SHA() -- SSLeay 0.6.6 -- February 1997

NAME

SHA_Init, SHA_Update, SHA_Final, SHA, SHA_Transform -- SHA message digest algorithm

SYNOPSIS

#include "SHA.h"

void SHA_Init(c)
SHA_CTX *c;

void SHA_Update(c)
SHA_CTX *c;
unsigned char *data;
unsigned long len);

void SHA_Final(c)
unsigned char *md;
SHA_CTX *c;

unsigned char *SHA(d, n, md)
unsigned long n;
unsigned char *d, *md;

void SHA_Transform(c, data)
SHA_CTX *c;
unsigned char *data;

DESCRIPTION

SHA is a message digest algorithm that can be used to condense an arbitrary length message down to a 20 byte hash. These functions all take an SHA_CTX which contains the following: 

typedef struct SHAstate_st
        {
        unsigned long h0,h1,h2,h3,h4;
        unsigned long Nl,Nh;
        unsigned long data[SHA_LBLOCK];
        int num;
        } SHA_CTX;

Since SHA processes data in 16-byte blocks, the data subfield is used to keep 'leftover' data from one SHA_Update to the next, buffering it until the last of it is used with padding as needed during the SHA_Final call. The num subfield contains the length of data.

h0, h1, h2, h3, and h4 are internal buffers used during the computation.

The other subfields keep information on the running hash.

SHA_Init() expects the caller to pass a pointer to a previously allocated SHA_CTX structure. It then initializes all subfields to 0 except for h0, h1, h2, h3, and h4, which get initialized according to the specs (see FIPS 180-1 - Secure Hash Standard). Note that the FIP specifies SHA-1, which is more secure than SHA.

SHA_Update() expects len bytes of data to be hashed; the results are stored in the SHA_CTX c.

SHA_Final() provides a message digest of the data digested with SHA_Update(). The message digest is put in the md array and is SHA_DIGEST_LENGTH (16) bytes long. All subfields of the SHA_CTX c are set to zero before the routine returns.

SHA() is a convenience routine that calls SHA_Init(), SHA_Update() and then SHA_Final(). d should be a pointer to the data to be hashed and n should be the length in bytes of that data. If md is NULL, a static buffer will be used and a pointer to it returned to the caller. Otherwise the function returns a pointer to md which will contain the message digest.

If you prefer not to use the convenience routine, the functions may be called separately: 

SHA_Init(...);
SHA_Update(...);
...
SHA_Update(...);
SHA_Final(...);

SHA_Transform does some endian conversions on b before calling the internal function sha1_block. I don't see it used anywhere. Anybody know why it would be useful?