nettle: Legacy hash functions
1
1 6.1.2 Legacy hash functions
1 ---------------------------
1
1 The hash functions in this section all have some known weaknesses, and
1 should be avoided for new applications. These hash functions are mainly
1 useful for compatibility with old applications and protocols. Some are
1 still considered safe as building blocks for particular constructions,
1 e.g., there seems to be no known attacks against HMAC-SHA1 or even
1 HMAC-MD5. In some important cases, use of a “legacy” hash function does
1 not in itself make the application insecure; if a known weakness is
1 relevant depends on how the hash function is used, and on the threat
1 model.
1
1 6.1.2.1 MD5
1 ...........
1
1 MD5 is a message digest function constructed by Ronald Rivest, and
1 described in ‘RFC 1321’. It outputs message digests of 128 bits, or 16
1 octets. Nettle defines MD5 in ‘<nettle/md5.h>’.
1
1 -- Context struct: struct md5_ctx
1
1 -- Constant: MD5_DIGEST_SIZE
1 The size of an MD5 digest, i.e. 16.
1
1 -- Constant: MD5_BLOCK_SIZE
1 The internal block size of MD5. Useful for some special
1 constructions, in particular HMAC-MD5.
1
1 -- Function: void md5_init (struct md5_ctx *CTX)
1 Initialize the MD5 state.
1
1 -- Function: void md5_update (struct md5_ctx *CTX, size_t LENGTH, const
1 uint8_t *DATA)
1 Hash some more data.
1
1 -- Function: void md5_digest (struct md5_ctx *CTX, size_t LENGTH,
1 uint8_t *DIGEST)
1 Performs final processing and extracts the message digest, writing
1 it to DIGEST. LENGTH may be smaller than ‘MD5_DIGEST_SIZE’, in
1 which case only the first LENGTH octets of the digest are written.
1
1 This function also resets the context in the same way as
1 ‘md5_init’.
1
1 The normal way to use MD5 is to call the functions in order: First
1 ‘md5_init’, then ‘md5_update’ zero or more times, and finally
1 ‘md5_digest’. After ‘md5_digest’, the context is reset to its initial
1 state, so you can start over calling ‘md5_update’ to hash new data.
1
1 To start over, you can call ‘md5_init’ at any time.
1
1 6.1.2.2 MD2
1 ...........
1
1 MD2 is another hash function of Ronald Rivest’s, described in ‘RFC
1 1319’. It outputs message digests of 128 bits, or 16 octets. Nettle
1 defines MD2 in ‘<nettle/md2.h>’.
1
1 -- Context struct: struct md2_ctx
1
1 -- Constant: MD2_DIGEST_SIZE
1 The size of an MD2 digest, i.e. 16.
1
1 -- Constant: MD2_BLOCK_SIZE
1 The internal block size of MD2.
1
1 -- Function: void md2_init (struct md2_ctx *CTX)
1 Initialize the MD2 state.
1
1 -- Function: void md2_update (struct md2_ctx *CTX, size_t LENGTH, const
1 uint8_t *DATA)
1 Hash some more data.
1
1 -- Function: void md2_digest (struct md2_ctx *CTX, size_t LENGTH,
1 uint8_t *DIGEST)
1 Performs final processing and extracts the message digest, writing
1 it to DIGEST. LENGTH may be smaller than ‘MD2_DIGEST_SIZE’, in
1 which case only the first LENGTH octets of the digest are written.
1
1 This function also resets the context in the same way as
1 ‘md2_init’.
1
1 6.1.2.3 MD4
1 ...........
1
1 MD4 is a predecessor of MD5, described in ‘RFC 1320’. Like MD5, it is
1 constructed by Ronald Rivest. It outputs message digests of 128 bits,
1 or 16 octets. Nettle defines MD4 in ‘<nettle/md4.h>’. Use of MD4 is
1 not recommended, but it is sometimes needed for compatibility with
1 existing applications and protocols.
1
1 -- Context struct: struct md4_ctx
1
1 -- Constant: MD4_DIGEST_SIZE
1 The size of an MD4 digest, i.e. 16.
1
1 -- Constant: MD4_BLOCK_SIZE
1 The internal block size of MD4.
1
1 -- Function: void md4_init (struct md4_ctx *CTX)
1 Initialize the MD4 state.
1
1 -- Function: void md4_update (struct md4_ctx *CTX, size_t LENGTH, const
1 uint8_t *DATA)
1 Hash some more data.
1
1 -- Function: void md4_digest (struct md4_ctx *CTX, size_t LENGTH,
1 uint8_t *DIGEST)
1 Performs final processing and extracts the message digest, writing
1 it to DIGEST. LENGTH may be smaller than ‘MD4_DIGEST_SIZE’, in
1 which case only the first LENGTH octets of the digest are written.
