r17488: - add SHA1 and HMACSHA1 functions, based on rfc 2104,2202,3174

- and add torture tests also based on the rfc's

metze
(This used to be commit d48930a02f9560640697fd57e4bba03dc0abe284)

7 files changed, 749 insertions, 2 deletions

diff --git a/source4/lib/crypto/crypto.h b/source4/lib/crypto/crypto.h
index 19457f60dc..ca6386e28c 100644
--- a/source4/lib/crypto/crypto.h
+++ b/source4/lib/crypto/crypto.h
@@ -18,10 +18,12 @@
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */
 
-#include "lib/crypto/md5.h"
+#include "lib/crypto/crc32.h"
 #include "lib/crypto/md4.h"
+#include "lib/crypto/md5.h"
 #include "lib/crypto/hmacmd5.h"
-#include "lib/crypto/crc32.h"
+#include "lib/crypto/sha1.h"
+#include "lib/crypto/hmacsha1.h"
 
 struct arcfour_state {
 	uint8_t sbox[256];
diff --git a/source4/lib/crypto/hmacsha1.c b/source4/lib/crypto/hmacsha1.c
new file mode 100644
index 0000000000..c3d2ba403a
--- /dev/null
+++ b/source4/lib/crypto/hmacsha1.c
@@ -0,0 +1,87 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Interface header:    HMAC SHA-1 code
+   Copyright (C) Stefan Metzmacher
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+/*
+ taken direct from rfc2202 implementation and modified for suitable use
+ */
+
+#include "includes.h"
+#include "lib/crypto/crypto.h"
+
+/***********************************************************************
+ the rfc 2104/2202 version of hmac_sha1 initialisation.
+***********************************************************************/
+_PUBLIC_ void hmac_sha1_init(const uint8_t *key, size_t key_len, struct HMACSHA1Context *ctx)
+{
+        int i;
+	uint8_t tk[SHA1HashSize];
+
+        /* if key is longer than 64 bytes reset it to key=MD5(key) */
+        if (key_len > 64)
+	{
+                struct SHA1Context tctx;
+
+                SHA1Init(&tctx);
+                SHA1Update(&tctx, key, key_len);
+                SHA1Final(tk, &tctx);
+
+                key = tk;
+                key_len = SHA1HashSize;
+        }
+
+        /* start out by storing key in pads */
+        ZERO_STRUCT(ctx->k_ipad);
+        ZERO_STRUCT(ctx->k_opad);
+        memcpy( ctx->k_ipad, key, key_len);
+        memcpy( ctx->k_opad, key, key_len);
+
+        /* XOR key with ipad and opad values */
+        for (i=0; i<64; i++)
+	{
+                ctx->k_ipad[i] ^= 0x36;
+                ctx->k_opad[i] ^= 0x5c;
+        }
+
+        SHA1Init(&ctx->ctx);
+        SHA1Update(&ctx->ctx, ctx->k_ipad, 64);  
+}
+
+/***********************************************************************
+ update hmac_sha1 "inner" buffer
+***********************************************************************/
+_PUBLIC_ void hmac_sha1_update(const uint8_t *data, size_t data_len, struct HMACSHA1Context *ctx)
+{
+        SHA1Update(&ctx->ctx, data, data_len); /* then text of datagram */
+}
+
+/***********************************************************************
+ finish off hmac_sha1 "inner" buffer and generate outer one.
