summaryrefslogtreecommitdiff
path: root/lib/libc/hash/sha1.c
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>1997-07-10 22:53:02 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>1997-07-10 22:53:02 +0000
commit7f713d9ace4c5809f5dff75d423f0ba82b6b351e (patch)
tree5ab3a515992ceaef652754b6533277498feb3612 /lib/libc/hash/sha1.c
parent4edac6ae5359b2e8b2bba77d0c4498c7afc8de45 (diff)
Different sha1 functions (taken from netinet's if_sha1.c) that
are more consistent with md4/md5 functions.
Diffstat (limited to 'lib/libc/hash/sha1.c')
-rw-r--r--lib/libc/hash/sha1.c501
1 files changed, 157 insertions, 344 deletions
diff --git a/lib/libc/hash/sha1.c b/lib/libc/hash/sha1.c
index 269a078f0fb..d4d6c8f780f 100644
--- a/lib/libc/hash/sha1.c
+++ b/lib/libc/hash/sha1.c
@@ -1,365 +1,178 @@
-#if defined(LIBC_SCCS) && !defined(lint)
-static char rcsid[] = "$OpenBSD: sha1.c,v 1.4 1996/09/30 23:27:05 millert Exp $";
-#endif /* LIBC_SCCS and not lint */
+/* $OpenBSD: sha1.c,v 1.5 1997/07/10 22:52:59 millert Exp $ */
/*
- * sha1.c
- *
- * signature function hook for SHA1.
- *
- * Gene Kim
- * Purdue University
- * August 10, 1993
+ * SHA-1 in C
+ * By Steve Reid <steve@edmweb.com>
+ * 100% Public Domain
+ *
+ * Test Vectors (from FIPS PUB 180-1)
+ * "abc"
+ * A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D
+ * "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+ * 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1
+ * A million repetitions of "a"
+ * 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F
*/
-/* --------------------------------- SHA1.C ------------------------------- */
+#define SHA1HANDSOFF /* Copies data before messing with it. */
-/* NIST proposed Secure Hash Standard.
-
- Written 2 September 1992, Peter C. Gutmann.
- This implementation placed in the public domain.
-
- Comments to pgut1@cs.aukuni.ac.nz */
-
-#include <stdio.h>
-#include <stdlib.h>
+#include <sys/param.h>
#include <string.h>
-#include <sys/types.h>
-#include <sha1.h>
-#ifdef TEST
-#include <time.h>
-#endif
-
-/* Useful defines/typedefs */
-
-typedef unsigned char BYTE;
-typedef u_int32_t LONG;
-
-/* The SHA1 f()-functions */
-
-#define f1(x,y,z) ( ( x & y ) | ( ~x & z ) ) /* Rounds 0-19 */
-#define f2(x,y,z) ( x ^ y ^ z ) /* Rounds 20-39 */
-#define f3(x,y,z) ( ( x & y ) | ( x & z ) | ( y & z ) ) /* Rounds 40-59 */
-#define f4(x,y,z) ( x ^ y ^ z ) /* Rounds 60-79 */
-
-/* The SHA1 Mysterious Constants */
-
-#define K1 0x5A827999L /* Rounds 0-19 */
-#define K2 0x6ED9EBA1L /* Rounds 20-39 */
-#define K3 0x8F1BBCDCL /* Rounds 40-59 */
-#define K4 0xCA62C1D6L /* Rounds 60-79 */
-
-/* SHA1 initial values */
+#include "sha1.h"
-#define h0init 0x67452301L
-#define h1init 0xEFCDAB89L
-#define h2init 0x98BADCFEL
-#define h3init 0x10325476L
-#define h4init 0xC3D2E1F0L
+#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
-/* 32-bit rotate - kludged with shifts */
-
-#define S(n,X) ( ( X << n ) | ( X >> ( 32 - n ) ) )
-
-/* The initial expanding function */
-
-#ifdef NEW_SHA1
-#define expand(count) temp = W[ count - 3 ] ^ W[ count - 8 ] ^ W[ count - 14 ] ^ W[ count - 16 ];W[ count ] = S(1, temp)
+/*
+ * blk0() and blk() perform the initial expand.
