[ Index ]

PHP Cross Reference of Unnamed Project

title

Body

[close]

/se3-unattended/var/se3/unattended/install/linuxaux/opt/perl/lib/5.10.0/i586-linux-thread-multi/Digest/ -> SHA.pm (source)

   1  package Digest::SHA;
   2  
   3  require 5.003000;
   4  
   5  use strict;
   6  use integer;
   7  use vars qw($VERSION @ISA @EXPORT @EXPORT_OK);
   8  
   9  $VERSION = '5.45';
  10  
  11  require Exporter;
  12  require DynaLoader;
  13  @ISA = qw(Exporter DynaLoader);
  14  @EXPORT_OK = qw(
  15      hmac_sha1    hmac_sha1_base64    hmac_sha1_hex
  16      hmac_sha224    hmac_sha224_base64    hmac_sha224_hex
  17      hmac_sha256    hmac_sha256_base64    hmac_sha256_hex
  18      hmac_sha384    hmac_sha384_base64    hmac_sha384_hex
  19      hmac_sha512    hmac_sha512_base64    hmac_sha512_hex
  20      sha1        sha1_base64        sha1_hex
  21      sha224        sha224_base64        sha224_hex
  22      sha256        sha256_base64        sha256_hex
  23      sha384        sha384_base64        sha384_hex
  24      sha512        sha512_base64        sha512_hex);
  25  
  26  # If possible, inherit from Digest::base (which depends on MIME::Base64)
  27  
  28  *addfile = \&Addfile;
  29  
  30  eval {
  31      require MIME::Base64;
  32      require Digest::base;
  33      push(@ISA, 'Digest::base');
  34  };
  35  if ($@) {
  36      *hexdigest = \&Hexdigest;
  37      *b64digest = \&B64digest;
  38  }
  39  
  40  # The following routines aren't time-critical, so they can be left in Perl
  41  
  42  sub new {
  43      my($class, $alg) = @_;
  44      $alg =~ s/\D+//g if defined $alg;
  45      if (ref($class)) {    # instance method
  46          unless (defined($alg) && ($alg != $class->algorithm)) {
  47              sharewind($$class);
  48              return($class);
  49          }
  50          shaclose($$class) if $$class;
  51          $$class = shaopen($alg) || return;
  52          return($class);
  53      }
  54      $alg = 1 unless defined $alg;
  55      my $state = shaopen($alg) || return;
  56      my $self = \$state;
  57      bless($self, $class);
  58      return($self);
  59  }
  60  
  61  sub DESTROY {
  62      my $self = shift;
  63      shaclose($$self) if $$self;
  64  }
  65  
  66  sub clone {
  67      my $self = shift;
  68      my $state = shadup($$self) || return;
  69      my $copy = \$state;
  70      bless($copy, ref($self));
  71      return($copy);
  72  }
  73  
  74  *reset = \&new;
  75  
  76  sub add_bits {
  77      my($self, $data, $nbits) = @_;
  78      unless (defined $nbits) {
  79          $nbits = length($data);
  80          $data = pack("B*", $data);
  81      }
  82      shawrite($data, $nbits, $$self);
  83      return($self);
  84  }
  85  
  86  sub _bail {
  87      my $msg = shift;
  88  
  89          require Carp;
  90          Carp::croak("$msg: $!");
  91  }
  92  
  93  sub _addfile {  # this is "addfile" from Digest::base 1.00
  94      my ($self, $handle) = @_;
  95  
  96      my $n;
  97      my $buf = "";
  98  
  99      while (($n = read($handle, $buf, 4096))) {
 100          $self->add($buf);
 101      }
 102      _bail("Read failed") unless defined $n;
 103  
 104      $self;
 105  }
 106  
 107  sub Addfile {
 108      my ($self, $file, $mode) = @_;
 109  
 110      return(_addfile($self, $file)) unless ref(\$file) eq 'SCALAR';
 111  
 112      $mode = defined($mode) ? $mode : "";
 113      my ($binary, $portable) = map { $_ eq $mode } ("b", "p");
 114      my $text = -T $file;
 115  
 116      local *FH;
 117      open(FH, "<$file") or _bail("Open failed");
 118      binmode(FH) if $binary || $portable;
