SHA1() -- SSLeay 0.9.0b -- January 1999

NAME

SHA1_Init, SHA1_Update, SHA1_Final, SHA1, SHA1_Transform -- SHA1 message digest algorithm

SYNOPSIS

#include "SHA1.h"

void SHA1_Init(c)
SHA1_CTX *c;

void SHA1_Update(c)
SHA1_CTX *c;
unsigned char *data;
unsigned long len);

void SHA1_Final(c)
unsigned char *md;
SHA1_CTX *c;

unsigned char *SHA1(d, n, md)
unsigned long n;
unsigned char *d, *md;

void SHA1_Transform(c, data)
SHA_CTX *c;
unsigned char *data;

DESCRIPTION

SHA1 is a message digest algorithm that can be used to condense an arbitrary length message down to a 20 byte hash. These functions all take an SHA_CTX which contains the following: 

typedef struct SHAstate_st
        {
        unsigned long h0,h1,h2,h3,h4;
        unsigned long Nl,Nh;
        unsigned long data[SHA1_LBLOCK];
        int num;
        } SHA1_CTX;

Since SHA1 processes data in 16-byte blocks, the data subfield is used to keep 'leftover' data from one SHA1_Update to the next, buffering it until the last of it is used with padding as needed during the SHA1_Final call. The num subfield contains the length of data.

h0, h1, h2, h3, and h4 are internal buffers used during the computation.

The other subfields keep information on the running hash.

SHA1_Init() expects the caller to pass a pointer to a previously allocated SHA1_CTX structure. It then initializes all subfields to 0 except for h0, h1, h2, h3, and h4, which get initialized according to the specs (see FIPS 180-1 - Secure Hash Standard).

SHA1_Update() expects len bytes of data to be hashed; the results are stored in the SHA1_CTX c.

SHA1_Final() provides a message digest of the data digested with SHA1_Update(). The message digest is put in the md array and is SHA1_DIGEST_LENGTH (16) bytes long. All subfields of the SHA1_CTX c are set to zero before the routine returns.

SHA1() is a convenience routine that calls SHA1_Init(), SHA1_Update() and then SHA1_Final(). d should be a pointer to the data to be hashed and n should be the length in bytes of that data. If md is NULL, a static buffer will be used and a pointer to it returned to the caller. Otherwise the function returns a pointer to md which will contain the message digest.

If you prefer not to use the convenience routine, the functions may be called separately: 

SHA1_Init(...);
SHA1_Update(...);
...
SHA1_Update(...);
SHA1_Final(...);

SHA1_Transform does some endian conversions on b before calling the internal function sha1_block. I don't see it used anywhere. Anybody know why it would be useful?