+ * I got the idea of expanding during the round function from SSLeay
+ */
+#if BYTE_ORDER == LITTLE_ENDIAN
+# define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \
+ |(rol(block->l[i],8)&0x00FF00FF))
#else
-#define expand(count) W[ count ] = W[ count - 3 ] ^ W[ count - 8 ] ^ W[ count - 14 ] ^ W[ count - 16 ]
+# define blk0(i) block->l[i]
#endif
+#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \
+ ^block->l[(i+2)&15]^block->l[i&15],1))
-/* The four SHA1 sub-rounds */
-
-#define subRound1(count) \
- { \
- temp = S( 5, A ) + f1( B, C, D ) + E + W[ count ] + K1; \
- E = D; \
- D = C; \
- C = S( 30, B ); \
- B = A; \
- A = temp; \
- }
-
-#define subRound2(count) \
- { \
- temp = S( 5, A ) + f2( B, C, D ) + E + W[ count ] + K2; \
- E = D; \
- D = C; \
- C = S( 30, B ); \
- B = A; \
- A = temp; \
- }
-
-#define subRound3(count) \
- { \
- temp = S( 5, A ) + f3( B, C, D ) + E + W[ count ] + K3; \
- E = D; \
- D = C; \
- C = S( 30, B ); \
- B = A; \
- A = temp; \
- }
-
-#define subRound4(count) \
- { \
- temp = S( 5, A ) + f4( B, C, D ) + E + W[ count ] + K4; \
- E = D; \
- D = C; \
- C = S( 30, B ); \
- B = A; \
- A = temp; \
- }
-
-/* The two buffers of 5 32-bit words */
-
-LONG h0, h1, h2, h3, h4;
-LONG A, B, C, D, E;
-
-/* Initialize the SHA1 values */
-
-void sha1Init(sha1Info)
- SHA1_INFO *sha1Info;
- {
- /* Set the h-vars to their initial values */
- sha1Info->digest[ 0 ] = h0init;
- sha1Info->digest[ 1 ] = h1init;
- sha1Info->digest[ 2 ] = h2init;
- sha1Info->digest[ 3 ] = h3init;
- sha1Info->digest[ 4 ] = h4init;
-
- /* Initialise bit count */
- sha1Info->countLo = sha1Info->countHi = 0L;
- }
-
-/* Perform the SHA1 transformation. Note that this code, like MD5, seems to
- break some optimizing compilers - it may be necessary to split it into
- sections, eg based on the four subrounds */
-
-void sha1Transform(sha1Info)
- SHA1_INFO *sha1Info;
- {
- LONG W[ 80 ], temp;
- int i;
-
- /* Step A. Copy the data buffer into the local work buffer */
- for( i = 0; i < 16; i++ )
- W[ i ] = sha1Info->data[ i ];
-
- /* Step B. Expand the 16 words into 64 temporary data words */
- expand( 16 ); expand( 17 ); expand( 18 ); expand( 19 ); expand( 20 );
- expand( 21 ); expand( 22 ); expand( 23 ); expand( 24 ); expand( 25 );
- expand( 26 ); expand( 27 ); expand( 28 ); expand( 29 ); expand( 30 );
- expand( 31 ); expand( 32 ); expand( 33 ); expand( 34 ); expand( 35 );
- expand( 36 ); expand( 37 ); expand( 38 ); expand( 39 ); expand( 40 );
- expand( 41 ); expand( 42 ); expand( 43 ); expand( 44 ); expand( 45 );
- expand( 46 ); expand( 47 ); expand( 48 ); expand( 49 ); expand( 50 );
- expand( 51 ); expand( 52 ); expand( 53 ); expand( 54 ); expand( 55 );
- expand( 56 ); expand( 57 ); expand( 58 ); expand( 59 ); expand( 60 );
- expand( 61 ); expand( 62 ); expand( 63 ); expand( 64 ); expand( 65 );
- expand( 66 ); expand( 67 ); expand( 68 ); expand( 69 ); expand( 70 );
- expand( 71 ); expand( 72 ); expand( 73 ); expand( 74 ); expand( 75 );
- expand( 76 ); expand( 77 ); expand( 78 ); expand( 79 );
-
- /* Step C. Set up first buffer */
- A = sha1Info->digest[ 0 ];
- B = sha1Info->digest[ 1 ];
- C = sha1Info->digest[ 2 ];
- D = sha1Info->digest[ 3 ];
- E = sha1Info->digest[ 4 ];
-
- /* Step D. Serious mangling, divided into four sub-rounds */
- subRound1( 0 ); subRound1( 1 ); subRound1( 2 ); subRound1( 3 );
- subRound1( 4 ); subRound1( 5 ); subRound1( 6 ); subRound1( 7 );
- subRound1( 8 ); subRound1( 9 ); subRound1( 10 ); subRound1( 11 );
- subRound1( 12 ); subRound1( 13 ); subRound1( 14 ); subRound1( 15 );
- subRound1( 16 ); subRound1( 17 ); subRound1( 18 ); subRound1( 19 );
- subRound2( 20 ); subRound2( 21 ); subRound2( 22 ); subRound2( 23 );
- subRound2( 24 ); subRound2( 25 ); subRound2( 26 ); subRound2( 27 );
