--- parser3/src/classes/math.C 2012/09/13 22:44:36 1.62 +++ parser3/src/classes/math.C 2013/07/19 15:36:11 1.67 @@ -14,6 +14,7 @@ #include "pa_vmath.h" #include "pa_request.h" #include "pa_md5.h" +#include "pa_sha2.h" #include "pa_random.h" #ifdef WIN32 @@ -23,14 +24,10 @@ #endif #ifdef HAVE_CRYPT -# ifdef HAVE_CRYPT_H -# include -# endif -#else - extern char *crypt(const char* , const char* ); +extern "C" char *crypt(const char* , const char* ); #endif -volatile const char * IDENT_MATH_C="$Id: math.C,v 1.62 2012/09/13 22:44:36 moko Exp $"; +volatile const char * IDENT_MATH_C="$Id: math.C,v 1.67 2013/07/19 15:36:11 moko Exp $"; // defines @@ -311,49 +308,78 @@ void SHA1PadMessage(SHA1Context *context #define SWAP(n) (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24)) #endif -void SHA1ReadDigest(SHA1Context &c, void *buf) +void SHA1ReadDigest(void *buf, SHA1Context *c) { - if(!SHA1Result(&c)) + if(!SHA1Result(c)) throw Exception (PARSER_RUNTIME, 0, "Can not compute SHA1"); - ((uint32_t *)buf)[0] = SWAP(c.Message_Digest[0]); - ((uint32_t *)buf)[1] = SWAP(c.Message_Digest[1]); - ((uint32_t *)buf)[2] = SWAP(c.Message_Digest[2]); - ((uint32_t *)buf)[3] = SWAP(c.Message_Digest[3]); - ((uint32_t *)buf)[4] = SWAP(c.Message_Digest[4]); + ((uint32_t *)buf)[0] = SWAP(c->Message_Digest[0]); + ((uint32_t *)buf)[1] = SWAP(c->Message_Digest[1]); + ((uint32_t *)buf)[2] = SWAP(c->Message_Digest[2]); + ((uint32_t *)buf)[3] = SWAP(c->Message_Digest[3]); + ((uint32_t *)buf)[4] = SWAP(c->Message_Digest[4]); } static void _sha1(Request& r, MethodParams& params) { const char *string = params.as_string(0, PARAMETER_MUST_BE_STRING).cstr(); SHA1Context c; + unsigned char digest[20]; SHA1Reset (&c); SHA1Input (&c, (const unsigned char*)string, strlen(string)); + SHA1ReadDigest(digest, &c); - unsigned char digest[20]; - SHA1ReadDigest(c, digest); r.write_pass_lang(*new String(hex_string(digest, sizeof(digest), false))); } +void memxor(char *dest, const char *src, size_t n){ + for (;n>0;n--) *dest++ ^= *src++; +} + #define IPAD 0x36 #define OPAD 0x5c -void memxor(char *dest, const char *src, size_t n){ - for (;n>0;n--) *dest++ ^= *src++; +#define HMAC(key,init,update,final,blocklen,digestlen){ \ + unsigned char tempdigest[digestlen], keydigest[digestlen]; \ + size_t keylen=strlen(key); \ + /* Reduce the key's size, so that it becomes <= blocklen bytes. */ \ + if (keylen > blocklen){ \ + init(&c); \ + update(&c,(const unsigned char*)hmac, keylen); \ + final(keydigest, &c); \ + key = (char *)keydigest; \ + keylen = digestlen; \ + } \ + /* Compute TEMP from KEY and STRING. */ \ + char block[blocklen]; \ + memset (block, IPAD, blocklen); \ + memxor (block, key, keylen); \ + init(&c); \ + update(&c, (const unsigned char*)block, blocklen); \ + update(&c, (const unsigned char*)string, strlen(string)); \ + final(tempdigest, &c); \ + /* Compute result from KEY and TEMP. */ \ + memset (block, OPAD, blocklen); \ + memxor (block, key, keylen); \ + init(&c); \ + update(&c, (const unsigned char*)block, blocklen); \ + update(&c, (const unsigned char*)tempdigest, digestlen); \ } static void _digest(Request& r, MethodParams& params) { - const String &sformat = params.as_string(0, PARAMETER_MUST_BE_STRING); + const String &smethod = params.as_string(0, PARAMETER_MUST_BE_STRING); const char *string = params.as_string(1, PARAMETER_MUST_BE_STRING).cstr(); - enum Format { F_MD5, F_SHA1 } format; + enum Method { M_MD5, M_SHA1, M_SHA256, M_SHA512 } method; - if (sformat == "md5") format = F_MD5; - else if (sformat == "sha1" ) format = F_SHA1; - else throw Exception(PARSER_RUNTIME, &sformat, "must be 'md5' or 'sha1'"); + if (smethod == "md5") method = M_MD5; + else if (smethod == "sha1" ) method = M_SHA1; + else if (smethod == "sha256" ) method = M_SHA256; + else if (smethod == "sha512" ) method = M_SHA512; + else throw Exception(PARSER_RUNTIME, &smethod, "must be 'md5' or 'sha1'"); const char *hmac=0; - enum Encode { E_HEX, E_BASE64 } encode = E_HEX; + enum