 119  
 120      unless ($portable && $text) {
 121          $self->_addfile(*FH);
 122          close(FH);
 123          return($self);
 124      }
 125  
 126      my ($n1, $n2);
 127      my ($buf1, $buf2) = ("", "");
 128  
 129      while (($n1 = read(FH, $buf1, 4096))) {
 130          while (substr($buf1, -1) eq "\015") {
 131              $n2 = read(FH, $buf2, 4096);
 132              _bail("Read failed") unless defined $n2;
 133              last unless $n2;
 134              $buf1 .= $buf2;
 135          }
 136          $buf1 =~ s/\015?\015\012/\012/g;     # DOS/Windows
 137          $buf1 =~ s/\015/\012/g;              # early MacOS
 138          $self->add($buf1);
 139      }
 140      _bail("Read failed") unless defined $n1;
 141      close(FH);
 142  
 143      $self;
 144  }
 145  
 146  sub dump {
 147      my $self = shift;
 148      my $file = shift || "";
 149  
 150      shadump($file, $$self) || return;
 151      return($self);
 152  }
 153  
 154  sub load {
 155      my $class = shift;
 156      my $file = shift || "";
 157      if (ref($class)) {    # instance method
 158          shaclose($$class) if $$class;
 159          $$class = shaload($file) || return;
 160          return($class);
 161      }
 162      my $state = shaload($file) || return;
 163      my $self = \$state;
 164      bless($self, $class);
 165      return($self);
 166  }
 167  
 168  Digest::SHA->bootstrap($VERSION);
 169  
 170  1;
 171  __END__
 172  
 173  =head1 NAME
 174  
 175  Digest::SHA - Perl extension for SHA-1/224/256/384/512
 176  
 177  =head1 SYNOPSIS
 178  
 179  In programs:
 180  
 181          # Functional interface
 182  
 183      use Digest::SHA qw(sha1 sha1_hex sha1_base64 ...);
 184  
 185      $digest = sha1($data);
 186      $digest = sha1_hex($data);
 187      $digest = sha1_base64($data);
 188  
 189      $digest = sha256($data);
 190      $digest = sha384_hex($data);
 191      $digest = sha512_base64($data);
 192  
 193          # Object-oriented
 194  
 195      use Digest::SHA;
 196  
 197      $sha = Digest::SHA->new($alg);
 198  
 199      $sha->add($data);        # feed data into stream
 200  
 201      $sha->addfile(*F);
 202      $sha->addfile($filename);
 203  
 204      $sha->add_bits($bits);
 205      $sha->add_bits($data, $nbits);
 206  
 207      $sha_copy = $sha->clone;    # if needed, make copy of
 208      $sha->dump($file);        #    current digest state,
 209      $sha->load($file);        #    or save it on disk
 210  
 211      $digest = $sha->digest;        # compute digest
 212      $digest = $sha->hexdigest;
 213      $digest = $sha->b64digest;
 214  
 215  From the command line:
 216  
 217      $ shasum files
 218  
 219      $ shasum --help
 220  
 221  =head1 SYNOPSIS (HMAC-SHA)
 222  
 223          # Functional interface only
 224  
 225      use Digest::SHA qw(hmac_sha1 hmac_sha1_hex ...);
 226  
 227      $digest = hmac_sha1($data, $key);
 228      $digest = hmac_sha224_hex($data, $key);
 229      $digest = hmac_sha256_base64($data, $key);
 230  
 231  =head1 ABSTRACT
 232  
 233  Digest::SHA is a complete implementation of the NIST Secure Hash
 234  Standard.  It gives Perl programmers a convenient way to calculate
 235  SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 message digests.
 236  The module can handle all types of input, including partial-byte
 237  data.
 238  
 239  =head1 DESCRIPTION
 240  
 241  Digest::SHA is written in C for speed.  If your platform lacks a
 242  C compiler, you can install the functionally equivalent (but much
 243  slower) L<Digest::SHA::PurePerl> module.
