Improves prng code modularity. Introduces fortuna-like prng that can be used in lieu of yarrow.

Yarrow stays the default prng while fortuna may be engaged during configuration by using "--with-prng-alg=fortuna" flag.
Also, nss crypto backend continues to use its own prng.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24420 dc483132-0cff-0310-8789-dd5450dbe970

6 files changed, 517 insertions, 3 deletions

diff --git a/src/lib/crypto/builtin/Makefile.in b/src/lib/crypto/builtin/Makefile.in
index 5dd7fafdd..240d2895b 100644
--- a/src/lib/crypto/builtin/Makefile.in
+++ b/src/lib/crypto/builtin/Makefile.in
@@ -1,12 +1,13 @@
 mydir=lib/crypto/builtin
 BUILDTOP=$(REL)..$(S)..$(S)..
-SUBDIRS=camellia des aes md4 md5 sha1 enc_provider hash_provider
+SUBDIRS=camellia des aes md4 md5 sha1 sha2 enc_provider hash_provider
 LOCALINCLUDES = -I$(srcdir)/../krb 			\
 		-I$(srcdir)/../krb/hash_provider 	\
 		-I$(srcdir)/des 	\
 		-I$(srcdir)/aes 	\
 		-I$(srcdir)/camellia 	\
 		-I$(srcdir)/sha1 	\
+		-I$(srcdir)/sha2 	\
 		-I$(srcdir)/md4 	\
 		-I$(srcdir)/md5	\
 		-I$(srcdir)/enc_provider	\
@@ -41,7 +42,7 @@ SRCS=\
 	$(srcdir)/pbkdf2.c	
 
 STOBJLISTS= des/OBJS.ST md4/OBJS.ST 	\
-	md5/OBJS.ST sha1/OBJS.ST 	\
+	md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST	\
 	enc_provider/OBJS.ST 		\
 	hash_provider/OBJS.ST 		\
 	aes/OBJS.ST 			\
@@ -49,7 +50,7 @@ STOBJLISTS= des/OBJS.ST md4/OBJS.ST 	\
 	OBJS.ST
 
 SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST 	\
-		md5/OBJS.ST sha1/OBJS.ST 	\
+		md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST 	\
 		enc_provider/OBJS.ST 		\
 		hash_provider/OBJS.ST 		\
 		aes/OBJS.ST			\
@@ -89,6 +90,9 @@ all-windows::
 	cd ..\sha1
 	@echo Making in crypto\sha1
 	$(MAKE) -$(MFLAGS)
+	cd ..\sh2a
+	@echo Making in crypto\sha2
+	$(MAKE) -$(MFLAGS)
 	cd ..\hash_provider
 	@echo Making in crypto\hash_provider
 	$(MAKE) -$(MFLAGS)
@@ -116,6 +120,9 @@ clean-windows::
 	cd ..\sha1
 	@echo Making clean in crypto\sha1
 	$(MAKE) -$(MFLAGS) clean
+	cd ..\sha2
+	@echo Making clean in crypto\sha2
+	$(MAKE) -$(MFLAGS) clean
 	cd ..\hash_provider
 	@echo Making clean in crypto\hash_provider
 	$(MAKE) -$(MFLAGS) clean
diff --git a/src/lib/crypto/builtin/sha2/Makefile.in b/src/lib/crypto/builtin/sha2/Makefile.in
new file mode 100644
index 000000000..535d7eeb8
--- /dev/null
+++ b/src/lib/crypto/builtin/sha2/Makefile.in
@@ -0,0 +1,44 @@
+mydir=lib/crypto/builtin/sha2
+BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+DEFS=
+
+##DOS##BUILDTOP = ..\..\..\..
+##DOS##PREFIXDIR=sha2
+##DOS##OBJFILE=..\$(OUTPRE)sha2.lst
+
+RUN_SETUP = @KRB5_RUN_ENV@
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+
+STLIBOBJS= sha256.o
+
+OBJS= $(OUTPRE)sha256.$(OBJEXT) 
+
+SRCS= $(srcdir)/sha256.c
+
+##DOS##LIBOBJS = $(OBJS)
+
+all-unix:: all-libobjs
+
+includes:: depend
+
+depend:: $(SRCS)
+
+t_sha256: t_sha256.o sha256.o $(SUPPORT_DEPLIB)
+	$(CC_LINK) -o t_sha256 t_sha256.o sha256.o $(SUPPORT_LIB)
+
+
+$(OUTPRE)t_sha256.exe: $(OUTPRE)t_sha256.obj $(OUTPRE)sha256.obj
+	link -out:$@ $**
+
+
+check-unix:: t_sha256
+	$(RUN_SETUP) $(VALGRIND) $(C)t_sha256
+
+clean::
+	$(RM) t_sha256$(EXEEXT) t_sha256$(OBJEXT)
+
+clean-unix:: clean-libobjs
+
+@libobj_frag@
+
diff --git a/src/lib/crypto/builtin/sha2/deps b/src/lib/crypto/builtin/sha2/deps
new file mode 100644
index 000000000..85b60989a
--- /dev/null
+++ b/src/lib/crypto/builtin/sha2/deps
@@ -0,0 +1,14 @@
+# 
+# Generated makefile dependencies follow.
