From 91586371422dae70481c39752e55f01f50e9a93a Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@google.com>
Date: Tue, 19 Apr 2016 23:56:41 -0400
Subject: [PATCH] Make SHA256_Final actually only return one.

As with SHA512_Final, use the different APIs rather than store md_len.

Change-Id: Ie1150de6fefa96f283d47aa03de0f18de38c93eb
Reviewed-on: https://boringssl-review.googlesource.com/7722
Reviewed-by: Adam Langley <agl@google.com>
---
 crypto/sha/sha256.c   | 48 +++++++++++++++----------------------------
 include/openssl/sha.h | 14 ++++++-------
 2 files changed, 23 insertions(+), 39 deletions(-)

diff --git a/crypto/sha/sha256.c b/crypto/sha/sha256.c
index d165cffe..921da438 100644
--- a/crypto/sha/sha256.c
+++ b/crypto/sha/sha256.c
@@ -77,7 +77,6 @@ int SHA224_Init(SHA256_CTX *sha) {
   sha->h[5] = 0x68581511UL;
   sha->h[6] = 0x64f98fa7UL;
   sha->h[7] = 0xbefa4fa4UL;
-  sha->md_len = SHA224_DIGEST_LENGTH;
   return 1;
 }
 
@@ -91,7 +90,6 @@ int SHA256_Init(SHA256_CTX *sha) {
   sha->h[5] = 0x9b05688cUL;
   sha->h[6] = 0x1f83d9abUL;
   sha->h[7] = 0x5be0cd19UL;
-  sha->md_len = SHA256_DIGEST_LENGTH;
   return 1;
 }
 
@@ -129,10 +127,6 @@ int SHA224_Update(SHA256_CTX *ctx, const void *data, size_t len) {
   return SHA256_Update(ctx, data, len);
 }
 
-int SHA224_Final(uint8_t *md, SHA256_CTX *ctx) {
-  return SHA256_Final(md, ctx);
-}
-
 #define DATA_ORDER_IS_BIG_ENDIAN
 
 #define HASH_CTX SHA256_CTX
@@ -149,35 +143,25 @@ void sha256_block_data_order(uint32_t *state, const uint8_t *in, size_t num);
 
 #include "../digest/md32_common.h"
 
+int SHA224_Final(uint8_t *md, SHA256_CTX *sha) {
+  sha256_finish(sha);
+
+  unsigned nn;
+  for (nn = 0; nn < SHA224_DIGEST_LENGTH / 4; nn++) {
+    uint32_t ll = sha->h[nn];
+    HOST_l2c(ll, md);
+  }
+
+  return 1;
+}
+
 int SHA256_Final(uint8_t *md, SHA256_CTX *sha) {
   sha256_finish(sha);
 
-  /* TODO(davidben): Replace this with different versions of SHA256_Final
-   * and SHA224_Final. */
-  uint32_t ll;
-  unsigned int nn;
-  switch (sha->md_len) {
-    case SHA224_DIGEST_LENGTH:
-      for (nn = 0; nn < SHA224_DIGEST_LENGTH / 4; nn++) {
-        ll = sha->h[nn];
-        HOST_l2c(ll, md);
-      }
-      break;
-    case SHA256_DIGEST_LENGTH:
-      for (nn = 0; nn < SHA256_DIGEST_LENGTH / 4; nn++) {
-        ll = sha->h[nn];
-        HOST_l2c(ll, md);
-      }
-      break;
-    default:
-      if (sha->md_len > SHA256_DIGEST_LENGTH) {
-        return 0;
-      }
-      for (nn = 0; nn < sha->md_len / 4; nn++) {
-        ll = sha->h[nn];
-        HOST_l2c(ll, md);
-      }
-      break;
+  unsigned nn;
+  for (nn = 0; nn < SHA256_DIGEST_LENGTH / 4; nn++) {
+    uint32_t ll = sha->h[nn];
+    HOST_l2c(ll, md);
   }
 
   return 1;
diff --git a/include/openssl/sha.h b/include/openssl/sha.h
index a1f360b9..6e3df8f1 100644
--- a/include/openssl/sha.h
+++ b/include/openssl/sha.h
@@ -128,15 +128,15 @@ struct sha_state_st {
 /* SHA224_DIGEST_LENGTH is the length of a SHA-224 digest. */
 #define SHA224_DIGEST_LENGTH 28
 
-/* SHA224_Init initialises |sha| and returns 1. */
+/* SHA224_Init initialises |sha| and returns one. */
 OPENSSL_EXPORT int SHA224_Init(SHA256_CTX *sha);
 
-/* SHA224_Update adds |len| bytes from |data| to |sha| and returns 1. */
+/* SHA224_Update adds |len| bytes from |data| to |sha| and returns one. */
 OPENSSL_EXPORT int SHA224_Update(SHA256_CTX *sha, const void *data, size_t len);
 
 /* SHA224_Final adds the final padding to |sha| and writes the resulting digest
  * to |md|, which must have at least |SHA224_DIGEST_LENGTH| bytes of space. It
- * returns one on success and zero on programmer error. */
+ * returns one. */
 OPENSSL_EXPORT int SHA224_Final(uint8_t *md, SHA256_CTX *sha);
 
 /* SHA224 writes the digest of |len| bytes from |data| to |out| and returns
@@ -153,15 +153,15 @@ OPENSSL_EXPORT uint8_t *SHA224(const uint8_t *data, size_t len, uint8_t *out);
 /* SHA256_DIGEST_LENGTH is the length of a SHA-256 digest. */
 #define SHA256_DIGEST_LENGTH 32
 
-/* SHA256_Init initialises |sha| and returns 1. */
+/* SHA256_Init initialises |sha| and returns one. */
 OPENSSL_EXPORT int SHA256_Init(SHA256_CTX *sha);
 
-/* SHA256_Update adds |len| bytes from |data| to |sha| and returns 1. */
+/* SHA256_Update adds |len| bytes from |data| to |sha| and returns one. */
 OPENSSL_EXPORT int SHA256_Update(SHA256_CTX *sha, const void *data, size_t len);
 
 /* SHA256_Final adds the final padding to |sha| and writes the resulting digest
  * to |md|, which must have at least |SHA256_DIGEST_LENGTH| bytes of space. It
- * returns one on success and zero on programmer error. */
+ * returns one. */
 OPENSSL_EXPORT int SHA256_Final(uint8_t *md, SHA256_CTX *sha);
 
 /* SHA256 writes the digest of |len| bytes from |data| to |out| and returns
@@ -177,7 +177,7 @@ struct sha256_state_st {
   uint32_t h[8];
   uint32_t Nl, Nh;
   uint8_t data[SHA256_CBLOCK];
-  unsigned num, md_len;
+  unsigned num;
 };