--- parser3/src/classes/math.C	2012/09/15 20:51:10	1.63
+++ parser3/src/classes/math.C	2015/06/02 18:46:05	1.76
@@ -12,25 +12,17 @@
 #include "pa_common.h"
 #include "pa_vint.h"
 #include "pa_vmath.h"
+#include "pa_vfile.h"
 #include "pa_request.h"
 #include "pa_md5.h"
+#include "pa_sha2.h"
 #include "pa_random.h"
 
-#ifdef WIN32
-#	define _WIN32_WINNT 0x400
-#	include <windows.h>
-#	include <wincrypt.h>
-#endif
-
 #ifdef HAVE_CRYPT
-#	ifdef HAVE_CRYPT_H
-#		include <crypt.h>
-#	endif
-#else
-	extern char *crypt(const char* , const char* );
+extern "C" char *crypt(const char* , const char* );
 #endif
 
-volatile const char * IDENT_MATH_C="$Id: math.C,v 1.63 2012/09/15 20:51:10 moko Exp $";
+volatile const char * IDENT_MATH_C="$Id: math.C,v 1.76 2015/06/02 18:46:05 moko Exp $";
 
 // defines
 
@@ -78,20 +70,31 @@ static void math1(Request& r, MethodPara
 	static void _##name(Request& r, MethodParams& params) {\
 		math1(r, params, &name);\
 	}
+
 #define MATH1P(name_parser, name_c) \
 	static void _##name_parser(Request& r, MethodParams& params) {\
 		math1(r, params, &name_c);\
 	}
-MATH1(round);	MATH1(floor);	MATH1P(ceiling, ceil);
-MATH1(trunc);	MATH1(frac);
-MATH1P(abs, fabs);	MATH1(sign);
-MATH1(exp);	
-MATH1(log);	MATH1(log10);
-MATH1(sin);	MATH1(asin);	
-MATH1(cos);	MATH1(acos);	
-MATH1(tan);	MATH1(atan);
-MATH1(degrees);	MATH1(radians);
-MATH1(sqrt);
+
+MATH1(round)
+MATH1(floor)
+MATH1P(ceiling, ceil)
+MATH1(trunc)
+MATH1(frac)
+MATH1P(abs, fabs)
+MATH1(sign)
+MATH1(exp)
+MATH1(log)
+MATH1(log10)
+MATH1(sin)
+MATH1(asin)
+MATH1(cos)
+MATH1(acos)
+MATH1(tan)
+MATH1(atan)
+MATH1(degrees)
+MATH1(radians)
+MATH1(sqrt)
 
 
 typedef double (*math2_func_ptr)(double, double);
@@ -106,10 +109,11 @@ static void math2(Request& r, MethodPara
 	static void _##name(Request& r, MethodParams& params) {\
 		math2(r, params, &name);\
 	}
-MATH2(pow);
+
+MATH2(pow)
 
 inline bool is_salt_body_char(int c) {
-	return isalnum(c) || c == '.' || c=='/';
+	return pa_isalnum(c) || c == '.' || c=='/';
 }
 static size_t calc_prefix_size(const char* salt) {
 	if(strlen(salt)) {
@@ -172,7 +176,7 @@ static void _crypt(Request& r, MethodPar
 }
 
 static void _md5(Request& r, MethodParams& params) {
-	const char *string=params.as_string(0, PARAMETER_MUST_BE_STRING).cstr();
+	const char *string=params.as_string(0, PARAMETER_MUST_BE_STRING).cstr_to_string_body_untaint(String::L_AS_IS, r.connection(false), &r.charsets).cstr();
 
 	PA_MD5_CTX context;
 	unsigned char digest[16];
@@ -311,45 +315,84 @@ void SHA1PadMessage(SHA1Context *context
 #define SWAP(n) (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24))
 #endif
 
-void SHA1ReadDigest(SHA1Context &c, void *buf)
+void SHA1ReadDigest(void *buf, SHA1Context *c)
 {
-	if(!SHA1Result(&c))
+	if(!SHA1Result(c))
 		throw Exception (PARSER_RUNTIME, 0, "Can not compute SHA1");
 
