commit eef453dcd96cf1d1bd7c9e70495ad32f97c63b43 Author: Mario Fetka Date: Tue Oct 31 15:15:02 2017 +0100 Imported Upstream version 2.13 diff --git a/Changes b/Changes new file mode 100644 index 0000000..3435753 --- /dev/null +++ b/Changes @@ -0,0 +1,587 @@ +2010-07-03 Release 2.13 + + Mike McCauley (1): + Fix memory leak in sha1_transform + + + +2009-05-23 Release 2.12 + + Gisle Aas (6): + Get rid of the old CVS ids + Avoid "redefined" error for ULONG on Win64 + Less optimizations on IRIX [RT#8999] + Clean up the 'git status' output + Mention that SHA-1 might be weak [RT#11880] + Ensure more stuff in the META.yml file [RT#40757] + + Steve Peters (1): + Quiet warnings when compiled with -Wwrite-strings [RT#31915] + + + +2006-01-18 Gisle Aas + + Release 2.11 + + Internal cleanup to avoid some compiler warnings. + + + +2004-04-05 Gisle Aas + + Release 2.10 + + Restore compatibility with perl-5.004 and perl-5.005. + + + +2004-04-01 Gisle Aas + + Release 2.09 + + The 2.08 release did not compile with a threaded debugging + perl, because assert() then needs my_perl. Fixed by commenting + out the asserts. + + + +2004-04-01 Gisle Aas + + Release 2.08 + + Enable PERL_NO_GET_CONTEXT for more more efficient execution + on a threaded perl. + + Fix up md5 references. Patch by Ville Skyttä . + + + +2003-12-05 Gisle Aas + + Release 2.07 + + Inherit add_bits() from Digest::base if available. + + + +2003-10-13 Gisle Aas + + Release 2.06 + + The sha1_transform() function did not check that it was actually + passed any arguments. + + Complete self-contained documentation included (copied from + Digest::MD5), since the Digest.pm manpage is not always available. + + + +2003-10-06 Gisle Aas + + Release 2.05 + + Added missing cast to support C++ compilation. Patch by Jan Dubois. + + Document that the sha1_base64 function and the b64digest method + does not pad their result. + + + +2003-07-22 Gisle Aas + + Release 2.04 + + Don't assume PerlIO_read() works like fread() even though + it was documented like that for perl 5.6. It returns negative + on read failure. + + Kill test #3 in t/badfile.t. I don't know a reliable way + to test read failures on a file handle. Seems better not to + test than to make many worry. + + + +2003-07-05 Gisle Aas + + Release 2.03 + + Implemented sha1_transform, required to implement NIST FIPS 186-2. + Contributed by Mike McCauley . + + Make it build on 64-bit platforms with 32-bit longs. At least + I hope it will. + + Sync up with the Digest::MD5 implementation: + - added clone method + - addfile croaks if it can't read + - the sha1*() functions warn if called as method + or with reference arguments. + + + +2002-12-27 Gisle Aas + + Release 2.02 + + Make it work when there is a mismatch between the + sizeof(BYTEORDER) and sizeof(long). Based on patch + by Allen Smith . + + Support UTF8 strings in newer versions of Perl. + + + +2001-12-30 Gisle Aas + + Release 2.01 + + Applied trivial win32 fix from Gurusamy Sarathy that + avoids stray temp files left after 'make test'. + + + +2001-03-13 Gisle Aas + + Release 2.00 + + Broken out of the Digest-MD5-2.12 distribution and made into + a separate dist. + + + +------------------------------------------------------------------- +Changes below from the Digest-MD5 dist. + + +2000-09-18 Gisle Aas + + Release 2.12 + + Avoid pointer cast warning for machines with bigger ints + than pointers. Patch by Robin Barker . + + + +2000-08-19 Gisle Aas + + Release 2.11 + + The fallback code introduced in 2.10 did only work for + perl-5.6.0. It should now for for perl5.004 and 5.005 + as well. Patch by Ville Skyttä . + + + +2000-08-18 Gisle Aas + + Release 2.10 + + Digest::MD5 will now try to fallback to the pure perl + implementation of Digest::Perl::MD5 if bootstrap fails. + + Added a bit internal paranoia about casting the IV + in the Digest::MD5 object to the MD5_CTX* pointer. + + + +1999-08-06 Gisle Aas + + Release 2.09 + + Documentation update. + + + +1999-07-28 Gisle Aas + + Release 2.08 + + The addfile() methods could trigger a core dump when passed + a filehandle that had failed to open. + + + +1999-04-26 Gisle Aas + + Release 2.07 + + The Digest::SHA1 module failed on some 64-bit systems, because I + assumed there was a correspondence between the U32 size and + BYTEORDER. This version use 'unsigned long' as Uwe's original + SHA module did. + + The module should now work better when liked statically with perl, + because we now use a safer module-loaded test in Digest.pm. + + Assume we know the outcome of the alignment test on VMS. Patch by + Chuck Lane + + + +1999-03-26 Gisle Aas + + Release 2.06 + + Avoid LONG and BYTE types in SHA.xs as they was in conflict + with similar definitions in . + + Patch by Marko Asplund to make the the alignment + test program link successfully with sfio-perl. + + Fixed a typo in MD5.xs that might have affected 64-bit systems. + Spotted by Nick Ing-Simmons + + + +1999-03-15 Gisle Aas + + Release 2.05 + + Included Digest::SHA1 based on Uwe Hollerbach's SHA module. + + + +1999-03-05 Gisle Aas + + Release 2.04 + + Avoid the -o option when compiling alignment test program + for Win32 as suggested by Gurusamy Sarathy. + + DEC Compiler bug workaround. Contributed by D Roland Walker + + + Having references to a local variable called "na" was not + very safe either. Some older versions of Perl can apparently + macroize this into something completely different. + + + +1999-02-27 Gisle Aas + + Release 2.03 + + Patch from Christopher J. Madsen that + should help getting the u32align test program to compile with + Visual C++ 5 on Windows NT. + + Got rid of references to PL_na. + + + +1999-01-31 Gisle Aas + + Release 2.02 + + Added a hints file as workaround for an IRIX compiler bug. + Contributed by D Roland Walker . + + Note that the rfc2202 test can still fail on some DEC Alpha, + because of a compiler bug that affects the perl 'x' operator. + The Digest:: modules should work and be safe to install anyway. + + + +1998-12-18 Gisle Aas + + Release 2.01 + + Some casts and tweaks to make picky compilers more happy. + + + +1998-11-04 Gisle Aas + + Release 2.00. + + Taken out Digest::SHA1 as this module will be provided from Uwe + Hollerbach later. + + Some tweaks to MD2.xs and MD5.xs since "na" disappeared in + perl5.005_53 + + + +1998-10-30 Gisle Aas + + Release 1.99_60 + + The 1.99_59 release introduced compilation problems for big-endian + systems with free U32 alignment. Bug reported, and fix suggested + by Paul J. Schinder . + + + +1998-10-28 Gisle Aas + + Release 1.99_59 + + Makefile.PL will run a test program to find out if U32 values can + be aligned anywhere. This hopefully cures the core dumps reported + on Solaris and other big endian systems. Thanks to Graham Barr for + debugging this. + + + +1998-10-28 Gisle Aas + + Release 1.99_58 + + Should be very close to a 2.00 release now. Need some success + reports from people running on big-endian machines first I think. + + Added a Digest::MD2 implementation. + + Wrote Digest.pm documentation. This define the interface that all + Digest:: modules should provide. + + Avoided some code duplication in MD5.xs + + Fixed typo, that prevented Digest::SHA1::sha1_base64() from working. + + + +1998-10-27 Gisle Aas + + Release 1.99_57 + + Rewritten most of the MD5 C code to make it real fast (especially + on little-endian machines without alignment restrictions for U32). + Compared to MD5-1.7 we can process files 4 times as fast and we + digest small stuff in memory 7 times faster. I came to these + conclusions after these tests (gcc -O2, i586, Linux): + + First tested calculation of the digest of a 31 MB file, using + perl -le 'print Digest::MD5->new->addfile(*STDIN)->hexdigest' + and similar stuff: + + MD5-1.7: 21.06s + Digest::MD5-1.99_57: 5.23s + md5sum (GNU textutils): 4.90s + + As you can see, we do nearly as good as the md5sum program. I + think the reason we don't beat md5sum is that perl always insist on + loading extra modules like Config.pm, Carp.pm, strict.pm, vars.pm, + AutoLoader.pm and DynaLoader.pm. When I simply wrapped the MD5.xs + hasher code in a C program I managed to process the file in 4.68s. + + Then we calculated the digest of the same 6 byte sting, 20000 + times: + + MD5-1.7: 11.81s + Digest::MD5-1.99_57: 1.68s + + Digest::MD5 benefit from making this into a plain procedure call + instead of a static method call. + + + Other changes in this release are: + + Documentation update + + Internal MD5.xs cleanup. + + $md5->digest will automatically reset now. + + Digest::HMAC methods add() and addfile() did not return the + correct object. + + Added Digest.pm loading module. I am not sure this is a good idea. + + Added Digest::SHA1 and Digest::HMAC_SHA1 module. The Digest::SHA1 + module is just a wrapper around SHA.pm. I hope to get the author + of SHA.pm to move his module to the Digest:: category. + + + +1998-10-25 Gisle Aas + + Release 1.99_56 + + Fix memcpy_byteswap() function in MD5.xs. Must be careful with + htovl() as it might evaluate its arguments more than once. + + + +1998-10-25 Gisle Aas + + Release 1.99_55 + + Grahams HMAC_MD5.pm splitted into two modules. Digest::HMAC and + Digest::HMAC_MD5. Also provide functional interface. Documentation + is still lacking. + + Included RFC 2202 based test for HMAC-MD5. + + + +1998-10-24 Gisle Aas + + Release 1.99_54 + + Included HMAC_MD5.pm, contributed by Graham Barr . + + I have a hard time to make up my mind :-) md5_bin() renamed back + to md5(). Functions are not exported by default any more. + + Try to Encode/Decode with memcpy_byteswap for 32-bit big-endian + machines. + + + +1998-10-23 Gisle Aas + + Release 1.99_53 + + Renamed core module as Digest::MD5. Leave a MD5.pm stub for + legacy code. + + The md5() function renamed as md5_bin(). + + The constructor, Digest::MD5->new, no longer takes any extra + arguments. + + Added some new tests. + + Updated the documentation. + + $md5->b64digest implemented with same base64 encoder as md5_base64. + + + +1998-10-23 Gisle Aas + + Release 1.99_52 + + Patch from Graham Barr which make it work for big-endian machines + again. + + + +1998-10-22 Gisle Aas + + Release 1.99_51 + + The MD5 class is now subclassable. + + The add() and addfile() methods now return $self. + + The reset() method is just an alias for new(). + + The constructor (MD5->new) now takes optional arguments which are + automatically added. It means that we can now write: + + MD5->new($data)->hexdigest; + + New $md5->b64digest method. + + New functions that are exported on request: md5, md5_hex, md5_base64 + + Included RFC 1321 + + Barely started to update the documentation. + + + +1998-10-22 Gisle Aas + + Release 1.99_50 + + Much better performance (more than twice as fast now). Mostly + because we use Copy/Zero instead of the original MD5_memcpy and + MD5_memset functions. + + The addfile() and hexdigest() methods are now XS implemented. + + All RSA functions now included in MD5.xs and made static. + + Use perl's Copy/Zero. + + Random cleanup, simplifications and reformatting. + Merged things better with the perl configuration. + + + +Neil Winton's versions below: + + +*** 96/06/20 Version 1.7 + +MD5 is now completely 64-bit clean (I hope). The basic MD5 code uses +32-bit quantities and requires a typedef UINT4 to be defined in +global.h. Perl configuration data (the value of BYTEORDER) is used to +determine if unsigned longs have 4 or 8 bytes. On 64-bit platforms (eg +DEC Alpha) then it assumes that "unsigned int" will be a 32-bit type. +If this is incorrect then adding -DUINT4_IS_LONG to the DEFINES line in +Makefile.PL will override this. + +On some machines (at least Cray that I know of) there is no 32-bit +integer type. In this case defining TRUNCATE_UINT4 (which is done +automatically for a Cray) will ensure that 64-bit values are masked +down to 32 bits. I have done my best to test this but without easy +access to a true 64-bit machine I can not totally guarantee it (unless +anyone wants to lend me a spare Cray :-) + +There is one remaining limitation for 64-bit enabled processors. The +amount of data passed to any single call to the underlying MD5 +routines is limited to (2^32 - 1) bytes -- that's 4 gigabytes. I'm +sorry if that's a real problem for you ... + +And finally, a minor compilation warning (unsigned char * used with +function having char * prototype) has also been eliminated. + +*** 96/04/09 Version 1.6 + +Re-generated module framework using h2xs to pick up the latest module +conventions for versions etc. You can now say "use MD5 1.6;" and things +should work correctly. MD5.pod has been integrated into MD5.pm and +CHANGES renamed to Changes. There is a fairly comprehensive test.pl +which can be invoked via "make test". There are no functional changes +to the MD5 routines themselves. + +*** 96/03/14 Version 1.5.3 + +Fixed addfile method to accept type-glob references for the file-handle +(eg \*STDOUT). This is more consistent with other routines and is now the +recommended way of passing file-handles. The documentation now gives more +examples as to how the routines might be used. + +*** 96/03/12 Version 1.5.2 + +Minor fixes from Christopher J Madsen to provide +support for building on OS/2 (and to work around a perl -w bug). + +Remove warning about possible difference between add('foo', 'bar') and +add('foobar'). This is not true (it may have been true in the earliest +version of the module but is no longer the case). + +*** 96/03/08 Version 1.5.1 + +Add CHANGES file to make it easier for people to figure out what has +been going on. (Meant to do this as part of 1.5) + +*** 96/03/05 Version 1.5 + +Add hash() and hexhash() methods at the suggestion/request of