PolarSSL is a C-based cryptography and SSL library which has a GPL license, which makes it ideal for use with BEDOPS, where I plan to use it for quick SHA-1 hashes of metadata, so as to help validate the integrity of the archive.
I’ve been testing it out in Mac OS X 10.8 and it seems pretty straightforward. Here’s a simple project that hashes the string abc
:
#include <stdlib.h> #include <stdio.h> #include "polarssl/config.h" #include "polarssl/sha1.h" int main(int argc, char **argv) { unsigned char output[20]; unsigned char *buf; size_t bufLength; size_t idx; buf = strdup("abc"); bufLength = strlen(buf); sha1(buf, bufLength, output); for (idx = 0; idx < 20; idx++) { fprintf(stdout, "%02x", output[idx]); if ((idx + 1) % 4 == 0) fprintf(stdout, " "); } fprintf(stdout, "\n"); free(buf); return EXIT_SUCCESS; }
To compile it:
gcc -Wall -lpolarssl sha1test.c -o sha1test
When we ask for the hash value of the string abc
, we get the following result:
$ ./sha1test a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d
This agrees with the value reported at NIST, which is also:
a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d
Testing output against standards is useful for validation.