+***********************************************************************/
+_PUBLIC_ void hmac_sha1_final(uint8_t digest[SHA1HashSize], struct HMACSHA1Context *ctx)
+{
+        struct SHA1Context ctx_o;
+
+        SHA1Final(digest, &ctx->ctx);
+
+        SHA1Init(&ctx_o);
+        SHA1Update(&ctx_o, ctx->k_opad, 64);
+        SHA1Update(&ctx_o, digest, SHA1HashSize);
+        SHA1Final(digest, &ctx_o);
+}
diff --git a/source4/lib/crypto/hmacsha1.h b/source4/lib/crypto/hmacsha1.h
new file mode 100644
index 0000000000..f199aa081f
--- /dev/null
+++ b/source4/lib/crypto/hmacsha1.h
@@ -0,0 +1,34 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Interface header:    HMAC SHA1 code
+   Copyright (C) Stefan Metzmacher 2006
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#ifndef _HMAC_SHA1_H
+
+struct HMACSHA1Context {
+        struct SHA1Context ctx;
+        uint8_t k_ipad[65];    
+        uint8_t k_opad[65];
+
+};
+
+void hmac_sha1_init(const uint8_t *key, size_t key_len, struct HMACSHA1Context *ctx);
+void hmac_sha1_update(const uint8_t *data, size_t data_len, struct HMACSHA1Context *ctx);
+void hmac_sha1_final(uint8_t digest[20], struct HMACSHA1Context *ctx);
+
+#endif /* _HMAC_SHA1_H */
diff --git a/source4/lib/crypto/hmacsha1test.c b/source4/lib/crypto/hmacsha1test.c
new file mode 100644
index 0000000000..2631fe1659
--- /dev/null
+++ b/source4/lib/crypto/hmacsha1test.c
@@ -0,0 +1,46 @@
+#include "includes.h"
+
+#include "lib/crypto/crypto.h"
+
+struct torture_context;
+
+BOOL torture_local_crypto_hmacsha1(struct torture_context *torture) 
+{
+	BOOL ret = True;
+	uint32_t i;
+	struct {
+		DATA_BLOB key;
+		DATA_BLOB data;
+		DATA_BLOB digest;
+	} testarray[] = {
+	{
+		.key	= strhex_to_data_blob("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"),
+		.data	= data_blob_string_const("Hi There"),
+		.digest	= strhex_to_data_blob("b617318655057264e28bc0b6fb378c8ef146be00")
+	}
+	};
+
+	for (i=0; i < ARRAY_SIZE(testarray); i++) {
+		struct HMACSHA1Context ctx;
+		uint8_t digest[SHA1HashSize];
+		int e;
+
+		hmac_sha1_init(testarray[i].key.data, testarray[i].key.length, &ctx);
+		hmac_sha1_update(testarray[i].data.data, testarray[i].data.length, &ctx);
+		hmac_sha1_final(digest, &ctx);
+
+		e = memcmp(testarray[i].digest.data,
+			   digest,
+			   MIN(testarray[i].digest.length, SHA1HashSize));
+		if (e != 0) {
+			printf("test[%u]: failed\n", i);
+			dump_data(0, testarray[i].key.data, testarray[i].key.length);
+			dump_data(0, testarray[i].data.data, testarray[i].data.length);
+			dump_data(0, testarray[i].digest.data, testarray[i].digest.length);
+			dump_data(0, digest, sizeof(digest));
+			ret = False;
+		}
+	}
+
+	return ret;
+}
diff --git a/source4/lib/crypto/sha1.c b/source4/lib/crypto/sha1.c
new file mode 100644
index 0000000000..1b91f8a949
--- /dev/null
+++ b/source4/lib/crypto/sha1.c
@@ -0,0 +1,390 @@
+/*
+ This file contains the reference implementation of SHA-1
+ from http://www.ietf.org/rfc/rfc3174.txt
+*/
+/*
+ *  sha1.c
+ *
+ *  Description:
+ *      This file implements the Secure Hashing Algorithm 1 as
+ *      defined in FIPS PUB 180-1 published April 17, 1995.
+ *
+ *      The SHA-1, produces a 160-bit message digest for a given
+ *      data stream.  It should take about 2**n steps to find a
+ *      message with the same digest as a given message and
+ *      2**(n/2) to find any two messages with the same digest,
+ *      when n is the digest size in bits.  Therefore, this
+ *      algorithm can serve as a means of providing a
+ *      "fingerprint" for a message.
+ *
+ *  Portability Issues:
+ *      SHA-1 is defined in terms of 32-bit "words".  This code
+ *      uses <stdint.h> (included via "sha1.h" to define 32 and 8
+ *      bit unsigned integer types.  If your C compiler does not
+ *      support 32 bit unsigned integers, this code is not
+ *      appropriate.
+ *
+ *  Caveats:
+ *      SHA-1 is designed to work with messages less than 2^64 bits
+ *      long.  Although SHA-1 allows a message digest to be generated
+ *      for messages of any number of bits less than 2^64, this
+ *      implementation only works with messages with a length that is
+ *      a multiple of the size of an 8-bit character.