+#
+sha256.so sha256.po $(OUTPRE)sha256.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  sha256.c sha2.h
diff --git a/src/lib/crypto/builtin/sha2/sha2.h b/src/lib/crypto/builtin/sha2/sha2.h
new file mode 100644
index 000000000..0cff88f4a
--- /dev/null
+++ b/src/lib/crypto/builtin/sha2/sha2.h
@@ -0,0 +1,91 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id$ */
+
+#ifndef HEIM_SHA_H
+#define HEIM_SHA_H 1
+
+#include <k5-int.h>
+/*
+#include <stdlib.h>
+#include <string.h>
+#include <stddef.h>
+#ifdef KRB5
+#include <krb5-types.h>
+#endif
+*/
+#ifndef min
+#define min(a,b) (((a)>(b))?(b):(a))
+#endif
+
+/* Vector Crays doesn't have a good 32-bit type, or more precisely,
+ * int32_t as defined by <bind/bitypes.h> isn't 32 bits, and we don't
+ * want to depend in being able to redefine this type.  To cope with
+ * this we have to clamp the result in some places to [0,2^32); no
+ * need to do this on other machines.  Did I say this was a mess?
+ */
+
+#ifdef _CRAY
+#define CRAYFIX(X) ((X) & 0xffffffff)
+#else
+#define CRAYFIX(X) (X)
+#endif
+
+static inline uint32_t
+cshift (uint32_t x, unsigned int n)
+{
+    x = CRAYFIX(x);
+    return CRAYFIX((x << n) | (x >> (32 - n)));
+}
+
+/*
+ * SHA-2 256
+ */
+
+#define SHA256_DIGEST_LENGTH 32
+
+struct sha256state {
+  unsigned int sz[2];
+  uint32_t counter[8];
+  unsigned char save[64];
+};
+
+typedef struct sha256state SHA256_CTX;
+
+void sha2Init (SHA256_CTX *);
+void sha2Update (SHA256_CTX *, const void *, size_t);
+void sha2Final (void *, SHA256_CTX *);
+
+#endif /* HEIM_SHA_H */
diff --git a/src/lib/crypto/builtin/sha2/sha256.c b/src/lib/crypto/builtin/sha2/sha256.c
new file mode 100644
index 000000000..fb66bff70
--- /dev/null
+++ b/src/lib/crypto/builtin/sha2/sha256.c
@@ -0,0 +1,232 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/builtin/sha256.c */
+/*
+ * Copyright (c) 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <k5-int.h>
+#include "sha2.h"
+
+#ifdef FORTUNA
+
+#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
+#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
+
+#define ROTR(x,n)   (((x)>>(n)) | ((x) << (32 - (n))))
+
+#define Sigma0(x)	(ROTR(x,2)  ^ ROTR(x,13) ^ ROTR(x,22))
+#define Sigma1(x)	(ROTR(x,6)  ^ ROTR(x,11) ^ ROTR(x,25))
+#define sigma0(x)	(ROTR(x,7)  ^ ROTR(x,18) ^ ((x)>>3))
+#define sigma1(x)	(ROTR(x,17) ^ ROTR(x,19) ^ ((x)>>10))
+
+#define A m->counter[0]
+#define B m->counter[1]
+#define C m->counter[2]
+#define D m->counter[3]
+#define E m->counter[4]
+#define F m->counter[5]
+#define G m->counter[6]
+#define H m->counter[7]
+
+static const uint32_t constant_256[64] = {
+    0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
+    0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+    0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+    0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+    0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
+    0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+    0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
+    0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+    0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+    0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+    0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
