Chapter 5 Non-Cryptographic Operations 155
Message Digests
Step 6: Destroy
Remember to destroy all objects when you are done with them:
BER-Encoding the Digest
If you want to send your digest to someone, you should BER-encode the algorithm
identifier and the digest. The Crypto-C function
B_EncodeDigestInfo offers a way to
put together a string containing your information in BER format.
The example in this section corresponds to the file
mdber.c.
The Reference Manual Chapter 4 entry for
B_EncodeDigestInfo shows that this
function takes six arguments:
The first argument is an address where Crypto-C can drop the BER-encoded digest
information. You will have to allocate the space for this buffer. This buffer will
contain the algorithm identifier and the 16- or 20-byte digest, the total for MD2 and
MD5 digests is 34; for a SHA1 digest, it is 35 bytes. If you want to be safe, you can
make the buffer larger.
The second argument is the address of an
unsigned int; Crypto-C will place the final
length of the BER encoding at that address. The third argument is the buffer size. The
fourth is a pointer to an
ITEM containing the DER encoding of the message digest
algorithm; you obtain the DER encoding by calling
B_GetAlgorithmInfo with the
appropriate AI with BER encoding. The fifth argument is the digest itself; the sixth is
the length of the digest.
B_DestroyAlgorithmObject (&digester);
int B_EncodeDigestInfo (
unsigned char *digestInfo, /* encoded output buffer */
unsigned int *digestInfoLen, /* length of encoded output */
unsigned int maxDigestInfoLen, /* size of digestInfo buffer */
ITEM *algorithmID, /* message digest algorithm identifier */
unsigned char *digest, /* message digest value */
unsigned int digestLen /* length of digest */
);