-	((uint32_t *)buf)[0] = SWAP(c.Message_Digest[0]);
-	((uint32_t *)buf)[1] = SWAP(c.Message_Digest[1]);
-	((uint32_t *)buf)[2] = SWAP(c.Message_Digest[2]);
-	((uint32_t *)buf)[3] = SWAP(c.Message_Digest[3]);
-	((uint32_t *)buf)[4] = SWAP(c.Message_Digest[4]);
+	((uint32_t *)buf)[0] = SWAP(c->Message_Digest[0]);
+	((uint32_t *)buf)[1] = SWAP(c->Message_Digest[1]);
+	((uint32_t *)buf)[2] = SWAP(c->Message_Digest[2]);
+	((uint32_t *)buf)[3] = SWAP(c->Message_Digest[3]);
+	((uint32_t *)buf)[4] = SWAP(c->Message_Digest[4]);
 }
 
 static void _sha1(Request& r, MethodParams& params) {
-	const char *string = params.as_string(0, PARAMETER_MUST_BE_STRING).cstr();
+	const char *string = params.as_string(0, PARAMETER_MUST_BE_STRING).cstr_to_string_body_untaint(String::L_AS_IS, r.connection(false), &r.charsets).cstr();
 
 	SHA1Context c;
+	unsigned char digest[20];
 	SHA1Reset (&c);
 	SHA1Input (&c, (const unsigned char*)string, strlen(string));
+	SHA1ReadDigest(digest, &c);
 
-	unsigned char digest[20];
-	SHA1ReadDigest(c, digest);
 	r.write_pass_lang(*new String(hex_string(digest, sizeof(digest), false)));
 }
 
+void memxor(char *dest, const char *src, size_t n){
+	for (;n>0;n--) *dest++ ^= *src++;
+}
+
 #define IPAD 0x36
 #define OPAD 0x5c
 
-void memxor(char *dest, const char *src, size_t n){
-	for (;n>0;n--) *dest++ ^= *src++;
+#define HMAC(key,init,update,final,blocklen,digestlen){				\
+	unsigned char tempdigest[digestlen], keydigest[digestlen];		\
+	size_t keylen=strlen(key);						\
+	/* Reduce the key's size, so that it becomes <= blocklen bytes. */	\
+	if (keylen > blocklen){							\
+		init(&c);							\
+		update(&c,(const unsigned char*)hmac, keylen);			\
+		final(keydigest, &c);						\
+		key = (char *)keydigest;					\
+		keylen = digestlen;						\
+	}									\
+	/* Compute TEMP from KEY and STRING. */					\
+	char block[blocklen];							\
+	memset (block, IPAD, blocklen);						\
+	memxor (block, key, keylen);						\
+	init(&c);								\
+	update(&c, (const unsigned char*)block, blocklen);			\
+	update(&c, (const unsigned char*)data.str, data.length);		\
+	final(tempdigest, &c);							\
+	/* Compute result from KEY and TEMP. */					\
+	memset (block, OPAD, blocklen);						\
+	memxor (block, key, keylen);						\
+	init(&c);								\
+	update(&c, (const unsigned char*)block, blocklen);			\
+	update(&c, (const unsigned char*)tempdigest, digestlen);		\
 }
 
 static void _digest(Request& r, MethodParams& params) {
 	const String &smethod = params.as_string(0, PARAMETER_MUST_BE_STRING);
-	const char *string = params.as_string(1, PARAMETER_MUST_BE_STRING).cstr();
 
-	enum Method { M_MD5, M_SHA1 } method;
+	Value& vdata=params.as_no_junction(1, "parameter must be string or file");
+
+	String::C data;
+	if(const String* sdata=vdata.get_string()){
+		String::Body body=sdata->cstr_to_string_body_untaint(String::L_AS_IS, r.connection(false), &r.charsets); // explode content, honor tainting changes
+		data=String::C(body.cstr(), body.length());
+	} else {
+		VFile *file=vdata.as_vfile(String::L_AS_IS);
+		data=String::C(file->value_ptr(),file->value_size());
+	}
+
+	enum Method { M_MD5, M_SHA1, M_SHA256, M_SHA512 } method;
 
 	if (smethod == "md5") method = M_MD5;
 	else if (smethod == "sha1" ) method = M_SHA1;
+	else if (smethod == "sha256" ) method = M_SHA256;
+	else if (smethod == "sha512" ) method = M_SHA512;
 	else throw Exception(PARSER_RUNTIME, &smethod, "must be 'md5' or 'sha1'");
 
 	const char *hmac=0;
@@ -376,58 +419,57 @@ static void _digest(Request& r, MethodPa
 	String::C digest;
 