+    0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+    0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
+    0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+    0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+    0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+};
+
+void
+sha2Init (SHA256_CTX *m)
+{
+    m->sz[0] = 0;
+    m->sz[1] = 0;
+    A = 0x6a09e667;
+    B = 0xbb67ae85;
+    C = 0x3c6ef372;
+    D = 0xa54ff53a;
+    E = 0x510e527f;
+    F = 0x9b05688c;
+    G = 0x1f83d9ab;
+    H = 0x5be0cd19;
+}
+
+static void
+calc (SHA256_CTX *m, uint32_t *in)
+{
+    uint32_t AA, BB, CC, DD, EE, FF, GG, HH;
+    uint32_t data[64];
+    int i;
+
+    AA = A;
+    BB = B;
+    CC = C;
+    DD = D;
+    EE = E;
+    FF = F;
+    GG = G;
+    HH = H;
+
+    for (i = 0; i < 16; ++i)
+	data[i] = in[i];
+    for (i = 16; i < 64; ++i)
+	data[i] = sigma1(data[i-2]) + data[i-7] +
+	    sigma0(data[i-15]) + data[i - 16];
+
+    for (i = 0; i < 64; i++) {
+	uint32_t T1, T2;
+
+	T1 = HH + Sigma1(EE) + Ch(EE, FF, GG) + constant_256[i] + data[i];
+	T2 = Sigma0(AA) + Maj(AA,BB,CC);
+			
+	HH = GG;
+	GG = FF;
+	FF = EE;
+	EE = DD + T1;
+	DD = CC;
+	CC = BB;
+	BB = AA;
+	AA = T1 + T2;
+    }
+
+    A += AA;
+    B += BB;
+    C += CC;
+    D += DD;
+    E += EE;
+    F += FF;
+    G += GG;
+    H += HH;
+}
+
+/*
+ * From `Performance analysis of MD5' by Joseph D. Touch <touch@isi.edu>
+ */
+
+#if !defined(WORDS_BIGENDIAN) || defined(_CRAY)
+static inline uint32_t
+swap_uint32_t (uint32_t t)
+{
+#define ROL(x,n) ((x)<<(n))|((x)>>(32-(n)))
+    uint32_t temp1, temp2;
+
+    temp1   = cshift(t, 16);
+    temp2   = temp1 >> 8;
+    temp1  &= 0x00ff00ff;
+    temp2  &= 0x00ff00ff;
+    temp1 <<= 8;
+    return temp1 | temp2;
+}
+#endif
+
+struct x32{
+    unsigned int a:32;
+    unsigned int b:32;
+};
+
+void
+sha2Update (SHA256_CTX *m, const void *v, size_t len)
+{
+    const unsigned char *p = v;
+    size_t old_sz = m->sz[0];
+    size_t offset;
+
+    m->sz[0] += len * 8;
+    if (m->sz[0] < old_sz)
+	++m->sz[1];
+    offset = (old_sz / 8) % 64;
+    while(len > 0){
+	size_t l = min(len, 64 - offset);
+	memcpy(m->save + offset, p, l);
+	offset += l;
+	p += l;
+	len -= l;
+	if(offset == 64){
+#if !defined(WORDS_BIGENDIAN) || defined(_CRAY)
+	    int i;
+	    uint32_t current[16];
+	    struct x32 *u = (struct x32*)m->save;
+	    for(i = 0; i < 8; i++){
+		current[2*i+0] = swap_uint32_t(u[i].a);
+		current[2*i+1] = swap_uint32_t(u[i].b);
+	    }
+	    calc(m, current);
+#else
+	    calc(m, (uint32_t*)m->save);
+#endif
+	    offset = 0;
+	}
+    }
+}
+
+void
+sha2Final (void *res, SHA256_CTX *m)
+{
+    unsigned char zeros[72];
+    unsigned offset = (m->sz[0] / 8) % 64;
+    unsigned int dstart = (120 - offset - 1) % 64 + 1;
+
+    *zeros = 0x80;
+    memset (zeros + 1, 0, sizeof(zeros) - 1);
+    zeros[dstart+7] = (m->sz[0] >> 0) & 0xff;
+    zeros[dstart+6] = (m->sz[0] >> 8) & 0xff;
+    zeros[dstart+5] = (m->sz[0] >> 16) & 0xff;
+    zeros[dstart+4] = (m->sz[0] >> 24) & 0xff;
+    zeros[dstart+3] = (m->sz[1] >> 0) & 0xff;
+    zeros[dstart+2] = (m->sz[1] >> 8) & 0xff;
+    zeros[dstart+1] = (m->sz[1] >> 16) & 0xff;
+    zeros[dstart+0] = (m->sz[1] >> 24) & 0xff;
+    sha2Update (m, zeros, dstart + 8);