Format { F_HEX, F_BASE64 } format = F_HEX; if(params.count() == 3) if(HashStringValue* options=params.as_hash(2)) { @@ -362,11 +388,11 @@ static void _digest(Request& r, MethodPa hmac=value->as_string().cstr(); valid_options++; } - if(Value* value=options->get("encode")) { - const String& sencode=value->as_string(); - if (sencode == "hex") encode = E_HEX; - else if (sencode == "base64" ) encode = E_BASE64; - else throw Exception(PARSER_RUNTIME, &sencode, "must be 'hex' or 'base64'"); + if(Value* value=options->get("format")) { + const String& sformat=value->as_string(); + if (sformat == "hex") format = F_HEX; + else if (sformat == "base64" ) format = F_BASE64; + else throw Exception(PARSER_RUNTIME, &sformat, "must be 'hex' or 'base64'"); valid_options++; } if(valid_options!=options->count()) @@ -375,63 +401,62 @@ static void _digest(Request& r, MethodPa String::C digest; - if(format == F_MD5){ - PA_MD5_CTX context; - pa_MD5Init(&context); - pa_MD5Update(&context, (const unsigned char*)string, strlen(string)); - + if(method == M_MD5){ + PA_MD5_CTX c; + if(hmac){ + HMAC(hmac, pa_MD5Init, pa_MD5Update, pa_MD5Final, 64, 16); + } else { + pa_MD5Init(&c); + pa_MD5Update(&c, (const unsigned char*)string, strlen(string)); + } char *str=(char *)pa_malloc(16); - pa_MD5Final((unsigned char *)str, &context); + pa_MD5Final((unsigned char *)str, &c); digest = String::C(str, 16); } - if(format == F_SHA1){ + if(method == M_SHA1){ SHA1Context c; if(hmac){ - size_t keylen=strlen(hmac); - char digestbuf[20]; - - /* Reduce the key's size, so that it becomes <= 64 bytes large. */ - if (keylen > 64){ - SHA1Reset (&c); - SHA1Input (&c, (const unsigned char*)hmac, keylen); - - SHA1ReadDigest(c, digestbuf); - hmac = digestbuf; - keylen = 20; - } - - /* Compute TEMP from KEY and STRING. */ - char block[64]; - memset (block, IPAD, sizeof (block)); - memxor (block, hmac, keylen); - - SHA1Reset (&c); - SHA1Input (&c, (const unsigned char*)block, 64); - SHA1Input (&c, (const unsigned char*)string, strlen(string)); - - SHA1ReadDigest(c, digestbuf); - - /* Compute result from KEY and TEMP. */ - memset (block, OPAD, sizeof (block)); - memxor (block, hmac, keylen); - - SHA1Reset (&c); - SHA1Input (&c, (const unsigned char*)block, 64); - SHA1Input (&c, (const unsigned char*)digestbuf, 20); + HMAC(hmac, SHA1Reset, SHA1Input, SHA1ReadDigest, 64, 20); } else { - SHA1Reset (&c); - SHA1Input (&c, (const unsigned char*)string, strlen(string)); + SHA1Reset(&c); + SHA1Input(&c, (const unsigned char*)string, strlen(string)); } char *str=(char *)pa_malloc(20); - SHA1ReadDigest(c, str); + SHA1ReadDigest(str, &c); digest = String::C(str, 20); } - if(encode == E_HEX){ + if(method == M_SHA256){ + SHA256_CTX c; + if(hmac){ + HMAC(hmac, pa_SHA256_Init, pa_SHA256_Update, pa_SHA256_Final, 64, SHA256_DIGEST_LENGTH); + } else { + pa_SHA256_Init(&c); + pa_SHA256_Update(&c, (const unsigned char*)string, strlen(string)); + } + char *str=(char *)pa_malloc(SHA256_DIGEST_LENGTH); + pa_SHA256_Final((unsigned char *)str, &c); + digest = String::C(str, SHA256_DIGEST_LENGTH); + } + + if(method == M_SHA512){ + SHA512_CTX c; + if(hmac){ + HMAC(hmac, pa_SHA512_Init, pa_SHA512_Update, pa_SHA512_Final, 128, SHA512_DIGEST_LENGTH); + } else { + pa_SHA512_Init(&c); + pa_SHA512_Update(&c, (const unsigned char*)string, strlen(string)); + } + char *str=(char *)pa_malloc(SHA512_DIGEST_LENGTH); + pa_SHA512_Final((unsigned char *)str, &c); + digest = String::C(str, SHA512_DIGEST_LENGTH); + } + + if(format == F_HEX){ r.write_pass_lang(*new String(hex_string((unsigned char *)digest.str, digest.length, false))); } - if(encode == E_BASE64){ + if(format == F_BASE64){ r.write_pass_lang(*new String(pa_base64_encode(digest.str, digest.length))); } } @@ -544,7 +569,7 @@ MMath::MMath(): Methoded("math") { // ^math:sha1[string] ADD1(sha1); - // ^math:digest[format;string;options] + // ^math:digest[method;string;options] add_native_method("digest", Method::CT_STATIC, _digest, 2, 3); // ^math:crc32[string]