Gary +Howland before inclusion in a wider library +of cryptography modules. + +*** 96/02/27 Version 1.4 + +Finally fixed the pesky Solaris dynamic loading bug. All kudos to Ken +Pizzini ! + +*** 95/11/29 Version 1.3.1 + +Add explanations of current known problems. + +*** 95/06/02 Version 1.3 + +Fix problems with scope resolution in addfile() reported by +Jean-Claude Giese . Basically ARGV is +always implicitly in package main while other filehandles aren't. + +*** 95/05/23 Version 1.2.1 + +[Changes pre 1.2.1 not recorded] diff --git a/MANIFEST b/MANIFEST new file mode 100644 index 0000000..f1b42b1 --- /dev/null +++ b/MANIFEST @@ -0,0 +1,14 @@ +Changes +MANIFEST +Makefile.PL +README +SHA1.pm +SHA1.xs +fip180-1.gif +fip180-1.html +hints/irix_6.pl +t/badfile.t +t/bits.t +t/sha1.t +typemap +META.yml Module meta-data (added by MakeMaker) diff --git a/META.yml b/META.yml new file mode 100644 index 0000000..dcc308a --- /dev/null +++ b/META.yml @@ -0,0 +1,24 @@ +--- #YAML:1.0 +name: Digest-SHA1 +version: 2.13 +abstract: Perl interface to the SHA-1 algorithm +author: + - Gisle Aas +license: perl +distribution_type: module +configure_requires: + ExtUtils::MakeMaker: 0 +build_requires: + ExtUtils::MakeMaker: 0 +requires: + Digest::base: 1.00 + perl: 5.004 +no_index: + directory: + - t + - inc +generated_by: ExtUtils::MakeMaker version 6.56 +meta-spec: + url: http://module-build.sourceforge.net/META-spec-v1.4.html + version: 1.4 +repository: http://github.com/gisle/digest-sha1 diff --git a/Makefile.PL b/Makefile.PL new file mode 100644 index 0000000..ca16008 --- /dev/null +++ b/Makefile.PL @@ -0,0 +1,41 @@ +require 5.004; +use ExtUtils::MakeMaker; + +WriteMakefile( + 'NAME' => 'Digest::SHA1', + 'VERSION_FROM' => 'SHA1.pm', + 'ABSTRACT' => 'Perl interface to the SHA-1 algorithm', + 'AUTHOR' => 'Gisle Aas ', + 'LICENSE' => "perl", + 'MIN_PERL_VERSION' => 5.004, + 'PREREQ_PM' => { + 'Digest::base' => '1.00', + }, + 'META_MERGE' => { + repository => 'http://github.com/gisle/digest-sha1', + }, + 'dist' => { COMPRESS => 'gzip -9f', SUFFIX => 'gz', }, +); + + +BEGIN { + # compatibility with older versions of MakeMaker + my $developer = -f "NOTES.txt"; + my %mm_req = ( + LICENCE => 6.31, + META_MERGE => 6.45, + META_ADD => 6.45, + MIN_PERL_VERSION => 6.48, + ); + undef(*WriteMakefile); + *WriteMakefile = sub { + my %arg = @_; + for (keys %mm_req) { + unless (eval { ExtUtils::MakeMaker->VERSION($mm_req{$_}) }) { + warn "$_ $@" if $developer; + delete $arg{$_}; + } + } + ExtUtils::MakeMaker::WriteMakefile(%arg); + }; +} diff --git a/README b/README new file mode 100644 index 0000000..9642e19 --- /dev/null +++ b/README @@ -0,0 +1,14 @@ +The Digest::SHA1 module allows you to use the NIST SHA-1 message +digest algorithm from within Perl programs. The algorithm takes as +input a message of arbitrary length and produces as output a 160-bit +"fingerprint" or "message digest" of the input. + +SHA1 is described at + +You will need Perl version 5.004 or better to install this module. + +Copyright 1999-2004 Gisle Aas. +Copyright 1997 Uwe Hollerbach. + +This library is free software; you can redistribute it and/or +modify it under the same terms as Perl itself. diff --git a/SHA1.pm b/SHA1.pm new file mode 100644 index 0000000..bd2647a --- /dev/null +++ b/SHA1.pm @@ -0,0 +1,246 @@ +package Digest::SHA1; + +use strict; +use vars qw($VERSION @ISA @EXPORT_OK); + +$VERSION = '2.13'; + +require Exporter; +*import = \&Exporter::import; +@EXPORT_OK = qw(sha1 sha1_hex sha1_base64 sha1_transform); + +require DynaLoader; +@ISA=qw(DynaLoader); + +eval { + require Digest::base; + push(@ISA, 'Digest::base'); +}; +if ($@) { + my $err = $@; + *add_bits = sub { die $err }; +} + +Digest::SHA1->bootstrap($VERSION); + +1; +__END__ + +=head1 NAME + +Digest::SHA1 - Perl interface to the SHA-1 algorithm + +=head1 SYNOPSIS + + # Functional style + use Digest::SHA1 qw(sha1 sha1_hex sha1_base64); + + $digest = sha1($data); + $digest = sha1_hex($data); + $digest = sha1_base64($data); + $digest = sha1_transform($data); + + + # OO style + use Digest::SHA1; + + $sha1 = Digest::SHA1->new; + + $sha1->add($data); + $sha1->addfile(*FILE); + + $sha1_copy = $sha1->clone; + + $digest = $sha1->digest; + $digest = $sha1->hexdigest; + $digest = $sha1->b64digest; + $digest = $sha1->transform; + +=head1 DESCRIPTION + +The C module allows you to use the NIST SHA-1 message +digest algorithm from within Perl programs. The algorithm takes as +input a message of arbitrary length and produces as output a 160-bit +"fingerprint" or "message digest" of the input. + +In 2005, security flaws were identified in SHA-1, namely that a possible +mathematical weakness might exist, indicating that a stronger hash function +would be desirable. The L module implements the stronger +algorithms in the SHA family. + +The C module provide a procedural interface for simple +use, as well as an object oriented interface that can handle messages +of arbitrary length and which can read files directly. + +=head1 FUNCTIONS + +The following functions can be exported from the C +module. No functions are exported by default. + +=over 4 + +=item sha1($data,...) + +This function will concatenate all arguments, calculate the SHA-1 +digest of this "message", and return it in binary form. The returned +string will be 20 bytes long. + +The result of sha1("a", "b", "c") will be exactly the same as the +result of sha1("abc"). + +=item sha1_hex($data,...) + +Same as sha1(), but will return the digest in hexadecimal form. The +length of the returned string will be 40 and it will only contain +characters from this set: '0'..'9' and 'a'..'f'. + +=item sha1_base64($data,...) + +Same as sha1(), but will return the digest as a base64 encoded string. +The length of the returned string will be 27 and it will only contain +characters from this set: 'A'..'Z', 'a'..'z', '0'..'9', '+' and +'/'. + +Note that the base64 encoded string returned is not padded to be a +multiple of 4 bytes long. If you want interoperability with other +base64 encoded sha1 digests you might want to append the redundant +string "=" to the result. + +=item sha1_transform($data) + +Implements the basic SHA1 transform on a 64 byte block. The $data +argument and the returned $digest are in binary form. This algorithm +is used in NIST FIPS 186-2 + +=back + +=head1 METHODS + +The object oriented interface to C is described in this +section. After a C object has been created, you will add +data to it and finally ask for the digest in a suitable format. A +single object can be used to calculate multiple digests. + +The following methods are provided: + +=over 4 + +=item $sha1 = Digest::SHA1->new + +The constructor returns a new C object which encapsulate +the state of the SHA-1 message-digest algorithm. + +If called as an instance method (i.e. $sha1->new) it will just reset the +state the object to the state of a newly created object. No new +object is created in this case. + +=item $sha1->reset + +This is just an alias for $sha1->new. + +=item $sha1->clone + +This a copy of the $sha1 object. It is useful when you do not want to +destroy the digests state, but need an intermediate value of the +digest, e.g. when calculating digests iteratively on a continuous data +stream. Example: + + my $sha1 = Digest::SHA1->new; + while (<>) { + $sha1->add($_); + print "Line $.: ", $sha1->clone->hexdigest, "\n"; + } + +=item $sha1->add($data,...) + +The $data provided as argument are appended to the message we +calculate the digest for. The return value is the $sha1 object itself. + +All these lines will have the same effect on the state of the $sha1 +object: + + $sha1->add("a"); $sha1->add("b"); $sha1->add("c"); + $sha1->add("a")->add("b")->add("c"); + $sha1->add("a", "b", "c"); + $sha1->add("abc"); + +=item $sha1->addfile($io_handle) + +The $io_handle will be read until EOF and its content appended to the +message we calculate the digest for. The return value is the $sha1 +object itself. + +The addfile() method will croak() if it fails reading data for some +reason. If it croaks it is unpredictable what the state of the $sha1 +object will be in. The addfile() method might have been able to read +the file partially before it failed. It is probably wise to discard +or reset the $sha1 object if this occurs. + +In most cases you want to make sure that the $io_handle is in +C before you pass it as argument to the addfile() method. + +=item $sha1->add_bits($data, $nbits) + +=item $sha1->add_bits($bitstring) + +This implementation of SHA-1 only supports byte oriented input so you +might only add bits as multiples of 8. If you need bit level support +please consider using the C module instead. The +add_bits() method is provided here for compatibility with other digest +implementations. See L for description of the arguments that +add_bits() take. + +=item $sha1->digest + +Return the binary digest for the message. The returned string will be +20 bytes long. + +Note that the C operation is effectively a destructive, +read-once operation. Once it has been performed, the C +object is automatically C and can be used to calculate another +digest value. Call $sha1->clone->digest if you want to calculate the +digest without reseting the digest state. + +=item $sha1->hexdigest + +Same as $sha1->digest, but will return the digest in hexadecimal +form. The length of the returned string will be 40 and it will only +contain characters from this set: '0'..'9' and 'a'..'f'. + +=item $sha1->b64digest + +Same as $sha1->digest, but will return the digest as a base64 encoded +string. The length of the returned string will be 27 and it will only +contain characters from this set: 'A'..'Z', 'a'..'z', '0'..'9', '+' +and '/'. + + +The base64 encoded string returned is not padded to be a multiple of 4 +bytes long. If you want interoperability with other base64 encoded +SHA-1 digests you might want to append the string "=" to the result. + +=back + +=head1 SEE ALSO + +L, L, L, L + +http://www.itl.nist.gov/fipspubs/fip180-1.htm + +http://en.wikipedia.org/wiki/SHA_hash_functions + +=head1 COPYRIGHT + +This library is free software; you can redistribute it and/or +modify it under the same terms as Perl itself. + + Copyright 1999-2004 Gisle Aas. + Copyright 1997 Uwe Hollerbach. + +=head1 AUTHORS + +Peter C. Gutmann, +Uwe Hollerbach , +Gisle Aas + +=cut diff --git a/SHA1.xs b/SHA1.xs new file mode 100644 index 0000000..909c710 --- /dev/null +++ b/SHA1.xs @@ -0,0 +1,622 @@ +#ifdef __cplusplus +extern "C" { +#endif +#define PERL_NO_GET_CONTEXT /* we want efficiency */ +#include "EXTERN.h" +#include "perl.h" +#include "XSUB.h" +#ifdef __cplusplus +} +#endif + +#ifndef PERL_VERSION +# include +# if !(defined(PERL_VERSION) || (SUBVERSION > 0 && defined(PATCHLEVEL))) +# include +# endif +# define PERL_REVISION 5 +# define PERL_VERSION PATCHLEVEL +# define PERL_SUBVERSION SUBVERSION +#endif + +#if PERL_VERSION <= 4 && !defined(PL_dowarn) + #define PL_dowarn dowarn +#endif + +#ifdef G_WARN_ON + #define DOWARN (PL_dowarn & G_WARN_ON) +#else + #define DOWARN PL_dowarn +#endif + +#ifdef SvPVbyte + #if PERL_REVISION == 5 && PERL_VERSION < 7 + /* SvPVbyte does not work in perl-5.6.1, borrowed version for 5.7.3 */ + #undef SvPVbyte + #define SvPVbyte(sv, lp) \ + ((SvFLAGS(sv) & (SVf_POK|SVf_UTF8)) == (SVf_POK) \ + ? ((lp = SvCUR(sv)), SvPVX(sv)) : my_sv_2pvbyte(aTHX_ sv, &lp)) + + static char * + my_sv_2pvbyte(pTHX_ register SV *sv, STRLEN *lp) + { + sv_utf8_downgrade(sv,0); + return SvPV(sv,*lp); + } + #endif +#else + #define SvPVbyte SvPV +#endif + +#ifndef dTHX + #define pTHX_ + #define aTHX_ +#endif + +/* NIST Secure Hash Algorithm */ +/* heavily modified by Uwe Hollerbach */ +/* from Peter C. Gutmann's implementation as found in */ +/* Applied Cryptography by Bruce Schneier */ +/* Further modifications to include the "UNRAVEL" stuff, below */ + +/* This code is in the public domain */ + +/* Useful defines & typedefs */ + +#if defined(U64TYPE) && (defined(USE_64_BIT_INT) || ((BYTEORDER != 0x1234) && (BYTEORDER != 0x4321))) +typedef U64TYPE ULONGx; +# if BYTEORDER == 0x1234 +# undef BYTEORDER +# define BYTEORDER 0x12345678 +# elif BYTEORDER == 0x4321 +# undef BYTEORDER +# define BYTEORDER 0x87654321 +# endif +#else +typedef unsigned long ULONGx; /* 32-or-more-bit quantity */ +#endif + +#define SHA_BLOCKSIZE 64 +#define SHA_DIGESTSIZE 20 + +typedef struct { + ULONGx digest[5]; /* message digest */ + ULONGx count_lo, count_hi; /* 64-bit bit count */ + U8 data[SHA_BLOCKSIZE]; /* SHA data buffer */ + int local; /* unprocessed amount in data */ +} SHA_INFO; + + +/* UNRAVEL should be fastest & biggest */ +/* UNROLL_LOOPS should be just as big, but slightly slower */ +/* both undefined should be smallest and slowest */ + +#define SHA_VERSION 1 +#define UNRAVEL +/* #define UNROLL_LOOPS */ + +/* SHA f()-functions */ +#define f1(x,y,z) ((x & y) | (~x & z)) +#define f2(x,y,z) (x ^ y ^ z) +#define f3(x,y,z) ((x & y) | (x & z) | (y & z)) +#define f4(x,y,z) (x ^ y ^ z) + +/* SHA constants */ +#define CONST1 0x5a827999L +#define CONST2 0x6ed9eba1L +#define CONST3 0x8f1bbcdcL +#define CONST4 0xca62c1d6L + +/* truncate to 32 bits -- should be a null op on 32-bit machines */ +#define T32(x) ((x) & 0xffffffffL) + +/* 32-bit rotate */ +#define R32(x,n) T32(((x << n) | (x >> (32 - n)))) + +/* the generic case, for when the overall rotation is not unraveled */ +#define FG(n) \ + T = T32(R32(A,5) + f##n(B,C,D) + E + *WP++ + CONST##n); \ + E = D; D = C; C = R32(B,30); B = A; A = T + +/* specific cases, for when the overall rotation is unraveled */ +#define FA(n) \ + T = T32(R32(A,5) + f##n(B,C,D) + E + *WP++ + CONST##n); B = R32(B,30) + +#define FB(n) \ + E = T32(R32(T,5) + f##n(A,B,C) + D + *WP++ + CONST##n); A = R32(A,30) + +#define FC(n) \ + D = T32(R32(E,5) + f##n(T,A,B) + C + *WP++ + CONST##n); T = R32(T,30) + +#define FD(n) \ + C = T32(R32(D,5) + f##n(E,T,A) + B + *WP++ + CONST##n); E = R32(E,30) + +#define FE(n) \ + B = T32(R32(C,5) + f##n(D,E,T) + A + *WP++ + CONST##n); D = R32(D,30) + +#define FT(n) \ + A = T32(R32(B,5) + f##n(C,D,E) + T + *WP++ + CONST##n); C = R32(C,30) + + +static void sha_transform(SHA_INFO *sha_info) +{ + int i; + U8 *dp; + ULONGx T, A, B, C, D, E, W[80], *WP; + + dp = sha_info->data; + +/* +the following makes sure that at least one code block below is +traversed or an error is reported, without the necessity for nested +preprocessor if/else/endif blocks, which are a great pain in the +nether regions of the anatomy... +*/ +#undef SWAP_DONE + +#if BYTEORDER == 0x1234 +#define SWAP_DONE + /* assert(sizeof(ULONGx) == 4); */ + for (i = 0; i < 16; ++i) { + T = *((ULONGx *) dp); + dp += 4; + W[i] = ((T << 24) & 0xff000000) | ((T << 8) & 0x00ff0000) | + ((T >> 8) & 0x0000ff00) | ((T >> 24) & 0x000000ff); + } +#endif + +#if BYTEORDER == 0x4321 +#define SWAP_DONE + /* assert(sizeof(ULONGx) == 4); */ + for (i = 0; i < 16; ++i) { + T = *((ULONGx *) dp); + dp += 4; + W[i] = T32(T); + } +#endif + +#if BYTEORDER == 0x12345678 +#define SWAP_DONE + /* assert(sizeof(ULONGx) == 8); */ + for (i = 0; i < 16; i += 2) { + T = *((ULONGx *) dp); + dp += 8; + W[i] = ((T << 24) & 0xff000000) | ((T << 8) & 0x00ff0000) | + ((T >> 8) & 0x0000ff00) | ((T >> 24) & 0x000000ff); + T >>= 32; + W[i+1] = ((T << 24) & 0xff000000) | ((T << 8) & 0x00ff0000) | + ((T >> 8) & 0x0000ff00) | ((T >> 24) & 0x000000ff); + } +#endif + +#if BYTEORDER == 0x87654321 +#define SWAP_DONE + /* assert(sizeof(ULONGx) == 8); */ + for (i = 0; i < 16; i += 2) { + T = *((ULONGx *) dp); + dp += 8; + W[i] = T32(T >> 32); + W[i+1] = T32(T); + } +#endif + +#ifndef SWAP_DONE +#error Unknown byte order -- you need to add code here +#endif /* SWAP_DONE */ + + for (i = 16; i < 80; ++i) { + W[i] = W[i-3] ^ W[i-8] ^ W[i-14] ^ W[i-16]; +#if (SHA_VERSION == 1) + W[i] = R32(W[i], 1); +#endif /* SHA_VERSION */ + } + A = sha_info->digest[0]; + B = sha_info->digest[1]; + C = sha_info->digest[2]; + D = sha_info->digest[3]; + E = sha_info->digest[4]; + WP = W; +#ifdef UNRAVEL + FA(1); FB(1); FC(1); FD(1); FE(1); FT(1); FA(1); FB(1); FC(1); FD(1); + FE(1); FT(1); FA(1); FB(1); FC(1); FD(1); FE(1); FT(1); FA(1); FB(1); + FC(2); FD(2); FE(2); FT(2); FA(2); FB(2); FC(2); FD(2); FE(2); FT(2); + FA(2); FB(2); FC(2); FD(2); FE(2); FT(2); FA(2); FB(2); FC(2); FD(2); + FE(3); FT(3); FA(3); FB(3); FC(3); FD(3); FE(3); FT(3); FA(3); FB(3); + FC(3); FD(3); FE(3); FT(3); FA(3); FB(3); FC(3); FD(3); FE(3); FT(3); + FA(4); FB(4); FC(4); FD(4); FE(4); FT(4); FA(4); FB(4); FC(4); FD(4); + FE(4); FT(4); FA(4); FB(4); FC(4); FD(4); FE(4); FT(4); FA(4); FB(4); + sha_info->digest[0] = T32(sha_info->digest[0] + E); + sha_info->digest[1] = T32(sha_info->digest[1] + T); + sha_info->digest[2] = T32(sha_info->digest[2] + A); + sha_info->digest[3] = T32(sha_info->digest[3] + B); + sha_info->digest[4] = T32(sha_info->digest[4] + C); +#else /* !UNRAVEL */ +#ifdef UNROLL_LOOPS + FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); + FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); + FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); + FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); + FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); + FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); + FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); + FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); +#else /* !UNROLL_LOOPS */ + for (i = 0; i < 20; ++i) { FG(1); } + for (i = 20; i < 40; ++i) { FG(2); } + for (i = 40; i < 60; ++i) { FG(3); } + for (i = 60; i < 80; ++i) { FG(4); } +#endif /* !UNROLL_LOOPS */ + sha_info->digest[0] = T32(sha_info->digest[0] + A); + sha_info->digest[1] = T32(sha_info->digest[1] + B); + sha_info->digest[2] = T32(sha_info->digest[2] + C); + sha_info->digest[3] = T32(sha_info->digest[3] + D); + sha_info->digest[4] = T32(sha_info->digest[4] + E); +#endif /* !UNRAVEL */ +} + +/* initialize the SHA digest */ + +static void sha_init(SHA_INFO *sha_info) +{ + sha_info->digest[0] = 0x67452301L; + sha_info->digest[1] = 0xefcdab89L; + sha_info->digest[2] = 0x98badcfeL; + sha_info->digest[3] = 0x10325476L; + sha_info->digest[4] = 0xc3d2e1f0L; + sha_info->count_lo = 0L; + sha_info->count_hi = 0L; + sha_info->local = 0; +} + +/* update the SHA digest */ + +static void sha_update(SHA_INFO *sha_info, U8 *buffer, int count) +{ + int i; + ULONGx clo; + + clo = T32(sha_info->count_lo + ((ULONGx) count << 3)); + if (clo < sha_info->count_lo) { + ++sha_info->count_hi; + } + sha_info->count_lo = clo; + sha_info->count_hi += (ULONGx) count >> 29; + if (sha_info->local) { + i = SHA_BLOCKSIZE - sha_info->local; + if (i > count) { + i = count; + } + memcpy(((U8 *) sha_info->data) + sha_info->local, buffer, i); + count -= i; + buffer += i; + sha_info->local += i; + if (sha_info->local == SHA_BLOCKSIZE) { + sha_transform(sha_info); + } else { + return; + } + } + while (count >= SHA_BLOCKSIZE) { + memcpy(sha_info->data, buffer, SHA_BLOCKSIZE); + buffer += SHA_BLOCKSIZE; + count -= SHA_BLOCKSIZE; + sha_transform(sha_info); + } + memcpy(sha_info->data, buffer, count); + sha_info->local = count; +} + + +static void sha_transform_and_copy(unsigned char digest[20], SHA_INFO *sha_info) +{ + sha_transform(sha_info); + digest[ 0] = (unsigned char) ((sha_info->digest[0] >> 24) & 0xff); + digest[ 1] = (unsigned char) ((sha_info->digest[0] >> 16) & 0xff); + digest[ 2] = (unsigned char) ((sha_info->digest[0] >> 8) & 0xff); + digest[ 3] = (unsigned char) ((sha_info->digest[0] ) & 0xff); + digest[ 4] = (unsigned char) ((sha_info->digest[1] >> 24) & 0xff); + digest[ 5] = (unsigned char) ((sha_info->digest[1] >> 16) & 0xff); + digest[ 6] = (unsigned char) ((sha_info->digest[1] >> 8) & 0xff); + digest[ 7] = (unsigned char) ((sha_info->digest[1] ) & 0xff); + digest[ 8] = (unsigned char) ((sha_info->digest[2] >> 24) & 0xff); + digest[ 9] = (unsigned char) ((sha_info->digest[2] >> 16) & 0xff); + digest[10] = (unsigned char) ((sha_info->digest[2] >> 8) & 0xff); + digest[11] = (unsigned char) ((sha_info->digest[2] ) & 0xff); + digest[12] = (unsigned char) ((sha_info->digest[3] >> 24) & 0xff); + digest[13] = (unsigned char) ((sha_info->digest[3] >> 16) & 0xff); + digest[14] = (unsigned char) ((sha_info->digest[3] >> 8) & 0xff); + digest[15] = (unsigned char) ((sha_info->digest[3] ) & 0xff); + digest[16] = (unsigned char) ((sha_info->digest[4] >> 24) & 0xff); + digest[17] = (unsigned char) ((sha_info->digest[4] >> 16) & 0xff); + digest[18] = (unsigned char) ((sha_info->digest[4] >> 8) & 0xff); + digest[19] = (unsigned char) ((sha_info->digest[4] ) & 0xff); +} + +/* finish computing the SHA digest */ +static void sha_final(unsigned char digest[20], SHA_INFO *sha_info) +{ + int count; + ULONGx lo_bit_count, hi_bit_count; + + lo_bit_count = sha_info->count_lo; + hi_bit_count = sha_info->count_hi; + count = (int) ((lo_bit_count >> 3) & 0x3f); + ((U8 *) sha_info->data)[count++] = 0x80; + if (count > SHA_BLOCKSIZE - 8) { + memset(((U8 *) sha_info->data) + count, 0, SHA_BLOCKSIZE - count); + sha_transform(sha_info); + memset((U8 *) sha_info->data, 0, SHA_BLOCKSIZE - 8); + } else { + memset(((U8 *) sha_info->data) + count, 0, + SHA_BLOCKSIZE - 8 - count); + } + sha_info->data[56] = (U8)((hi_bit_count >> 24) & 0xff); + sha_info->data[57] = (U8)((hi_bit_count >> 16) & 0xff); + sha_info->data[58] = (U8)((hi_bit_count >> 8) & 0xff); + sha_info->data[59] = (U8)((hi_bit_count >> 0) & 0xff); + sha_info->data[60] = (U8)((lo_bit_count >> 24) & 0xff); + sha_info->data[61] = (U8)((lo_bit_count >> 16) & 0xff); + sha_info->data[62] = (U8)((lo_bit_count >> 8) & 0xff); + sha_info->data[63] = (U8)((lo_bit_count >> 0) & 0xff); + sha_transform_and_copy(digest, sha_info); +} + + + + + +/*----------------------------------------------------------------*/ +#ifndef INT2PTR +#define INT2PTR(any,d) (any)(d) +#endif + +static SHA_INFO* get_sha_info(pTHX_ SV* sv) +{ + if (sv_derived_from(sv, "Digest::SHA1")) + return INT2PTR(SHA_INFO*, SvIV(SvRV(sv))); + croak("Not a reference to a Digest::SHA1 object"); + return (SHA_INFO*)0; /* some compilers insist on a return value */ +} + + +static char* hex_20(const unsigned char* from, char* to) +{ + static const char *hexdigits = "0123456789abcdef"; + const unsigned char *end = from + 20; + char *d = to; + + while (from < end) { + *d++ = hexdigits[(*from >> 4)]; + *d++ = hexdigits[(*from & 0x0F)]; + from++; + } + *d = '\0'; + return to; +} + +static char* base64_20(const unsigned char* from, char* to) +{ + static const char* base64 = + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; + const unsigned char *end = from + 20; + unsigned char c1, c2, c3; + char *d = to; + + while (1) { + c1 = *from++; + c2 = *from++; + *d++ = base64[c1>>2]; + *d++ = base64[((c1 & 0x3) << 4) | ((c2 & 0xF0) >> 4)]; + if (from == end) { + *d++ = base64[(c2 & 0xF) << 2]; + break; + } + c3 = *from++; + *d++ = base64[((c2 & 0xF) << 2) | ((c3 & 0xC0) >>6)]; + *d++ = base64[c3 & 0x3F]; + } + *d = '\0'; + return to; +} + +/* Formats */ +#define F_BIN 0 +#define F_HEX 1 +#define F_B64 2 + +static SV* make_mortal_sv(pTHX_ const unsigned char *src, int type) +{ + STRLEN len; + char result[41]; + char *ret; + + switch (type) { + case F_BIN: + ret = (char*)src; + len = 20; + break; + case F_HEX: + ret = hex_20(src, result); + len = 40; + break; + case F_B64: + ret = base64_20(src, result); + len = 27; + break; + default: + croak("Bad convertion type (%d)", type); + break; + } + return sv_2mortal(newSVpv(ret,len)); +} + + +/********************************************************************/ + +typedef PerlIO* InputStream; + +MODULE = Digest::SHA1 PACKAGE = Digest::SHA1 + +PROTOTYPES: DISABLE + +void +new(xclass) + SV* xclass + PREINIT: + SHA_INFO* context; + PPCODE: + if (!SvROK(xclass)) { + STRLEN my_na; + char *sclass = SvPV(xclass, my_na); + New(55, context, 1, SHA_INFO); + ST(0) = sv_newmortal(); + sv_setref_pv(ST(0), sclass, (void*)context); + SvREADONLY_on(SvRV(ST(0))); + } else { + context = get_sha_info(aTHX_ xclass); + } + sha_init(context); + XSRETURN(1); + +void +clone(self) + SV* self + PREINIT: + SHA_INFO* cont = get_sha_info(aTHX_ self); + const char *myname = sv_reftype(SvRV(self),TRUE); + SHA_INFO* context; + PPCODE: + New(55, context, 1, SHA_INFO); + ST(0) = sv_newmortal(); + sv_setref_pv(ST(0), myname , (void*)context); + SvREADONLY_on(SvRV(ST(0))); + memcpy(context,cont,sizeof(SHA_INFO)); + XSRETURN(1); + +void +DESTROY(context) + SHA_INFO* context + CODE: + Safefree(context); + +void +add(self, ...) + SV* self + PREINIT: + SHA_INFO* context = get_sha_info(aTHX_ self); + int i; + unsigned char *data; + STRLEN len; + PPCODE: + for (i = 1; i < items; i++) { + data = (unsigned char *)(SvPVbyte(ST(i), len)); + sha_update(context, data, len); + } + XSRETURN(1); /* self */ + +void +addfile(self, fh) + SV* self + InputStream fh + PREINIT: + SHA_INFO* context = get_sha_info(aTHX_ self); + unsigned char buffer[4096]; + int n; + CODE: + if (fh) { + /* Process blocks until EOF or error */ + while ( (n = PerlIO_read(fh, buffer, sizeof(buffer))) > 0) { + sha_update(context, buffer, n); + } + if (PerlIO_error(fh)) { + croak("Reading from filehandle failed"); + } + } + else { + croak("No filehandle passed"); + } + + XSRETURN(1); /* self */ + +void +digest(context) + SHA_INFO* context + ALIAS: + Digest::SHA1::digest = F_BIN + Digest::SHA1::hexdigest = F_HEX + Digest::SHA1::b64digest = F_B64 + PREINIT: + unsigned char digeststr[20]; + PPCODE: + sha_final(digeststr, context); + sha_init(context); /* In case it is reused */ + ST(0) = make_mortal_sv(aTHX_ digeststr, ix); + XSRETURN(1); + +void +sha1(...) + ALIAS: + Digest::SHA1::sha1 = F_BIN + Digest::SHA1::sha1_hex = F_HEX + Digest::SHA1::sha1_base64 = F_B64 + PREINIT: + SHA_INFO ctx; + int i; + unsigned char *data; + STRLEN len; + unsigned char digeststr[20]; + PPCODE: + sha_init(&ctx); + + if (DOWARN) { + const char *msg = 0; + if (items == 1) { + if (SvROK(ST(0))) { + SV* sv = SvRV(ST(0)); + if (SvOBJECT(sv) && strEQ(HvNAME(SvSTASH(sv)), "Digest::SHA1")) + msg = "probably called as method"; + else + msg = "called with reference argument"; + } + } + else if (items > 1) { + data = (unsigned char *)SvPVbyte(ST(0), len); + if (len == 12 && memEQ("Digest::SHA1", data, 12)) { + msg = "probably called as class method"; + } + } + if (msg) { + const char *f = (ix == F_BIN) ? "sha1" : + (ix == F_HEX) ? "sha1_hex" : "sha1_base64"; + warn("&Digest::SHA1::%s function %s", f, msg); + } + } + + for (i = 0; i < items; i++) { + data = (unsigned char *)(SvPVbyte(ST(i), len)); + sha_update(&ctx, data, len); + } + sha_final(digeststr, &ctx); + ST(0) = make_mortal_sv(aTHX_ digeststr, ix); + XSRETURN(1); + +void +sha1_transform(data) + SV* data + PREINIT: + SHA_INFO ctx; + unsigned char *data_pv; + unsigned char test[64]; + STRLEN len; + unsigned char digeststr[20]; + PPCODE: + sha_init(&ctx); + + memset (test, 0, 64); + data_pv = (unsigned char *)(SvPVbyte(data, len)); + memcpy (test, data_pv, len); + memcpy ((&ctx)->data, test, 64); + sha_transform_and_copy(digeststr, &ctx); + ST(0) = sv_2mortal(newSVpv((char*)digeststr, 20)); + XSRETURN(1); + diff --git a/fip180-1.gif b/fip180-1.gif new file mode 100644 index 0000000..b0e0f18 Binary files /dev/null and b/fip180-1.gif differ diff --git a/fip180-1.html b/fip180-1.html new file mode 100644 index 0000000..f6c9af8 --- /dev/null +++ b/fip180-1.html @@ -0,0 +1,1035 @@ +FIPS 180-1 - Secure Hash Standard + + +FIPS PUB 180-1
+Supersedes FIPS PUB 180
+1993 May 11