1
1 This function also resets the context in the same way as
1 ‘md4_init’.
1
1 6.1.2.4 RIPEMD160
1 .................
1
1 RIPEMD160 is a hash function designed by Hans Dobbertin, Antoon
1 Bosselaers, and Bart Preneel, as a strengthened version of RIPEMD
1 (which, like MD4 and MD5, fails the collision-resistance requirement).
1 It produces message digests of 160 bits, or 20 octets. Nettle defined
1 RIPEMD160 in ‘nettle/ripemd160.h’.
1
1 -- Context struct: struct ripemd160_ctx
1
1 -- Constant: RIPEMD160_DIGEST_SIZE
1 The size of a RIPEMD160 digest, i.e. 20.
1
1 -- Constant: RIPEMD160_BLOCK_SIZE
1 The internal block size of RIPEMD160.
1
1 -- Function: void ripemd160_init (struct ripemd160_ctx *CTX)
1 Initialize the RIPEMD160 state.
1
1 -- Function: void ripemd160_update (struct ripemd160_ctx *CTX, size_t
1 LENGTH, const uint8_t *DATA)
1 Hash some more data.
1
1 -- Function: void ripemd160_digest (struct ripemd160_ctx *CTX, size_t
1 LENGTH, uint8_t *DIGEST)
1 Performs final processing and extracts the message digest, writing
1 it to DIGEST. LENGTH may be smaller than ‘RIPEMD160_DIGEST_SIZE’,
1 in which case only the first LENGTH octets of the digest are
1 written.
1
1 This function also resets the context in the same way as
1 ‘ripemd160_init’.
1
1 6.1.2.5 SHA1
1 ............
1
1 SHA1 is a hash function specified by “NIST” (The U.S. National Institute
1 for Standards and Technology). It outputs hash values of 160 bits, or
1 20 octets. Nettle defines SHA1 in ‘<nettle/sha1.h>’ (and in
1 ‘<nettle/sha.h>’, for backwards compatibility).
1
1 -- Context struct: struct sha1_ctx
1
1 -- Constant: SHA1_DIGEST_SIZE
1 The size of a SHA1 digest, i.e. 20.
1
1 -- Constant: SHA1_BLOCK_SIZE
1 The internal block size of SHA1. Useful for some special
1 constructions, in particular HMAC-SHA1.
1
1 -- Function: void sha1_init (struct sha1_ctx *CTX)
1 Initialize the SHA1 state.
1
1 -- Function: void sha1_update (struct sha1_ctx *CTX, size_t LENGTH,
1 const uint8_t *DATA)
1 Hash some more data.
1
1 -- Function: void sha1_digest (struct sha1_ctx *CTX, size_t LENGTH,
1 uint8_t *DIGEST)
1 Performs final processing and extracts the message digest, writing
1 it to DIGEST. LENGTH may be smaller than ‘SHA1_DIGEST_SIZE’, in
1 which case only the first LENGTH octets of the digest are written.
1
1 This function also resets the context in the same way as
1 ‘sha1_init’.
1
1 6.1.2.6 GOSTHASH94
1 ..................
1
1 The GOST94 or GOST R 34.11-94 hash algorithm is a Soviet-era algorithm
1 used in Russian government standards (see ‘RFC 4357’). It outputs
1 message digests of 256 bits, or 32 octets. Nettle defines GOSTHASH94 in
1 ‘<nettle/gosthash94.h>’.
1
1 -- Context struct: struct gosthash94_ctx
1
1 -- Constant: GOSTHASH94_DIGEST_SIZE
1 The size of a GOSTHASH94 digest, i.e. 32.
1
1 -- Constant: GOSTHASH94_BLOCK_SIZE
1 The internal block size of GOSTHASH94, i.e., 32.
1
1 -- Function: void gosthash94_init (struct gosthash94_ctx *CTX)
1 Initialize the GOSTHASH94 state.
1
1 -- Function: void gosthash94_update (struct gosthash94_ctx *CTX, size_t
1 LENGTH, const uint8_t *DATA)
1 Hash some more data.
1
1 -- Function: void gosthash94_digest (struct gosthash94_ctx *CTX, size_t
1 LENGTH, uint8_t *DIGEST)
1 Performs final processing and extracts the message digest, writing
1 it to DIGEST. LENGTH may be smaller than ‘GOSTHASH94_DIGEST_SIZE’,
1 in which case only the first LENGTH octets of the digest are
1 written.
1
1 This function also resets the context in the same way as
1 ‘gosthash94_init’.
1