+ *
+ */
+
+#include "includes.h"
+
+#include "sha1.h"
+
+/*
+ *  Define the SHA1 circular left shift macro
+ */
+#define SHA1CircularShift(bits,word) \
+                (((word) << (bits)) | ((word) >> (32-(bits))))
+
+/* Local Function Prototyptes */
+static void SHA1PadMessage(struct SHA1Context *);
+static void SHA1ProcessMessageBlock(struct SHA1Context *);
+
+/*
+ *  SHA1Init (SHA1Reset in the rfc)
+ *
+ *  Description:
+ *      This function will initialize the SHA1Context in preparation
+ *      for computing a new SHA1 message digest.
+ *
+ *  Parameters:
+ *      context: [in/out]
+ *          The context to reset.
+ *
+ *  Returns:
+ *      sha Error Code.
+ *
+ */
+int SHA1Init(struct SHA1Context *context)
+{
+    if (!context)
+    {
+        return shaNull;
+    }
+
+    context->Length_Low             = 0;
+    context->Length_High            = 0;
+    context->Message_Block_Index    = 0;
+
+    context->Intermediate_Hash[0]   = 0x67452301;
+    context->Intermediate_Hash[1]   = 0xEFCDAB89;
+    context->Intermediate_Hash[2]   = 0x98BADCFE;
+    context->Intermediate_Hash[3]   = 0x10325476;
+    context->Intermediate_Hash[4]   = 0xC3D2E1F0;
+
+    context->Computed   = 0;
+    context->Corrupted  = 0;
+
+    return shaSuccess;
+}
+
+/*
+ *  SHA1Final (SHA1Result in the rfc)
+ *
+ *  Description:
+ *      This function will return the 160-bit message digest into the
+ *      Message_Digest array  provided by the caller.
+ *      NOTE: The first octet of hash is stored in the 0th element,
+ *            the last octet of hash in the 19th element.
+ *
+ *  Parameters:
+ *      context: [in/out]
+ *          The context to use to calculate the SHA-1 hash.
+ *      Message_Digest: [out]
+ *          Where the digest is returned.
+ *
+ *  Returns:
+ *      sha Error Code.
+ *
+ */
+int SHA1Final(uint8_t Message_Digest[SHA1HashSize],
+	      struct SHA1Context *context)
+{
+    int i;
+
+    if (!context || !Message_Digest)
+    {
+        return shaNull;
+    }
+
+    if (context->Corrupted)
+    {
+        return context->Corrupted;
+    }
+
+    if (!context->Computed)
+    {
+        SHA1PadMessage(context);
+        for(i=0; i<64; ++i)
+        {
+            /* message may be sensitive, clear it out */
+            context->Message_Block[i] = 0;
+        }
+        context->Length_Low = 0;    /* and clear length */
+        context->Length_High = 0;
+        context->Computed = 1;
+    }
+
+    for(i = 0; i < SHA1HashSize; ++i)
+    {
+        Message_Digest[i] = context->Intermediate_Hash[i>>2]
+                            >> 8 * ( 3 - ( i & 0x03 ) );
+    }
+
+    return shaSuccess;
+}
+
+/*
+ *  SHA1Update (SHA1Input in the rfc)
+ *
+ *  Description:
+ *      This function accepts an array of octets as the next portion
+ *      of the message.
+ *
+ *  Parameters:
+ *      context: [in/out]
+ *          The SHA context to update
+ *      message_array: [in]
+ *          An array of characters representing the next portion of
+ *          the message.
+ *      length: [in]
+ *          The length of the message in message_array
+ *
+ *  Returns:
+ *      sha Error Code.
+ *
+ */
+int SHA1Update(struct SHA1Context *context,
+               const uint8_t *message_array,
+               size_t length)
+{
+    if (!length)
+    {
+        return shaSuccess;
+    }
+
+    if (!context || !message_array)
+    {
+        return shaNull;
+    }
+
+    if (context->Computed)
+    {
+        context->Corrupted = shaStateError;
+        return shaStateError;
+    }
+
+    if (context->Corrupted)
+    {
+         return context->Corrupted;
+    }
+    while(length-- && !context->Corrupted)
+    {
+    context->Message_Block[context->Message_Block_Index++] =
+                    (*message_array & 0xFF);
+
+    context->Length_Low += 8;
+    if (context->Length_Low == 0)
+    {
+        context->Length_High++;
+        if (context->Length_High == 0)
+        {
+            /* Message is too long */
+            context->Corrupted = 1;
+        }
+    }
+
+    if (context->Message_Block_Index == 64)
+    {
+        SHA1ProcessMessageBlock(context);
+    }
+
+    message_array++;
+    }
+
+    return shaSuccess;
+}
+
+/*
+ *  SHA1ProcessMessageBlock
+ *
+ *  Description:
+ *      This function will process the next 512 bits of the message
+ *      stored in the Message_Block array.