+ +

Federal Information
+Processing Standards Publication 180-1
+
+1995 April 17
+
Announcing the Standard for
 +
+

SECURE HASH STANDARD

+ +(The Foreword, Abstract, and +Key Words
can be found at the end of this document.)
+ +
+Federal Information Processing Standards Publications (FIPS PUBS) +are issued by the National Institute of Standards and Technology after +approval by the Secretary of Commerce pursuant to Section 111(d) of the +Federal Property and Administrative Services Act of 1949, as amended by the +Computer Security Act of 1987, Public Law 100-235.
+

+Name of Standard: Secure Hash Standard. +

+Category of Standard: Computer Security. +

+Explanation: This Standard specifies a Secure Hash Algorithm, +SHA-1, for computing a condensed representation of a message or a data file. +When a message of any length < 264 bits is +input, the SHA-1 produces a 160-bit output called a message digest. The +message digest can then be input to the Digital Signature Algorithm (DSA) +which generates or verifies the signature for the message. Signing the +message +digest rather than the message often improves the efficiency of the process +because the message digest is usually much smaller in size than the message. +The same hash algorithm must be used by the verifier of a digital signature as +was used by the creator of the digital signature. +

+The SHA-1 is called secure because it is computationally infeasible to find +a message which corresponds to a given message digest, or to find two +different messages which produce the same message digest. Any change to a +message in transit will, with very high probability, result in a different +message digest, and the signature will fail to verify. SHA-1 is a technical +revision of SHA (FIPS 180). A circular left shift operation has been added +to the specifications in section 7, line b, page 9 of FIPS 180 and its +equivalent in section 8, line c, page 10 of FIPS 180. This revision improves +the security provided by this standard. The SHA-1 is based on principles +similar to those used by Professor Ronald L. Rivest of MIT when designing +the MD4 message digest algorithm ("The MD4 Message Digest Algorithm," +Advances in Cryptology - CRYPTO '90 Proceedings, Springer-Verlag, 1991, +pp. 303-311), and is closely modelled after that algorithm. +
+

+Figure 1: Using the SHA-1 with the DSA


+Approving Authority: Secretary of Commerce. +

+Maintenance Agency: U.S. Department of Commerce, National +Institute of Standards and Technology, Computer Systems Laboratory. +

+Applicability: This standard is applicable to all Federal departments +and agencies for the protection of unclassified information that is not subject +to section 2315 of Title 10, United States Code, or section 3502(2) of Title +44, United States Code. This standard is required for use with the Digital +Signature Algorithm (DSA) as specified in the Digital Signature Standard +(DSS) and whenever a secure hash algorithm is required for Federal applica- +tions. Private and commercial organizations are encouraged to adopt and use +this standard. +

+Applications: The SHA-1 may be used with the DSA in electronic +mail, electronic funds transfer, software distribution, data storage, and other +applications which require data integrity assurance and data origin +authentication. The SHA-1 may also be used whenever it is necessary to +generate a condensed version of a message. +

+Implementations: The SHA-1 may be implemented in software, +firmware, hardware, or any combination thereof. Only implementations of +the +SHA-1 that are validated by NIST will be considered as complying with this +standard. Information about the requirements for validating +implementations +of this standard can be obtained from the National Institute of Standards +and Technology, Computer Systems Laboratory, Attn: SHS Validation, +Gaithersburg, MD 20899. +