 244  
 245  The programming interface is easy to use: it's the same one found
 246  in CPAN's L<Digest> module.  So, if your applications currently
 247  use L<Digest::MD5> and you'd prefer the stronger security of SHA,
 248  it's a simple matter to convert them.
 249  
 250  The interface provides two ways to calculate digests:  all-at-once,
 251  or in stages.  To illustrate, the following short program computes
 252  the SHA-256 digest of "hello world" using each approach:
 253  
 254      use Digest::SHA qw(sha256_hex);
 255  
 256      $data = "hello world";
 257      @frags = split(//, $data);
 258  
 259      # all-at-once (Functional style)
 260      $digest1 = sha256_hex($data);
 261  
 262      # in-stages (OOP style)
 263      $state = Digest::SHA->new(256);
 264      for (@frags) { $state->add($_) }
 265      $digest2 = $state->hexdigest;
 266  
 267      print $digest1 eq $digest2 ?
 268          "whew!\n" : "oops!\n";
 269  
 270  To calculate the digest of an n-bit message where I<n> is not a
 271  multiple of 8, use the I<add_bits()> method.  For example, consider
 272  the 446-bit message consisting of the bit-string "110" repeated
 273  148 times, followed by "11".  Here's how to display its SHA-1
 274  digest:
 275  
 276      use Digest::SHA;
 277      $bits = "110" x 148 . "11";
 278      $sha = Digest::SHA->new(1)->add_bits($bits);
 279      print $sha->hexdigest, "\n";
 280  
 281  Note that for larger bit-strings, it's more efficient to use the
 282  two-argument version I<add_bits($data, $nbits)>, where I<$data> is
 283  in the customary packed binary format used for Perl strings.
 284  
 285  The module also lets you save intermediate SHA states to disk, or
 286  display them on standard output.  The I<dump()> method generates
 287  portable, human-readable text describing the current state of
 288  computation.  You can subsequently retrieve the file with I<load()>
 289  to resume where the calculation left off.
 290  
 291  To see what a state description looks like, just run the following:
 292  
 293      use Digest::SHA;
 294      Digest::SHA->new->add("Shaw" x 1962)->dump;
 295  
 296  As an added convenience, the Digest::SHA module offers routines to
 297  calculate keyed hashes using the HMAC-SHA-1/224/256/384/512
 298  algorithms.  These services exist in functional form only, and
 299  mimic the style and behavior of the I<sha()>, I<sha_hex()>, and
 300  I<sha_base64()> functions.
 301  
 302      # Test vector from draft-ietf-ipsec-ciph-sha-256-01.txt
 303  
 304      use Digest::SHA qw(hmac_sha256_hex);
 305      print hmac_sha256_hex("Hi There", chr(0x0b) x 32), "\n";
 306  
 307  =head1 NIST STATEMENT ON SHA-1
 308  
 309  I<NIST was recently informed that researchers had discovered a way
 310  to "break" the current Federal Information Processing Standard SHA-1
 311  algorithm, which has been in effect since 1994. The researchers
 312  have not yet published their complete results, so NIST has not
 313  confirmed these findings. However, the researchers are a reputable
 314  research team with expertise in this area.>
 315  
 316  I<Due to advances in computing power, NIST already planned to phase
 317  out SHA-1 in favor of the larger and stronger hash functions (SHA-224,
 318  SHA-256, SHA-384 and SHA-512) by 2010. New developments should use
 319  the larger and stronger hash functions.>
 320  
 321  ref. L<http://www.csrc.nist.gov/pki/HashWorkshop/NIST%20Statement/Burr_Mar2005.html>
 322  
 323  =head1 PADDING OF BASE64 DIGESTS
 324  
 325  By convention, CPAN Digest modules do B<not> pad their Base64 output.
 326  Problems can occur when feeding such digests to other software that
 327  expects properly padded Base64 encodings.
