// ==++==
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// ==--==
// [....]
//
//
// SHA1Managed.cs
//
namespace System.Security.Cryptography {
using System;
using System.Security;
using System.Diagnostics.Contracts;
[System.Runtime.InteropServices.ComVisible(true)]
public class SHA1Managed : SHA1
{
private byte[] _buffer;
private long _count; // Number of bytes in the hashed message
private uint[] _stateSHA1;
private uint[] _expandedBuffer;
//
// public constructors
//
public SHA1Managed()
{
#if FEATURE_CRYPTO
if (CryptoConfig.AllowOnlyFipsAlgorithms)
throw new InvalidOperationException(Environment.GetResourceString("Cryptography_NonCompliantFIPSAlgorithm"));
Contract.EndContractBlock();
#endif // FEATURE_CRYPTO
_stateSHA1 = new uint[5];
_buffer = new byte[64];
_expandedBuffer = new uint[80];
InitializeState();
}
//
// public methods
//
public override void Initialize() {
InitializeState();
// Zeroize potentially sensitive information.
Array.Clear(_buffer, 0, _buffer.Length);
Array.Clear(_expandedBuffer, 0, _expandedBuffer.Length);
}
protected override void HashCore(byte[] rgb, int ibStart, int cbSize) {
_HashData(rgb, ibStart, cbSize);
}
protected override byte[] HashFinal() {
return _EndHash();
}
//
// private methods
//
private void InitializeState() {
_count = 0;
_stateSHA1[0] = 0x67452301;
_stateSHA1[1] = 0xefcdab89;
_stateSHA1[2] = 0x98badcfe;
_stateSHA1[3] = 0x10325476;
_stateSHA1[4] = 0xc3d2e1f0;
}
/* Copyright (C) RSA Data Security, Inc. created 1993. This is an
unpublished work protected as such under copyright law. This work
contains proprietary, confidential, and trade secret information of
RSA Data Security, Inc. Use, disclosure or reproduction without the
express written authorization of RSA Data Security, Inc. is
prohibited.
*/
/* SHA block update operation. Continues an SHA message-digest
operation, processing another message block, and updating the
context.
*/
[System.Security.SecuritySafeCritical] // auto-generated
private unsafe void _HashData(byte[] partIn, int ibStart, int cbSize)
{
int bufferLen;
int partInLen = cbSize;
int partInBase = ibStart;
/* Compute length of buffer */
bufferLen = (int) (_count & 0x3f);
/* Update number of bytes */
_count += partInLen;
fixed (uint* stateSHA1 = _stateSHA1) {
fixed (byte* buffer = _buffer) {
fixed (uint* expandedBuffer = _expandedBuffer) {
if ((bufferLen > 0) && (bufferLen + partInLen >= 64)) {
Buffer.InternalBlockCopy(partIn, partInBase, _buffer, bufferLen, 64 - bufferLen);
partInBase += (64 - bufferLen);
partInLen -= (64 - bufferLen);
SHATransform(expandedBuffer, stateSHA1, buffer);
bufferLen = 0;
}
/* Copy input to temporary buffer and hash */
while (partInLen >= 64) {
Buffer.InternalBlockCopy(partIn, partInBase, _buffer, 0, 64);
partInBase += 64;
partInLen -= 64;
SHATransform(expandedBuffer, stateSHA1, buffer);
}
if (partInLen > 0) {
Buffer.InternalBlockCopy(partIn, partInBase, _buffer, bufferLen, partInLen);
}
}
}
}
}
/* SHA finalization. Ends an SHA message-digest operation, writing
the message digest.
