/// <summary> /// Finalizes SHA-512 hashing /// </summary> /// <param name="output">Output buffer</param> public void Finalize(ArraySegment <byte> output) { Preconditions.NotNull(output.Array, nameof(output)); if (output.Count != 64) { throw new ArgumentException("Output should be 64 in length"); } Update(_padding, 0, _padding.Length); Array16 <ulong> block; ByteIntegerConverter.Array16LoadBigEndian64(out block, _buffer, 0); CryptoBytes.InternalWipe(_buffer, 0, _buffer.Length); int bytesInBuffer = (int)_totalBytes & (BlockSize - 1); if (bytesInBuffer > BlockSize - 16) { Sha512Internal.Core(out _state, ref _state, ref block); block = default(Array16 <ulong>); } block.x15 = (_totalBytes - 1) * 8; Sha512Internal.Core(out _state, ref _state, ref block); ByteIntegerConverter.StoreBigEndian64(output.Array, output.Offset + 0, _state.x0); ByteIntegerConverter.StoreBigEndian64(output.Array, output.Offset + 8, _state.x1); ByteIntegerConverter.StoreBigEndian64(output.Array, output.Offset + 16, _state.x2); ByteIntegerConverter.StoreBigEndian64(output.Array, output.Offset + 24, _state.x3); ByteIntegerConverter.StoreBigEndian64(output.Array, output.Offset + 32, _state.x4); ByteIntegerConverter.StoreBigEndian64(output.Array, output.Offset + 40, _state.x5); ByteIntegerConverter.StoreBigEndian64(output.Array, output.Offset + 48, _state.x6); ByteIntegerConverter.StoreBigEndian64(output.Array, output.Offset + 56, _state.x7); _state = default(Array8 <ulong>); }
internal static void Sha512Init(out Array8 <ulong> state) { state.x0 = 0x6a09e667f3bcc908; state.x1 = 0xbb67ae8584caa73b; state.x2 = 0x3c6ef372fe94f82b; state.x3 = 0xa54ff53a5f1d36f1; state.x4 = 0x510e527fade682d1; state.x5 = 0x9b05688c2b3e6c1f; state.x6 = 0x1f83d9abfb41bd6b; state.x7 = 0x5be0cd19137e2179; }
internal static void Core(out Array8 <ulong> outputState, ref Array8 <ulong> inputState, ref Array16 <ulong> input) { unchecked { var a = inputState.x0; var b = inputState.x1; var c = inputState.x2; var d = inputState.x3; var e = inputState.x4; var f = inputState.x5; var g = inputState.x6; var h = inputState.x7; var w0 = input.x0; var w1 = input.x1; var w2 = input.x2; var w3 = input.x3; var w4 = input.x4; var w5 = input.x5; var w6 = input.x6; var w7 = input.x7; var w8 = input.x8; var w9 = input.x9; var w10 = input.x10; var w11 = input.x11; var w12 = input.x12; var w13 = input.x13; var w14 = input.x14; var w15 = input.x15; int t = 0; while (true) { ulong t1, t2; {//0 t1 = h + ((e >> 14) ^ (e << (64 - 14)) ^ (e >> 18) ^ (e << (64 - 18)) ^ (e >> 41) ^ (e << (64 - 41))) + //Sigma1(e) ((e & f) ^ (~e & g)) + //Ch(e,f,g) K[t] + w0; t2 = ((a >> 28) ^ (a << (64 - 28)) ^ (a >> 34) ^ (a << (64 - 34)) ^ (a >> 39) ^ (a << (64 - 39))) + //Sigma0(a) ((a & b) ^ (a & c) ^ (b & c)); //Maj(a,b,c) h = g; g = f; f = e; e = d + t1; d = c; c = b; b = a; a = t1 + t2; t++; } {//1 t1 = h + ((e >> 14) ^ (e << (64 - 14)) ^ (e >> 18) ^ (e << (64 - 18)) ^ (e >> 41) ^ (e << (64 - 41))) + //Sigma1(e) ((e & f) ^ (~e & g)) + //Ch(e,f,g) K[t] + w1; t2 = ((a >> 28) ^ (a << (64 - 28)) ^ (a >> 34) ^ (a << (64 - 34)) ^ (a >> 39) ^ (a << (64 - 39))) + //Sigma0(a) ((a & b) ^ (a & c) ^ (b & c)); //Maj(a,b,c) h = g; g = f; f = e; e = d + t1; d = c; c = b; b = a; a = t1 + t2; t++; } {//2 t1 = h + ((e >> 14) ^ (e << (64 - 14)) ^ (e >> 18) ^ (e << (64 - 18)) ^ (e >> 41) ^ (e << (64 - 41))) + //Sigma1(e) ((e & f) ^ (~e & g)) + //Ch(e,f,g) K[t] + w2; t2 = ((a >> 28) ^ (a << (64 - 28)) ^ (a >> 34) ^ (a << (64 - 34)) ^ (a >> 39) ^ (a << (64 - 39))) + //Sigma0(a) ((a & b) ^ (a & c) ^ (b & c)); //Maj(a,b,c) h = g; g = f; f = e; e = d + t1; d = c; c = b; b = a; a = t1 + t2; t++; } {//3 t1 = h + ((e >> 14) ^ (e << (64 - 14)) ^ (e >> 18) ^ (e << (64 - 18)) ^ (e >> 41) ^ (e << (64 - 41))) + //Sigma1(e) ((e & f) ^ (~e & g)) + //Ch(e,f,g) K[t] + w3; t2 = ((a >> 28) ^ (a << (64 - 28)) ^ (a >> 34) ^ (a << (64 - 34)) ^ (a >> 39) ^ (a << (64 - 39))) + //Sigma0(a) ((a & b) ^ (a & c) ^ (b & c)); //Maj(a,b,c) h = g; g = f; f = e; e = d + t1; d = c; c = b; b = a; a = t1 + t2; t++; } {//4 t1 = h + ((e >> 14) ^ (e << (64 - 14)) ^ (e >> 18) ^ (e << (64 - 18)) ^ (e >> 41) ^ (e << (64 - 41))) + //Sigma1(e) ((e & f) ^ (~e & g)) + //Ch(e,f,g) K[t] + w4; t2 = ((a >> 28) ^ (a << (64 - 28)) ^ (a >> 34) ^ (a << (64 - 34)) ^ (a >> 39) ^ (a << (64 - 39))) + //Sigma0(a) ((a & b) ^ (a & c) ^ (b & c)); //Maj(a,b,c) h = g; g = f; f = e; e = d + t1; d = c; c = b; b = a; a = t1 + t2; t++; } {//5 t1 = h + ((e >> 14) ^ (e << (64 - 14)) ^ (e >> 18) ^ (e << (64 - 18)) ^ (e >> 41) ^ (e << (64 - 41))) + //Sigma1(e) ((e & f) ^ (~e & g)) + //Ch(e,f,g) K[t] + w5; t2 = ((a >> 28) ^ (a << (64 - 28)) ^ (a >> 34) ^ (a << (64 - 34)) ^ (a >> 39) ^ (a << (64 - 39))) + //Sigma0(a) ((a & b) ^ (a & c) ^ (b & c)); //Maj(a,b,c) h = g; g = f; f = e; e = d + t1; d = c; c = b; b = a; a = t1 + t2; t++; } {//6 t1 = h + ((e >> 14) ^ (e << (64 - 14)) ^ (e >> 18) ^ (e << (64 - 18)) ^ (e >> 41) ^ (e << (64 - 41))) + //Sigma1(e) ((e & f) ^ (~e & g)) + //Ch(e,f,g) K[t] + w6; t2 = ((a >> 28) ^ (a << (64 - 28)) ^ (a >> 34) ^ (a << (64 - 34)) ^ (a >> 39) ^ (a << (64 - 39))) + //Sigma0(a) ((a & b) ^ (a & c) ^ (b & c)); //Maj(a,b,c) h = g; g = f; f = e; e = d + t1; d = c; c = b; b = a; a = t1 + t2; t++; } {//7 t1 = h + ((e >> 14) ^ (e << (64 - 14)) ^ (e >> 18) ^ (e << (64 - 18)) ^ (e >> 41) ^ (e << (64 - 41))) + //Sigma1(e) ((e & f) ^ (~e & g)) + //Ch(e,f,g) K[t] + w7; t2 = ((a >> 28) ^ (a << (64 - 28)) ^ (a >> 34) ^ (a << (64 - 34)) ^ (a >> 39) ^ (a << (64 - 39))) + //Sigma0(a) ((a & b) ^ (a & c) ^ (b & c)); //Maj(a,b,c) h = g; g = f; f = e; e = d + t1; d = c; c = b; b = a; a = t1 + t2; t++; } {//8 t1 = h + ((e >> 14) ^ (e << (64 - 14)) ^ (e >> 18) ^ (e << (64 - 18)) ^ (e >> 41) ^ (e << (64 - 41))) + //Sigma1(e) ((e & f) ^ (~e & g)) + //Ch(e,f,g) K[t] + w8; t2 = ((a >> 28) ^ (a << (64 - 28)) ^ (a >> 34) ^ (a << (64 - 34)) ^ (a >> 39) ^ (a << (64 - 39))) + //Sigma0(a) ((a & b) ^ (a & c) ^ (b & c)); //Maj(a,b,c) h = g; g = f; f = e; e = d + t1; d = c; c = b; b = a; a = t1 + t2; t++; } {//9 t1 = h + ((e >> 14) ^ (e << (64 - 14)) ^ (e >> 18) ^ (e << (64 - 18)) ^ (e >> 41) ^ (e << (64 - 41))) + //Sigma1(e) ((e & f) ^ (~e & g)) + //Ch(e,f,g) K[t] + w9; t2 = ((a >> 28) ^ (a << (64 - 28)) ^ (a >> 34) ^ (a << (64 - 34)) ^ (a >> 39) ^ (a << (64 - 39))) + //Sigma0(a) ((a & b) ^ (a & c) ^ (b & c)); //Maj(a,b,c) h = g; g = f; f = e; e = d + t1; d = c; c = b; b = a; a = t1 + t2; t++; } {//10 t1 = h + ((e >> 14) ^ (e << (64 - 14)) ^ (e >> 18) ^ (e << (64 - 18)) ^ (e >> 41) ^ (e << (64 - 41))) + //Sigma1(e) ((e & f) ^ (~e & g)) + //Ch(e,f,g) K[t] + w10; t2 = ((a >> 28) ^ (a << (64 - 28)) ^ (a >> 34) ^ (a << (64 - 34)) ^ (a >> 39) ^ (a << (64 - 39))) + //Sigma0(a) ((a & b) ^ (a & c) ^ (b & c)); //Maj(a,b,c) h = g; g = f; f = e; e = d + t1; d = c; c = b; b = a; a = t1 + t2; t++; } {//11 t1 = h + ((e >> 14) ^ (e << (64 - 14)) ^ (e >> 18) ^ (e << (64 - 18)) ^ (e >> 41) ^ (e << (64 - 41))) + //Sigma1(e) ((e & f) ^ (~e & g)) + //Ch(e,f,g) K[t] + w11; t2 = ((a >> 28) ^ (a << (64 - 28)) ^ (a >> 34) ^ (a << (64 - 34)) ^ (a >> 39) ^ (a << (64 - 39))) + //Sigma0(a) ((a & b) ^ (a & c) ^ (b & c)); //Maj(a,b,c) h = g; g = f; f = e; e = d + t1; d = c; c = b; b = a; a = t1 + t2; t++; } {//12 t1 = h + ((e >> 14) ^ (e << (64 - 14)) ^ (e >> 18) ^ (e << (64 - 18)) ^ (e >> 41) ^ (e << (64 - 41))) + //Sigma1(e) ((e & f) ^ (~e & g)) + //Ch(e,f,g) K[t] + w12; t2 = ((a >> 28) ^ (a << (64 - 28)) ^ (a >> 34) ^ (a << (64 - 34)) ^ (a >> 39) ^ (a << (64 - 39))) + //Sigma0(a) ((a & b) ^ (a & c) ^ (b & c)); //Maj(a,b,c) h = g; g = f; f = e; e = d + t1; d = c; c = b; b = a; a = t1 + t2; t++; } {//13 t1 = h + ((e >> 14) ^ (e << (64 - 14)) ^ (e >> 18) ^ (e << (64 - 18)) ^ (e >> 41) ^ (e << (64 - 41))) + //Sigma1(e) ((e & f) ^ (~e & g)) + //Ch(e,f,g) K[t] + w13; t2 = ((a >> 28) ^ (a << (64 - 28)) ^ (a >> 34) ^ (a << (64 - 34)) ^ (a >> 39) ^ (a << (64 - 39))) + //Sigma0(a) ((a & b) ^ (a & c) ^ (b & c)); //Maj(a,b,c) h = g; g = f; f = e; e = d + t1; d = c; c = b; b = a; a = t1 + t2; t++; } {//14 t1 = h + ((e >> 14) ^ (e << (64 - 14)) ^ (e >> 18) ^ (e << (64 - 18)) ^ (e >> 41) ^ (e << (64 - 41))) + //Sigma1(e) ((e & f) ^ (~e & g)) + //Ch(e,f,g) K[t] + w14; t2 = ((a >> 28) ^ (a << (64 - 28)) ^ (a >> 34) ^ (a << (64 - 34)) ^ (a >> 39) ^ (a << (64 - 39))) + //Sigma0(a) ((a & b) ^ (a & c) ^ (b & c)); //Maj(a,b,c) h = g; g = f; f = e; e = d + t1; d = c; c = b; b = a; a = t1 + t2; t++; } {//15 t1 = h + ((e >> 14) ^ (e << (64 - 14)) ^ (e >> 18) ^ (e << (64 - 18)) ^ (e >> 41) ^ (e << (64 - 41))) + //Sigma1(e) ((e & f) ^ (~e & g)) + //Ch(e,f,g) K[t] + w15; t2 = ((a >> 28) ^ (a << (64 - 28)) ^ (a >> 34) ^ (a << (64 - 34)) ^ (a >> 39) ^ (a << (64 - 39))) + //Sigma0(a) ((a & b) ^ (a & c) ^ (b & c)); //Maj(a,b,c) h = g; g = f; f = e; e = d + t1; d = c; c = b; b = a; a = t1 + t2; t++; } if (t == 80) { break; } w0 += ((w14 >> 19) ^ (w14 << (64 - 19)) ^ (w14 >> 61) ^ (w14 << (64 - 61)) ^ (w14 >> 6)) + w9 + ((w1 >> 1) ^ (w1 << (64 - 1)) ^ (w1 >> 8) ^ (w1 << (64 - 8)) ^ (w1 >> 7)); w1 += ((w15 >> 19) ^ (w15 << (64 - 19)) ^ (w15 >> 61) ^ (w15 << (64 - 61)) ^ (w15 >> 6)) + w10 + ((w2 >> 1) ^ (w2 << (64 - 1)) ^ (w2 >> 8) ^ (w2 << (64 - 8)) ^ (w2 >> 7)); w2 += ((w0 >> 19) ^ (w0 << (64 - 19)) ^ (w0 >> 61) ^ (w0 << (64 - 61)) ^ (w0 >> 6)) + w11 + ((w3 >> 1) ^ (w3 << (64 - 1)) ^ (w3 >> 8) ^ (w3 << (64 - 8)) ^ (w3 >> 7)); w3 += ((w1 >> 19) ^ (w1 << (64 - 19)) ^ (w1 >> 61) ^ (w1 << (64 - 61)) ^ (w1 >> 6)) + w12 + ((w4 >> 1) ^ (w4 << (64 - 1)) ^ (w4 >> 8) ^ (w4 << (64 - 8)) ^ (w4 >> 7)); w4 += ((w2 >> 19) ^ (w2 << (64 - 19)) ^ (w2 >> 61) ^ (w2 << (64 - 61)) ^ (w2 >> 6)) + w13 + ((w5 >> 1) ^ (w5 << (64 - 1)) ^ (w5 >> 8) ^ (w5 << (64 - 8)) ^ (w5 >> 7)); w5 += ((w3 >> 19) ^ (w3 << (64 - 19)) ^ (w3 >> 61) ^ (w3 << (64 - 61)) ^ (w3 >> 6)) + w14 + ((w6 >> 1) ^ (w6 << (64 - 1)) ^ (w6 >> 8) ^ (w6 << (64 - 8)) ^ (w6 >> 7)); w6 += ((w4 >> 19) ^ (w4 << (64 - 19)) ^ (w4 >> 61) ^ (w4 << (64 - 61)) ^ (w4 >> 6)) + w15 + ((w7 >> 1) ^ (w7 << (64 - 1)) ^ (w7 >> 8) ^ (w7 << (64 - 8)) ^ (w7 >> 7)); w7 += ((w5 >> 19) ^ (w5 << (64 - 19)) ^ (w5 >> 61) ^ (w5 << (64 - 61)) ^ (w5 >> 6)) + w0 + ((w8 >> 1) ^ (w8 << (64 - 1)) ^ (w8 >> 8) ^ (w8 << (64 - 8)) ^ (w8 >> 7)); w8 += ((w6 >> 19) ^ (w6 << (64 - 19)) ^ (w6 >> 61) ^ (w6 << (64 - 61)) ^ (w6 >> 6)) + w1 + ((w9 >> 1) ^ (w9 << (64 - 1)) ^ (w9 >> 8) ^ (w9 << (64 - 8)) ^ (w9 >> 7)); w9 += ((w7 >> 19) ^ (w7 << (64 - 19)) ^ (w7 >> 61) ^ (w7 << (64 - 61)) ^ (w7 >> 6)) + w2 + ((w10 >> 1) ^ (w10 << (64 - 1)) ^ (w10 >> 8) ^ (w10 << (64 - 8)) ^ (w10 >> 7)); w10 += ((w8 >> 19) ^ (w8 << (64 - 19)) ^ (w8 >> 61) ^ (w8 << (64 - 61)) ^ (w8 >> 6)) + w3 + ((w11 >> 1) ^ (w11 << (64 - 1)) ^ (w11 >> 8) ^ (w11 << (64 - 8)) ^ (w11 >> 7)); w11 += ((w9 >> 19) ^ (w9 << (64 - 19)) ^ (w9 >> 61) ^ (w9 << (64 - 61)) ^ (w9 >> 6)) + w4 + ((w12 >> 1) ^ (w12 << (64 - 1)) ^ (w12 >> 8) ^ (w12 << (64 - 8)) ^ (w12 >> 7)); w12 += ((w10 >> 19) ^ (w10 << (64 - 19)) ^ (w10 >> 61) ^ (w10 << (64 - 61)) ^ (w10 >> 6)) + w5 + ((w13 >> 1) ^ (w13 << (64 - 1)) ^ (w13 >> 8) ^ (w13 << (64 - 8)) ^ (w13 >> 7)); w13 += ((w11 >> 19) ^ (w11 << (64 - 19)) ^ (w11 >> 61) ^ (w11 << (64 - 61)) ^ (w11 >> 6)) + w6 + ((w14 >> 1) ^ (w14 << (64 - 1)) ^ (w14 >> 8) ^ (w14 << (64 - 8)) ^ (w14 >> 7)); w14 += ((w12 >> 19) ^ (w12 << (64 - 19)) ^ (w12 >> 61) ^ (w12 << (64 - 61)) ^ (w12 >> 6)) + w7 + ((w15 >> 1) ^ (w15 << (64 - 1)) ^ (w15 >> 8) ^ (w15 << (64 - 8)) ^ (w15 >> 7)); w15 += ((w13 >> 19) ^ (w13 << (64 - 19)) ^ (w13 >> 61) ^ (w13 << (64 - 61)) ^ (w13 >> 6)) + w8 + ((w0 >> 1) ^ (w0 << (64 - 1)) ^ (w0 >> 8) ^ (w0 << (64 - 8)) ^ (w0 >> 7)); } outputState.x0 = inputState.x0 + a; outputState.x1 = inputState.x1 + b; outputState.x2 = inputState.x2 + c; outputState.x3 = inputState.x3 + d; outputState.x4 = inputState.x4 + e; outputState.x5 = inputState.x5 + f; outputState.x6 = inputState.x6 + g; outputState.x7 = inputState.x7 + h; } }