OpenSSL EVP Series 7 --- Information Summary Algorithm Structure Overview
--- Translation according to OpenSSL DOC / CRYPTO / EVP_DIGESTINIT.POD and its understanding
(Author: DragonKing, Mail: wzhah@263.net, released in:
Http://openssl.126.com OpenSSL Professional Forum, Version: OpenSSL-0.9.7)
This series of functions encapsulate all information summary algorithms of the OpenSSL encryption library. When using different information summary algorithms, it is only necessary to modify the initialization parameters, and other code can be exactly the same. These algorithms include algorithms such as MD2, MD5, and SHA.
[EVP_MD structure introduction]
All algorithms maintain a pointer to the structure defined below, and the functionality of the algorithm is implemented on this basis. The structure EVP_md is as follows:
TYPEDEF STRUCT ENV_MD_ST
{
INT TYPE;
INT PKEY_TYPE;
INT MD_SIZE;
Unsigned long flag;
INT (* init) (EVP_MD_CTX * CTX);
INT (* Update) (EVP_MD_CTX * CTX, Const Void * Data, Unsigned Long Count);
INT (* final) (EVP_MD_CTX * CTX, UNSIGNED CHAR * MD);
INT (* copy) (EVP_MD_CTX * TO, CONST EVP_MD_CTX * FROM);
INT (* Cleanup) (EVP_MD_CTX * CTX);
INT (* SIGN) ();
INT (* verify) ();
INT Required_pkey_type [5]; / * evp_pkey_xxx * /
Int block_size;
INT CTX_SIZE;
} EVP_md;
The partial parameters of the structure are explained below:
TYPE - NID ID of the information summary algorithm
PKEY_TYPE - is the corresponding NID identity of the information summary - the signature algorithm system, such as NID_SHAWITHRSAENCRYPTION
MD_SIZE - is the length of information generated by the information summary algorithm, such as SHA algorithm is SHA_Digest_length, which is 20
INIT - points to the initialization function of a particular information summary algorithm, such as the SHA algorithm, pointer points to SHA_INIT
Update - points to a function of a real calculation summary value, such as the SHA algorithm, point to SHA_UPDATE
Final - The function to be called after the calculation of the information summary value, which completes the processing of the last piece of data. For example, the SHA algorithm is to point to SHA_FINAL.
COPY - Presses a function that can copy the parameter value between two EVP_MD_CTX structures
Required_pkey_type - Points to a type of algorithm EVP_PKEY for signature, such as the SHA algorithm pointing to EVP_PKEY_RSA_METHOD
Block_size - a length of input block for performing information abstract (unit is byte), such as SHA algorithm is SHA_CBLOCK
CTX_size - is the length of the CTX structure, should be SIZEOF (EVP_MD *) sizeof (SHA_CTX) in the SHA algorithm
If you want to add new algorithms, you can define this structure and make it necessary, then you can use the universal function. Like the EVP_CIPHER series function, use this package technology, you can use a summary algorithm, such as MD5, just connect the MD5 code when the connection program is connected. If you use a certificate to identify the algorithm, you will cause all other information summary algorithm code to connect to the program.
[EVP_MD_CTX Structure Description] When the function is called, it is generally necessary to pass the parameters of the TYPE mentioned above and a CTX structure defined below, the structure EVP_MD_CTX is defined as follows:
TYPEDEF STRUCT ENV_MD_CTX_ST
{
Const EVP_MD * DiGest;
Engine * Engine;
Unsigned long flag;
Void * md_data;
} EVP_MD_CTX;
Members of this structure are as follows:
Digest - pointers in the EVP_md structure described above
Engine - If the algorithm is supplied by Engine, the pointer points to the engine
MD_DATA - Information Summary Data
[Support information summary algorithm]
EVP_MD_NULL (VOID)
EVP_MD2 (VOID)
EVP_MD4 (Void)
EVP_MD5 (Void)
EVP_SHA (Void)
EVP_SHA1 (Void)
EVP_DSS (Void)
EVP_DSS1 (Void)
EVP_MDC2 (VOID)
EVP_RIPEMD160 (VOID)
