NIST validated Implementation of SHA-1 in Ada:

What's Here?

SHA is NSA's Secure Hash Algorithm (SHA). This is also referred to as the Secure Hash Standard (SHS). (: And if you don't know what NSA is you are behind the times in cryptography. :)

SHA-0 is defined in FIPS PUB 180, 11 May 1993.

SHA-1 is defined in FIPS PUB 180-1, 17 Apr 1995.

SHA produces a unique message digest given a stream of bits. The standard is actually defined in terms of bits, but most implementations only handle a stream of bytes. This implementation will take data in as either bits, bytes (8 bits), words (16 bits) or long words (32 bits) in any combination. (I know that this terminology may not agree with the underlying sizes on your machine, but I had to call the sizes something.) gives full information on the status of the various SHA-xxx standards.


The standard (180-1) gives three test cases to verify whether or not you've implemented the standard correctly. (The older standard (180) only had ONE test case!) My libraries have always passed those tests.

However, it is possible to have implementation errors that manage to pass those tests. (I know, I wrote an early one in C that was wrong but passed all of the standard's tests.)

Fortunately, NIST (National Institute of Standards and Technology) (A US government organization) decided that they needed to have better tests to validate implementations. As part of that project (Documented at they give example validation test data (and correct answers). My library ran against that data and produced the correct answers.

So, I submitted it for validation

NIST has now validated this implementation. Officially it is Certificate #39, issued on September 20th, 2000. (But the test was run back on September 7th, at 6pm EST) This validation is documented at

Availible Sources

You can freely use this under the GPL or BSD Open Source licenses

Note that last time I checked (Aug 2005), this was one of only seven implementations (Out of 370) that passed the full tests for bit strings instead of just for bytes. It is also, to the best of my knowledge, the only NIST validated implementation availiable under any open source license.

Note that this code works perfectly well on machines with different byte orders. (I've written several SHA-1 implimentations, but I've yet to write one that cares what the underlying byte order is.


I have an implementation of the old obsolete Original SHA-0 standard.

The validated version is:

There is also a Unix Tar file of this code, and compressed version.

Go to ...

This page is
© Copyright 2001 by John Halleck, All Rights Reserved.
This page was last modified on August 17th, 2005