nettle: Legacy hash functions

1 
1 6.1.2 Legacy hash functions
1 ---------------------------
1 
1 The hash functions in this section all have some known weaknesses, and
1 should be avoided for new applications.  These hash functions are mainly
1 useful for compatibility with old applications and protocols.  Some are
1 still considered safe as building blocks for particular constructions,
1 e.g., there seems to be no known attacks against HMAC-SHA1 or even
1 HMAC-MD5.  In some important cases, use of a “legacy” hash function does
1 not in itself make the application insecure; if a known weakness is
1 relevant depends on how the hash function is used, and on the threat
1 model.
1 
1 6.1.2.1 MD5
1 ...........
1 
1 MD5 is a message digest function constructed by Ronald Rivest, and
1 described in ‘RFC 1321’.  It outputs message digests of 128 bits, or 16
1 octets.  Nettle defines MD5 in ‘<nettle/md5.h>’.
1 
1  -- Context struct: struct md5_ctx
1 
1  -- Constant: MD5_DIGEST_SIZE
1      The size of an MD5 digest, i.e.  16.
1 
1  -- Constant: MD5_BLOCK_SIZE
1      The internal block size of MD5.  Useful for some special
1      constructions, in particular HMAC-MD5.
1 
1  -- Function: void md5_init (struct md5_ctx *CTX)
1      Initialize the MD5 state.
1 
1  -- Function: void md5_update (struct md5_ctx *CTX, size_t LENGTH, const
1           uint8_t *DATA)
1      Hash some more data.
1 
1  -- Function: void md5_digest (struct md5_ctx *CTX, size_t LENGTH,
1           uint8_t *DIGEST)
1      Performs final processing and extracts the message digest, writing
1      it to DIGEST.  LENGTH may be smaller than ‘MD5_DIGEST_SIZE’, in
1      which case only the first LENGTH octets of the digest are written.
1 
1      This function also resets the context in the same way as
1      ‘md5_init’.
1 
1    The normal way to use MD5 is to call the functions in order: First
1 ‘md5_init’, then ‘md5_update’ zero or more times, and finally
1 ‘md5_digest’.  After ‘md5_digest’, the context is reset to its initial
1 state, so you can start over calling ‘md5_update’ to hash new data.
1 
1    To start over, you can call ‘md5_init’ at any time.
1 
1 6.1.2.2 MD2
1 ...........
1 
1 MD2 is another hash function of Ronald Rivest’s, described in ‘RFC
1 1319’.  It outputs message digests of 128 bits, or 16 octets.  Nettle
1 defines MD2 in ‘<nettle/md2.h>’.
1 
1  -- Context struct: struct md2_ctx
1 
1  -- Constant: MD2_DIGEST_SIZE
1      The size of an MD2 digest, i.e.  16.
1 
1  -- Constant: MD2_BLOCK_SIZE
1      The internal block size of MD2.
1 
1  -- Function: void md2_init (struct md2_ctx *CTX)
1      Initialize the MD2 state.
1 
1  -- Function: void md2_update (struct md2_ctx *CTX, size_t LENGTH, const
1           uint8_t *DATA)
1      Hash some more data.
1 
1  -- Function: void md2_digest (struct md2_ctx *CTX, size_t LENGTH,
1           uint8_t *DIGEST)
1      Performs final processing and extracts the message digest, writing
1      it to DIGEST.  LENGTH may be smaller than ‘MD2_DIGEST_SIZE’, in
1      which case only the first LENGTH octets of the digest are written.
1 
1      This function also resets the context in the same way as
1      ‘md2_init’.
1 
1 6.1.2.3 MD4
1 ...........
1 
1 MD4 is a predecessor of MD5, described in ‘RFC 1320’.  Like MD5, it is
1 constructed by Ronald Rivest.  It outputs message digests of 128 bits,
1 or 16 octets.  Nettle defines MD4 in ‘<nettle/md4.h>’.  Use of MD4 is
1 not recommended, but it is sometimes needed for compatibility with
1 existing applications and protocols.
1 
1  -- Context struct: struct md4_ctx
1 
1  -- Constant: MD4_DIGEST_SIZE
1      The size of an MD4 digest, i.e.  16.
1 
1  -- Constant: MD4_BLOCK_SIZE
1      The internal block size of MD4.
1 
1  -- Function: void md4_init (struct md4_ctx *CTX)
1      Initialize the MD4 state.
1 
1  -- Function: void md4_update (struct md4_ctx *CTX, size_t LENGTH, const
1           uint8_t *DATA)
1      Hash some more data.
1 
1  -- Function: void md4_digest (struct md4_ctx *CTX, size_t LENGTH,
1           uint8_t *DIGEST)
1      Performs final processing and extracts the message digest, writing
1      it to DIGEST.  LENGTH may be smaller than ‘MD4_DIGEST_SIZE’, in
1      which case only the first LENGTH octets of the digest are written.
