diff --git a/sha1.c b/sha1.c
index c04ab7756eb1823ea95cd414d9cfb8b3a7ffee14..a9c9ec127a5870e6d302fe63e03e311bfa70f1c2 100644
--- a/sha1.c
+++ b/sha1.c
@@ -49,117 +49,36 @@
#include "macros.h"
#include "nettle-write.h"
-/* A block, treated as a sequence of 32-bit words. */
-#define SHA1_DATA_LENGTH 16
-
-/* SHA initial values */
-
-#define h0init 0x67452301L
-#define h1init 0xEFCDAB89L
-#define h2init 0x98BADCFEL
-#define h3init 0x10325476L
-#define h4init 0xC3D2E1F0L
-
/* Initialize the SHA values */
-
void
sha1_init(struct sha1_ctx *ctx)
{
- /* Set the h-vars to their initial values */
- ctx->digest[ 0 ] = h0init;
- ctx->digest[ 1 ] = h1init;
- ctx->digest[ 2 ] = h2init;
- ctx->digest[ 3 ] = h3init;
- ctx->digest[ 4 ] = h4init;
-
- /* Initialize bit count */
+ /* FIXME: Put the buffer last in the struct, and arrange so that we
+ can initialize with a single memcpy. */
+ static const uint32_t iv[_SHA1_DIGEST_LENGTH] =
+ {
+ /* SHA initial values */
+ 0x67452301L,
+ 0xEFCDAB89L,
+ 0x98BADCFEL,
+ 0x10325476L,
+ 0xC3D2E1F0L,
+ };
+
+ memcpy(ctx->state, iv, sizeof(ctx->state));
ctx->count_low = ctx->count_high = 0;
/* Initialize buffer */
ctx->index = 0;
}
-#define SHA1_INCR(ctx) ((ctx)->count_high += !++(ctx)->count_low)
-
void
sha1_update(struct sha1_ctx *ctx,
- unsigned length, const uint8_t *buffer)
+ unsigned length, const uint8_t *data)
{
- if (ctx->index)
- { /* Try to fill partial block */
- unsigned left = SHA1_DATA_SIZE - ctx->index;
- if (length < left)
- {
- memcpy(ctx->block + ctx->index, buffer, length);
- ctx->index += length;
- return; /* Finished */
- }
- else
- {
- memcpy(ctx->block + ctx->index, buffer, left);
-
- _nettle_sha1_compress(ctx->digest, ctx->block);
- SHA1_INCR(ctx);
-
- buffer += left;
- length -= left;
- }
- }
- while (length >= SHA1_DATA_SIZE)
- {
- _nettle_sha1_compress(ctx->digest, buffer);
- SHA1_INCR(ctx);
-
- buffer += SHA1_DATA_SIZE;
- length -= SHA1_DATA_SIZE;
- }
- if ((ctx->index = length)) /* This assignment is intended */
- /* Buffer leftovers */
- memcpy(ctx->block, buffer, length);
+ MD_UPDATE (ctx, length, data, _nettle_sha1_compress);
}
-/* Final wrapup - pad to SHA1_DATA_SIZE-byte boundary with the bit pattern
- 1 0* (64-bit count of bits processed, MSB-first) */
-
-static void
-sha1_final(struct sha1_ctx *ctx)
-{
- uint32_t bitcount_high;
- uint32_t bitcount_low;
- unsigned i;
-
- i = ctx->index;
-
- /* Set the first char of padding to 0x80. This is safe since there is
- always at least one byte free */
-
- assert(i < SHA1_DATA_SIZE);
- ctx->block[i++] = 0x80;
-
- if (i > (SHA1_DATA_SIZE - 8))
- { /* No room for length in this block. Process it and
- pad with another one */
- memset(ctx->block + i, 0, SHA1_DATA_SIZE - i);
-
- _nettle_sha1_compress(ctx->digest, ctx->block);
- i = 0;
- }
- if (i < (SHA1_DATA_SIZE - 8))
- memset(ctx->block + i, 0, (SHA1_DATA_SIZE - 8) - i);
-
- /* There are 512 = 2^9 bits in one block */
- bitcount_high = (ctx->count_high << 9) | (ctx->count_low >> 23);
- bitcount_low = (ctx->count_low << 9) | (ctx->index << 3);
-
- /* This is slightly inefficient, as the numbers are converted to
- big-endian format, and will be converted back by the compression
- function. It's probably not worth the effort to fix this. */
- WRITE_UINT32(ctx->block + (SHA1_DATA_SIZE - 8), bitcount_high);
- WRITE_UINT32(ctx->block + (SHA1_DATA_SIZE - 4), bitcount_low);
-
- _nettle_sha1_compress(ctx->digest, ctx->block);
-}
-
void
sha1_digest(struct sha1_ctx *ctx,
unsigned length,
@@ -167,7 +86,8 @@ sha1_digest(struct sha1_ctx *ctx,
{
assert(length <= SHA1_DIGEST_SIZE);
- sha1_final(ctx);
- _nettle_write_be32(length, digest, ctx->digest);
+ /* There are 512 = 2^9 bits in one block */
+ MD_FINAL(ctx, 32, 9, _nettle_sha1_compress, WRITE_UINT32);
+ _nettle_write_be32(length, digest, ctx->state);
sha1_init(ctx);
}