+Export Control: Implementations of this standard are subject to +FederalGovernment export controls as specified in Title 15, Code of Federal +Regulations, Parts 768 through 799. Exporters are advised to contact the +Department of Commerce, Bureau of Export Administration for more +information. +

+Patents: Implementations of the SHA-1 in this standard may be +covered by U.S. and foreign patents. +

+Implementation Schedule: This standard becomes effective October +2, 1995. +

+Specifications: Federal Information Processing Standard (FIPS +180-1) Secure Hash Standard (affixed). +

+Cross Index: +
+
a. FIPS PUB 46-2, Data Encryption Standard. +

+
b. FIPS PUB 73, Guidelines for Security of Computer Applications. +

+
c. FIPS PUB 140-1, Security Requirements for Cryptographic Modules. +

+
d. FIPS PUB 186, Digital Signature Standard. +

+
e. Federal Informations Resources Management Regulations (FIRMR) +subpart 201.20.303, Standards, and subpart 201.39.1002, Federal Standards. +

+Objectives: The objectives of this standard are to: +
+
a. Specify the secure hash algorithm required for use with the Digital + Signature Standard (FIPS 186) in the generation and verification of + digital signatures; +

+
b. Specify the secure hash algorithm to be used whenever a secure hash + algorithm is required for Federal applications; and

+ +
c. Encourage the adoption and use of the specified secure hash algorithm + by private and commercial organizations. +

+Qualifications: While it is the intent of this standard to specify a +secure hash algorithm, conformance to this standard does not assure that a +particular implementation is secure. The responsible authority in each agency +or department shall assure that an overall implementation provides an +acceptable level of security. This standard will be reviewed every five years in +order to assess its adequacy. +

+Waiver Procedure: Under certain exceptional circumstances, the +heads of Federal departments and agencies may approve waivers to Federal +Information Processing Standards (FIPS). The head of such agency may +redelegate such authority only to a senior official designated pursuant to +section 3506(b) of Title 44, United States Code. Waiver shall be granted only +when: +
+
a. Compliance with a standard would adversely affect the +accomplishment of the mission of an operator of a Federal computer system; +or

+
b. Compliance with a standard would cause a major adverse financial +impact on the operator which is not offset by Government-wide savings. +
+Agency heads may act upon a written waiver request containing the +information detailed above. Agency heads may also act without a written +waiver request when they determine that conditions for meeting the standard +cannot be met. Agency heads may approve waivers only by a written decision +which explains the basis on which the agency head made the required +finding(s). A copy of each decision, with procurement sensitive or classified +portions clearly identified, shall be sent to: National Institute of Standards +and +Technology; ATTN: FIPS Waiver Decisions, Technology Building, Room +B-154, Gaithersburg, MD 20899. +

+In addition, notice of each waiver granted and each delegation of authority +to approve waivers shall be sent promptly to the Committee on Government +Operations of the House of Representatives and the Committee on +Government Affairs of the Senate and shall be published promptly in the +Federal Register. +

+When the determination on a waiver applies to the procurement of equipment +and/or services, a notice of the waiver determination must be published in +the Commerce Business Daily as a part of the notice of solicitation for +offers of an acquisition or, if the waiver determination is made after that +notice is published, by amendment to such notice. +

+A copy of the waiver, any supporting documents, the document approving the +waiver and any accompanying documents, with such deletions as the agency is +authorized and decides to make under 5 United States Code Section 552(b), +shall be part of the procurement documentation and retained by the agency. +

+Where to Obtain Copies of the Standard: Copies of this publication +are for sale by the National Technical Information Service, U.S. Department +of +Commerce, Springfield, VA 22161. When ordering, refer to Federal +Information Processing Standards Publication 180-1 (FIPSPUB180-1), and +identify the title. When microfiche is desired, this should be specified. Prices +are published by NTIS in current catalogs and other issuances. Payment may +be made by check, money order, deposit account or charged to a credit card +accepted by NTIS.

+
+FIPS PUB 180-1
+Supersedes FIPS PUB 180
+1993 May 11
+

+

Federal Information
+Processing Standards Publication 180-1

+1995 April 17
+
Specifications for
 +
+

SECURE HASH STANDARD

+

+
1. INTRODUCTION
+

+The Secure Hash Algorithm (SHA-1) is required for use with the Digital +Signature Algorithm (DSA) as specified in the Digital Signature Standard +(DSS) and whenever a secure hash algorithm is required for federal applica- +tions. For a message of length < 2^64 bits, the SHA-1 produces a 160-bit +condensed representation of the message called a message digest. The +message +digest is used during generation of a signature for the message. The SHA-1 +is also used to compute a message digest for the received version of the +message during the process of verifying the signature. Any change to the +message in transit will, with very high probability, result in a different +message digest, and the signature will fail to verify. +

+The SHA-1 is designed to have the following properties: it is computationally +infeasible to find a message which corresponds to a given message digest, or +to find two different messages which produce the same message digest. +

+
2. BIT STRINGS AND INTEGERS
+

+The following terminology related to bit strings and integers will be used: +
+
a. A hex digit is an element of the set {0, 1, ... , 9, A, ... , F}. A hex digit +is the representation of a 4-bit string. Examples: 7 = 0111, A = 1010. +

+
b. A word equals a 32-bit string which may be represented as a sequence +of 8 hex digits. To convert a word to 8 hex digits each 4-bit string is converted +to its hex equivalent as described in (a) above. Example:

+
+ 1010 0001 0000 0011 1111 1110 0010 0011 = A103FE23. +

+
c. An integer between 0 and 232 - 1 +inclusive may be represented as a word. The least significant four bits of the +integer are represented by the +right-most hex digit of the word representation. Example: the +integer +291 = 28+25+21+20 = 256+32+2+1 is represented by the hex word, +00000123. +

+
If z is an integer, 0 <= z < 264, then z = +232x + y where + 0 <= x < 232 and 0 <= y < 232. Since x and y can be represented as + words X and Y, respectively, z can be represented as the pair of words + (X,Y). +

+
d. block = 512-bit string. A block (e.g., B) may be represented as a + sequence of 16 words.

+
3. OPERATIONS ON WORDS
+

+The following logical operators will be applied to words: +
+
a. Bitwise logical word operations +
 
+X ^ Y         =  bitwise logical "and" of  X and Y.
+
+X \/ Y        =  bitwise logical "inclusive-or" of X and Y.
+    
+X XOR Y       =  bitwise logical "exclusive-or" of X and Y.
+
+~ X           =  bitwise logical "complement" of X.
+

+
Example: +
+            01101100101110011101001001111011
+      XOR   01100101110000010110100110110111
+            --------------------------------
+        =   00001001011110001011101111001100
+
+
b. The operation X + Y is defined as follows: words X and Y represent + integers x and y, where 0 <= x < 232 and +0 +<= y < 232. For positive + integers n and m, let n mod m be the remainder upon dividing n by m. + Compute +
+
z = (x + y) mod 232. +

+
Then 0 <= z < 232. Convert z to a +word, Z, and define Z = X + Y. +

+
c. The circular left shift operation Sn(X), where X is a word and n is an + integer with 0 <= n 32, is defined by +
+
Sn(X) = (X << n) OR (X >> 32-n). +

+
In the above, X << n is obtained as follows: discard the left-most n + bits of X and then pad the result with n zeroes on the right (the result + will still be 32 bits). X >> n is obtained by discarding the right-most + n bits of X and then padding the result with n zeroes on the left. Thus + Sn(X) is equivalent to a circular shift of +X +by n positions to the left.

+ +
4. MESSAGE PADDING
+

+The SHA-1 is used to compute a message digest for a message or data file that +is provided as input. The message or data file should be considered to be a +bit string. The length of the message is the number of bits in the message +(the empty message has length 0). If the number of bits in a message is a +multiple of 8, for compactness we can represent the message in hex. The +purpose of message padding is to make the total length of a padded message a +multiple of 512. The SHA-1 sequentially processes blocks of 512 bits when +computing the message digest. The following specifies how this padding shall +be performed. As a summary, a "1" followed by m "0"s followed by a 64-bit +integer are appended to the end of the message to produce a padded message +of length 512 * n. The 64-bit integer is l, the length of the original message. +The padded message is then processed by the SHA-1 as n 512-bit blocks. +

+Suppose a message has length l < 264. +Before it is input to the SHA-1, the +message is padded on the right as follows: +
+
a. "1" is appended. Example: if the original message is +"01010000", this is padded to "010100001". +

+
b. "0"s are appended. The number of "0"s will depend on the original +length of the message. The last 64 bits of the last 512-bit block are reserved +for the length l of the original message. +
+
Example: Suppose the original message is the bit string
+ +
01100001 01100010 01100011 01100100 01100101.
+
+
After step (a) this gives +
+
01100001 01100010 01100011 01100100 01100101 1.
+

+
Since l = 40, the number of bits in the above is 41 and 407 "0"s are + appended, making the total now 448. This gives (in hex) +
+
61626364 65800000 00000000 00000000 +
00000000 00000000 00000000 00000000 +
00000000 00000000 00000000 00000000 +
00000000 00000000. +

+
c. Obtain the 2-word representation of l, the number of bits in the +original message. If l < 232 then the first +word is all zeroes. Append these two words to the padded message. +
+
Example: Suppose the original message is as in (b). Then l = 40 +(note that l is computed before any padding). The two-word representation of +40 is hex 00000000 00000028. Hence the final padded message is hex +
+
61626364 65800000 00000000 00000000 +
00000000 00000000 00000000 00000000 +
00000000 00000000 00000000 00000000 +
00000000 00000000 00000000 00000028. +

+The padded message will contain 16 * n words for some n > 0. The padded +message is regarded as a sequence of n blocks M1 , M2, ... , +Mn, where +each Mi contains 16 words and +M1 contains the first characters (or bits) +of the message.

+
5. FUNCTIONS USED
+

+A sequence of logical functions f0, +f1,..., f79 +is +used in the SHA-1. +Each ft, 0 <= t <= 79, operates on three +32-bit words B, C, D and produces +a 32-bit word as output. ft(B,C,D) is defined +as follows: +for words B, C, D,
+ +
ft(B,C,D) = (B AND C) OR ((NOT B) +AND D) ( 0 <= t <= 19) +

+
ft(B,C,D) = B XOR C XOR D + + (20 <= t <= 39) +

+
ft(B,C,D) = (B AND C) OR (B AND +D) +OR (C AND D) (40 <= t <= 59) +

+
ft(B,C,D) = B XOR C XOR D + + (60 <= t <= 79). +

+
6. CONSTANTS USED
+

+ A sequence of constant words K(0), K(1), ... , K(79) is used in the SHA-1. +In hex these are given by +
+
K = 5A827999 ( 0 <= t <= 19) +

+
Kt = 6ED9EBA1 (20 <= t <= 39) +

+
Kt = 8F1BBCDC (40 <= t <= 59) +

+
Kt = CA62C1D6 (60 <= t <= 79). +

+
7. COMPUTING THE MESSAGE DIGEST
+

+ The message digest is computed using the final padded message. The +computation uses two buffers, each consisting of five 32-bit words, and a +sequence of eighty 32-bit words. The words of the first 5-word buffer are +labeled A,B,C,D,E. The words of the second 5-word buffer are labeled +H0, H1, +H2, H3, +H4. The words of the 80-word sequence are +labeled W0, W1,..., +W79. A single word buffer TEMP is also +employed. +

+ To generate the message digest, the 16-word blocks M1, M2,..., +Mn +defined in Section 4 are processed in order. The processing of each +Mi +involves 80 steps. +

+ Before processing any blocks, the {Hi} are +initialized as follows: in hex, +
+
H0 = 67452301 +

+
H1 = EFCDAB89 +

+
H2 = 98BADCFE +

+
H3 = 10325476 +

+
H4 = C3D2E1F0. +

+ Now M1, M2, ... , Mn are +processed. To process Mi, we proceed as +follows: +
+
a. Divide Mi into 16 words +W0, W1, +... +, W15, where W0 is the left-most word. +

+
b. For t = 16 to 79 let Wt = +S1(Wt-3 XOR +Wt-8 XOR Wt- +14 XOR Wt-16). +

+
c. Let A = H0, B = H1, C = H2, D = +H3, E = H4.

