Re: Sha1 hash differs

Tue, 01 Aug 2006 17:45:42 -0700 

Hi,
The problem comes certainly from the line calling SHA_Update : you are always hashing DATA_SIZE_IN_BYTES byte of data but the command line tool hashes only the exact length of the file. You should replace DATA_SIZE_IN_BYTES with strlen(data) . 

Cheers,

Mounir IDRASSI
IDRIX
http://www.idrix.net


k b a écrit :

Hi,

here's what i'm doing,  i comparing the sha1 hash generated with the  
command line tool

#>openssl sha1 -out digest.txt -binary smallplaintxt
against the one created by my c program.

i load both the hash using hexedit to see if they are the same but to 
my surprise they differ.


here's what i'm doing in my c file.

#define DATA_SIZE_IN_BYTES  5

int main (int argc, char *argv[])
{
 SHA_CTX shaCTX;
 static unsigned char hash[SHA_DIGEST_LENGTH];
 char * generateHashFile = argv[1];

 if (!SHA_Init(&shaCTX)) {
   return -1;
 }

 char *data = (char *) readPlainText();

 printf("length %d, %s\n", strlen(data), data);
 SHA_Update(&shaCTX, data, (sizeof(char) * DATA_SIZE_IN_BYTES));
 SHA_Final(hash, &shaCTX);
 OPENSSL_cleanse(&shaCTX, sizeof(shaCTX));

 FILE *fp;
 printf("writing hash to %s\n", generateHashFile);
 fp = fopen(generateHashFile, "wb");

 if (ferror(fp) != 0) {
     return -1;
 }
 int i = 0;
 for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
     putc(hash[i], fp);
 }
 fclose(fp);
 return 0;
}


char * readPlainText()
{
 char *plainTxt = malloc(sizeof(char) * DATA_SIZE_IN_BYTES);
 if (plainTxt == NULL ) printf("malloc failed\n");
 memset(plainTxt, 0x00, sizeof(char) * DATA_SIZE_IN_BYTES);

 FILE *fp ;
 int ch = -1;

 fp = fopen("smallplaintxt", "rb");
 if (fp == NULL || (ferror(fp) != 0))
 {
     printf("unable to read plain text file \n");
     exit(-1);
 }
 char * ptr = plainTxt;
 while ( (ch = getc(fp)) != EOF )
 {
   printf("%c\n", (char) ch);
   *ptr++ = (char) ch;
 }
 fclose(fp);
 return plainTxt;
}

any insight would be appreciated.
KB


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           [EMAIL PROTECTED]




______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           [EMAIL PROTECTED]






















					Reply via email to