 	if(method == M_MD5){
-		PA_MD5_CTX context;
-		pa_MD5Init(&context);
-		pa_MD5Update(&context, (const unsigned char*)string, strlen(string));
-
+		PA_MD5_CTX c;
+		if(hmac){
+			HMAC(hmac, pa_MD5Init, pa_MD5Update, pa_MD5Final, 64, 16);
+		} else {
+			pa_MD5Init(&c);
+			pa_MD5Update(&c, (const unsigned char*)data.str, data.length);
+		}
 		char *str=(char *)pa_malloc(16);
-		pa_MD5Final((unsigned char *)str, &context);
+		pa_MD5Final((unsigned char *)str, &c);
 		digest = String::C(str, 16);
 	}
 
 	if(method == M_SHA1){
 		SHA1Context c;
 		if(hmac){
-			size_t keylen=strlen(hmac);
-			char digestbuf[20];
-
-			/* Reduce the key's size, so that it becomes <= 64 bytes large.  */
-			if (keylen > 64){
-				SHA1Reset (&c);
-				SHA1Input (&c, (const unsigned char*)hmac, keylen);
-
-				SHA1ReadDigest(c, digestbuf);
-				hmac = digestbuf;
-				keylen = 20;
-			}
-
-			/* Compute TEMP from KEY and STRING.  */
-			char block[64];
-			memset (block, IPAD, sizeof (block));
-			memxor (block, hmac, keylen);
-
-			SHA1Reset (&c);
-			SHA1Input (&c, (const unsigned char*)block, 64);
-			SHA1Input (&c, (const unsigned char*)string, strlen(string));
-
-			SHA1ReadDigest(c, digestbuf);
-
-			/* Compute result from KEY and TEMP.  */
-			memset (block, OPAD, sizeof (block));
-			memxor (block, hmac, keylen);
-
-			SHA1Reset (&c);
-			SHA1Input (&c, (const unsigned char*)block, 64);
-			SHA1Input (&c, (const unsigned char*)digestbuf, 20);
+			HMAC(hmac, SHA1Reset, SHA1Input, SHA1ReadDigest, 64, 20);
 		} else {
-			SHA1Reset (&c);
-			SHA1Input (&c, (const unsigned char*)string, strlen(string));
+			SHA1Reset(&c);
+			SHA1Input(&c, (const unsigned char*)data.str, data.length);
 		}
 		char *str=(char *)pa_malloc(20);
-		SHA1ReadDigest(c, str);
+		SHA1ReadDigest(str, &c);
 		digest = String::C(str, 20);
 	}
 
+	if(method == M_SHA256){
+		SHA256_CTX c;
+		if(hmac){
+			HMAC(hmac, pa_SHA256_Init, pa_SHA256_Update, pa_SHA256_Final, 64, SHA256_DIGEST_LENGTH);
+		} else {
+			pa_SHA256_Init(&c);
+			pa_SHA256_Update(&c, (const unsigned char*)data.str, data.length);
+		}
+		char *str=(char *)pa_malloc(SHA256_DIGEST_LENGTH);
+		pa_SHA256_Final((unsigned char *)str, &c);
+		digest = String::C(str, SHA256_DIGEST_LENGTH);
+	}
+
+	if(method == M_SHA512){
+		SHA512_CTX c;
+		if(hmac){
+			HMAC(hmac, pa_SHA512_Init, pa_SHA512_Update, pa_SHA512_Final, 128, SHA512_DIGEST_LENGTH);
+		} else {
+			pa_SHA512_Init(&c);
+			pa_SHA512_Update(&c, (const unsigned char*)data.str, data.length);
+		}
+		char *str=(char *)pa_malloc(SHA512_DIGEST_LENGTH);
+		pa_SHA512_Final((unsigned char *)str, &c);
+		digest = String::C(str, SHA512_DIGEST_LENGTH);
+	}
+
 	if(format == F_HEX){
 		r.write_pass_lang(*new String(hex_string((unsigned char *)digest.str, digest.length, false)));
 	}
@@ -544,7 +586,7 @@ MMath::MMath(): Methoded("math") {
 	// ^math:sha1[string]
 	ADD1(sha1);
 	
-	// ^math:digest[method;string;options]
+	// ^math:digest[method;string|file;options]
 	add_native_method("digest", Method::CT_STATIC, _digest, 2, 3);
 	
 	// ^math:crc32[string]