+
d. For t = 0 to 79 do +
+
TEMP = S5(A) + ft(B,C,D) + E + Wt + +Kt; +

+
E = D; D = C; C = S30(B); B = A; A = +TEMP; +

+
e. Let H0 = H0 + A, H1 = +H1 + B, H2 += H2 + C, H3 = H3 + D, +H4 = H4 + +E. +

+ After processing Mn, the message digest is +the 160-bit string +represented by the 5 words +
+
H0 H1 H2 H3 H4. +

+
8. ALTERNATE METHOD OF COMPUTATION +


+ The above assumes that the sequence W0, +... , W79 is implemented +as an array of eighty 32-bit words. This is efficient from the standpoint +of minimization of execution time, since the addresses of Wt-3, ... ,Wt-16 +in step (b) are easily computed. If space is at a premium, an alternative is +to regard { Wt } as a circular queue, which +may be implemented using an +array of sixteen 32-bit words W[0], ... W[15]. In this case, in hex let +MASK = 0000000F. Then processing of Mi +is as follows: +
+
a. Divide Mi into 16 words W[0], ... , +W[15], where W[0] is the + left-most word. +

+
b. Let A = H0, B = H1, C = H2, D = +H3, E = H4. +

+
c. For t = 0 to 79 do +
+
s = t ^ MASK; +

+
if (t >= 16) W[s] = S1(W[(s + 13) ^ +MASK] XOR W[(s + 8) AND MASK] +XOR W[(s + 2) ^ MASK] XOR W[s]); +

+
TEMP = S5(A) + ft(B,C,D) + E + W[s] + Kt; +

+
E = D; D = C; C = S30(B); B = A; A = +TEMP; +

+
d. Let H0 = H0 + A, H1 = +H1 + B, H2 += H2 + C, H3 = H3 + D, +H4 = H4 + +E. +

+
9. COMPARISON OF METHODS
+

+The methods of Sections 7 and 8 yield the same message digest. Although +using the method of Section 8 saves sixty-four 32-bit words of storage, it +is likely to lengthen execution time due to the increased complexity of the +address computations for the { W[t] } in step (c). Other computation methods +which give identical results may be implemented in conformance with the +standard. +

+
APPENDIX A. A SAMPLE MESSAGE AND ITS MESSAGE +DIGEST
+

+This appendix is for informational purposes only and is not required to meet +the standard. +

+Let the message be the ASCII binary-coded form of "abc", i.e., +
+
01100001 01100010 01100011. +

+This message has length l = 24. In step (a) of Section 4, we append "1". In +step (b) we append 423 "0"s. In step (c) we append hex 00000000 00000018, +the 2-word representation of 24. Thus the final padded message consists of +one block, so that n = 1 in the notation of Section 4. +

+The initial hex values of {Hi} are +

+H0 = 67452301 +
+H1 = EFCDAB89 +
+H2 = 98BADCFE +
+H3 = 10325476 +
+H4 = C3D2E1F0. +

+Start processing block 1. The words of block 1 are +

+W[0] = 61626380
+W[1] = 00000000
+W[2] = 00000000
+W[3] = 00000000
+W[4] = 00000000
+W[5] = 00000000
+W[6] = 00000000
+W[7] = 00000000
+W[8] = 00000000
+W[9] = 00000000
+W[10] = 00000000
+W[11] = 00000000
+W[12] = 00000000
+W[13] = 00000000
+W[14] = 00000000
+W[15] = 00000018. +

+The hex values of A,B,C,D,E after pass t of the "for t = 0 to 79" loop +(step (d) of Section 7 or step (c) of Section 8) are
+       
+            A           B           C           D           E
+
+t =  0: 0116FC33    67452301    7BF36AE2    98BADCFE    10325476
+t =  1: 8990536D    0116FC33    59D148C0    7BF36AE2    98BADCFE
+t =  2: A1390F08    8990536D    C045BF0C    59D148C0    7BF36AE2
+t =  3: CDD8E11B    A1390F08    626414DB    C045BF0C    59D148C0
+t =  4: CFD499DE    CDD8E11B    284E43C2    626414DB    C045BF0C
+t =  5: 3FC7CA40    CFD499DE    F3763846    284E43C2    626414DB
+t =  6: 993E30C1    3FC7CA40    B3F52677    F3763846    284E43C2
+t =  7: 9E8C07D4    993E30C1    0FF1F290    B3F52677    F3763846
+t =  8: 4B6AE328    9E8C07D4    664F8C30    0FF1F290    B3F52677
+t =  9: 8351F929    4B6AE328    27A301F5    664F8C30    0FF1F290
+t = 10: FBDA9E89    8351F929    12DAB8CA    27A301F5    664F8C30
+t = 11: 63188FE4    FBDA9E89    60D47E4A    12DAB8CA    27A301F5
+t = 12: 4607B664    63188FE4    7EF6A7A2    60D47E4A    12DAB8CA
+t = 13: 9128F695    4607B664    18C623F9    7EF6A7A2    60D47E4A
+t = 14: 196BEE77    9128F695    1181ED99    18C623F9    7EF6A7A2
+t = 15: 20BDD62F    196BEE77    644A3DA5    1181ED99    18C623F9
+t = 16: 4E925823    20BDD62F    C65AFB9D    644A3DA5    1181ED99
+t = 17: 82AA6728    4E925823    C82F758B    C65AFB9D    644A3DA5
+t = 18: DC64901D    82AA6728    D3A49608    C82F758B    C65AFB9D
+t = 19: FD9E1D7D    DC64901D    20AA99CA    D3A49608    C82F758B
+t = 20: 1A37B0CA    FD9E1D7D    77192407    20AA99CA    D3A49608
+t = 21: 33A23BFC    1A37B0CA    7F67875F    77192407    20AA99CA
+t = 22: 21283486    33A23BFC    868DEC32    7F67875F    77192407
+t = 23: D541F12D    21283486    0CE88EFF    868DEC32    7F67875F
+t = 24: C7567DC6    D541F12D    884A0D21    0CE88EFF    868DEC32
+t = 25: 48413BA4    C7567DC6    75507C4B    884A0D21    0CE88EFF
+t = 26: BE35FBD5    48413BA4    B1D59F71    75507C4B    884A0D21
+t = 27: 4AA84D97    BE35FBD5    12104EE9    B1D59F71    75507C4B
+t = 28: 8370B52E    4AA84D97    6F8D7EF5    12104EE9    B1D59F71
+t = 29: C5FBAF5D    8370B52E    D2AA1365    6F8D7EF5    12104EE9
+t = 30: 1267B407    C5FBAF5D    A0DC2D4B    D2AA1365    6F8D7EF5
+t = 31: 3B845D33    1267B407    717EEBD7    A0DC2D4B    D2AA1365
+t = 32: 046FAA0A    3B845D33    C499ED01    717EEBD7    A0DC2D4B
+t = 33: 2C0EBC11    046FAA0A    CEE1174C    C499ED01    717EEBD7
+t = 34: 21796AD4    2C0EBC11    811BEA82    CEE1174C    C499ED01
+t = 35: DCBBB0CB    21796AD4    4B03AF04    811BEA82    CEE1174C
+t = 36: 0F511FD8    DCBBB0CB    085E5AB5    4B03AF04    811BEA82
+t = 37: DC63973F    0F511FD8    F72EEC32    085E5AB5    4B03AF04
+t = 38: 4C986405    DC63973F    03D447F6    F72EEC32    085E5AB5
+t = 39: 32DE1CBA    4C986405    F718E5CF    03D447F6    F72EEC32
+t = 40: FC87DEDF    32DE1CBA    53261901    F718E5CF    03D447F6
+t = 41: 970A0D5C    FC87DEDF    8CB7872E    53261901    F718E5CF
+t = 42: 7F193DC5    970A0D5C    FF21F7B7    8CB7872E    53261901
+t = 43: EE1B1AAF    7F193DC5    25C28357    FF21F7B7    8CB7872E
+t = 44: 40F28E09    EE1B1AAF    5FC64F71    25C28357    FF21F7B7
+t = 45: 1C51E1F2    40F28E09    FB86C6AB    5FC64F71    25C28357
+t = 46: A01B846C    1C51E1F2    503CA382    FB86C6AB    5FC64F71
+t = 47: BEAD02CA    A01B846C    8714787C    503CA382    FB86C6AB
+t = 48: BAF39337    BEAD02CA    2806E11B    8714787C    503CA382
+t = 49: 120731C5    BAF39337    AFAB40B2    2806E11B    8714787C
+t = 50: 641DB2CE    120731C5    EEBCE4CD    AFAB40B2    2806E11B
+t = 51: 3847AD66    641DB2CE    4481CC71    EEBCE4CD    AFAB40B2
+t = 52: E490436D    3847AD66    99076CB3    4481CC71    EEBCE4CD
+t = 53: 27E9F1D8    E490436D    8E11EB59    99076CB3    4481CC71
+t = 54: 7B71F76D    27E9F1D8    792410DB    8E11EB59    99076CB3
+t = 55: 5E6456AF    7B71F76D    09FA7C76    792410DB    8E11EB59
+t = 56: C846093F    5E6456AF    5EDC7DDB    09FA7C76    792410DB
+t = 57: D262FF50    C846093F    D79915AB    5EDC7DDB    09FA7C76
+t = 58: 09D785FD    D262FF50    F211824F    D79915AB    5EDC7DDB
+t = 59: 3F52DE5A    09D785FD    3498BFD4    F211824F    D79915AB
+t = 60: D756C147    3F52DE5A    4275E17F    3498BFD4    F211824F
+t = 61: 548C9CB2    D756C147    8FD4B796    4275E17F    3498BFD4
+t = 62: B66C020B    548C9CB2    F5D5B051    8FD4B796    4275E17F
+t = 63: 6B61C9E1    B66C020B    9523272C    F5D5B051    8FD4B796
+t = 64: 19DFA7AC    6B61C9E1    ED9B0082    9523272C    F5D5B051
+t = 65: 101655F9    19DFA7AC    5AD87278    ED9B0082    9523272C
+t = 66: 0C3DF2B4    101655F9    0677E9EB    5AD87278    ED9B0082
+t = 67: 78DD4D2B    0C3DF2B4    4405957E    0677E9EB    5AD87278
+t = 68: 497093C0    78DD4D2B    030F7CAD    4405957E    0677E9EB
+t = 69: 3F2588C2    497093C0    DE37534A    030F7CAD    4405957E
+t = 70: C199F8C7    3F2588C2    125C24F0    DE37534A    030F7CAD
+t = 71: 39859DE7    C199F8C7    8FC96230    125C24F0    DE37534A
+t = 72: EDB42DE4    39859DE7    F0667E31    8FC96230    125C24F0
+t = 73: 11793F6F    EDB42DE4    CE616779    F0667E31    8FC96230
+t = 74: 5EE76897    11793F6F    3B6D0B79    CE616779    F0667E31
+t = 75: 63F7DAB7    5EE76897    C45E4FDB    3B6D0B79    CE616779
+t = 76: A079B7D9    63F7DAB7    D7B9DA25    C45E4FDB    3B6D0B79
+t = 77: 860D21CC    A079B7D9    D8FDF6AD    D7B9DA25    C45E4FDB
+t = 78: 5738D5E1    860D21CC    681E6DF6    D8FDF6AD    D7B9DA25
+t = 79: 42541B35    5738D5E1    21834873    681E6DF6    D8FDF6AD.
+
+Block 1 has been processed. The values of {Hi} are +

+H0 = 67452301 + 42541B35 = A9993E36 +
+H1 = EFCDAB89 + 5738D5E1 = +4706816A +
+H2 = 98BADCFE + 21834873 = +BA3E2571 +
+H3 = 10325476 + 681E6DF6 = 7850C26C +
+H4 = C3D2E1F0 + D8FDF6AD = +9CD0D89D. +

+Message digest = A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D +


+
APPENDIX B. A SECOND SAMPLE MESSAGE AND ITS +MESSAGE DIGEST
+

+This appendix is for informational purposes only and is not required to +meet the standard. +

+Let the message be the binary-coded form (cf. Appendix A) of the ASCII +string +
+
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq". +

+Since each of the 56 characters is converted to 8 bits, the length of the +message is l = 448. In step (a) of Section 4, we append "1". In step (b) +we append 511 "0"s. In step (c) we append the 2-word representation of 448, +i.e., hex 00000000 000001C0. This gives n = 2. +

+The initial hex values of {Hi} are +

+H0 = 67452301 +
+H1 = EFCDAB89 +
+H2 = 98BADCFE +
+H3 = 10325476 +
+H4 = C3D2E1F0. +

+Start processing block 1. The words of block 1 are +

+W[0] = 61626364
+W[1] = 62636465
+W[2] = 63646566
+W[3] = 64656667
+W[4] = 65666768
+W[5] = 66676869
+W[6] = 6768696A
+W[7] = 68696A6B
+W[8] = 696A6B6C
+W[9] = 6A6B6C6D
+W[10] = 6B6C6D6E
+W[11] = 6C6D6E6F
+W[12] = 6D6E6F70
+W[13] = 6E6F7071
+W[14] = 80000000
+W[15] = 00000000. +