- subRound2( 28 ); subRound2( 29 ); subRound2( 30 ); subRound2( 31 );
- subRound2( 32 ); subRound2( 33 ); subRound2( 34 ); subRound2( 35 );
- subRound2( 36 ); subRound2( 37 ); subRound2( 38 ); subRound2( 39 );
- subRound3( 40 ); subRound3( 41 ); subRound3( 42 ); subRound3( 43 );
- subRound3( 44 ); subRound3( 45 ); subRound3( 46 ); subRound3( 47 );
- subRound3( 48 ); subRound3( 49 ); subRound3( 50 ); subRound3( 51 );
- subRound3( 52 ); subRound3( 53 ); subRound3( 54 ); subRound3( 55 );
- subRound3( 56 ); subRound3( 57 ); subRound3( 58 ); subRound3( 59 );
- subRound4( 60 ); subRound4( 61 ); subRound4( 62 ); subRound4( 63 );
- subRound4( 64 ); subRound4( 65 ); subRound4( 66 ); subRound4( 67 );
- subRound4( 68 ); subRound4( 69 ); subRound4( 70 ); subRound4( 71 );
- subRound4( 72 ); subRound4( 73 ); subRound4( 74 ); subRound4( 75 );
- subRound4( 76 ); subRound4( 77 ); subRound4( 78 ); subRound4( 79 );
-
- /* Step E. Build message digest */
- sha1Info->digest[ 0 ] += A;
- sha1Info->digest[ 1 ] += B;
- sha1Info->digest[ 2 ] += C;
- sha1Info->digest[ 3 ] += D;
- sha1Info->digest[ 4 ] += E;
- }
-
-#if BYTE_ORDER == LITTLE_ENDIAN
-
-/* When run on a little-endian CPU we need to perform byte reversal on an
- array of longwords. It is possible to make the code endianness-
- independant by fiddling around with data at the byte level, but this
- makes for very slow code, so we rely on the user to sort out endianness
- at compile time */
-
-void sha1ByteReverse(buffer, byteCount)
- LONG *buffer;
- int byteCount;
- {
- LONG value;
- int count;
+/*
+ * (R0+R1), R2, R3, R4 are the different operations (rounds) used in SHA1
+ */
+#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
+#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
+#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
+#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
+#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
+
+
+/* Hash a single 512-bit block. This is the core of the algorithm. */
+
+void SHA1Transform(state, buffer)
+ u_int32_t state[5];
+ u_char buffer[64];
+{
+ u_int32_t a, b, c, d, e;
+ typedef union {
+ u_char c[64];
+ u_int l[16];
+ } CHAR64LONG16;
+ CHAR64LONG16* block;
+
+#ifdef SHA1HANDSOFF
+ static u_char workspace[64];
+ block = (CHAR64LONG16*)workspace;
+ memcpy(block, buffer, 64);
+#else
+ block = (CHAR64LONG16*)buffer;
+#endif
- byteCount /= sizeof( LONG );
- for( count = 0; count < byteCount; count++ )
- {
- value = ( buffer[ count ] << 16 ) | ( buffer[ count ] >> 16 );
- buffer[ count ] = ( ( value & 0xFF00FF00L ) >> 8 ) | ( ( value & 0x00FF00FFL ) << 8 );
- }
- }
-#endif /* LITTLE_ENDIAN */
+ /* Copy context->state[] to working vars */
+ a = state[0];
+ b = state[1];
+ c = state[2];
+ d = state[3];
+ e = state[4];
+
+ /* 4 rounds of 20 operations each. Loop unrolled. */
+ R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
+ R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
+ R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
+ R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
+ R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
+ R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
+ R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
+ R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
+ R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
+ R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
+ R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
+ R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
+ R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
+ R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
+ R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
+ R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
+ R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
