The class comment for SecureHashAlgorithm says it implements the SHA 
standard, but I'm not sure it's padding correctly.

My reading of the standard is that all messages -- including zero length 
messages -- should be padded to 512 bit size in a certain way.

See section "4. Message Padding" of 
http://www.itl.nist.gov/fipspubs/fip180-1.htm

My reading of the code is that it explicitly fails with an error for 
zero length messages, and pads to 64 bit sizes.

Am I nuts?

-- 
Howard Stearns
AIM: qwaqHoward
Qwaq: +1-650-331-1437
office: +1-608-850-4482
mobile: +1-608-658-2419