public Hash256 Hash()
{
var hasher = new Sha512((uint)HashPrefix.LedgerMaster);
ToBytes(hasher);
return(new Hash256(hasher.Finish256()));
}
public void ComputeHashTwiceTest(byte[] message, byte[] expectedHash)
{
using Sha512 sha = new Sha512();
byte[] actualHash = sha.ComputeHashTwice(message);
expectedHash = sha.ComputeHash(expectedHash);
Assert.Equal(expectedHash, actualHash);
}
/*public static void crypto_sign(
* byte[] sm, out int smlen,
* byte[] m, int mlen,
* byte[] sk
* )
* {
* byte[] az = new byte[64];
* byte[] r = new byte[64];
* byte[] hram = new byte[64];
* GroupElementP3 R;
* int i;
*
* Helpers.crypto_hash_sha512(az, sk, 0, 32);
* az[0] &= 248;
* az[31] &= 63;
* az[31] |= 64;
*
* smlen = mlen + 64;
* for (i = 0; i < mlen; ++i) sm[64 + i] = m[i];
* for (i = 0; i < 32; ++i) sm[32 + i] = az[32 + i];
* Helpers.crypto_hash_sha512(r, sm, 32, mlen + 32);
* for (i = 0; i < 32; ++i) sm[32 + i] = sk[32 + i];
*
* ScalarOperations.sc_reduce(r);
* GroupOperations.ge_scalarmult_base(out R, r, 0);
* GroupOperations.ge_p3_tobytes(sm, 0, ref R);
*
* Helpers.crypto_hash_sha512(hram, sm, 0, mlen + 64);
* ScalarOperations.sc_reduce(hram);
* var sm32 = new byte[32];
* Array.Copy(sm, 32, sm32, 0, 32);
* ScalarOperations.sc_muladd(sm32, hram, az, r);
* Array.Copy(sm32, 0, sm, 32, 32);
* }*/
internal static void crypto_sign2(byte[] sig, int sigoffset, byte[] m, int moffset, int mlen, byte[] sk, int skoffset)
{
byte[] az;
byte[] r;
byte[] hram;
var hasher = new Sha512();
{
hasher.Update(sk, skoffset, 32);
az = hasher.Finish();
ScalarOperations.sc_clamp(az, 0);
hasher.Init();
hasher.Update(az, 32, 32);
hasher.Update(m, moffset, mlen);
r = hasher.Finish();
ScalarOperations.sc_reduce(r);
GroupOperations.ge_scalarmult_base(out GroupElementP3 R, r, 0);
GroupOperations.ge_p3_tobytes(sig, sigoffset, ref R);
hasher.Init();
hasher.Update(sig, sigoffset, 32);
hasher.Update(sk, skoffset + 32, 32);
hasher.Update(m, moffset, mlen);
hram = hasher.Finish();
ScalarOperations.sc_reduce(hram);
var s = new byte[32]; // TODO: remove allocation
Array.Copy(sig, sigoffset + 32, s, 0, 32);
ScalarOperations.sc_muladd(s, hram, az, r);
Array.Copy(s, 0, sig, sigoffset + 32, 32);
CryptoBytes.Wipe(s);
}
}
public void ComputeHash_NistMonteCarloTest()
{
byte[] seed = Helper.HexToBytes("5c337de5caf35d18ed90b5cddfce001ca1b8ee8602f367e7c24ccca6f893802fb1aca7a3dae32dcd60800a59959bc540d63237876b799229ae71a2526fbc52cd");
JObject jObjs = Helper.ReadResource <JObject>("Sha512NistTestData");
int size = 64;
byte[] toHash = new byte[3 * size];
byte[] M0 = seed;
byte[] M1 = seed;
byte[] M2 = seed;
using Sha512 sha = new Sha512(false);
foreach (var item in jObjs["MonteCarlo"])
{
byte[] expected = Helper.HexToBytes(item.ToString());
for (int i = 0; i < 1000; i++)
{
Buffer.BlockCopy(M0, 0, toHash, 0, size);
Buffer.BlockCopy(M1, 0, toHash, size, size);
Buffer.BlockCopy(M2, 0, toHash, size * 2, size);
M0 = M1;
M1 = M2;
M2 = sha.ComputeHash(toHash);
}
M0 = M2;
M1 = M2;
Assert.Equal(expected, M2);
}
}
public Hash256 CreateHash()
{
var half = new Sha512(Prefix().Bytes());
ToBytesSink(half);
return(new Hash256(half.Finish256()));
}
