On Mon, Jun 07, 2010 at 04:07:06PM -0400, Jason Fister wrote:
> Hello folks,
>
> I have a service to which people can send data. My service then stores the
> data and returns the SHA checksum for the data back to the client. I also
> store the checksum I computed and the offset at which it was computed as
> part of the metadata.
>
> I want to allow clients to send append requests to this data at a later
> time. When they send the append request, I want to be able to use the
> checksum that I had already calculated as the starting point and then use
> that to generate the new checksum for the appended object.
It is not computationally feasible to compute the checksum of a longer
message from the checksum of a short message.
> I know about the init, update and final functions. But I dont see a way to
> pass in the checksum value of the original object when computing the
> checksum of the new appended object.
You need to serialize, save and restore the intermediate state of
the digest before you call "final" if you need to be able to append
more data without re-computing the entire checksum.
OpenSSL does not provide a serialization interface for MD_CTX objects.
Perhaps you're better off with a simpler library that does not support
engines, and other features that make serialization difficult.
The source code EVP_MD_CTX_copy_ex() can, with some effort, be adapted
to save/restore non-engine OpenSSL digest contexts.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