+ R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
+ R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
+ R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
+
+ /* Add the working vars back into context.state[] */
+ state[0] += a;
+ state[1] += b;
+ state[2] += c;
+ state[3] += d;
+ state[4] += e;
+
+ /* Wipe variables */
+ a = b = c = d = e = 0;
+}
-/* Update SHA1 for a block of data. This code assumes that the buffer size
- is a multiple of SHA1_BLOCKSIZE bytes long, which makes the code a lot
- more efficient since it does away with the need to handle partial blocks
- between calls to sha1Update() */
-void sha1Update(sha1Info, buffer, count)
- SHA1_INFO *sha1Info;
- BYTE *buffer;
- int count;
- {
- /* Update bitcount */
- if( ( sha1Info->countLo + ( ( LONG ) count << 3 ) ) < sha1Info->countLo )
- sha1Info->countHi++; /* Carry from low to high bitCount */
- sha1Info->countLo += ( ( LONG ) count << 3 );
- sha1Info->countHi += ( ( LONG ) count >> 29 );
+/*
+ * SHA1Init - Initialize new context
+ */
+void SHA1Init(context)
+ SHA1_CTX *context;
+{
+ /* SHA1 initialization constants */
+ context->state[0] = 0x67452301;
+ context->state[1] = 0xEFCDAB89;
+ context->state[2] = 0x98BADCFE;
+ context->state[3] = 0x10325476;
+ context->state[4] = 0xC3D2E1F0;
+ context->count[0] = context->count[1] = 0;
+}
- /* Process data in SHA1_BLOCKSIZE chunks */
- while( count >= SHA1_BLOCKSIZE )
- {
- memcpy( (void *) sha1Info->data, (void *) buffer, SHA1_BLOCKSIZE );
-#if BYTE_ORDER == LITTLE_ENDIAN
- sha1ByteReverse( sha1Info->data, SHA1_BLOCKSIZE );
-#endif /* LITTLE_ENDIAN */
- sha1Transform( sha1Info );
- buffer += SHA1_BLOCKSIZE;
- count -= SHA1_BLOCKSIZE;
- }
- /* Handle any remaining bytes of data. This should only happen once
- on the final lot of data */
- memcpy( (void *) sha1Info->data, (void *) buffer, count );
+/*
+ * Run your data through this.
+ */
+void SHA1Update(context, data, len)
+ SHA1_CTX *context;
+ u_char *data;
+ u_int len;
+{
+ u_int i;
+ u_int j;
+
+ j = context->count[0];
+ if ((context->count[0] += len << 3) < j)
+ context->count[1] += (len>>29)+1;
+ j = (j >> 3) & 63;
+ if ((j + len) > 63) {
+ memcpy(&context->buffer[j], data, (i = 64-j));
+ SHA1Transform(context->state, context->buffer);
+ for ( ; i + 63 < len; i += 64)
+ SHA1Transform(context->state, &data[i]);
+ j = 0;
+ } else {
+ i = 0;
}
+ memcpy(&context->buffer[j], &data[i], len - i);
+}
-void sha1Final(sha1Info)
- SHA1_INFO *sha1Info;
- {
- int count;
- LONG lowBitcount = sha1Info->countLo, highBitcount = sha1Info->countHi;
-
- /* Compute number of bytes mod 64 */
- count = ( int ) ( ( sha1Info->countLo >> 3 ) & 0x3F );
-
- /* Set the first char of padding to 0x80. This is safe since there is
- always at least one byte free */
- ( ( BYTE * ) sha1Info->data )[ count++ ] = 0x80;
-
- /* Pad out to 56 mod 64 */
- if( count > 56 )
- {
- /* Two lots of padding: Pad the first block to 64 bytes */
- memset( ( char * ) sha1Info->data + count, 0, 64 - count );
-#if BYTE_ORDER == LITTLE_ENDIAN
- sha1ByteReverse( sha1Info->data, SHA1_BLOCKSIZE );
-#endif /* LITTLE_ENDIAN */
- sha1Transform( sha1Info );
-
- /* Now fill the next block with 56 bytes */
- memset( (void *) sha1Info->data, 0, 56 );
- }
- else
- /* Pad block to 56 bytes */
- memset( ( char * ) sha1Info->data + count, 0, 56 - count );
-#if BYTE_ORDER == LITTLE_ENDIAN
- sha1ByteReverse( sha1Info->data, SHA1_BLOCKSIZE );
-#endif /* LITTLE_ENDIAN */
-
- /* Append length in bits and transform */
- sha1Info->data[ 14 ] = highBitcount;
- sha1Info->data[ 15 ] = lowBitcount;
- sha1Transform( sha1Info );
-#if BYTE_ORDER == LITTLE_ENDIAN
- sha1ByteReverse( sha1Info->data, SHA1_DIGESTSIZE );
-#endif /* LITTLE_ENDIAN */
+/*
+ * Add padding and return the message digest.