public tbl_Customer SaveCustomer(string email, string firstName, string surname, string telephone, string title, string password, int domainID, int customerID, bool registered, bool detailsFor3rdParties, string adminNote)
{
if (registered && customerID == 0 && String.IsNullOrEmpty(password))
{
return(null);
}
if (String.IsNullOrEmpty(email))
{
return(null);
}
var customer = CustomerRepository.SaveCustomer(email, firstName, surname, telephone, title, domainID, customerID, registered, detailsFor3rdParties, adminNote);
if (customer == null)
{
return(null);
}
if (!String.IsNullOrEmpty(password))
{
CustomerRepository.SavePassword(customer.CustomerID, Sha512.GetSHA512Hash(password));
}
return(customer);
}
private static string GetRequestSignature(TechnicalUser user, string requestId, DateTime timestamp, string additionalSignatureData = null)
{
var formattedTimestamp = timestamp.ToString("yyyyMMddHHmmss");
var signatureData = $"{requestId}{formattedTimestamp}{user.SigningKey.Value}{additionalSignatureData}";
return(Sha512.GetSha3Hash(signatureData));
}
// Original crypto_sign_open, for reference only
/*public static int crypto_sign_open(
byte[] m, out int mlen,
byte[] sm, int smlen,
byte[] pk)
{
byte[] h = new byte[64];
byte[] checkr = new byte[32];
GroupElementP3 A;
GroupElementP2 R;
int i;
mlen = -1;
if (smlen < 64) return -1;
if ((sm[63] & 224) != 0) return -1;
if (GroupOperations.ge_frombytes_negate_vartime(out A, pk, 0) != 0) return -1;
for (i = 0; i < smlen; ++i) m[i] = sm[i];
for (i = 0; i < 32; ++i) m[32 + i] = pk[i];
Sha512BclWrapper.crypto_hash_sha512(h, m, 0, smlen);
ScalarOperations.sc_reduce(h);
var sm32 = new byte[32];
Array.Copy(sm, 32, sm32, 0, 32);
GroupOperations.ge_double_scalarmult_vartime(out R, h, ref A, sm32);
GroupOperations.ge_tobytes(checkr, 0, ref R);
if (Helpers.crypto_verify_32(checkr, sm) != 0)
{
for (i = 0; i < smlen; ++i)
m[i] = 0;
return -1;
}
for (i = 0; i < smlen - 64; ++i)
m[i] = sm[64 + i];
for (i = smlen - 64; i < smlen; ++i)
m[i] = 0;
mlen = smlen - 64;
return 0;
}*/
public static bool crypto_sign_verify(
byte[] sig, int sigoffset,
byte[] m, int moffset, int mlen,
byte[] pk, int pkoffset)
{
byte[] h;
byte[] checkr = new byte[32];
GroupElementP3 A;
GroupElementP2 R;
if ((sig[sigoffset + 63] & 224) != 0) return false;
if (GroupOperations.ge_frombytes_negate_vartime(out A, pk, pkoffset) != 0)
return false;
var hasher = new Sha512();
hasher.Update(sig, sigoffset, 32);
hasher.Update(pk, pkoffset, 32);
hasher.Update(m, moffset, mlen);
h = hasher.Finish();
ScalarOperations.sc_reduce(h);
var sm32 = new byte[32];//todo: remove allocation
Array.Copy(sig, sigoffset + 32, sm32, 0, 32);
GroupOperations.ge_double_scalarmult_vartime(out R, h, ref A, sm32);
GroupOperations.ge_tobytes(checkr, 0, ref R);
var result = CryptoBytes.ConstantTimeEquals(checkr, 0, sig, sigoffset, 32);
CryptoBytes.Wipe(h);
CryptoBytes.Wipe(checkr);
return result;
}
public static bool crypto_sign_verify(ReadOnlySpan <byte> sig, ReadOnlySpan <byte> m, ReadOnlySpan <byte> pk)
{
if ((sig[63] & 224) != 0)
{
return(false);
}
if (GroupOperations.ge_frombytes_negate_vartime(out var A, pk) != 0)
{
return(false);
}