+The hex values of A,B,C,D,E after pass t of the "for t = 0 to 79" loop (step +(d) of Section 7 or step (c) of Section 8) are
+ 
      
+            A           B           C           D           E
+
+t =  0: 0116FC17    67452301    7BF36AE2    98BADCFE    10325476
+t =  1: EBF3B452    0116FC17    59D148C0    7BF36AE2    98BADCFE
+t =  2: 5109913A    EBF3B452    C045BF05    59D148C0    7BF36AE2
+t =  3: 2C4F6EAC    5109913A    BAFCED14    C045BF05    59D148C0
+t =  4: 33F4AE5B    2C4F6EAC    9442644E    BAFCED14    C045BF05
+t =  5: 96B85189    33F4AE5B    0B13DBAB    9442644E    BAFCED14
+t =  6: DB04CB58    96B85189    CCFD2B96    0B13DBAB    9442644E
+t =  7: 45833F0F    DB04CB58    65AE1462    CCFD2B96    0B13DBAB
+t =  8: C565C35E    45833F0F    36C132D6    65AE1462    CCFD2B96
+t =  9: 6350AFDA    C565C35E    D160CFC3    36C132D6    65AE1462
+t = 10: 8993EA77    6350AFDA    B15970D7    D160CFC3    36C132D6
+t = 11: E19ECAA2    8993EA77    98D42BF6    B15970D7    D160CFC3
+t = 12: 8603481E    E19ECAA2    E264FA9D    98D42BF6    B15970D7
+t = 13: 32F94A85    8603481E    B867B2A8    E264FA9D    98D42BF6
+t = 14: B2E7A8BE    32F94A85    A180D207    B867B2A8    E264FA9D
+t = 15: 42637E39    B2E7A8BE    4CBE52A1    A180D207    B867B2A8
+t = 16: 6B068048    42637E39    ACB9EA2F    4CBE52A1    A180D207
+t = 17: 426B9C35    6B068048    5098DF8E    ACB9EA2F    4CBE52A1
+t = 18: 944B1BD1    426B9C35    1AC1A012    5098DF8E    ACB9EA2F
+t = 19: 6C445652    944B1BD1    509AE70D    1AC1A012    5098DF8E
+t = 20: 95836DA5    6C445652    6512C6F4    509AE70D    1AC1A012
+t = 21: 09511177    95836DA5    9B111594    6512C6F4    509AE70D
+t = 22: E2B92DC4    09511177    6560DB69    9B111594    6512C6F4
+t = 23: FD224575    E2B92DC4    C254445D    6560DB69    9B111594
+t = 24: EEB82D9A    FD224575    38AE4B71    C254445D    6560DB69
+t = 25: 5A142C1A    EEB82D9A    7F48915D    38AE4B71    C254445D
+t = 26: 2972F7C7    5A142C1A    BBAE0B66    7F48915D    38AE4B71
+t = 27: D526A644    2972F7C7    96850B06    BBAE0B66    7F48915D
+t = 28: E1122421    D526A644    CA5CBDF1    96850B06    BBAE0B66
+t = 29: 05B457B2    E1122421    3549A991    CA5CBDF1    96850B06
+t = 30: A9C84BEC    05B457B2    78448908    3549A991    CA5CBDF1
+t = 31: 52E31F60    A9C84BEC    816D15EC    78448908    3549A991
+t = 32: 5AF3242C    52E31F60    2A7212FB    816D15EC    78448908
+t = 33: 31C756A9    5AF3242C    14B8C7D8    2A7212FB    816D15EC
+t = 34: E9AC987C    31C756A9    16BCC90B    14B8C7D8    2A7212FB
+t = 35: AB7C32EE    E9AC987C    4C71D5AA    16BCC90B    14B8C7D8
+t = 36: 5933FC99    AB7C32EE    3A6B261F    4C71D5AA    16BCC90B
+t = 37: 43F87AE9    5933FC99    AADF0CBB    3A6B261F    4C71D5AA
+t = 38: 24957F22    43F87AE9    564CFF26    AADF0CBB    3A6B261F
+t = 39: ADEB7478    24957F22    50FE1EBA    564CFF26    AADF0CBB
+t = 40: D70E5010    ADEB7478    89255FC8    50FE1EBA    564CFF26
+t = 41: 79BCFB08    D70E5010    2B7ADD1E    89255FC8    50FE1EBA
+t = 42: F9BCB8DE    79BCFB08    35C39404    2B7ADD1E    89255FC8
+t = 43: 633E9561    F9BCB8DE    1E6F3EC2    35C39404    2B7ADD1E
+t = 44: 98C1EA64    633E9561    BE6F2E37    1E6F3EC2    35C39404
+t = 45: C6EA241E    98C1EA64    58CFA558    BE6F2E37    1E6F3EC2
+t = 46: A2AD4F02    C6EA241E    26307A99    58CFA558    BE6F2E37
+t = 47: C8A69090    A2AD4F02    B1BA8907    26307A99    58CFA558
+t = 48: 88341600    C8A69090    A8AB53C0    B1BA8907    26307A99
+t = 49: 7E846F58    88341600    3229A424    A8AB53C0    B1BA8907
+t = 50: 86E358BA    7E846F58    220D0580    3229A424    A8AB53C0
+t = 51: 8D2E76C8    86E358BA    1FA11BD6    220D0580    3229A424
+t = 52: CE892E10    8D2E76C8    A1B8D62E    1FA11BD6    220D0580
+t = 53: EDEA95B1    CE892E10    234B9DB2    A1B8D62E    1FA11BD6
+t = 54: 36D1230A    EDEA95B1    33A24B84    234B9DB2    A1B8D62E
+t = 55: 776C3910    36D1230A    7B7AA56C    33A24B84    234B9DB2
+t = 56: A681B723    776C3910    8DB448C2    7B7AA56C    33A24B84
+t = 57: AC0A794F    A681B723    1DDB0E44    8DB448C2    7B7AA56C
+t = 58: F03D3782    AC0A794F    E9A06DC8    1DDB0E44    8DB448C2
+t = 59: 9EF775C3    F03D3782    EB029E53    E9A06DC8    1DDB0E44
+t = 60: 36254B13    9EF775C3    BC0F4DE0    EB029E53    E9A06DC8
+t = 61: 4080D4DC    36254B13    E7BDDD70    BC0F4DE0    EB029E53
+t = 62: 2BFAF7A8    4080D4DC    CD8952C4    E7BDDD70    BC0F4DE0
+t = 63: 513F9CA0    2BFAF7A8    10203537    CD8952C4    E7BDDD70
+t = 64: E5895C81    513F9CA0    0AFEBDEA    10203537    CD8952C4
+t = 65: 1037D2D5    E5895C81    144FE728    0AFEBDEA    10203537
+t = 66: 14A82DA9    1037D2D5    79625720    144FE728    0AFEBDEA
+t = 67: 6D17C9FD    14A82DA9    440DF4B5    79625720    144FE728
+t = 68: 2C7B07BD    6D17C9FD    452A0B6A    440DF4B5    79625720
+t = 69: FDF6EFFF    2C7B07BD    5B45F27F    452A0B6A    440DF4B5
+t = 70: 112B96E3    FDF6EFFF    4B1EC1EF    5B45F27F    452A0B6A
+t = 71: 84065712    112B96E3    FF7DBBFF    4B1EC1EF    5B45F27F
+t = 72: AB89FB71    84065712    C44AE5B8    FF7DBBFF    4B1EC1EF
+t = 73: C5210E35    AB89FB71    A10195C4    C44AE5B8    FF7DBBFF
+t = 74: 352D9F4B    C5210E35    6AE27EDC    A10195C4    C44AE5B8
+t = 75: 1A0E0E0A    352D9F4B    7148438D    6AE27EDC    A10195C4
+t = 76: D0D47349    1A0E0E0A    CD4B67D2    7148438D    6AE27EDC
+t = 77: AD38620D    D0D47349    86838382    CD4B67D2    7148438D
+t = 78: D3AD7C25    AD38620D    74351CD2    86838382    CD4B67D2
+t = 79: 8CE34517    D3AD7C25    6B4E1883    74351CD2    86838382.
+

+Block 1 has been processed. The values of {Hi} are +

+H0 = 67452301 + 8CE34517 = F4286818 +
+H1 = EFCDAB89 + D3AD7C25 = +C37B27AE +
+H2 = 98BADCFE + 6B4E1883 = +0408F581 +
+H3 = 10325476 + 74351CD2 = 84677148 +
+H4 = C3D2E1F0 + 86838382 = 4A566572. +

+Start processing block 2. The words of block 2 are +

+W[0] = 00000000
+W[1] = 00000000
+W[2] = 00000000
+W[3] = 00000000
+W[4] = 00000000
+W[5] = 00000000
+W[6] = 00000000
+W[7] = 00000000
+W[8] = 00000000
+W[9] = 00000000
+W[10] = 00000000
+W[11] = 00000000
+W[12] = 00000000
+W[13] = 00000000
+W[14] = 00000000
+W[15] = 000001C0. +

+The hex values of A,B,C,D,E after pass t of the for "t = 0 to 79" loop +(step (d) of Section 7 or step (c) of Section 8) are
+
       
