Message Digests
152 RSA BSAFE Crypto-C Developer’s Guide
Message DigestsA message digest is a fixed-length, statistically-unique identifier that corresponds to a
set of data. That is, each unit of data — such as a file, string, or buffer — maps to a
particular byte sequence (usually 16 or 20 bytes long). A digest is not random:
digesting the same unit of data with the same message-digest algorithm will always
produce the same byte sequence.
Digests are used in random-number generation, password-based encryption, and
digital signatures.
Creating a Digest
The example in this section corresponds to the file mdigest.c.
Step 1: Creating An Algorithm Object
Declare a variable to be B_ALGORITHM_OBJ. As defined in the function prototype in
Chapter 4 of the Reference Manual, its address is the argument for
B_CreateAlgorithmObject:
Step 2: Setting The Algorithm Object
Crypto-C offers four message digest algorithms: MD, MD2, MD5, and SHA1.
Note: Recent cryptanalytic work has discovered a collision in MD2’s internal
compression function, and there is some chance that the attack on MD2 may
be extended to the full hash function. The same attack applies to MD. Another
attack has been applied to the compression function on MD5, though this has
yet to be extended to the full MD5. RSA Security recommends that before you
use MD, MD2, or MD5, you should consult the RSA Laboratories Web site to
be sure that their use is consistent with the latest information.
The AI for SHA1 is AI_SHA1; the Reference Manual Chapter 2 entry for this AI states
that the format of
info
supplied to B_SetAlgorithmInfo is NULL_PTR:
B_ALGORITHM_OBJ digester = (B_ALGORITHM_OBJ)NULL_PTR;
if ((status = B_CreateAlgorithmObject (&digester)) != 0)
break;