5 routines will |
| be included in you linked program. If you passed an integer |
| that specified which message digest to use, the routine that mapped that |
| integer to a set of message digest functions would cause all the message |
| digests functions to be link into the code. This setup also allows new |
| message digest functions to be added by the application. |
| |
| The six message digests defined in this library are |
| |
| EVP_MD *EVP_md2(void); /* RSA sign/verify */ |
| EVP_MD *EVP_md5(void); /* RSA sign/verify */ |
| EVP_MD *EVP_sha(void); /* RSA sign/verify */ |
| EVP_MD *EVP_sha1(void); /* RSA sign/verify */ |
| EVP_MD *EVP_dss(void); /* DSA sign/verify */ |
| EVP_MD *EVP_dss1(void); /* DSA sign/verify */ |
| |
| All the message digest routines take a EVP_MD_CTX pointer as an argument. |
| The state of the message digest is kept in this structure. |
| |
| typedef struct pem_md_ctx_st |
| { |
| EVP_MD *digest; |
| union { |
| unsigned char base[4]; /* this is used in my library as a |
| * 'pointer' to all union elements |
| * structures. */ |
| MD2_CTX md2; |
| MD5_CTX md5; |
| SHA_CTX sha; |
| } md; |
| } EVP_MD_CTX; |
| |
| The Digest functions are as follows. |
| |
| void EVP_DigestInit( |
| EVP_MD_CTX *ctx, |
| EVP_MD *type); |
| This function is used to initialise the EVP_MD_CTX. The message |
| digest that will associated with 'ctx' is specified by 'type'. |
| |
| void EVP_DigestUpdate( |
| EVP_MD_CTX *ctx, |
| unsigned char *data, |
| unsigned int cnt); |
| This function is used to pass more data to the message digest |
| function. 'cnt' bytes are digested from 'data'. |
| |
| void EVP_DigestFinal( |
| EVP_MD_CTX *ctx, |
| unsigned char *md, |
| unsigned int *len); |
| This function finishes the digestion and puts the message digest |
| into 'md'. The length of the message digest is put into len; |
| EVP_MAX_MD_SIZE is the size of the largest message digest that |
| can be returned from this function. Len can be NULL if the |
| size of the digest is not required. |
| |
