diff --git a/src/common/util.cpp b/src/common/util.cpp
index 89dcf4fef..f0de73a06 100644
--- a/src/common/util.cpp
+++ b/src/common/util.cpp
@@ -85,7 +85,7 @@ using namespace epee;
 #include <boost/algorithm/string.hpp>
 #include <boost/asio.hpp>
 #include <boost/format.hpp>
-#include <openssl/sha.h>
+#include <openssl/evp.h>
 
 #undef MONERO_DEFAULT_LOG_CATEGORY
 #define MONERO_DEFAULT_LOG_CATEGORY "util"
@@ -941,14 +941,7 @@ std::string get_nix_version_display_string()
 
   bool sha256sum(const uint8_t *data, size_t len, crypto::hash &hash)
   {
-    SHA256_CTX ctx;
-    if (!SHA256_Init(&ctx))
-      return false;
-    if (!SHA256_Update(&ctx, data, len))
-      return false;
-    if (!SHA256_Final((unsigned char*)hash.data, &ctx))
-      return false;
-    return true;
+    return EVP_Digest(data, len, (unsigned char*) hash.data, NULL, EVP_sha256(), NULL) != 0;
   }
 
   bool sha256sum(const std::string &filename, crypto::hash &hash)
@@ -961,8 +954,8 @@ std::string get_nix_version_display_string()
     if (!f)
       return false;
     std::ifstream::pos_type file_size = f.tellg();
-    SHA256_CTX ctx;
-    if (!SHA256_Init(&ctx))
+    std::unique_ptr<EVP_MD_CTX, decltype(&EVP_MD_CTX_free)> ctx(EVP_MD_CTX_new(), &EVP_MD_CTX_free);
+    if (!EVP_DigestInit_ex(ctx.get(), EVP_sha256(), nullptr))
       return false;
     size_t size_left = file_size;
     f.seekg(0, std::ios::beg);
@@ -973,12 +966,12 @@ std::string get_nix_version_display_string()
       f.read(buf, read_size);
       if (!f || !f.good())
         return false;
-      if (!SHA256_Update(&ctx, buf, read_size))
+      if (!EVP_DigestUpdate(ctx.get(), buf, read_size))
         return false;
       size_left -= read_size;
     }
     f.close();
-    if (!SHA256_Final((unsigned char*)hash.data, &ctx))
+    if (!EVP_DigestFinal_ex(ctx.get(), (unsigned char*)hash.data, nullptr))
       return false;
     return true;
   }
diff --git a/src/common/util.h b/src/common/util.h
index 25f5ceb47..f489594e8 100644
--- a/src/common/util.h
+++ b/src/common/util.h
@@ -231,7 +231,27 @@ namespace tools
   bool is_privacy_preserving_network(const std::string &address);
   int vercmp(const char *v0, const char *v1); // returns < 0, 0, > 0, similar to strcmp, but more human friendly than lexical - does not attempt to validate
 
+  /**
+   * \brief Creates a SHA-256 digest of a data buffer
+   *
+   * \param[in] data pointer to the buffer
+   * \param[in] len size of the buffer in bytes
+   * \param[out] hash where message digest will be written to
+   *
+   * \returns true if successful, false otherwise
+   */
   bool sha256sum(const uint8_t *data, size_t len, crypto::hash &hash);
+
+  /**
+   * \brief Creates a SHA-256 digest of a file's contents, equivalent to the sha256sum command in Linux
+   *
+   * \param[in] filename path to target file
+   * \param[out] hash where message digest will be written to
+   *
+   * \returns true if successful, false if the file can not be opened or there is an OpenSSL failure
+   *
+   * \throws ios_base::failure if after the file is successfully opened, an error occurs during reading
+   */
   bool sha256sum(const std::string &filename, crypto::hash &hash);
 
   boost::optional<bool> is_hdd(const char *path);