var hasher = new Sha512();
hasher.Update(sig.Slice(0, 32));
hasher.Update(pk.Slice(0, 32));
hasher.Update(m);
Span <byte> h = stackalloc byte[64];
hasher.Finish(h);
ScalarOperations.sc_reduce(h);
GroupOperations.ge_double_scalarmult_vartime(out var R, h, in A, sig.Slice(32, 32));
Span <byte> checkr = stackalloc byte[32];
GroupOperations.ge_tobytes(checkr, in R);
var result = CryptoBytes.ConstantTimeEquals(checkr, sig, 32);
CryptoBytes.Wipe(h);
CryptoBytes.Wipe(checkr);
return(result);
}
public static void crypto_sign2(Span <byte> sig, ReadOnlySpan <byte> m, ReadOnlySpan <byte> sk)
{
var hasher = new Sha512();
{
hasher.Update(sk.Slice(0, 32));
Span <byte> az = stackalloc byte[64];
hasher.Finish(az);
ScalarOperations.sc_clamp(az);
hasher.Init();
hasher.Update(az.Slice(32, 32));
hasher.Update(m);
Span <byte> r = stackalloc byte[64];
hasher.Finish(r);
ScalarOperations.sc_reduce(r);
GroupOperations.ge_scalarmult_base(out var R, r);
GroupOperations.ge_p3_tobytes(sig, in R);
hasher.Init();
hasher.Update(sig.Slice(0, 32));
hasher.Update(sk.Slice(32, 32));
hasher.Update(m);
Span <byte> hram = stackalloc byte[64];
hasher.Finish(hram);
ScalarOperations.sc_reduce(hram);
ScalarOperations.sc_muladd(sig.Slice(32, 32), hram, az, r);
}
}
public static void CryptoSign(
byte[] sig, int sigoffset,
byte[] m, int moffset, int mlen,
byte[] sk, int skoffset)
{
var hasher = new Sha512();
{
hasher.Update(sk, skoffset, 32);
var az = hasher.Finalize();
ScalarOperations.Clamp(az, 0);
hasher.Init();
hasher.Update(az, 32, 32);
hasher.Update(m, moffset, mlen);
var r = hasher.Finalize();
ScalarOperations.Reduce(r);
GroupElementP3 R;
GroupOperations.ScalarMultBase(out R, r, 0);
GroupOperations.P3ToBytes(sig, sigoffset, ref R);
hasher.Init();
hasher.Update(sig, sigoffset, 32);
hasher.Update(sk, skoffset + 32, 32);
hasher.Update(m, moffset, mlen);
var hram = hasher.Finalize();
ScalarOperations.Reduce(hram);
var s = new byte[32];
Array.Copy(sig, sigoffset + 32, s, 0, 32);
ScalarOperations.MulAdd(s, hram, az, r);
Array.Copy(s, 0, sig, sigoffset + 32, 32);
CryptoBytes.Wipe(s);
}
}
public static void crypto_sign_prehashed(
byte[] sig,
byte[] m, int mlen,
byte[] sk,
byte[] pk
)
{
byte[] r, hram;
GroupElementP3 R;
var hasher = new Sha512();
{
hasher.Init();
hasher.Update(sk, 32, 32);
hasher.Update(m, 0, mlen);
r = hasher.Finalize();
ScalarOperations.sc_reduce(r);
GroupOperations.ge_scalarmult_base(out R, r, 0);
GroupOperations.ge_p3_tobytes(sig, 0, ref R);
hasher.Init();
hasher.Update(sig, 0, 32);
hasher.Update(pk, 0, 32);
hasher.Update(m, 0, mlen);
hram = hasher.Finalize();
ScalarOperations.sc_reduce(hram);
var s = new byte[32]; //todo: remove allocation
Array.Copy(sig, 32, s, 0, 32);
ScalarOperations.sc_muladd(s, hram, sk, r);
Array.Copy(s, 0, sig, 32, 32);
CryptoBytes.Wipe(s);
}
}
/*public static void crypto_sign(
* byte[] sm, out int smlen,
* byte[] m, int mlen,
* byte[] sk
* )
* {
* byte[] az = new byte[64];
* byte[] r = new byte[64];
* byte[] hram = new byte[64];
* GroupElementP3 R;
* int i;
*
* Helpers.crypto_hash_sha512(az, sk, 0, 32);
* az[0] &= 248;
* az[31] &= 63;
* az[31] |= 64;
*
* smlen = mlen + 64;