+ *
+ *  Parameters:
+ *      None.
+ *
+ *  Returns:
+ *      Nothing.
+ *
+ *  Comments:
+ *      Many of the variable names in this code, especially the
+ *      single character names, were used because those were the
+ *      names used in the publication.
+ *
+ *
+ */
+static void SHA1ProcessMessageBlock(struct SHA1Context *context)
+{
+    const uint32_t K[] =    {       /* Constants defined in SHA-1   */
+                            0x5A827999,
+                            0x6ED9EBA1,
+                            0x8F1BBCDC,
+                            0xCA62C1D6
+                            };
+    int           t;                 /* Loop counter                */
+    uint32_t      temp;              /* Temporary word value        */
+    uint32_t      W[80];             /* Word sequence               */
+    uint32_t      A, B, C, D, E;     /* Word buffers                */
+
+    /*
+     *  Initialize the first 16 words in the array W
+     */
+    for(t = 0; t < 16; t++)
+    {
+        W[t] = context->Message_Block[t * 4] << 24;
+        W[t] |= context->Message_Block[t * 4 + 1] << 16;
+        W[t] |= context->Message_Block[t * 4 + 2] << 8;
+        W[t] |= context->Message_Block[t * 4 + 3];
+    }
+
+    for(t = 16; t < 80; t++)
+    {
+       W[t] = SHA1CircularShift(1,W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16]);
+    }
+
+    A = context->Intermediate_Hash[0];
+    B = context->Intermediate_Hash[1];
+    C = context->Intermediate_Hash[2];
+    D = context->Intermediate_Hash[3];
+    E = context->Intermediate_Hash[4];
+
+    for(t = 0; t < 20; t++)
+    {
+        temp =  SHA1CircularShift(5,A) +
+                ((B & C) | ((~B) & D)) + E + W[t] + K[0];
+        E = D;
+        D = C;
+        C = SHA1CircularShift(30,B);
+        B = A;
+        A = temp;
+    }
+
+    for(t = 20; t < 40; t++)
+    {
+        temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[1];
+        E = D;
+        D = C;
+        C = SHA1CircularShift(30,B);
+        B = A;
+        A = temp;
+    }
+
+    for(t = 40; t < 60; t++)
+    {
+        temp = SHA1CircularShift(5,A) +
+               ((B & C) | (B & D) | (C & D)) + E + W[t] + K[2];
+        E = D;
+        D = C;
+        C = SHA1CircularShift(30,B);
+        B = A;
+        A = temp;
+    }
+
+    for(t = 60; t < 80; t++)
+    {
+        temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[3];
+        E = D;
+        D = C;
+        C = SHA1CircularShift(30,B);
+        B = A;
+        A = temp;
+    }
+
+    context->Intermediate_Hash[0] += A;
+    context->Intermediate_Hash[1] += B;
+    context->Intermediate_Hash[2] += C;
+    context->Intermediate_Hash[3] += D;
+    context->Intermediate_Hash[4] += E;
+
+    context->Message_Block_Index = 0;
+}
+
+
+/*
+ *  SHA1PadMessage
+ *
+ *  Description:
+ *      According to the standard, the message must be padded to an even
+ *      512 bits.  The first padding bit must be a '1'.  The last 64
+ *      bits represent the length of the original message.  All bits in
+ *      between should be 0.  This function will pad the message
+ *      according to those rules by filling the Message_Block array
+ *      accordingly.  It will also call the ProcessMessageBlock function
+ *      provided appropriately.  When it returns, it can be assumed that
+ *      the message digest has been computed.