+            A           B           C           D           E
+
+t =  0: 2DF257E9    F4286818    B0DEC9EB    0408F581    84677148
+t =  1: 4D3DC58F    2DF257E9    3D0A1A06    B0DEC9EB    0408F581
+t =  2: C352BB05    4D3DC58F    4B7C95FA    3D0A1A06    B0DEC9EB
+t =  3: EEF743C6    C352BB05    D34F7163    4B7C95FA    3D0A1A06
+t =  4: 41E34277    EEF743C6    70D4AEC1    D34F7163    4B7C95FA
+t =  5: 5443915C    41E34277    BBBDD0F1    70D4AEC1    D34F7163
+t =  6: E7FA0377    5443915C    D078D09D    BBBDD0F1    70D4AEC1
+t =  7: C6946813    E7FA0377    1510E457    D078D09D    BBBDD0F1
+t =  8: FDDE1DE1    C6946813    F9FE80DD    1510E457    D078D09D
+t =  9: B8538ACA    FDDE1DE1    F1A51A04    F9FE80DD    1510E457
+t = 10: 6BA94F63    B8538ACA    7F778778    F1A51A04    F9FE80DD
+t = 11: 43A2792F    6BA94F63    AE14E2B2    7F778778    F1A51A04
+t = 12: FECD7BBF    43A2792F    DAEA53D8    AE14E2B2    7F778778
+t = 13: A2604CA8    FECD7BBF    D0E89E4B    DAEA53D8    AE14E2B2
+t = 14: 258B0BAA    A2604CA8    FFB35EEF    D0E89E4B    DAEA53D8
+t = 15: D9772360    258B0BAA    2898132A    FFB35EEF    D0E89E4B
+t = 16: 5507DB6E    D9772360    8962C2EA    2898132A    FFB35EEF
+t = 17: A51B58BC    5507DB6E    365DC8D8    8962C2EA    2898132A
+t = 18: C2EB709F    A51B58BC    9541F6DB    365DC8D8    8962C2EA
+t = 19: D8992153    C2EB709F    2946D62F    9541F6DB    365DC8D8
+t = 20: 37482F5F    D8992153    F0BADC27    2946D62F    9541F6DB
+t = 21: EE8700BD    37482F5F    F6264854    F0BADC27    2946D62F
+t = 22: 9AD594B9    EE8700BD    CDD20BD7    F6264854    F0BADC27
+t = 23: 8FBAA5B9    9AD594B9    7BA1C02F    CDD20BD7    F6264854
+t = 24: 88FB5867    8FBAA5B9    66B5652E    7BA1C02F    CDD20BD7
+t = 25: EEC50521    88FB5867    63EEA96E    66B5652E    7BA1C02F
+t = 26: 50BCE434    EEC50521    E23ED619    63EEA96E    66B5652E
+t = 27: 5C416DAF    50BCE434    7BB14148    E23ED619    63EEA96E
+t = 28: 2429BE5F    5C416DAF    142F390D    7BB14148    E23ED619
+t = 29: 0A2FB108    2429BE5F    D7105B6B    142F390D    7BB14148
+t = 30: 17986223    0A2FB108    C90A6F97    D7105B6B    142F390D
+t = 31: 8A4AF384    17986223    028BEC42    C90A6F97    D7105B6B
+t = 32: 6B629993    8A4AF384    C5E61888    028BEC42    C90A6F97
+t = 33: F15F04F3    6B629993    2292BCE1    C5E61888    028BEC42
+t = 34: 295CC25B    F15F04F3    DAD8A664    2292BCE1    C5E61888
+t = 35: 696DA404    295CC25B    FC57C13C    DAD8A664    2292BCE1
+t = 36: CEF5AE12    696DA404    CA573096    FC57C13C    DAD8A664
+t = 37: 87D5B80C    CEF5AE12    1A5B6901    CA573096    FC57C13C
+t = 38: 84E2A5F2    87D5B80C    B3BD6B84    1A5B6901    CA573096
+t = 39: 03BB6310    84E2A5F2    21F56E03    B3BD6B84    1A5B6901
+t = 40: C2D8F75F    03BB6310    A138A97C    21F56E03    B3BD6B84
+t = 41: BFB25768    C2D8F75F    00EED8C4    A138A97C    21F56E03
+t = 42: 28589152    BFB25768    F0B63DD7    00EED8C4    A138A97C
+t = 43: EC1D3D61    28589152    2FEC95DA    F0B63DD7    00EED8C4
+t = 44: 3CAED7AF    EC1D3D61    8A162454    2FEC95DA    F0B63DD7
+t = 45: C3D033EA    3CAED7AF    7B074F58    8A162454    2FEC95DA
+t = 46: 7316056A    C3D033EA    CF2BB5EB    7B074F58    8A162454
+t = 47: 46F93B68    7316056A    B0F40CFA    CF2BB5EB    7B074F58
+t = 48: DC8E7F26    46F93B68    9CC5815A    B0F40CFA    CF2BB5EB
+t = 49: 850D411C    DC8E7F26    11BE4EDA    9CC5815A    B0F40CFA
+t = 50: 7E4672C0    850D411C    B7239FC9    11BE4EDA    9CC5815A
+t = 51: 89FBD41D    7E4672C0    21435047    B7239FC9    11BE4EDA
+t = 52: 1797E228    89FBD41D    1F919CB0    21435047    B7239FC9
+t = 53: 431D65BC    1797E228    627EF507    1F919CB0    21435047
+t = 54: 2BDBB8CB    431D65BC    05E5F88A    627EF507    1F919CB0
+t = 55: 6DA72E7F    2BDBB8CB    10C7596F    05E5F88A    627EF507
+t = 56: A8495A9B    6DA72E7F    CAF6EE32    10C7596F    05E5F88A
+t = 57: E785655A    A8495A9B    DB69CB9F    CAF6EE32    10C7596F
+t = 58: 5B086C42    E785655A    EA1256A6    DB69CB9F    CAF6EE32
+t = 59: A65818F7    5B086C42    B9E15956    EA1256A6    DB69CB9F
+t = 60: 7AAB101B    A65818F7    96C21B10    B9E15956    EA1256A6
+t = 61: 93614C9C    7AAB101B    E996063D    96C21B10    B9E15956
+t = 62: F66D9BF4    93614C9C    DEAAC406    E996063D    96C21B10
+t = 63: D504902B    F66D9BF4    24D85327    DEAAC406    E996063D
+t = 64: 60A9DA62    D504902B    3D9B66FD    24D85327    DEAAC406
+t = 65: 8B687819    60A9DA62    F541240A    3D9B66FD    24D85327
+t = 66: 083E90C3    8B687819    982A7698    F541240A    3D9B66FD
+t = 67: F6226BBF    083E90C3    62DA1E06    982A7698    F541240A
+t = 68: 76C0563B    F6226BBF    C20FA430    62DA1E06    982A7698
+t = 69: 989DD165    76C0563B    FD889AEF    C20FA430    62DA1E06
+t = 70: 8B2C7573    989DD165    DDB0158E    FD889AEF    C20FA430
+t = 71: AE1B8E7B    8B2C7573    66277459    DDB0158E    FD889AEF
+t = 72: CA1840DE    AE1B8E7B    E2CB1D5C    66277459    DDB0158E
+t = 73: 16F3BABB    CA1840DE    EB86E39E    E2CB1D5C    66277459
+t = 74: D28D83AD    16F3BABB    B2861037    EB86E39E    E2CB1D5C
+t = 75: 6BC02DFE    D28D83AD    C5BCEEAE    B2861037    EB86E39E
+t = 76: D3A6E275    6BC02DFE    74A360EB    C5BCEEAE    B2861037
+t = 77: DA955482    D3A6E275    9AF00B7F    74A360EB    C5BCEEAE
+t = 78: 58C0AAC0    DA955482    74E9B89D    9AF00B7F    74A360EB
+t = 79: 906FD62C    58C0AAC0    B6A55520    74E9B89D    9AF00B7F.
+

+Block 2 has been processed. The values of {Hi} are +

+H0 = F4286818 + 906FD62C = 84983E44 +
+H1 = C37B27AE + 58C0AAC0 = +1C3BD26E +
+H2 = 0408F581 + B6A55520 = +BAAE4AA1 +
+H3 = 84677148 + 74E9B89D = F95129E5 +
+H4 = 4A566572 + 9AF00B7F = E54670F1. +

+Message digest = 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1 +

+
APPENDIX C. A THIRD SAMPLE MESSAGE AND ITS +MESSAGE DIGEST
+

+This appendix is for informational purposes only and is not required to meet +the standard. +

+Let the message be the binary-coded form of the ASCII string which consists +of 1,000,000 repetitions of "a". +

+Message digest = 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F +

+
+ +
The Foreword, Abstract, and Key Words follow: +
+

+FIPS PUB 180-1
+FEDERAL INFORMATION
+ PROCESSING STANDARDS PUBLICATION

+ +1995 April 17
+U.S. DEPARTMENT OF COMMERCE/National Institute of Standards and +Technology

+ +

SECURE HASH STANDARD

+ + +U.S. DEPARTMENT OF COMMERCE, Ronald H. Brown, +Secretary
+ +National Institute of Standards and Technology, Arati Prabhakar, +Director +

Foreword
+ The Federal Information Processing Standards Publication Series +of the National Institute of Standards and Technology (NIST) is the official +publication relating to standards and guidelines adopted and promulgated +under the provisions of Section 111(d) of the Federal Property and +Administrative Services Act of 1949 as amended by the Computer Security +Act +of 1987, Public Law 100-235. These mandates have given the Secretary of +Commerce and NIST important responsibilities for improving the utilization +and management of computers and related telecommunications systems in the +Federal Government. The NIST, through its Computer Systems Laboratory, +provides leadership, technical guidance, and coordination of Government +efforts in the development of standards and guidelines in these areas. +

+ Comments concerning Federal Information Processing Standards +Publications are welcomed and should be addressed to the Director, +Computer Systems Laboratory, National Institute of Standards and +Technology, Gaithersburg, MD 20899. +

+James H. Burrows, Director
+Computer Systems Laboratory

+ +
Abstract
+ This standard specifies a Secure Hash Algorithm (SHA-1) which can +be used to generate a condensed representation of a message called a +message digest. The SHA-1 is required for use with the Digital Signature +Algorithm (DSA) as specified in the Digital Signature Standard (DSS) and +whenever a secure hash algorithm is required for Federal applications. +The SHA-1 is used by both the transmitter and intended receiver of a +message in computing and verifying a digital signature. +

+ +Key words: computer security; digital signatures; Federal +Information +Processing Standard (FIPS); hash algorithm.

+ + diff --git a/hints/irix_6.pl b/hints/irix_6.pl new file mode 100644 index 0000000..e38ae14 --- /dev/null +++ b/hints/irix_6.pl @@ -0,0 +1,6 @@ +# The Mongoose v7.1 compiler freezes up somewhere in the optimization of +# MD5Transform() in MD5.c with optimization -O3. This is a workaround: + +if ($Config{cc} =~ /64|n32/ && `$Config{cc} -version 2>&1` =~ /\s7\.1/) { + $self->{OPTIMIZE} = "-O1"; +} diff --git a/t/badfile.t b/t/badfile.t new file mode 100644 index 0000000..d7c820c --- /dev/null +++ b/t/badfile.t @@ -0,0 +1,19 @@ +print "1..2\n"; + +use Digest::SHA1 (); + +$sha1 = Digest::SHA1->new; + +eval { + use vars qw(*FOO); + $sha1->addfile(*FOO); +}; +print "not " unless $@ =~ /^Bad filehandle: FOO at/; +print "ok 1\n"; + +open(BAR, "no-existing-file.$$"); +eval { + $sha1->addfile(*BAR); +}; +print "not " unless $@ =~ /^No filehandle passed at/; +print "ok 2\n"; diff --git a/t/bits.t b/t/bits.t new file mode 100644 index 0000000..92818b3 --- /dev/null +++ b/t/bits.t @@ -0,0 +1,36 @@ +#!perl -w + +BEGIN { + if ($] < 5.005) { + # Test module can't be expected to be available + # and I ended up with seg faults when trying to + # load it with eval { require Test }; + print "1..0\n"; + exit; + } +} + +use Test qw(plan ok); +plan tests => 2; + +use Digest::SHA1; + +my $sha1 = Digest::SHA1->new; + +if ($Digest::base::VERSION && $Digest::base::VERSION) { + $sha1->add_bits("01111111"); + ok($sha1->hexdigest, "23833462f55515a900e016db2eb943fb474c19f6"); + eval { + $sha1->add_bits("0111"); + }; + ok($@ =~ /must be multiple of 8/); +} +else { + print "# No Digest::base\n"; + eval { + $sha1->add_bits("foo"); + }; + ok($@ =~ /^Can\'t locate Digest\/base\.pm in \@INC/); + ok(1); # dummy +} + diff --git a/t/sha1.t b/t/sha1.t new file mode 100644 index 0000000..352a02c --- /dev/null +++ b/t/sha1.t @@ -0,0 +1,62 @@ +print "1..13\n"; + +use Digest::SHA1 qw(sha1 sha1_hex sha1_base64 sha1_transform); + +print "not " unless Digest::SHA1->new->add("abc")->hexdigest eq "a9993e364706816aba3e25717850c26c9cd0d89d"; +print "ok 1\n"; + +print "not " unless sha1("abc") eq pack("H*", "a9993e364706816aba3e25717850c26c9cd0d89d"); +print "ok 2\n"; + +print "not " unless sha1_hex("abc") eq "a9993e364706816aba3e25717850c26c9cd0d89d"; +print "ok 3\n"; + +print "not " unless sha1_base64("abc") eq "qZk+NkcGgWq6PiVxeFDCbJzQ2J0"; +print "ok 4\n"; + +# Test file checking from too... +open(FILE, ">stest$$.txt") || die; +binmode(FILE); +for (1..512) { + print FILE "This is line $_\n"; +} +close(FILE); + +open(FILE, "stest$$.txt") || die; +$digest = Digest::SHA1->new->addfile(*FILE)->b64digest; +print "$digest\nnot " unless $digest eq "1ZuIK/sQeBwqh+dIACqpnoRQUE4"; +print "ok 5\n"; +close(FILE); + +unlink("stest$$.txt"); + + +print "not " unless sha1_transform(pack('H*', 'dc71a8092d4b1b7b98101d58698d9d1cc48225bb')) + eq pack('H*', '2e4c75ad39160f52614d122e6c7ec80446f68567'); +print "ok 6\n"; + +print "not " unless sha1_transform(pack('H*', '0abe1db666612acdf95d2f86d60c65210b78ab23')) + eq pack('H*', '7c1c2aabca822912f3016299b160035787477b48'); +print "ok 7\n"; + +print "not " unless sha1_transform(pack('H*', '86da486230e353e0ec5e9220876c687892c0266c')) + eq pack('H*', '1da304aec652c21d4f54642434705c91aeaf9abe'); +print "ok 8\n"; + +$digest = Digest::SHA1->new; +print "not " unless $digest->hexdigest eq "da39a3ee5e6b4b0d3255bfef95601890afd80709"; +print "ok 9\n"; + +print "not " unless $digest->clone->hexdigest eq "da39a3ee5e6b4b0d3255bfef95601890afd80709"; +print "ok 10\n"; + +$digest->add("abc"); +print "not " unless $digest->clone->hexdigest eq "a9993e364706816aba3e25717850c26c9cd0d89d"; +print "ok 11\n"; + +$digest->add("d"); +print "not " unless $digest->hexdigest eq "81fe8bfe87576c3ecb22426f8e57847382917acf"; +print "ok 12\n"; + +print "not " unless $digest->hexdigest eq "da39a3ee5e6b4b0d3255bfef95601890afd80709"; +print "ok 13\n"; diff --git a/typemap b/typemap new file mode 100644 index 0000000..85c1d27 --- /dev/null +++ b/typemap @@ -0,0 +1,5 @@ +SHA_INFO* T_SHA_INFO + +INPUT +T_SHA_INFO + $var = get_sha_info(aTHX_ $arg)