* for (i = 0; i < mlen; ++i) sm[64 + i] = m[i];
* for (i = 0; i < 32; ++i) sm[32 + i] = az[32 + i];
* Helpers.crypto_hash_sha512(r, sm, 32, mlen + 32);
* for (i = 0; i < 32; ++i) sm[32 + i] = sk[32 + i];
*
* ScalarOperations.sc_reduce(r);
* GroupOperations.ge_scalarmult_base(out R, r, 0);
* GroupOperations.ge_p3_tobytes(sm, 0, ref R);
*
* Helpers.crypto_hash_sha512(hram, sm, 0, mlen + 64);
* ScalarOperations.sc_reduce(hram);
* var sm32 = new byte[32];
* Array.Copy(sm, 32, sm32, 0, 32);
* ScalarOperations.sc_muladd(sm32, hram, az, r);
* Array.Copy(sm32, 0, sm, 32, 32);
* }*/
public static void crypto_sign2(
byte[] sig, int sigoffset,
byte[] m, int moffset, int mlen,
byte[] sk, int skoffset)
{
var hasher = new Sha512();
{
hasher.Update(sk, skoffset, 32);
var az = hasher.Finish();
stellar_dotnet_sdk.chaos.nacl.Internal.Ed25519Ref10.ScalarOperations.ScClamp(az, 0);
hasher.Init();
hasher.Update(az, 32, 32);
hasher.Update(m, moffset, mlen);
var r = hasher.Finish();
stellar_dotnet_sdk.chaos.nacl.Internal.Ed25519Ref10.ScalarOperations.ScReduce(r);
GroupElementP3 R;
stellar_dotnet_sdk.chaos.nacl.Internal.Ed25519Ref10.GroupOperations.GeScalarmultBase(out R, r, 0);
stellar_dotnet_sdk.chaos.nacl.Internal.Ed25519Ref10.GroupOperations.ge_p3_tobytes(sig, sigoffset, ref R);
hasher.Init();
hasher.Update(sig, sigoffset, 32);
hasher.Update(sk, skoffset + 32, 32);
hasher.Update(m, moffset, mlen);
var hram = hasher.Finish();
stellar_dotnet_sdk.chaos.nacl.Internal.Ed25519Ref10.ScalarOperations.ScReduce(hram);
var s = new byte[32];
Array.Copy(sig, sigoffset + 32, s, 0, 32);
stellar_dotnet_sdk.chaos.nacl.Internal.Ed25519Ref10.ScalarOperations.ScMulAdd(s, hram, az, r);
Array.Copy(s, 0, sig, sigoffset + 32, 32);
CryptoBytes.Wipe(s);
}
}
public void Sha512_Split()
{
// use only a subset of possible indices to speed up the test
var indices = Enumerable.Range(0, 300).Where(i => (i % 64) < 5 || (i % 64) > 64 - 5).ToArray();
var sha512Framework = new SHA512Managed();
foreach (var k in indices)
{
foreach (var m in indices)
{
foreach (var n in indices)
{
var message = Enumerable.Range(1, k + m + n).Select(i => (byte)i).ToArray();
var hashExpected = sha512Framework.ComputeHash(message);
var hasher = new Sha512();
hasher.Update(message, 0, k);
hasher.Update(message, k, m);
hasher.Update(message, k + m, n);
var hash = hasher.Finalize();
TestHelpers.AssertEqualBytes(hashExpected, hash);
}
}
}
}
private byte[] Hash(string message)
{
var sha512 = new Sha512();
var bytes = Encoding.ASCII.GetBytes(message);
sha512.Add(bytes);
return(sha512.Finish256());
}
public void Sha512Stream_OneMillionSmallAs()
{
var(data, expected) = TestVectorsStream["Sha512-Stream One Million As"];
var hash = Sha512.Hash(data);
CustomAssert.MatchArrays(hash, expected);
}
public void Sha512Stream_896Bits()
{
var(data, expected) = TestVectorsStream["Sha512-Stream 896 Bits"];
var hash = Sha512.Hash(data);
CustomAssert.MatchArrays(hash, expected);
}
public void Sha512Stream_EmptyString()
{
var(data, expected) = TestVectorsStream["Sha512-Stream Empty String"];
var hash = Sha512.Hash(data);
CustomAssert.MatchArrays(hash, expected);
}
public void Sha512_448Bits()
{
