or is the algorithm custom implemented by Microsoft? i tested that SHA1 computed using OpenSSL on mac is equivalent to the hash computed in C# using system.security.cryptography.sha1.
views:
42answers:
2Microsoft almost certainly have their own implementation.
SHA-1 is a (deterministic) hash function, so you ought to get the same results with two distinct implementations if you apply it to the same input data. If you don't, it doesn't just mean the two implementations are distinct, it also means that one of them is buggy.
System.Security.Cryptography.SHA1 is an abstract class. It has three implementations:
- SHA1Managed: an implementation in pure C#
- SHA1CryptoServiceProvider: an implementation provided by Windows
- SHA1Cng: another ("next generation") implementation provided by Windows
So, no, none of the implementations that ship with the .NET Framework use OpenSSL internally.
Mono ships with different implementations for these classes. They all use the same implementation which is written in pure C#.
The reason why you're getting the same result is that the SHA1 algorithm is deterministic, i.e. it always produces exactly the same result for the same input.