1

I recently tried to do a MD4 hashing with openssl in C: MD4 hash with openssl, save result into char array. I would like to do it again but now using EVP_Digest. But with this code Im getting core dumped - why?

#include <string.h>
#include <stdio.h>
#include <openssl/md4.h>

int main()
{
    unsigned char digest[MD4_DIGEST_LENGTH];
    char string[] = "hello world";

    EVP_Digest(string, strlen(string), digest, NULL, EVP_md4(), NULL);

    char mdString[MD4_DIGEST_LENGTH*2+1];
    int i;
    for( i = 0; i < MD4_DIGEST_LENGTH; i++)
         sprintf(&mdString[i*2], "%02x", (unsigned int)digest[i]);
    printf("md4 digest: %s\n", mdString);

    return 0;
}
Community
  • 1
  • 1
yak
  • 3,770
  • 19
  • 60
  • 111
  • Is it valid to pass NULL as the `hsize`? I'd expect `EVP_Digest` to dereference this to note the length of data it writes to `digest` – simonc Aug 13 '13 at 12:10
  • @simonc: When you take a look at openssl source, there's a piece of code where they use it like I did, thats why I used it same as the authors. But thanks, will check it. – yak Aug 13 '13 at 12:13
  • @simonc: yup, its like I wrote = it didnt change anything unfortunately :( – yak Aug 13 '13 at 12:15
  • @simonc: Funny thing. I ran it under a `valgrind` with options: `valgrind --tool=memcheck --leak-check=yes` and it gave me no erros, moreover, it printed a good md4 hash! What's going on? My `valgrind` output: http://pastie.org/private/fyezmezfnulubf95djq9w – yak Aug 13 '13 at 12:20
  • Your code runs to completion on linux without valgrind for me – simonc Aug 13 '13 at 12:26
  • @simonc: Any ideas why? I bought my laptop 2 weeks ago, I doubt that its a hardware-issue (broken RAM or something) – yak Aug 13 '13 at 12:34
  • 1
    Sorry, I'm not sure. If you're running linux, you could check for an incompatibility between glibc and openssl. You could also try fetching the openssl code, building it yourself then single stepping the code in a debugger to see exactly where it fails. – simonc Aug 13 '13 at 13:16

1 Answers1

2

You are passing a NULL pointer to EVP_Digest as the output length variable. You need to do the following:

unsigned int digestLen;
EVP_Digest(string, strlen(string), digest, &digestLen, EVP_md4(), NULL);

Even if you don't use the output length (you should rather than relying on a constant), you still need to give a valid memory location for the EVP_Digest function to write the size value to.

Also, you should #include <openssl/evp.h>.

shanet
  • 7,246
  • 3
  • 34
  • 46