A minor naming thing is the openssl docs say: "The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively."
So it's probably best to use EVP_MD_CTX_new() rather than EVP_MD_CTX_create(). You already check for new enough openssl as EVP_sha3_224 was only added in openssl 1.1. cheers, Padraig
