Hey hackers,

I'm seeing some behavior that confuses me a bit. I'm sure I'm doing something wrong, but I can't tell.

Here's a minimal example:

/ | #include <stdio.h> | #include <nettle/rsa.h> | | int main ( int argc, char ** argv ) { | struct sha1_ctx hash_ctx; | uint8_t headers[] = { | 0xDE, 0xEA, 0xAD, | 0xBE, 0xEF | }; | sha1_update(&hash_ctx, 5, headers); | | for (int i = 0; i < 3; ++i) { | uint8_t _fingerprint[SHA1_DIGEST_SIZE]; | sha1_digest(&hash_ctx, SHA1_DIGEST_SIZE, _fingerprint); | for (int i = 0; i < SHA1_DIGEST_SIZE; ++i) | printf("%02X ", _fingerprint[i]); | printf("\n"); | } | } \

The output, when run is:

/ | 89 22 AA 95 F2 02 C9 BB 35 FC 2D A2 DE 22 BE 48 2B B6 6C 1D | DA 39 A3 EE 5E 6B 4B 0D 32 55 BF EF 95 60 18 90 AF D8 07 09 | DA 39 A3 EE 5E 6B 4B 0D 32 55 BF EF 95 60 18 90 AF D8 07 09 \

(that last line is stable after the inital hash)

Does doing the sha1_digest alter state in some way? I can't image it is, but then how does this behavior crop up?

Much love, thanks all!

Cheers, Paul

-- #define sizeof(x) rand() :wq