*/
private byte[] _EndHash()
{
byte[] pad;
int padLen;
long bitCount;
byte[] hash = new byte[20];
/* Compute padding: 80 00 00 ... 00 00
*/
padLen = 64 - (int)(_count & 0x3f);
if (padLen <= 8)
padLen += 64;
pad = new byte[padLen];
pad[0] = 0x80;
// Convert count to bit count
bitCount = _count * 8;
pad[padLen-8] = (byte) ((bitCount >> 56) & 0xff);
pad[padLen-7] = (byte) ((bitCount >> 48) & 0xff);
pad[padLen-6] = (byte) ((bitCount >> 40) & 0xff);
pad[padLen-5] = (byte) ((bitCount >> 32) & 0xff);
pad[padLen-4] = (byte) ((bitCount >> 24) & 0xff);
pad[padLen-3] = (byte) ((bitCount >> 16) & 0xff);
pad[padLen-2] = (byte) ((bitCount >> 8) & 0xff);
pad[padLen-1] = (byte) ((bitCount >> 0) & 0xff);
/* Digest padding */
_HashData(pad, 0, pad.Length);
/* Store digest */
Utils.DWORDToBigEndian (hash, _stateSHA1, 5);
HashValue = hash;
return hash;
}
[System.Security.SecurityCritical] // auto-generated
private static unsafe void SHATransform (uint* expandedBuffer, uint* state, byte* block)
{
uint a = state[0];
uint b = state[1];
uint c = state[2];
uint d = state[3];
uint e = state[4];
int i;
Utils.DWORDFromBigEndian(expandedBuffer, 16, block);
SHAExpand(expandedBuffer);
/* Round 1 */
for (i=0; i<20; i+= 5) {
{ (e) += (((((a)) << (5)) | (((a)) >> (32-(5)))) + ( (d) ^ ( (b) & ( (c) ^ (d) ) ) ) + (expandedBuffer[i]) + 0x5a827999); (b) = ((((b)) << (30)) | (((b)) >> (32-(30)))); }
{ (d) += (((((e)) << (5)) | (((e)) >> (32-(5)))) + ( (c) ^ ( (a) & ( (b) ^ (c) ) ) ) + (expandedBuffer[i+1]) + 0x5a827999); (a) = ((((a)) << (30)) | (((a)) >> (32-(30)))); }
{ (c) += (((((d)) << (5)) | (((d)) >> (32-(5)))) + ( (b) ^ ( (e) & ( (a) ^ (b) ) ) ) + (expandedBuffer[i+2]) + 0x5a827999); (e) = ((((e)) << (30)) | (((e)) >> (32-(30)))); };;
{ (b) += (((((c)) << (5)) | (((c)) >> (32-(5)))) + ( (a) ^ ( (d) & ( (e) ^ (a) ) ) ) + (expandedBuffer[i+3]) + 0x5a827999); (d) = ((((d)) << (30)) | (((d)) >> (32-(30)))); };;
{ (a) += (((((b)) << (5)) | (((b)) >> (32-(5)))) + ( (e) ^ ( (c) & ( (d) ^ (e) ) ) ) + (expandedBuffer[i+4]) + 0x5a827999); (c) = ((((c)) << (30)) | (((c)) >> (32-(30)))); };;
}
/* Round 2 */
for (; i<40; i+= 5) {
{ (e) += (((((a)) << (5)) | (((a)) >> (32-(5)))) + ((b) ^ (c) ^ (d)) + (expandedBuffer[i]) + 0x6ed9eba1); (b) = ((((b)) << (30)) | (((b)) >> (32-(30)))); };;
{ (d) += (((((e)) << (5)) | (((e)) >> (32-(5)))) + ((a) ^ (b) ^ (c)) + (expandedBuffer[i+1]) + 0x6ed9eba1); (a) = ((((a)) << (30)) | (((a)) >> (32-(30)))); };;
{ (c) += (((((d)) << (5)) | (((d)) >> (32-(5)))) + ((e) ^ (a) ^ (b)) + (expandedBuffer[i+2]) + 0x6ed9eba1); (e) = ((((e)) << (30)) | (((e)) >> (32-(30)))); };;