var(data, expected) = TestVectors["Sha512 448 Bits"];
var hash = Sha512.Hash(data);
CustomAssert.MatchArrays(hash, expected);
}
public void ComputeHash_AMillionATest()
{
using Sha512 sha = new Sha512();
byte[] actualHash = sha.ComputeHash(HashTestCaseHelper.GetAMillionA());
byte[] expectedHash = Helper.HexToBytes("e718483d0ce769644e2e42c7bc15b4638e1f98b13b2044285632a803afa973ebde0ff244877ea60a4cb0432ce577c31beb009c5c2c49aa2e4eadb217ad8cc09b");
Assert.Equal(expectedHash, actualHash);
}
public TechnicalUser(Login login, string password, SigningKey signingKey, TaxPayerId taxId, EncryptionKey encryptionKey)
{
Login = Check.NotNull(login, nameof(login));
PasswordHash = Sha512.GetHash(Check.NotNull(password, nameof(password)));
SigningKey = Check.NotNull(signingKey, nameof(signingKey));
TaxId = Check.NotNull(taxId, nameof(taxId));
EncryptionKey = Check.NotNull(encryptionKey, nameof(encryptionKey));
}
public static void Properties()
{
var a = new Sha512();
Assert.Equal(32, a.MinHashSize);
Assert.Equal(64, a.DefaultHashSize);
Assert.Equal(64, a.MaxHashSize);
}
public void Sha512Abc()
{
var message = new[] { (byte)'a', (byte)'b', (byte)'c' };
var hashExpected = _sha512HashAbc;
var hash = Sha512.Hash(message);
TestHelpers.AssertEqualBytes(hashExpected, hash);
}
public void ComputeHash_WithIndexTest()
{
using Sha512 sha = new Sha512();
byte[] data = Helper.HexToBytes("123fab54686520717569636b2062726f776e20666f78206a756d7073206f76657220746865206c617a7920646f67f3a25c92");
byte[] actualHash = sha.ComputeHash(data, 3, 43);
byte[] expectedHash = Helper.HexToBytes("07e547d9586f6a73f73fbac0435ed76951218fb7d0c8d788a309d785436bbb642e93a252a954f23912547d1e8a3b5ed6e1bfd7097821233fa0538f3db854fee6");
Assert.Equal(expectedHash, actualHash);
}
public static void Main()
{
const int n = 10000;
Thread.CurrentThread.CurrentCulture = CultureInfo.InvariantCulture;
Console.WriteLine("Architecture: {0} bit", IntPtr.Size * 8);
Console.WriteLine("CPU-Frequency: {0} MHz", Cpu.CpuFreq);
Cpu.Setup();
Console.WriteLine();
Console.ReadKey();
var m = new byte[100];
var seed = new byte[32];
byte[] privateKey;
byte[] publicKey;
Ed25519.KeyPairFromSeed(out publicKey, out privateKey, seed);
var sig = Ed25519.Sign(m, privateKey);
Ed25519.Sign(m, privateKey);
if (!Ed25519.Verify(sig, m, publicKey))
{
throw new Exception("Bug");
}
if (Ed25519.Verify(sig, m.Concat(new byte[] { 1 }).ToArray(), publicKey))
{
throw new Exception("Bug");
}
Console.BackgroundColor = ConsoleColor.Black;
{
Console.ForegroundColor = ConsoleColor.Yellow;
Console.WriteLine("=== Edwards ===");
Benchmark("KeyGen", () => Ed25519.KeyPairFromSeed(out publicKey, out privateKey, seed), n);
Benchmark("Sign", () => Ed25519.Sign(m, privateKey), n);
Benchmark("Verify", () => Ed25519.Verify(sig, m, publicKey), n);
Console.WriteLine();
}
foreach (var size in new[] { 144, 1000, 2048 })
{
Console.ForegroundColor = ConsoleColor.Yellow;
Console.WriteLine("=== Symmetric ({0}) ===", SizeToString(size));
var message = new byte[size];
var ciphertext = new byte[message.Length + 16];
var key = new byte[32];
var nonce = new byte[24];
Benchmark("SHA512Managed", () => new SHA512Managed().ComputeHash(message), n, size);
