From 2aff92ddb6e679fca04432f01a1a16a035e33008 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 13 Aug 2017 16:05:39 -0400
Subject: Fix bad SHA::Transform calculation (Issue 455)

Reworked SHA class internals to align all the implementations. Formerly all hashes were software based, IterHashBase handled endian conversions, IterHashBase repeatedly called the single block SHA{N}::Transform. The rework added SHA{N}::HashMultipleBlocks, and the SHA classes attempt to always use it.

Now SHA{N}::Transform calls into SHA{N}_HashMultipleBlocks, which is a free standing function. An added wrinkle is hardware wants little endian data and software presents big endian data, so HashMultipleBlocks accepts a ByteOrder for the incoming data. Hardware based SHA{N}_HashMultipleBlocks can often perform the endian swap much easier by setting an EPI mask so it was profitable to defer to hardware when available.

The rework also removed the hacked-in pointers to implementations. The class now looks more like AES, GCM, etc.
---
 seal.cpp | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

(limited to 'seal.cpp')

diff --git a/seal.cpp b/seal.cpp
index 4108feb5..fef2656c 100644
--- a/seal.cpp
+++ b/seal.cpp
@@ -38,12 +38,8 @@ word32 SEAL_Gamma::Apply(word32 i)
 	word32 shaIndex = i/5;
 	if (shaIndex != lastIndex)
 	{
-#if CRYPTOPP_BOOL_SSE_SHA_INTRINSICS_AVAILABLE
-		D[0] = ConditionalByteReverse(HasSHA() ? BIG_ENDIAN_ORDER : LITTLE_ENDIAN_ORDER, shaIndex);
-#else
-		D[0] = shaIndex;
-#endif
 		memcpy(Z, H, 20);
+		D[0] = shaIndex;
 		SHA1::Transform(Z, D);
 		lastIndex = shaIndex;
 	}
-- 
cgit v1.2.1