 328  
 329  For the time being, any necessary padding must be done by the user.
 330  Fortunately, this is a simple operation: if the length of a Base64-encoded
 331  digest isn't a multiple of 4, simply append "=" characters to the end
 332  of the digest until it is:
 333  
 334      while (length($b64_digest) % 4) {
 335          $b64_digest .= '=';
 336      }
 337  
 338  To illustrate, I<sha256_base64("abc")> is computed to be
 339  
 340      ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0
 341  
 342  which has a length of 43.  So, the properly padded version is
 343  
 344      ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0=
 345  
 346  =head1 EXPORT
 347  
 348  None by default.
 349  
 350  =head1 EXPORTABLE FUNCTIONS
 351  
 352  Provided your C compiler supports a 64-bit type (e.g. the I<long
 353  long> of C99, or I<__int64> used by Microsoft C/C++), all of these
 354  functions will be available for use.  Otherwise, you won't be able
 355  to perform the SHA-384 and SHA-512 transforms, both of which require
 356  64-bit operations.
 357  
 358  I<Functional style>
 359  
 360  =over 4
 361  
 362  =item B<sha1($data, ...)>
 363  
 364  =item B<sha224($data, ...)>
 365  
 366  =item B<sha256($data, ...)>
 367  
 368  =item B<sha384($data, ...)>
 369  
 370  =item B<sha512($data, ...)>
 371  
 372  Logically joins the arguments into a single string, and returns
 373  its SHA-1/224/256/384/512 digest encoded as a binary string.
 374  
 375  =item B<sha1_hex($data, ...)>
 376  
 377  =item B<sha224_hex($data, ...)>
 378  
 379  =item B<sha256_hex($data, ...)>
 380  
 381  =item B<sha384_hex($data, ...)>
 382  
 383  =item B<sha512_hex($data, ...)>
 384  
 385  Logically joins the arguments into a single string, and returns
 386  its SHA-1/224/256/384/512 digest encoded as a hexadecimal string.
 387  
 388  =item B<sha1_base64($data, ...)>
 389  
 390  =item B<sha224_base64($data, ...)>
 391  
 392  =item B<sha256_base64($data, ...)>
 393  
 394  =item B<sha384_base64($data, ...)>
 395  
 396  =item B<sha512_base64($data, ...)>
 397  
 398  Logically joins the arguments into a single string, and returns
 399  its SHA-1/224/256/384/512 digest encoded as a Base64 string.
 400  
 401  It's important to note that the resulting string does B<not> contain
 402  the padding characters typical of Base64 encodings.  This omission is
 403  deliberate, and is done to maintain compatibility with the family of
 404  CPAN Digest modules.  See L</"PADDING OF BASE64 DIGESTS"> for details.
 405  
 406  =back
 407  
 408  I<OOP style>
 409  
 410  =over 4
 411  
 412  =item B<new($alg)>
 413  
 414  Returns a new Digest::SHA object.  Allowed values for I<$alg> are
 415  1, 224, 256, 384, or 512.  It's also possible to use common string
 416  representations of the algorithm (e.g. "sha256", "SHA-384").  If
 417  the argument is missing, SHA-1 will be used by default.
 418  
 419  Invoking I<new> as an instance method will not create a new object;
 420  instead, it will simply reset the object to the initial state
 421  associated with I<$alg>.  If the argument is missing, the object
 422  will continue using the same algorithm that was selected at creation.
 423  
 424  =item B<reset($alg)>
 425  
 426  This method has exactly the same effect as I<new($alg)>.  In fact,
 427  I<reset> is just an alias for I<new>.
 428  
 429  =item B<hashsize>
 430  
 431  Returns the number of digest bits for this object.  The values are
 432  160, 224, 256, 384, and 512 for SHA-1, SHA-224, SHA-256, SHA-384,
 433  and SHA-512, respectively.
 434  
 435  =item B<algorithm>
 436  
 437  Returns the digest algorithm for this object.  The values are 1,
 438  224, 256, 384, and 512 for SHA-1, SHA-224, SHA-256, SHA-384, and
 439  SHA-512, respectively.
 440  
 441  =item B<clone>
 442  
 443  Returns a duplicate copy of the object.
 444  
 445  =item B<add($data, ...)>
 446  
 447  Logically joins the arguments into a single string, and uses it to
 448  update the current digest state.  In other words, the following
 449  statements have the same effect:
 450  
 451      $sha->add("a"); $sha->add("b"); $sha->add("c");
 452      $sha->add("a")->add("b")->add("c");
 453      $sha->add("a", "b", "c");
 454      $sha->add("abc");
 455  
 456  The return value is the updated object itself.
 457  
 458  =item B<add_bits($data, $nbits)>
 459  
 460  =item B<add_bits($bits)>
 461  
 462  Updates the current digest state by appending bits to it.  The
 463  return value is the updated object itself.