+ *
+ *  Parameters:
+ *      context: [in/out]
+ *          The context to pad
+ *      ProcessMessageBlock: [in]
+ *          The appropriate SHA*ProcessMessageBlock function
+ *  Returns:
+ *      Nothing.
+ *
+ */
+
+static void SHA1PadMessage(struct SHA1Context *context)
+{
+    /*
+     *  Check to see if the current message block is too small to hold
+     *  the initial padding bits and length.  If so, we will pad the
+     *  block, process it, and then continue padding into a second
+     *  block.
+     */
+    if (context->Message_Block_Index > 55)
+    {
+        context->Message_Block[context->Message_Block_Index++] = 0x80;
+        while(context->Message_Block_Index < 64)
+        {
+            context->Message_Block[context->Message_Block_Index++] = 0;
+        }
+
+        SHA1ProcessMessageBlock(context);
+
+        while(context->Message_Block_Index < 56)
+        {
+            context->Message_Block[context->Message_Block_Index++] = 0;
+        }
+    }
+    else
+    {
+        context->Message_Block[context->Message_Block_Index++] = 0x80;
+        while(context->Message_Block_Index < 56)
+        {
+            context->Message_Block[context->Message_Block_Index++] = 0;
+        }
+    }
+
+    /*
+     *  Store the message length as the last 8 octets
+     */
+    context->Message_Block[56] = context->Length_High >> 24;
+    context->Message_Block[57] = context->Length_High >> 16;
+    context->Message_Block[58] = context->Length_High >> 8;
+    context->Message_Block[59] = context->Length_High;
+    context->Message_Block[60] = context->Length_Low >> 24;
+    context->Message_Block[61] = context->Length_Low >> 16;
+    context->Message_Block[62] = context->Length_Low >> 8;
+    context->Message_Block[63] = context->Length_Low;
+
+    SHA1ProcessMessageBlock(context);
+}
diff --git a/source4/lib/crypto/sha1.h b/source4/lib/crypto/sha1.h
new file mode 100644
index 0000000000..4a2d448bfc
--- /dev/null
+++ b/source4/lib/crypto/sha1.h
@@ -0,0 +1,62 @@
+/*
+ This file contains the reference implementation of SHA-1
+ from http://www.ietf.org/rfc/rfc3174.txt
+*/
+/*
+ *  sha1.h
+ *
+ *  Description:
+ *      This is the header file for code which implements the Secure
+ *      Hashing Algorithm 1 as defined in FIPS PUB 180-1 published
+ *      April 17, 1995.
+ *
+ *      Many of the variable names in this code, especially the
+ *      single character names, were used because those were the names
+ *      used in the publication.
+ *
+ *      Please read the file sha1.c for more information.
+ *
+ */
+#ifndef _SHA1_H_
+#define _SHA1_H_
+
+#ifndef _SHA_enum_
+#define _SHA_enum_
+enum
+{
+    shaSuccess = 0,
+    shaNull,            /* Null pointer parameter */
+    shaInputTooLong,    /* input data too long */
+    shaStateError       /* called Input after Result */
+};
+#endif
+#define SHA1HashSize 20
+
+/*
+ *  This structure will hold context information for the SHA-1
+ *  hashing operation
+ */
+struct SHA1Context
+{
+    uint32_t Intermediate_Hash[SHA1HashSize/4]; /* Message Digest  */
+
+    uint32_t Length_Low;            /* Message length in bits      */
+    uint32_t Length_High;           /* Message length in bits      */
+
+                               /* Index into message block array   */
+    int16_t Message_Block_Index;
+    uint8_t Message_Block[64];      /* 512-bit message blocks      */
+
+    int Computed;               /* Is the digest computed?         */
+    int Corrupted;             /* Is the message digest corrupted? */
+};
+
+/*
+ *  Function Prototypes
+ */
+
+int SHA1Init(struct SHA1Context *);
+int SHA1Update(struct SHA1Context *, const uint8_t *data, size_t data_len);
+int SHA1Final(uint8_t Message_Digest[SHA1HashSize], struct SHA1Context *);
+
+#endif
diff --git a/source4/lib/crypto/sha1test.c b/source4/lib/crypto/sha1test.c
new file mode 100644
index 0000000000..c3b4506dec
--- /dev/null
+++ b/source4/lib/crypto/sha1test.c
@@ -0,0 +1,126 @@
+/*
+ This file contains the reference implementation of SHA-1
+ from http://www.ietf.org/rfc/rfc3174.txt
+*/
+/*
+ *  sha1test.c
+ *
+ *  Description:
+ *      This file will exercise the SHA-1 code performing the three
+ *      tests documented in FIPS PUB 180-1 plus one which calls
+ *      SHA1Input with an exact multiple of 512 bits, plus a few
+ *      error test checks.
