From d33744b17da1e40bdd8824f1ed4a5400477a876c Mon Sep 17 00:00:00 2001
From: Alex Shinn <ashinn@users.noreply.github.com>
Date: Wed, 16 Apr 2014 21:03:08 +0900
Subject: [PATCH] Fixing typo in final serialization of sha2 for 2+ chunks.
 Fixes issue #215.

---
 lib/chibi/crypto/sha2.scm | 48 ++++++++++++++-------------------------
 tests/sha-tests.scm       |  4 ++++
 2 files changed, 21 insertions(+), 31 deletions(-)

diff --git a/lib/chibi/crypto/sha2.scm b/lib/chibi/crypto/sha2.scm
index e5b2faa9..2378b0e6 100644
--- a/lib/chibi/crypto/sha2.scm
+++ b/lib/chibi/crypto/sha2.scm
@@ -137,39 +137,25 @@
                                      s1)))))
         ;; Compression function main loop:
         (let lp ((j 0)
-                 (a h0)
-                 (b h1)
-                 (c h2)
-                 (d h3)
-                 (e h4)
-                 (f h5)
-                 (g h6)
-                 (h h7))
+                 (a h0) (b h1)
+                 (c h2) (d h3)
+                 (e h4) (f h5)
+                 (g h6) (h h7))
           (cond
            ((= j 64)
-            ;; Repeat on next block.
-            (cond
-             ((< n 64)
-              (if (>= n 56)
-                  (chunk (+ i n) 0
-                         (u32+ h0 a) (u32+ h1 b) (u32+ h2 c) (u32+ h3 d)
-                         (u32+ h4 e) (u32+ h5 f) (u32+ h6 g) (u32+ h7 h))
-                  ;; Done - add back in the has inits and serialize.
-                  (string-append
-                   (hex (u32+ a (vector-ref inits 0)))
-                   (hex (u32+ b (vector-ref inits 1)))
-                   (hex (u32+ c (vector-ref inits 2)))
-                   (hex (u32+ d (vector-ref inits 3)))
-                   (hex (u32+ e (vector-ref inits 4)))
-                   (hex (u32+ f (vector-ref inits 5)))
-                   (hex (u32+ g (vector-ref inits 6)))
-                   (if full?
-                       (hex (u32+ h #x5be0cd19))
-                       ""))))
-             (else
-              (chunk (+ i 64) pad
-                     (u32+ h0 a) (u32+ h1 b) (u32+ h2 c) (u32+ h3 d)
-                     (u32+ h4 e) (u32+ h5 f) (u32+ h6 g) (u32+ h7 h)))))
+            (let ((a (u32+ h0 a)) (b (u32+ h1 b))
+                  (c (u32+ h2 c)) (d (u32+ h3 d))
+                  (e (u32+ h4 e)) (f (u32+ h5 f))
+                  (g (u32+ h6 g)) (h (u32+ h7 h)))
+              (cond
+               ((< n 64)
+                (if (>= n 56)
+                    (chunk (+ i n) 0 a b c d e f g h)
+                    (string-append
+                     (hex a) (hex b) (hex c) (hex d)
+                     (hex e) (hex f) (hex g) (if full? (hex h) ""))))
+               (else
+                (chunk (+ i 64) pad a b c d e f g h)))))
            (else
             ;; Step - compute the two sigmas and recurse on the new a-h.
             (let* ((s1 (bitwise-xor (bitwise-rot-u32 e 6)
diff --git a/tests/sha-tests.scm b/tests/sha-tests.scm
index 120a87ac..1c3682a9 100644
--- a/tests/sha-tests.scm
+++ b/tests/sha-tests.scm
@@ -16,5 +16,9 @@
     (sha-256 "abc"))
 (test "d7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592"
     (sha-256 "The quick brown fox jumps over the lazy dog"))
+(test "61f8fe4c4cdc8b3e10673933fcd0c5b1f6b46d3392550e42b265daefc7bc0d31"
+    (sha-256 "abcdbcdecdefdefgefghfghighijhijkijkljklmklm"))
+(test "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1"
+    (sha-256 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"))
 
 (test-end)