 464  
 465  The first form causes the most-significant I<$nbits> of I<$data>
 466  to be appended to the stream.  The I<$data> argument is in the
 467  customary binary format used for Perl strings.
 468  
 469  The second form takes an ASCII string of "0" and "1" characters as
 470  its argument.  It's equivalent to
 471  
 472      $sha->add_bits(pack("B*", $bits), length($bits));
 473  
 474  So, the following two statements do the same thing:
 475  
 476      $sha->add_bits("111100001010");
 477      $sha->add_bits("\xF0\xA0", 12);
 478  
 479  =item B<addfile(*FILE)>
 480  
 481  Reads from I<FILE> until EOF, and appends that data to the current
 482  state.  The return value is the updated object itself.
 483  
 484  =item B<addfile($filename [, $mode])>
 485  
 486  Reads the contents of I<$filename>, and appends that data to the current
 487  state.  The return value is the updated object itself.
 488  
 489  By default, I<$filename> is simply opened and read; no special modes
 490  or I/O disciplines are used.  To change this, set the optional I<$mode>
 491  argument to one of the following values:
 492  
 493      "b"    read file in binary mode
 494  
 495      "p"    use portable mode
 496  
 497  The "p" mode is handy since it ensures that the digest value of
 498  I<$filename> will be the same when computed on different operating
 499  systems.  It accomplishes this by internally translating all newlines
 500  in text files to UNIX format before calculating the digest; on the other
 501  hand, binary files are read in raw mode with no translation whatsoever.
 502  
 503  For a fuller discussion of newline formats, refer to CPAN module
 504  L<File::LocalizeNewlines>.  Its "universal line separator" regex forms
 505  the basis of I<addfile>'s portable mode processing.
 506  
 507  =item B<dump($filename)>
 508  
 509  Provides persistent storage of intermediate SHA states by writing
 510  a portable, human-readable representation of the current state to
 511  I<$filename>.  If the argument is missing, or equal to the empty
 512  string, the state information will be written to STDOUT.
 513  
 514  =item B<load($filename)>
 515  
 516  Returns a Digest::SHA object representing the intermediate SHA
 517  state that was previously dumped to I<$filename>.  If called as a
 518  class method, a new object is created; if called as an instance
 519  method, the object is reset to the state contained in I<$filename>.
 520  If the argument is missing, or equal to the empty string, the state
 521  information will be read from STDIN.
 522  
 523  =item B<digest>
 524  
 525  Returns the digest encoded as a binary string.
 526  
 527  Note that the I<digest> method is a read-once operation. Once it
 528  has been performed, the Digest::SHA object is automatically reset
 529  in preparation for calculating another digest value.  Call
 530  I<$sha-E<gt>clone-E<gt>digest> if it's necessary to preserve the
 531  original digest state.
 532  
 533  =item B<hexdigest>
 534  
 535  Returns the digest encoded as a hexadecimal string.
 536  
 537  Like I<digest>, this method is a read-once operation.  Call
 538  I<$sha-E<gt>clone-E<gt>hexdigest> if it's necessary to preserve
 539  the original digest state.
 540  
 541  This method is inherited if L<Digest::base> is installed on your
 542  system.  Otherwise, a functionally equivalent substitute is used.
 543  
 544  =item B<b64digest>
 545  
 546  Returns the digest encoded as a Base64 string.
 547  
 548  Like I<digest>, this method is a read-once operation.  Call
 549  I<$sha-E<gt>clone-E<gt>b64digest> if it's necessary to preserve
 550  the original digest state.
 551  
 552  This method is inherited if L<Digest::base> is installed on your
 553  system.  Otherwise, a functionally equivalent substitute is used.