Benchmark("SHA512Cng", () => new SHA512Cng().ComputeHash(message), n, size);
Benchmark("SHA512CSP", () => new SHA512CryptoServiceProvider().ComputeHash(message), n, size);
Benchmark("SHA512Chaos", () => Sha512.Hash(message), n, size);
}
Console.ReadLine();
}
public tbl_AdminUsers SaveUser(string email, string userName, string password, int groupID, int userID)
{
if (userID == 0 && String.IsNullOrEmpty(password))
{
return(null);
}
password = String.IsNullOrEmpty(password) ? String.Empty : Sha512.GetSHA512Hash(password);
return(AdminUserRepository.SaveUser(email, userName, password, groupID, userID));
}
public static void HashEmptyWithSpan(int hashSize)
{
var a = new Sha512();
var expected = s_hashOfEmpty.DecodeHex().Substring(0, hashSize);
var actual = new byte[hashSize];
a.Hash(ReadOnlySpan <byte> .Empty, actual);
Assert.Equal(expected, actual);
}
public static void HashEmpty()
{
var a = new Sha512();
var expected = s_hashOfEmpty.DecodeHex();
var actual = a.Hash(ReadOnlySpan <byte> .Empty);
Assert.Equal(a.DefaultHashSize, actual.Length);
Assert.Equal(expected, actual);
}
public void TestSha512()
{
var sha512 = new Sha512();
var bytes = Encoding.UTF8.GetBytes("abc");
var hash = sha512.ComputeHash(bytes);
var sha512str = BitConverter.ToString(hash).Replace("-", "").ToLowerInvariant();
Assert.AreEqual(sha512str, "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f");
}
public void ComputeHash_DoubleTest()
{
using Sha512 sha = new Sha512(true);
var data = Helper.HexToBytes("fb8049137747e712628240cf6d7056ea2870170cb7d9bc713d91e901b514c6ae7d7dda3cd03ea1b99cf85046a505f3590541123d3f8f2c22c4d7d6e65de65c4ebb9251f09619");
byte[] actualHash = sha.ComputeHash(data);
byte[] expectedHash = Helper.HexToBytes("00920ac1123d211929f0ef40d0ab3775abc987c606219301eb5995ff1053043a3c24906e88a74e4b2d6e1f6aa830a4f8b7e5e6edb7d090d37033abe45153a8e2");
Assert.Equal(expectedHash, actualHash);
}
public static void Test(string msg, string digest)
{
var a = new Sha512();
var m = msg.DecodeHex();
var expected = digest.DecodeHex();
var actual = a.Hash(m, expected.Length);
Assert.Equal(expected, actual);
}
public void Sha512_Reuse()
{
var message = Enumerable.Range(1, 100).Select(i => (byte)i).ToArray();
var sha512Framework = new SHA512Managed();
var hashExpected = sha512Framework.ComputeHash(message);
var hasher = new Sha512();
hasher.Update(message, 0, message.Length);
var hash1 = hasher.Finish();
Assert.AreEqual(BitConverter.ToString(hashExpected), BitConverter.ToString(hash1));
hasher.Init();
hasher.Update(message, 0, message.Length);
var hash2 = hasher.Finish();
Assert.AreEqual(BitConverter.ToString(hashExpected), BitConverter.ToString(hash2));
}
public void Sha512_Reuse()
{
var message = Enumerable.Range(1, 100).Select(i => (byte)i).ToArray();
var sha512Framework = new SHA512Managed();
var hashExpected = sha512Framework.ComputeHash(message);
var hasher = new Sha512();
hasher.Update(message, 0, message.Length);
var hash1 = hasher.Finalize();
TestHelpers.AssertEqualBytes(hashExpected, hash1);
hasher.Init();
hasher.Update(message, 0, message.Length);
var hash2 = hasher.Finalize();
