Improve SHA1 code

[waldyrious]

Understand the algorithm and implement the code in a cleaner and more readable way.

small codebases to build from:

• sha1.js (862 bytes minified, 47 lines expanded)
• tinySHA1.js (1337 (!) bytes minified, 82 lines expanded)
• x4u's sha1 (1067 bytes minified, 45 lines expanded. fcc and cca are shortcuts for the String object's fromCharCode and charCodeAt)

code to understand the algorithm:

• webtoolkit.info (more expanded than the above, although without comments)
• movable-type (a well documented implementation)
• paj's sha1 (also commented, but quite more complex as it implements sha1 in base 16 (hex), base 64 and arbitrary bases, as well as a safe sum and other features that the others may not have).
• pseudocode from Wikipedia

[waldyrious]

Note that the current version, based on Nic's uses base64 encoding rather than base 16 (hex). So maybe the code can't be that simplified, but we shall see.

[waldyrious]

Note: the original code (b3c6bb2) is based on Nic's "1a" version (which ensures there's a lowercase letter and a number in the password). The non-1a version, besides the obvious difference, also uses a SHA1-based HMAC rather than SHA1 directly (see diff) but HMAC doesn't make sense since it's for message authentication, and in this case the message (website url + password) isn't being passed on the clear. The website domain is known, sure, but any tampering would change the hash (hence not produce the correct password), so using raw SHA1 suffices for our purposes.

[waldyrious]

"Fixed" in #16