sha-256 program example
Reid Thompson
generate a sha-256 digest for a buffer?
The buffer will be less than 128 chars.
Thanks,
reid
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org
Dwight Schauer
Replace SHA1 with SHA256.
Replace 20 with SHA256_DIGEST_LENGTH.
Reid Thompson
> http://stackoverflow.com/questions/918676/generate-sha-hash-in-openssl
>
> Replace SHA1 with SHA256.
> Replace 20 with SHA256_DIGEST_LENGTH.
>
>
> Could someone point me to an example C program, docs that show how to
> generate a sha-256 digest for a buffer?
Thanks,
I also ran across this
https://www.mirbsd.org/htman/i386/man3/sha2.htm
which has an example that works with minor tweaks
EXAMPLES
The following code fragment will calculate the SHA-256 digest for
the string "abc", which is
"0xba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad".
SHA256_CTX ctx;
u_int8_t results[SHA256_DIGEST_LENGTH];
char *buf;
int n;
buf = "abc";
n = strlen(buf);
SHA256_Init(&ctx);
SHA256_Update(&ctx, (u_int8_t *)buf, n);
SHA256_Final(results, &ctx);
/* Print the digest as one long hex value */
printf("0x");
for (n = 0; n < SHA256_DIGEST_LENGTH; n++)
printf("%02x", results[n]);
putchar('\n');
Dr. Stephen Henson
Both of these use the low level APIs which are deprecated.
The approved technique is using EVP.
http://www.openssl.org/docs/crypto/EVP_DigestInit.html#EXAMPLE
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
Jeffrey Walton
Form the docs:
SHA1 is the digest of choice for new applications.
It appears the docs are bit dated. Depending on the application, I
believe NIST recommends that new applications use SHA-2 family (circa
2006 [1]), and requires SHA-2 after 2010 [2]. Considering McDonald,
Hawkes, and Pieprzyk the security level of SHA-1 to 2^52 (Europcrypt
2009), SHA-2 should probably be recommended.
Jeff
[1] http://csrc.nist.gov/groups/ST/toolkit/secure_hashing.html
[2] http://csrc.nist.gov/publications/fips/fips180-3/fips180-3_final.pdf
[3] http://eurocrypt2009rump.cr.yp.to/837a0a8086fa6ca714249409ddfae43d.pdf
On Tue, Oct 6, 2009 at 4:36 PM, Dr. Stephen Henson <st...@openssl.org> wrote:
> On Tue, Oct 06, 2009, Reid Thompson wrote:
>
>> On Tue, 2009-10-06 at 10:44 -0500, Dwight Schauer wrote:
>> > http://stackoverflow.com/questions/918676/generate-sha-hash-in-openssl
>> >
>> > Replace SHA1 with SHA256.
>> > Replace 20 with SHA256_DIGEST_LENGTH.
>> >
>> > Could someone point me to an example C program, docs that show how to
>> > generate a sha-256 digest for a buffer?
>>
>> [SNIP]
>
> Both of these use the low level APIs which are deprecated.
>
> The approved technique is using EVP.
>
> http://www.openssl.org/docs/crypto/EVP_DigestInit.html#EXAMPLE
>
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
>
> [SNIP]
Reid Thompson
> Both of these use the low level APIs which are deprecated.
>
> The approved technique is using EVP.
>
> http://www.openssl.org/docs/crypto/EVP_DigestInit.html#EXAMPLE
>
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openss...@openssl.org
> Automated List Manager majo...@openssl.org
>
Dr. Henson,
Thanks. I'll plan to implement via EVP.
reid
Patrick Patterson
Jeffrey Walton wrote:
> Hi Doctor,
>
> Form the docs:
> SHA1 is the digest of choice for new applications.
>
> It appears the docs are bit dated. Depending on the application, I
> believe NIST recommends that new applications use SHA-2 family (circa
> 2006 [1]), and requires SHA-2 after 2010 [2]. Considering McDonald,
> Hawkes, and Pieprzyk the security level of SHA-1 to 2^52 (Europcrypt
> 2009), SHA-2 should probably be recommended.
>
Except that until recently, very few applications could actually handle
the SHA-2 hash suite. If I am not mistaken, you need to have at least
WinXP SP3 or higher to be able to handle this (assuming that you have a
server that is OpenSSL based, and a client that is Win CAPI based).
Since quite a few folks out there on the Interwebs still haven't adopted
this, if you make your application rely on SHA-2, you will have a
substantial portion of your user base that won't be able to interact
with your application.
So, while the documentation should probably recommend SHA-2, practical
considerations need to be taken into consideration for actual deployment.
I fully agree - we should all move to the "Suite-B" NSA recommendations,
but practically, this would mean that a substantial portion of the
worlds users would not be able to interact with that application.
Now, MD-5, on the other hand, just needs to be categorically disabled
(aside from the one corner case in TLS handshakes where it's actually
not dangerous) :)
Have fun.
Patrick.
happyuk
SHA-256 in Visual C++ environments, giving example code on how to hash a
string and hash a text file:
Installing and using OpenSSL SHA-256 in Visual C++
<http://www.technical-recipes.com/2014/using-openssl-sha-256-in-visual-c/>
--
View this message in context: http://openssl.6102.n7.nabble.com/sha-256-program-example-tp25771p52914.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.