[perl5.git] / cpan / Digest / Digest.pm

package Digest;

use strict;
use vars qw($VERSION %MMAP $AUTOLOAD);

$VERSION = "1.16";

%MMAP = (
  "SHA-1"      => [["Digest::SHA", 1], "Digest::SHA1", ["Digest::SHA2", 1]],
  "SHA-224"    => [["Digest::SHA", 224]],
  "SHA-256"    => [["Digest::SHA", 256], ["Digest::SHA2", 256]],
  "SHA-384"    => [["Digest::SHA", 384], ["Digest::SHA2", 384]],
  "SHA-512"    => [["Digest::SHA", 512], ["Digest::SHA2", 512]],
  "HMAC-MD5"   => "Digest::HMAC_MD5",
  "HMAC-SHA-1" => "Digest::HMAC_SHA1",
  "CRC-16"     => [["Digest::CRC", type => "crc16"]],
  "CRC-32"     => [["Digest::CRC", type => "crc32"]],
  "CRC-CCITT"  => [["Digest::CRC", type => "crcccitt"]],
  "RIPEMD-160" => "Crypt::PIPEMD160",
);

sub new
{
    shift;  # class ignored
    my $algorithm = shift;
    my $impl = $MMAP{$algorithm} || do {
	$algorithm =~ s/\W+//;
	"Digest::$algorithm";
    };
    $impl = [$impl] unless ref($impl);
    my $err;
    for  (@$impl) {
	my $class = $_;
	my @args;
	($class, @args) = @$class if ref($class);
	no strict 'refs';
	unless (exists ${"$class\::"}{"VERSION"}) {
	    eval "require $class";
	    if ($@) {
		$err ||= $@;
		next;
	    }
	}
	return $class->new(@args, @_);
    }
    die $err;
}

sub AUTOLOAD
{
    my $class = shift;
    my $algorithm = substr($AUTOLOAD, rindex($AUTOLOAD, '::')+2);
    $class->new($algorithm, @_);
}

1;

__END__

=head1 NAME

Digest - Modules that calculate message digests

=head1 SYNOPSIS

  $md5  = Digest->new("MD5");
  $sha1 = Digest->new("SHA-1");
  $sha256 = Digest->new("SHA-256");
  $sha384 = Digest->new("SHA-384");
  $sha512 = Digest->new("SHA-512");

  $hmac = Digest->HMAC_MD5($key);

=head1 DESCRIPTION

The C<Digest::> modules calculate digests, also called "fingerprints"
or "hashes", of some data, called a message.  The digest is (usually)
some small/fixed size string.  The actual size of the digest depend of
the algorithm used.  The message is simply a sequence of arbitrary
bytes or bits.

An important property of the digest algorithms is that the digest is
I<likely> to change if the message change in some way.  Another
property is that digest functions are one-way functions, that is it
should be I<hard> to find a message that correspond to some given
digest.  Algorithms differ in how "likely" and how "hard", as well as
how efficient they are to compute.

Note that the properties of the algorithms change over time, as the
algorithms are analyzed and machines grow faster.  If your application
for instance depends on it being "impossible" to generate the same
digest for a different message it is wise to make it easy to plug in
stronger algorithms as the one used grow weaker.  Using the interface
documented here should make it easy to change algorithms later.

All C<Digest::> modules provide the same programming interface.  A
functional interface for simple use, as well as an object oriented
interface that can handle messages of arbitrary length and which can
read files directly.

The digest can be delivered in three formats:

=over 8

=item I<binary>

This is the most compact form, but it is not well suited for printing
or embedding in places that can't handle arbitrary data.

=item I<hex>

A twice as long string of lowercase hexadecimal digits.

=item I<base64>

A string of portable printable characters.  This is the base64 encoded
representation of the digest with any trailing padding removed.  The
string will be about 30% longer than the binary version.
L<MIME::Base64> tells you more about this encoding.

=back


The functional interface is simply importable functions with the same
name as the algorithm.  The functions take the message as argument and
return the digest.  Example:

  use Digest::MD5 qw(md5);
  $digest = md5($message);

There are also versions of the functions with "_hex" or "_base64"
appended to the name, which returns the digest in the indicated form.

=head1 OO INTERFACE

The following methods are available for all C<Digest::> modules:

=over 4

=item $ctx = Digest->XXX($arg,...)

=item $ctx = Digest->new(XXX => $arg,...)

=item $ctx = Digest::XXX->new($arg,...)

