哈希概述
Hash,一般翻譯做“散列”,也有直接音譯爲“哈希”的,就是把任意長度的輸入通過散列算法變換成固定長度的輸出,該輸出就是散列值。這種轉換是一種壓縮映射,也就是,散列值的空間通常遠小於輸入的空間,不同的輸入可能會散列成相同的輸出,所以不可能從散列值來確定唯一的輸入值。簡單的說就是一種將任意長度的消息壓縮到某一固定長度的消息摘要的函數。(來源百度百科解釋)
Hash的特點
- 算法是公開的
- 對相同數據運算,得到的結果是一樣的
- 對不用數據運算,如MD5得到的結果都是32個字符長度的字符串
- 無法逆運算
mbed TLS 哈希模塊介紹
通過mbed TLS Hashing Module 可以爲一個文件、流和緩衝區創建一個哈希值,也可以爲一個流和緩衝區創建一個哈希信息驗證碼(HAMC)。這個模塊由以下幾個算法子模塊組成:
MD2, MD4, MD5 128-bit one-way hash functions by Ron Rivest.
SHA-1, SHA-256, SHA-384/512 160-bit or more one-way hash functions by NIST and NSA.
他們作爲hash 模塊的獨立的子模塊,可以在編譯的配置是否需要他們。所有的子模塊都包含以下接口(用C++會方便很多):
Getting information about the supported hash functions.
Start, update, finish a one-way-hash function with state.
Perform a one-way-hash function without state.
Start, update, stop calculating a hash message authentication code (HMAC) with state.
Calculate a hash message authentication code (HMAC) without state.
mbed TLS Hashing Module 提供兩種使用方式:
1、直接調用相關接口:
2、分start update finish三步走,下圖爲狀態變化
mbed TLS 哈希模塊使用場景
Calculate a hash value for a file
This scenario describes how a hash value is calculated for a file. Only the hash function information needs to be provided. There is initialization and no state between function calls.
Calculate a hash value for a stream
This scenario describes how a hash value is calculated for a stream. Initialization is required and state is kept between function calls.
Calculate a HMAC for a stream
This scenario describes how a hash message authentication code (HMAC) is calculated for a stream and then reset. Initialization is required with provision of a secret key. State is kept between function calls.
示例
1、直接調用
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdlib.h>
#include <stdio.h>
#define mbedtls_printf printf
#define mbedtls_exit exit
#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
#endif
#if defined(MBEDTLS_MD5_C)
#include "mbedtls/md5.h"
#endif
#if !defined(MBEDTLS_MD5_C)
int main( void )
{
mbedtls_printf("MBEDTLS_MD5_C not defined.\n");
return( 0 );
}
#else
/*
* output = MD5( input buffer )
*/
int mbedtls_md5_ret( const unsigned char *input,
size_t ilen,
unsigned char output[16] )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_md5_context ctx;
mbedtls_md5_init( &ctx );
if( ( ret = mbedtls_md5_starts_ret( &ctx ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md5_update_ret( &ctx, input, ilen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md5_finish_ret( &ctx, output ) ) != 0 )
goto exit;
exit:
mbedtls_md5_free( &ctx );
return( ret );
}
int main( void )
{
int i, ret;
unsigned char digest[16];
char str[] = "Hello, world!";
mbedtls_printf( "\n MD5('%s') = ", str );
if( ( ret = mbedtls_md5_ret( (unsigned char *) str, 13, digest ) ) != 0 )
return( MBEDTLS_EXIT_FAILURE );
for( i = 0; i < 16; i++ )
mbedtls_printf( "%02x", digest[i] );
mbedtls_printf( "\n\n" );
#if defined(_WIN32)
mbedtls_printf( " Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif
return( MBEDTLS_EXIT_SUCCESS );
}
#endif /* MBEDTLS_MD5_C */