+ *
+ *  Portability Issues:
+ *      None.
+ *
+ */
+
+#include "includes.h"
+
+#include "lib/crypto/crypto.h"
+
+struct torture_context;
+
+/*
+ *  Define patterns for testing
+ */
+#define TEST1   "abc"
+#define TEST2a  "abcdbcdecdefdefgefghfghighijhi"
+#define TEST2b  "jkijkljklmklmnlmnomnopnopq"
+#define TEST2   TEST2a TEST2b
+#define TEST3   "a"
+#define TEST4a  "01234567012345670123456701234567"
+#define TEST4b  "01234567012345670123456701234567"
+    /* an exact multiple of 512 bits */
+#define TEST4   TEST4a TEST4b
+static const char *testarray[4] =
+{
+    TEST1,
+    TEST2,
+    TEST3,
+    TEST4
+};
+static int repeatcount[4] = { 1, 1, 1000000, 10 };
+static const char *resultarray[4] =
+{
+    "A9 99 3E 36 47 06 81 6A BA 3E 25 71 78 50 C2 6C 9C D0 D8 9D ",
+    "84 98 3E 44 1C 3B D2 6E BA AE 4A A1 F9 51 29 E5 E5 46 70 F1 ",
+    "34 AA 97 3C D4 C4 DA A4 F6 1E EB 2B DB AD 27 31 65 34 01 6F ",
+    "DE A3 56 A2 CD DD 90 C7 A7 EC ED C5 EB B5 63 93 4F 46 04 52 "
+};
+
+BOOL torture_local_crypto_sha1(struct torture_context *torture) 
+{
+    struct SHA1Context sha;
+    int i, j, err;
+    uint8_t Message_Digest[20];
+    BOOL ret = True;
+    char tmp[60 + 10];
+
+    /*
+     *  Perform SHA-1 tests
+     */
+    for(j = 0; j < 4; ++j)
+    {
+    	ZERO_STRUCT(tmp);
+        printf( "\nTest %d: %d, '%s'\n",
+                j+1,
+                repeatcount[j],
+                testarray[j]);
+
+        err = SHA1Init(&sha);
+        if (err)
+        {
+            fprintf(stderr, "SHA1Init Error %d.\n", err );
+	    ret = False;
+            break;    /* out of for j loop */
+        }
+
+        for(i = 0; i < repeatcount[j]; ++i)
+        {
+            err = SHA1Update(&sha,
+                  (const unsigned char *) testarray[j],
+                  strlen(testarray[j]));
+            if (err)
+            {
+                fprintf(stderr, "SHA1Update Error %d.\n", err );
+		ret = False;
+                break;    /* out of for i loop */
+            }
+        }
+
+        err = SHA1Final(Message_Digest, &sha);
+        if (err)
+        {
+            fprintf(stderr,
+            "SHA1Result Error %d, could not compute message digest.\n",
+            err );
+	    ret = False;
+        }
+        else
+        {
+            printf("\t");
+            for(i = 0; i < 20 ; ++i)
+            {
+	    	snprintf(tmp+(i*3), sizeof(tmp) - (i*3),"%02X ", Message_Digest[i]);
+                printf("%02X ", Message_Digest[i]);
+            }
+            printf("\n");
+        }
+        printf("Should match:\n");
+        printf("\t%s\n", resultarray[j]);
+	if (strcmp(resultarray[j], tmp) != 0) {
+	    ret = False;	
+	}
+    }
+
+    /* Test some error returns */
+    err = SHA1Update(&sha,(const unsigned char *) testarray[1], 1);
+    if (err != shaStateError) ret = False;
+    printf ("\nError %d. Should be %d.\n", err, shaStateError );
+    err = SHA1Init(0);
+    if (err != shaNull) ret = False;
+    printf ("\nError %d. Should be %d.\n", err, shaNull );
+    return ret;
+}