The constructor returns some object that encapsulate the state of the
message-digest algorithm.  You can add data to the object and finally
ask for the digest.  The "XXX" should of course be replaced by the proper
name of the digest algorithm you want to use.

The two first forms are simply syntactic sugar which automatically
load the right module on first use.  The second form allow you to use
algorithm names which contains letters which are not legal perl
identifiers, e.g. "SHA-1".  If no implementation for the given algorithm
can be found, then an exception is raised.

If new() is called as an instance method (i.e. $ctx->new) it will just
reset the state the object to the state of a newly created object.  No
new object is created in this case, and the return value is the
reference to the object (i.e. $ctx).

=item $other_ctx = $ctx->clone

The clone method creates a copy of the digest state object and returns
a reference to the copy.

=item $ctx->reset

This is just an alias for $ctx->new.

=item $ctx->add( $data )

=item $ctx->add( $chunk1, $chunk2, ... )

The string value of the $data provided as argument is appended to the
message we calculate the digest for.  The return value is the $ctx
object itself.

If more arguments are provided then they are all appended to the
message, thus all these lines will have the same effect on the state
of the $ctx object:

  $ctx->add("a"); $ctx->add("b"); $ctx->add("c");
  $ctx->add("a")->add("b")->add("c");
  $ctx->add("a", "b", "c");
  $ctx->add("abc");

Most algorithms are only defined for strings of bytes and this method
might therefore croak if the provided arguments contain chars with
ordinal number above 255.

=item $ctx->addfile( $io_handle )

The $io_handle is read until EOF and the content is appended to the
message we calculate the digest for.  The return value is the $ctx
object itself.

The addfile() method will croak() if it fails reading data for some
reason.  If it croaks it is unpredictable what the state of the $ctx
object will be in. The addfile() method might have been able to read
the file partially before it failed.  It is probably wise to discard
or reset the $ctx object if this occurs.

In most cases you want to make sure that the $io_handle is in
"binmode" before you pass it as argument to the addfile() method.

=item $ctx->add_bits( $data, $nbits )

=item $ctx->add_bits( $bitstring )

The add_bits() method is an alternative to add() that allow partial
bytes to be appended to the message.  Most users should just ignore
this method as partial bytes is very unlikely to be of any practical
use.

The two argument form of add_bits() will add the first $nbits bits
from $data.  For the last potentially partial byte only the high order
C<< $nbits % 8 >> bits are used.  If $nbits is greater than C<<
length($data) * 8 >>, then this method would do the same as C<<
$ctx->add($data) >>.

The one argument form of add_bits() takes a $bitstring of "1" and "0"
chars as argument.  It's a shorthand for C<< $ctx->add_bits(pack("B*",
$bitstring), length($bitstring)) >>.

The return value is the $ctx object itself.

This example shows two calls that should have the same effect:

   $ctx->add_bits("111100001010");
   $ctx->add_bits("\xF0\xA0", 12);

Most digest algorithms are byte based and for these it is not possible
to add bits that are not a multiple of 8, and the add_bits() method
will croak if you try.

=item $ctx->digest

Return the binary digest for the message.

Note that the C<digest> operation is effectively a destructive,
read-once operation. Once it has been performed, the $ctx object is
automatically C<reset> and can be used to calculate another digest
value.  Call $ctx->clone->digest if you want to calculate the digest
without resetting the digest state.

=item $ctx->hexdigest

Same as $ctx->digest, but will return the digest in hexadecimal form.

=item $ctx->b64digest

Same as $ctx->digest, but will return the digest as a base64 encoded
string.

=back

=head1 Digest speed

This table should give some indication on the relative speed of
different algorithms.  It is sorted by throughput based on a benchmark
done with of some implementations of this API:

 Algorithm      Size    Implementation                  MB/s

 MD4            128     Digest::MD4 v1.3               165.0
 MD5            128     Digest::MD5 v2.33               98.8
 SHA-256        256     Digest::SHA2 v1.1.0             66.7
 SHA-1          160     Digest::SHA v4.3.1              58.9
 SHA-1          160     Digest::SHA1 v2.10              48.8
 SHA-256        256     Digest::SHA v4.3.1              41.3
 Haval-256      256     Digest::Haval256 v1.0.4         39.8
 SHA-384        384     Digest::SHA2 v1.1.0             19.6
 SHA-512        512     Digest::SHA2 v1.1.0             19.3
 SHA-384        384     Digest::SHA v4.3.1              19.2
 SHA-512        512     Digest::SHA v4.3.1              19.2
 Whirlpool      512     Digest::Whirlpool v1.0.2        13.0
 MD2            128     Digest::MD2 v2.03                9.5