 554  
 555  It's important to note that the resulting string does B<not> contain
 556  the padding characters typical of Base64 encodings.  This omission is
 557  deliberate, and is done to maintain compatibility with the family of
 558  CPAN Digest modules.  See L</"PADDING OF BASE64 DIGESTS"> for details.
 559  
 560  =back
 561  
 562  I<HMAC-SHA-1/224/256/384/512>
 563  
 564  =over 4
 565  
 566  =item B<hmac_sha1($data, $key)>
 567  
 568  =item B<hmac_sha224($data, $key)>
 569  
 570  =item B<hmac_sha256($data, $key)>
 571  
 572  =item B<hmac_sha384($data, $key)>
 573  
 574  =item B<hmac_sha512($data, $key)>
 575  
 576  Returns the HMAC-SHA-1/224/256/384/512 digest of I<$data>/I<$key>,
 577  with the result encoded as a binary string.  Multiple I<$data>
 578  arguments are allowed, provided that I<$key> is the last argument
 579  in the list.
 580  
 581  =item B<hmac_sha1_hex($data, $key)>
 582  
 583  =item B<hmac_sha224_hex($data, $key)>
 584  
 585  =item B<hmac_sha256_hex($data, $key)>
 586  
 587  =item B<hmac_sha384_hex($data, $key)>
 588  
 589  =item B<hmac_sha512_hex($data, $key)>
 590  
 591  Returns the HMAC-SHA-1/224/256/384/512 digest of I<$data>/I<$key>,
 592  with the result encoded as a hexadecimal string.  Multiple I<$data>
 593  arguments are allowed, provided that I<$key> is the last argument
 594  in the list.
 595  
 596  =item B<hmac_sha1_base64($data, $key)>
 597  
 598  =item B<hmac_sha224_base64($data, $key)>
 599  
 600  =item B<hmac_sha256_base64($data, $key)>
 601  
 602  =item B<hmac_sha384_base64($data, $key)>
 603  
 604  =item B<hmac_sha512_base64($data, $key)>
 605  
 606  Returns the HMAC-SHA-1/224/256/384/512 digest of I<$data>/I<$key>,
 607  with the result encoded as a Base64 string.  Multiple I<$data>
 608  arguments are allowed, provided that I<$key> is the last argument
 609  in the list.
 610  
 611  It's important to note that the resulting string does B<not> contain
 612  the padding characters typical of Base64 encodings.  This omission is
 613  deliberate, and is done to maintain compatibility with the family of
 614  CPAN Digest modules.  See L</"PADDING OF BASE64 DIGESTS"> for details.
 615  
 616  =back
 617  
 618  =head1 SEE ALSO
 619  
 620  L<Digest>, L<Digest::SHA::PurePerl>
 621  
 622  The Secure Hash Standard (FIPS PUB 180-2) can be found at:
 623  
 624  L<http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf>
 625  
 626  The Keyed-Hash Message Authentication Code (HMAC):
 627  
 628  L<http://csrc.nist.gov/publications/fips/fips198/fips-198a.pdf>
 629  
 630  =head1 AUTHOR
 631  
 632      Mark Shelor    <mshelor@cpan.org>
 633  
 634  =head1 ACKNOWLEDGMENTS
 635  
 636  The author is particularly grateful to
 637  
 638      Gisle Aas
 639      Chris Carey
 640      Jim Doble
 641      Julius Duque
 642      Jeffrey Friedl
 643      Robert Gilmour
 644      Brian Gladman
 645      Adam Kennedy
 646      Andy Lester
 647      Alex Muntada
 648      Steve Peters
 649      Chris Skiscim
 650      Martin Thurn
 651      Gunnar Wolf
 652      Adam Woodbury
 653  
 654  for their valuable comments and suggestions.
 655  
 656  =head1 COPYRIGHT AND LICENSE
 657  
 658  Copyright (C) 2003-2007 Mark Shelor
 659  
 660  This library is free software; you can redistribute it and/or modify
 661  it under the same terms as Perl itself.
 662  
 663  L<perlartistic>
 664  
 665  =cut


Generated: Tue Mar 17 22:47:18 2015 Cross-referenced by PHPXref 0.7.1