PolarSSL is a C-based cryptography and SSL library which has a GPL license, which makes it ideal for use with BEDOPS, where I plan to use it for quick SHA-1 hashes of metadata, so as to help validate the integrity of the archive.
I’ve been testing it out in Mac OS X 10.8 and it seems pretty straightforward. Here’s a simple project that hashes the string abc
:
#include <stdlib.h>
#include <stdio.h>
#include "polarssl/config.h"
#include "polarssl/sha1.h"
int main(int argc, char **argv)
{
unsigned char output[20];
unsigned char *buf;
size_t bufLength;
size_t idx;
buf = strdup("abc");
bufLength = strlen(buf);
sha1(buf, bufLength, output);
for (idx = 0; idx < 20; idx++) {
fprintf(stdout, "%02x", output[idx]);
if ((idx + 1) % 4 == 0)
fprintf(stdout, " ");
}
fprintf(stdout, "\n");
free(buf);
return EXIT_SUCCESS;
}
To compile it:
gcc -Wall -lpolarssl sha1test.c -o sha1test
When we ask for the hash value of the string abc
, we get the following result:
$ ./sha1test
a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d
This agrees with the value reported at NIST, which is also:
a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d
Testing output against standards is useful for validation.