1 
1      This function also resets the context in the same way as
1      ‘md4_init’.
1 
1 6.1.2.4 RIPEMD160
1 .................
1 
1 RIPEMD160 is a hash function designed by Hans Dobbertin, Antoon
1 Bosselaers, and Bart Preneel, as a strengthened version of RIPEMD
1 (which, like MD4 and MD5, fails the collision-resistance requirement).
1 It produces message digests of 160 bits, or 20 octets.  Nettle defined
1 RIPEMD160 in ‘nettle/ripemd160.h’.
1 
1  -- Context struct: struct ripemd160_ctx
1 
1  -- Constant: RIPEMD160_DIGEST_SIZE
1      The size of a RIPEMD160 digest, i.e.  20.
1 
1  -- Constant: RIPEMD160_BLOCK_SIZE
1      The internal block size of RIPEMD160.
1 
1  -- Function: void ripemd160_init (struct ripemd160_ctx *CTX)
1      Initialize the RIPEMD160 state.
1 
1  -- Function: void ripemd160_update (struct ripemd160_ctx *CTX, size_t
1           LENGTH, const uint8_t *DATA)
1      Hash some more data.
1 
1  -- Function: void ripemd160_digest (struct ripemd160_ctx *CTX, size_t
1           LENGTH, uint8_t *DIGEST)
1      Performs final processing and extracts the message digest, writing
1      it to DIGEST.  LENGTH may be smaller than ‘RIPEMD160_DIGEST_SIZE’,
1      in which case only the first LENGTH octets of the digest are
1      written.
1 
1      This function also resets the context in the same way as
1      ‘ripemd160_init’.
1 
1 6.1.2.5 SHA1
1 ............
1 
1 SHA1 is a hash function specified by “NIST” (The U.S. National Institute
1 for Standards and Technology).  It outputs hash values of 160 bits, or
1 20 octets.  Nettle defines SHA1 in ‘<nettle/sha1.h>’ (and in
1 ‘<nettle/sha.h>’, for backwards compatibility).
1 
1  -- Context struct: struct sha1_ctx
1 
1  -- Constant: SHA1_DIGEST_SIZE
1      The size of a SHA1 digest, i.e.  20.
1 
1  -- Constant: SHA1_BLOCK_SIZE
1      The internal block size of SHA1.  Useful for some special
1      constructions, in particular HMAC-SHA1.
1 
1  -- Function: void sha1_init (struct sha1_ctx *CTX)
1      Initialize the SHA1 state.
1 
1  -- Function: void sha1_update (struct sha1_ctx *CTX, size_t LENGTH,
1           const uint8_t *DATA)
1      Hash some more data.
1 
1  -- Function: void sha1_digest (struct sha1_ctx *CTX, size_t LENGTH,
1           uint8_t *DIGEST)
1      Performs final processing and extracts the message digest, writing
1      it to DIGEST.  LENGTH may be smaller than ‘SHA1_DIGEST_SIZE’, in
1      which case only the first LENGTH octets of the digest are written.
1 
1      This function also resets the context in the same way as
1      ‘sha1_init’.
1 
1 6.1.2.6 GOSTHASH94
1 ..................
1 
1 The GOST94 or GOST R 34.11-94 hash algorithm is a Soviet-era algorithm
1 used in Russian government standards (see ‘RFC 4357’).  It outputs
1 message digests of 256 bits, or 32 octets.  Nettle defines GOSTHASH94 in
1 ‘<nettle/gosthash94.h>’.
1 
1  -- Context struct: struct gosthash94_ctx
1 
1  -- Constant: GOSTHASH94_DIGEST_SIZE
1      The size of a GOSTHASH94 digest, i.e.  32.
1 
1  -- Constant: GOSTHASH94_BLOCK_SIZE
1      The internal block size of GOSTHASH94, i.e., 32.
1 
1  -- Function: void gosthash94_init (struct gosthash94_ctx *CTX)
1      Initialize the GOSTHASH94 state.
1 
1  -- Function: void gosthash94_update (struct gosthash94_ctx *CTX, size_t
1           LENGTH, const uint8_t *DATA)
1      Hash some more data.
1 
1  -- Function: void gosthash94_digest (struct gosthash94_ctx *CTX, size_t
1           LENGTH, uint8_t *DIGEST)
1      Performs final processing and extracts the message digest, writing
1      it to DIGEST.  LENGTH may be smaller than ‘GOSTHASH94_DIGEST_SIZE’,
1      in which case only the first LENGTH octets of the digest are
1      written.
1 
1      This function also resets the context in the same way as
1      ‘gosthash94_init’.
1