+ */
+void SHA1Final(digest, context)
+ u_char digest[20];
+ SHA1_CTX* context;
+{
+ u_int i;
+ u_char finalcount[8];
+
+ for (i = 0; i < 8; i++) {
+ finalcount[i] = (u_char)((context->count[(i >= 4 ? 0 : 1)]
+ >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */
}
-
-#ifdef TEST
-
-/* ----------------------------- SHA1 Test code --------------------------- */
-
-/* Size of buffer for SHA1 speed test data */
-
-#define TEST_BLOCK_SIZE ( SHA1_DIGESTSIZE * 100 )
-
-/* Number of bytes of test data to process */
-
-#define TEST_BYTES 10000000L
-#define TEST_BLOCKS ( TEST_BYTES / TEST_BLOCK_SIZE )
-
-void main()
- {
- SHA1_INFO sha1Info;
- time_t endTime, startTime;
- BYTE data[ TEST_BLOCK_SIZE ];
- long i;
-
- /* Test output data (this is the only test data given in the SHA1
- document, but chances are if it works for this it'll work for
- anything) */
- sha1Init( &sha1Info );
- sha1Update( &sha1Info, ( BYTE * ) "abc", 3 );
- sha1Final( &sha1Info );
-#ifdef NEW_SHA1
- if( sha1Info.digest[ 0 ] != 0xA9993E36L ||
- sha1Info.digest[ 1 ] != 0x4706816AL ||
- sha1Info.digest[ 2 ] != 0xBA3E2571L ||
- sha1Info.digest[ 3 ] != 0x7850C26CL ||
- sha1Info.digest[ 4 ] != 0x9CD0D89DL )
-#else
- if( sha1Info.digest[ 0 ] != 0x0164B8A9L ||
- sha1Info.digest[ 1 ] != 0x14CD2A5EL ||
- sha1Info.digest[ 2 ] != 0x74C4F7FFL ||
- sha1Info.digest[ 3 ] != 0x082C4D97L ||
- sha1Info.digest[ 4 ] != 0xF1EDF880L )
-#endif
- {
- puts( "Error in SHA1 implementation" );
- exit( -1 );
- }
-
- /* Now perform time trial, generating MD for 10MB of data. First,
- initialize the test data */
- memset( ( void * ) data, 0, TEST_BLOCK_SIZE );
-
- /* Get start time */
- printf( "SHA1 time trial. Processing %ld characters...\n", TEST_BYTES );
- time( &startTime );
-
- /* Calculate SHA1 message digest in TEST_BLOCK_SIZE byte blocks */
- sha1Init( &sha1Info );
- for( i = TEST_BLOCKS; i > 0; i-- )
- sha1Update( &sha1Info, data, TEST_BLOCK_SIZE );
- sha1Final( &sha1Info );
-
- /* Get finish time and time difference */
- time( &endTime );
- printf( "Seconds to process test input: %ld\n", endTime - startTime );
- printf( "Characters processed per second: %ld\n", TEST_BYTES / ( endTime - startTime ) );
+ SHA1Update(context, (u_char *)"\200", 1);
+ while ((context->count[0] & 504) != 448)
+ SHA1Update(context, (u_char *)"\0", 1);
+ SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
+
+ if (digest) {
+ for (i = 0; i < 20; i++)
+ digest[i] = (u_char)
+ ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
}
-
-#endif
+}