 Adler-32        32     Digest::Adler32 v0.03            1.3
 CRC-16          16     Digest::CRC v0.05                1.1
 CRC-32          32     Digest::CRC v0.05                1.1
 MD5            128     Digest::Perl::MD5 v1.5           1.0
 CRC-CCITT       16     Digest::CRC v0.05                0.8

These numbers was achieved Apr 2004 with ActivePerl-5.8.3 running
under Linux on a P4 2.8 GHz CPU.  The last 5 entries differ by being
pure perl implementations of the algorithms, which explains why they
are so slow.

=head1 SEE ALSO

L<Digest::Adler32>, L<Digest::CRC>, L<Digest::Haval256>,
L<Digest::HMAC>, L<Digest::MD2>, L<Digest::MD4>, L<Digest::MD5>,
L<Digest::SHA>, L<Digest::SHA1>, L<Digest::SHA2>, L<Digest::Whirlpool>

New digest implementations should consider subclassing from L<Digest::base>.

L<MIME::Base64>

http://en.wikipedia.org/wiki/Cryptographic_hash_function

=head1 AUTHOR

Gisle Aas <gisle@aas.no>

The C<Digest::> interface is based on the interface originally
developed by Neil Winton for his C<MD5> module.

This library is free software; you can redistribute it and/or
modify it under the same terms as Perl itself.

    Copyright 1998-2006 Gisle Aas.
    Copyright 1995,1996 Neil Winton.

