2 // System.Security.Cryptography.SHA384Managed.cs
5 // Dan Lewis (dihlewis@yahoo.co.uk)
6 // Sebastien Pouliot (sebastien@ximian.com)
9 // Implementation translated from Bouncy Castle JCE (http://www.bouncycastle.org/)
10 // See bouncycastle.txt for license.
11 // Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
13 // Permission is hereby granted, free of charge, to any person obtaining
14 // a copy of this software and associated documentation files (the
15 // "Software"), to deal in the Software without restriction, including
16 // without limitation the rights to use, copy, modify, merge, publish,
17 // distribute, sublicense, and/or sell copies of the Software, and to
18 // permit persons to whom the Software is furnished to do so, subject to
19 // the following conditions:
21 // The above copyright notice and this permission notice shall be
22 // included in all copies or substantial portions of the Software.
24 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
25 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
26 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
27 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
28 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
29 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
30 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
33 using System.Runtime.InteropServices;
35 namespace System.Security.Cryptography {
38 public class SHA384Managed : SHA384 {
43 private ulong byteCount1;
44 private ulong byteCount2;
46 private ulong H1, H2, H3, H4, H5, H6, H7, H8;
50 public SHA384Managed ()
54 Initialize (false); // limited initialization
57 private void Initialize (bool reuse)
59 // SHA-384 initial hash value
60 // The first 64 bits of the fractional parts of the square roots
61 // of the 9th through 16th prime numbers
62 H1 = 0xcbbb9d5dc1059ed8L;
63 H2 = 0x629a292a367cd507L;
64 H3 = 0x9159015a3070dd17L;
65 H4 = 0x152fecd8f70e5939L;
66 H5 = 0x67332667ffc00b31L;
67 H6 = 0x8eb44a8768581511L;
68 H7 = 0xdb0c2e0d64f98fa7L;
69 H8 = 0x47b5481dbefa4fa4L;
76 for (int i = 0; i < xBuf.Length; i++)
80 for (int i = 0; i != W.Length; i++)
85 public override void Initialize ()
87 Initialize (true); // reuse instance
92 protected override void HashCore (byte[] rgb, int ibStart, int cbSize)
94 // fill the current word
95 while ((xBufOff != 0) && (cbSize > 0)) {
96 update (rgb [ibStart]);
101 // process whole words.
102 while (cbSize > xBuf.Length) {
103 processWord (rgb, ibStart);
104 ibStart += xBuf.Length;
105 cbSize -= xBuf.Length;
106 byteCount1 += (ulong) xBuf.Length;
109 // load in the remainder.
111 update (rgb [ibStart]);
117 protected override byte[] HashFinal ()
121 ulong lowBitLength = byteCount1 << 3;
122 ulong hiBitLength = byteCount2;
124 // add the pad bytes.
125 update ( (byte) 128);
129 processLength (lowBitLength, hiBitLength);
132 byte[] output = new byte [48];
133 unpackWord(H1, output, 0);
134 unpackWord(H2, output, 8);
135 unpackWord(H3, output, 16);
136 unpackWord(H4, output, 24);
137 unpackWord(H5, output, 32);
138 unpackWord(H6, output, 40);
144 private void update (byte input)
146 xBuf [xBufOff++] = input;
147 if (xBufOff == xBuf.Length) {
148 processWord(xBuf, 0);
154 private void processWord (byte[] input, int inOff)
156 W [wOff++] = ( (ulong) input [inOff] << 56)
157 | ( (ulong) input [inOff + 1] << 48)
158 | ( (ulong) input [inOff + 2] << 40)
159 | ( (ulong) input [inOff + 3] << 32)
160 | ( (ulong) input [inOff + 4] << 24)
161 | ( (ulong) input [inOff + 5] << 16)
162 | ( (ulong) input [inOff + 6] << 8)
163 | ( (ulong) input [inOff + 7]);
168 private void unpackWord (ulong word, byte[] output, int outOff)
170 output[outOff] = (byte) (word >> 56);
171 output[outOff + 1] = (byte) (word >> 48);
172 output[outOff + 2] = (byte) (word >> 40);
173 output[outOff + 3] = (byte) (word >> 32);
174 output[outOff + 4] = (byte) (word >> 24);
175 output[outOff + 5] = (byte) (word >> 16);
176 output[outOff + 6] = (byte) (word >> 8);
177 output[outOff + 7] = (byte) word;
180 // adjust the byte counts so that byteCount2 represents the
181 // upper long (less 3 bits) word of the byte count.
182 private void adjustByteCounts()
184 if (byteCount1 > 0x1fffffffffffffffL) {
185 byteCount2 += (byteCount1 >> 61);
186 byteCount1 &= 0x1fffffffffffffffL;
190 private void processLength (ulong lowW, ulong hiW)
198 private void processBlock ()
200 ulong a, b, c, d, e, f, g, h;
202 // abcrem doesn't work on fields
204 ulong[] K2 = SHAConstants.K2;
207 // expand 16 word block into 80 word blocks.
208 for (int t = 16; t <= 79; t++)
211 a = ((a >> 1) | (a << 63)) ^ ((a >> 8) | (a << 56)) ^ (a >> 7);
213 b = ((b >> 19) | (b << 45)) ^ ((b >> 61) | (b << 3)) ^ (b >> 6);
214 W[t] = b + W[t - 7] + a + W[t - 16];
216 // set up working variables.
226 for (int t = 0; t <= 79; t++)
228 ulong T1 = ((e >> 14) | (e << 50)) ^ ((e >> 18) | (e << 46)) ^ ((e >> 41) | (e << 23));
229 T1 += h + ((e & f) ^ ((~e) & g)) + K2[t] + W[t];
231 ulong T2 = ((a >> 28) | (a << 36)) ^ ((a >> 34) | (a << 30)) ^ ((a >> 39) | (a << 25));
232 T2 += ((a & b) ^ (a & c) ^ (b & c));
252 // reset the offset and clean out the word buffer.
254 for (int i = 0; i != W.Length; i++)