TestHelpers.AssertEqualBytes(hashExpected, hash2);
}
public void Sha512_Split()
{
// use only a subset of possible indices to speed up the test
var indices = Enumerable.Range(0, 300).Where(i => (i % 64) < 5 || (i % 64) > 64 - 5).ToArray();
var sha512Framework = new SHA512Managed();
foreach (var k in indices)
foreach (var m in indices)
foreach (var n in indices)
{
var message = Enumerable.Range(1, k + m + n).Select(i => (byte)i).ToArray();
var hashExpected = sha512Framework.ComputeHash(message);
var hasher = new Sha512();
hasher.Update(message, 0, k);
hasher.Update(message, k, m);
hasher.Update(message, k + m, n);
var hash = hasher.Finalize();
TestHelpers.AssertEqualBytes(hashExpected, hash);
}
}
/*public static void crypto_sign(
byte[] sm, out int smlen,
byte[] m, int mlen,
byte[] sk
)
{
byte[] az = new byte[64];
byte[] r = new byte[64];
byte[] hram = new byte[64];
GroupElementP3 R;
int i;
Helpers.crypto_hash_sha512(az, sk, 0, 32);
az[0] &= 248;
az[31] &= 63;
az[31] |= 64;
smlen = mlen + 64;
for (i = 0; i < mlen; ++i) sm[64 + i] = m[i];
for (i = 0; i < 32; ++i) sm[32 + i] = az[32 + i];
Helpers.crypto_hash_sha512(r, sm, 32, mlen + 32);
for (i = 0; i < 32; ++i) sm[32 + i] = sk[32 + i];
ScalarOperations.sc_reduce(r);
GroupOperations.ge_scalarmult_base(out R, r, 0);
GroupOperations.ge_p3_tobytes(sm, 0, ref R);
Helpers.crypto_hash_sha512(hram, sm, 0, mlen + 64);
ScalarOperations.sc_reduce(hram);
var sm32 = new byte[32];
Array.Copy(sm, 32, sm32, 0, 32);
ScalarOperations.sc_muladd(sm32, hram, az, r);
Array.Copy(sm32, 0, sm, 32, 32);
}*/
public static void crypto_sign2(
byte[] sig, int sigoffset,
byte[] m, int moffset, int mlen,
byte[] sk, int skoffset)
{
byte[] az;
byte[] r;
byte[] hram;
GroupElementP3 R;
var hasher = new Sha512();
{
hasher.Update(sk, skoffset, 32);
az = hasher.Finish();
az[0] &= 248;
az[31] &= 63;
az[31] |= 64;
hasher.Init();
hasher.Update(az, 32, 32);
hasher.Update(m, moffset, mlen);
r = hasher.Finish();
ScalarOperations.sc_reduce(r);
GroupOperations.ge_scalarmult_base(out R, r, 0);
GroupOperations.ge_p3_tobytes(sig, sigoffset, ref R);
hasher.Init();
hasher.Update(sig, sigoffset, 32);
hasher.Update(sk, skoffset + 32, 32);
hasher.Update(m, moffset, mlen);
hram = hasher.Finish();
ScalarOperations.sc_reduce(hram);
var s = new byte[32];//todo: remove allocation
Array.Copy(sig, sigoffset + 32, s, 0, 32);
ScalarOperations.sc_muladd(s, hram, az, r);
Array.Copy(s, 0, sig, sigoffset + 32, 32);
CryptoBytes.Wipe(s);
}
}
public void Sha512OutputSegmentsNull()
{
var sha512 = new Sha512();
sha512.Finalize(default(ArraySegment<byte>));
}
public void Sha512OutputSegments()
{
var message = new[] { (byte)'a', (byte)'b', (byte)'c' };
var hashExpected = _sha512HashAbc;
var sha512 = new Sha512();
sha512.Update(message, 0, message.Length);
var output = new byte[64].Pad();
sha512.Finalize(output);
TestHelpers.AssertEqualBytes(hashExpected, output.UnPad());
}
public void Sha512OutputSegmentsIncorretOutputSize()
{
var sha512 = new Sha512();
sha512.Finalize(new byte[32].Pad());
}
public void Sha512UpdateSegmentsNull()
{
var sha512 = new Sha512();
sha512.Update(default(ArraySegment<byte>));
}
