Access all hashes and MACs through the standard API.

All the hash-specific state structures, and the functions that
directly accessed them, are now local to the source files implementing
the hashes themselves. Everywhere we previously used those types or
functions, we're now using the standard ssh_hash or ssh2_mac API.

The 'simple' functions (hmacmd5_simple, SHA_Simple etc) are now a pair
of wrappers in sshauxcrypt.c, each of which takes an algorithm
structure and can do the same conceptual thing regardless of what it
is.

sshbcrypt.c

@@ -54,20 +54,18 @@ void bcrypt_genblock(int counter,
                      const unsigned char *salt, int saltbytes,
                      unsigned char output[32])
 {
-    SHA512_State shastate;
     unsigned char hashed_salt[64];
 
     /* Hash the input salt with the counter value optionally suffixed
      * to get our real 32-byte salt */
-    SHA512_Init(&shastate);
-    put_data(&shastate, salt, saltbytes);
+    ssh_hash *h = ssh_hash_new(&ssh_sha512);
+    put_data(h, salt, saltbytes);
     if (counter)
-        put_uint32(&shastate, counter);
-    SHA512_Final(&shastate, hashed_salt);
+        put_uint32(h, counter);
+    ssh_hash_final(h, hashed_salt);
 
     bcrypt_hash(hashed_passphrase, 64, hashed_salt, 64, output);
 
-    smemclr(&shastate, sizeof(shastate));
     smemclr(&hashed_salt, sizeof(hashed_salt));
 }
 
@@ -82,7 +80,7 @@ void openssh_bcrypt(const char *passphrase,
     int modulus, residue, i, j, round;
 
     /* Hash the passphrase to get the bcrypt key material */
-    SHA512_Simple(passphrase, strlen(passphrase), hashed_passphrase);
+    hash_simple(&ssh_sha512, ptrlen_from_asciz(passphrase), hashed_passphrase);
 
     /* We output key bytes in a scattered fashion to meld all output
      * key blocks into all parts of the output. To do this, we pick a