{ (b) += (((((c)) << (5)) | (((c)) >> (32-(5)))) + ((d) ^ (e) ^ (a)) + (expandedBuffer[i+3]) + 0x6ed9eba1); (d) = ((((d)) << (30)) | (((d)) >> (32-(30)))); };;
{ (a) += (((((b)) << (5)) | (((b)) >> (32-(5)))) + ((c) ^ (d) ^ (e)) + (expandedBuffer[i+4]) + 0x6ed9eba1); (c) = ((((c)) << (30)) | (((c)) >> (32-(30)))); };;
}
/* Round 3 */
for (; i<60; i+=5) {
{ (e) += (((((a)) << (5)) | (((a)) >> (32-(5)))) + ( ( (b) & (c) ) | ( (d) & ( (b) | (c) ) ) ) + (expandedBuffer[i]) + 0x8f1bbcdc); (b) = ((((b)) << (30)) | (((b)) >> (32-(30)))); };;
{ (d) += (((((e)) << (5)) | (((e)) >> (32-(5)))) + ( ( (a) & (b) ) | ( (c) & ( (a) | (b) ) ) ) + (expandedBuffer[i+1]) + 0x8f1bbcdc); (a) = ((((a)) << (30)) | (((a)) >> (32-(30)))); };;
{ (c) += (((((d)) << (5)) | (((d)) >> (32-(5)))) + ( ( (e) & (a) ) | ( (b) & ( (e) | (a) ) ) ) + (expandedBuffer[i+2]) + 0x8f1bbcdc); (e) = ((((e)) << (30)) | (((e)) >> (32-(30)))); };;
{ (b) += (((((c)) << (5)) | (((c)) >> (32-(5)))) + ( ( (d) & (e) ) | ( (a) & ( (d) | (e) ) ) ) + (expandedBuffer[i+3]) + 0x8f1bbcdc); (d) = ((((d)) << (30)) | (((d)) >> (32-(30)))); };;
{ (a) += (((((b)) << (5)) | (((b)) >> (32-(5)))) + ( ( (c) & (d) ) | ( (e) & ( (c) | (d) ) ) ) + (expandedBuffer[i+4]) + 0x8f1bbcdc); (c) = ((((c)) << (30)) | (((c)) >> (32-(30)))); };;
}
/* Round 4 */
for (; i<80; i+=5) {
{ (e) += (((((a)) << (5)) | (((a)) >> (32-(5)))) + ((b) ^ (c) ^ (d)) + (expandedBuffer[i]) + 0xca62c1d6); (b) = ((((b)) << (30)) | (((b)) >> (32-(30)))); };;
{ (d) += (((((e)) << (5)) | (((e)) >> (32-(5)))) + ((a) ^ (b) ^ (c)) + (expandedBuffer[i+1]) + 0xca62c1d6); (a) = ((((a)) << (30)) | (((a)) >> (32-(30)))); };;
{ (c) += (((((d)) << (5)) | (((d)) >> (32-(5)))) + ((e) ^ (a) ^ (b)) + (expandedBuffer[i+2]) + 0xca62c1d6); (e) = ((((e)) << (30)) | (((e)) >> (32-(30)))); };;
{ (b) += (((((c)) << (5)) | (((c)) >> (32-(5)))) + ((d) ^ (e) ^ (a)) + (expandedBuffer[i+3]) + 0xca62c1d6); (d) = ((((d)) << (30)) | (((d)) >> (32-(30)))); };;
{ (a) += (((((b)) << (5)) | (((b)) >> (32-(5)))) + ((c) ^ (d) ^ (e)) + (expandedBuffer[i+4]) + 0xca62c1d6); (c) = ((((c)) << (30)) | (((c)) >> (32-(30)))); };;
}
state[0] += a;
state[1] += b;
state[2] += c;
state[3] += d;
state[4] += e;
}
/* Expands x[0..15] into x[16..79], according to the recurrence
x[i] = x[i-3] ^ x[i-8] ^ x[i-14] ^ x[i-16].
*/
[System.Security.SecurityCritical] // auto-generated
private static unsafe void SHAExpand (uint* x)
{
int i;
uint tmp;
for (i = 16; i < 80; i++) {
tmp = (x[i-3] ^ x[i-8] ^ x[i-14] ^ x[i-16]);
x[i] = ((tmp << 1) | (tmp >> 31));
}
}
}
}