+    {
+	int i;
+	unsigned char *r = (unsigned char*)res;
+
+	for (i = 0; i < 8; ++i) {
+	    r[4*i+3] = m->counter[i] & 0xFF;
+	    r[4*i+2] = (m->counter[i] >> 8) & 0xFF;
+	    r[4*i+1] = (m->counter[i] >> 16) & 0xFF;
+	    r[4*i]   = (m->counter[i] >> 24) & 0xFF;
+	}
+    }
+}
+#endif /* FORTUNA */
diff --git a/src/lib/crypto/builtin/sha2/t_sha256.c b/src/lib/crypto/builtin/sha2/t_sha256.c
new file mode 100644
index 000000000..bcad91093
--- /dev/null
+++ b/src/lib/crypto/builtin/sha2/t_sha256.c
@@ -0,0 +1,126 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/builtin/t_sha256.c */
+/*
+ * Copyright (c) 1995 - 2002 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <k5-int.h>
+#include "sha2.h"
+
+#ifndef FORTUNA
+int
+main (void)
+{
+    return 0;
+}
+
+#else
+
+#define ONE_MILLION_A "one million a's"
+
+struct test {
+    char *str;
+    unsigned char hash[64];
+};
+
+struct test tests[] = {
+    { "abc",
+      { 0xba, 0x78, 0x16, 0xbf,  0x8f, 0x01, 0xcf, 0xea,
+    0x41, 0x41, 0x40, 0xde,  0x5d, 0xae, 0x22, 0x23,
+    0xb0, 0x03, 0x61, 0xa3,  0x96, 0x17, 0x7a, 0x9c,
+    0xb4, 0x10, 0xff, 0x61,  0xf2, 0x00, 0x15, 0xad }},
+    { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+      { 0x24, 0x8d, 0x6a, 0x61,  0xd2, 0x06, 0x38, 0xb8,
+    0xe5, 0xc0, 0x26, 0x93,  0x0c, 0x3e, 0x60, 0x39,
+    0xa3, 0x3c, 0xe4, 0x59,  0x64, 0xff, 0x21, 0x67,
+    0xf6, 0xec, 0xed, 0xd4,  0x19, 0xdb, 0x06, 0xc1 }},
+    { ONE_MILLION_A,
+      {0xcd,0xc7,0x6e,0x5c, 0x99,0x14,0xfb,0x92,
+       0x81,0xa1,0xc7,0xe2, 0x84,0xd7,0x3e,0x67,
+       0xf1,0x80,0x9a,0x48, 0xa4,0x97,0x20,0x0e,
+       0x04,0x6d,0x39,0xcc, 0xc7,0x11,0x2c,0xd0 }},
+    { NULL }
+};
+
+int
+main (void)
+{
+    struct test *t;
+    void *ctx = malloc(sizeof(SHA256_CTX));
+    unsigned char *res = malloc(SHA256_DIGEST_LENGTH);
+    char buf[1000];
+
+    for (t = tests; t->str; ++t) {
+    
+        sha2Init(ctx);
+        if(strcmp(t->str, ONE_MILLION_A) == 0) {
+            int i;
+            memset(buf, 'a', sizeof(buf));
+            for(i = 0; i < 1000; i++) {
+                sha2Update(ctx, buf, sizeof(buf));
+            }
+        } else {
+            sha2Update(ctx, (unsigned char *)t->str, strlen(t->str));
+        }
+
+        sha2Final(res, ctx);
+        if (memcmp (res, t->hash, SHA256_DIGEST_LENGTH) != 0) {
+            int i;
+
+            printf ("%s(\"%s\") failed\n", "SHA- 256", t->str);
+            printf("should be:  ");
+            for(i = 0; i < SHA256_DIGEST_LENGTH; ++i) {
+                if(i > 0 && (i % 16) == 0)
+                printf("\n            ");
+                printf("%02x ", t->hash[i]);
+            }
+            printf("\nresult was: ");
+            for(i = 0; i < SHA256_DIGEST_LENGTH; ++i) {
+            if(i > 0 && (i % 16) == 0)
+                printf("\n            ");
+                printf("%02x ", res[i]);
+            }
+            printf("\n");
+            return 1;
+        }
+    
+        if (memcmp (res, t->hash, SHA256_DIGEST_LENGTH) != 0) {
+            printf("EVP %s failed here old function where successful!\n", "SHA-256");
+            return 1;
+        }
+    }
+    free(ctx);
+    free(res);
+    printf ("success\n");
+    return 0;
+}
+#endif /* FORTUNA */