--- k b <[EMAIL PROTECTED]> wrote:
> Hi,
> here's what i'm doing, i comparing the sha1 hash
> generated with the
> command line tool
> #>openssl sha1 -out digest.txt -binary smallplaintxt
> against the one created by my c program.
> i load both the hash using hexedit to see if they
> are the same but to my
> surprise they differ.
>
> here's what i'm doing in my c file.
>
> #define DATA_SIZE_IN_BYTES 5
>
> int main (int argc, char *argv[])
> {
> SHA_CTX shaCTX;
> static unsigned char hash[SHA_DIGEST_LENGTH];
> char * generateHashFile = argv[1];
>
> if (!SHA_Init(&shaCTX)) {
> return -1;
> }
>
> char *data = (char *) readPlainText();
>
> printf("length %d, %s\n", strlen(data), data);
> SHA_Update(&shaCTX, data, (sizeof(char) *
> DATA_SIZE_IN_BYTES));
> SHA_Final(hash, &shaCTX);
> OPENSSL_cleanse(&shaCTX, sizeof(shaCTX));
>
> FILE *fp;
> printf("writing hash to %s\n", generateHashFile);
> fp = fopen(generateHashFile, "wb");
>
> if (ferror(fp) != 0) {
> return -1;
> }
> int i = 0;
> for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
> putc(hash[i], fp);
> }
> fclose(fp);
> return 0;
> }
>
>
> char * readPlainText()
> {
> char *plainTxt = malloc(sizeof(char) *
> DATA_SIZE_IN_BYTES);
> if (plainTxt == NULL ) printf("malloc failed\n");
> memset(plainTxt, 0x00, sizeof(char) *
> DATA_SIZE_IN_BYTES);
>
> FILE *fp ;
> int ch = -1;
>
> fp = fopen("smallplaintxt", "rb");
> if (fp == NULL || (ferror(fp) != 0))
> {
> printf("unable to read plain text file \n");
> exit(-1);
> }
> char * ptr = plainTxt;
> while ( (ch = getc(fp)) != EOF )
> {
> printf("%c\n", (char) ch);
> *ptr++ = (char) ch;
> }
> fclose(fp);
> return plainTxt;
> }
>
> any insight would be appreciated.
Question shud be in openssl-users@
1) You should use SHA1_Init, SHA1_Update etc... SHA
algo is different from SHA1
2) You should define a bigger buffer if the file is
more than 5 bytes
3) You should pass only the length of the valid buffer
to SHA1_Update. For instance you could figure out how
many bytes you read from file and pass it to
SHA1_Update...
If you do these things the hash will match perfectly.
Best,
Girish
> KB
>
>
>
______________________________________________________________________
> OpenSSL Project
> http://www.openssl.org
> Development Mailing List
> [email protected]
> Automated List Manager
> [EMAIL PROTECTED]
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