=cut
Commit	Line	Data
3357b1b1 JH	1	package Digest;
	2
	3	use strict;
	4	use vars qw($VERSION %MMAP $AUTOLOAD);
	5
23be15b7	6	$VERSION = "1.16";
3357b1b1 JH	7
3357b1b1 JH	8	%MMAP = (
23be15b7	9	"SHA-1" => [["Digest::SHA", 1], "Digest::SHA1", ["Digest::SHA2", 1]],
3cea4b92	10	"SHA-224" => [["Digest::SHA", 224]],
b12d758c NC	11	"SHA-256" => [["Digest::SHA", 256], ["Digest::SHA2", 256]],
	12	"SHA-384" => [["Digest::SHA", 384], ["Digest::SHA2", 384]],
	13	"SHA-512" => [["Digest::SHA", 512], ["Digest::SHA2", 512]],
3357b1b1 JH	14	"HMAC-MD5" => "Digest::HMAC_MD5",
3357b1b1 JH	15	"HMAC-SHA-1" => "Digest::HMAC_SHA1",
371dcd31 RGS	16	"CRC-16" => [["Digest::CRC", type => "crc16"]],
	17	"CRC-32" => [["Digest::CRC", type => "crc32"]],
	18	"CRC-CCITT" => [["Digest::CRC", type => "crcccitt"]],
23be15b7	19	"RIPEMD-160" => "Crypt::PIPEMD160",
3357b1b1 JH	20	);
	21
	22	sub new
	23	{
	24	shift; # class ignored
	25	my $algorithm = shift;
b12d758c NC	26	my $impl = $MMAP{$algorithm} \|\| do {
	27	$algorithm =~ s/\W+//;
	28	"Digest::$algorithm";
	29	};
	30	$impl = [$impl] unless ref($impl);
	31	my $err;
	32	for (@$impl) {
	33	my $class = $_;
	34	my @args;
	35	($class, @args) = @$class if ref($class);
	36	no strict 'refs';
	37	unless (exists ${"$class\::"}{"VERSION"}) {
	38	eval "require $class";
	39	if ($@) {
	40	$err \|\|= $@;
	41	next;
	42	}
	43	}
	44	return $class->new(@args, @_);
3357b1b1	45	}
b12d758c	46	die $err;
3357b1b1 JH	47	}
	48
	49	sub AUTOLOAD
	50	{
	51	my $class = shift;
	52	my $algorithm = substr($AUTOLOAD, rindex($AUTOLOAD, '::')+2);
	53	$class->new($algorithm, @_);
	54	}
	55
	56	1;
	57
	58	__END__
	59
	60	=head1 NAME
	61
e19eb3c1	62	Digest - Modules that calculate message digests
3357b1b1 JH	63
	64	=head1 SYNOPSIS
	65
e19eb3c1	66	$md5 = Digest->new("MD5");
3357b1b1	67	$sha1 = Digest->new("SHA-1");
e19eb3c1 NC	68	$sha256 = Digest->new("SHA-256");
	69	$sha384 = Digest->new("SHA-384");
	70	$sha512 = Digest->new("SHA-512");
3357b1b1 JH	71
	72	$hmac = Digest->HMAC_MD5($key);
	73
	74	=head1 DESCRIPTION
	75
	76	The C<Digest::> modules calculate digests, also called "fingerprints"
	77	or "hashes", of some data, called a message. The digest is (usually)
	78	some small/fixed size string. The actual size of the digest depend of
	79	the algorithm used. The message is simply a sequence of arbitrary
b12d758c	80	bytes or bits.
3357b1b1 JH	81
	82	An important property of the digest algorithms is that the digest is
	83	I<likely> to change if the message change in some way. Another
ec81b1ec	84	property is that digest functions are one-way functions, that is it
3357b1b1 JH	85	should be I<hard> to find a message that correspond to some given
	86	digest. Algorithms differ in how "likely" and how "hard", as well as
	87	how efficient they are to compute.
	88
ec81b1ec SP	89	Note that the properties of the algorithms change over time, as the
	90	algorithms are analyzed and machines grow faster. If your application
	91	for instance depends on it being "impossible" to generate the same
	92	digest for a different message it is wise to make it easy to plug in
	93	stronger algorithms as the one used grow weaker. Using the interface
	94	documented here should make it easy to change algorithms later.
	95
3357b1b1 JH	96	All C<Digest::> modules provide the same programming interface. A
	97	functional interface for simple use, as well as an object oriented
	98	interface that can handle messages of arbitrary length and which can
	99	read files directly.
	100
	101	The digest can be delivered in three formats:
	102
	103	=over 8
	104
	105	=item I<binary>
	106
	107	This is the most compact form, but it is not well suited for printing
	108	or embedding in places that can't handle arbitrary data.
	109
	110	=item I<hex>
	111
e19eb3c1	112	A twice as long string of lowercase hexadecimal digits.
3357b1b1 JH	113
	114	=item I<base64>
	115
	116	A string of portable printable characters. This is the base64 encoded
	117	representation of the digest with any trailing padding removed. The
	118	string will be about 30% longer than the binary version.
	119	L<MIME::Base64> tells you more about this encoding.
	120
	121	=back
	122
	123
	124	The functional interface is simply importable functions with the same
	125	name as the algorithm. The functions take the message as argument and
	126	return the digest. Example:
	127
	128	use Digest::MD5 qw(md5);
	129	$digest = md5($message);
	130
	131	There are also versions of the functions with "_hex" or "_base64"
	132	appended to the name, which returns the digest in the indicated form.
	133
	134	=head1 OO INTERFACE
	135
	136	The following methods are available for all C<Digest::> modules:
	137
	138	=over 4
	139
	140	=item $ctx = Digest->XXX($arg,...)
	141
	142	=item $ctx = Digest->new(XXX => $arg,...)
	143
	144	=item $ctx = Digest::XXX->new($arg,...)
	145
	146	The constructor returns some object that encapsulate the state of the
	147	message-digest algorithm. You can add data to the object and finally
	148	ask for the digest. The "XXX" should of course be replaced by the proper
	149	name of the digest algorithm you want to use.
	150
	151	The two first forms are simply syntactic sugar which automatically
	152	load the right module on first use. The second form allow you to use
	153	algorithm names which contains letters which are not legal perl
897ff129 RGS	154	identifiers, e.g. "SHA-1". If no implementation for the given algorithm
897ff129 RGS	155	can be found, then an exception is raised.
3357b1b1	156
67859229	157	If new() is called as an instance method (i.e. $ctx->new) it will just
3357b1b1 JH	158	reset the state the object to the state of a newly created object. No
	159	new object is created in this case, and the return value is the
	160	reference to the object (i.e. $ctx).
	161
70ee4409 JH	162	=item $other_ctx = $ctx->clone
	163
	164	The clone method creates a copy of the digest state object and returns
	165	a reference to the copy.
	166
3357b1b1 JH	167	=item $ctx->reset
	168
	169	This is just an alias for $ctx->new.
	170
5e50d565	171	=item $ctx->add( $data )
3357b1b1	172
5e50d565 GA	173	=item $ctx->add( $chunk1, $chunk2, ... )
	174
	175	The string value of the $data provided as argument is appended to the
	176	message we calculate the digest for. The return value is the $ctx
	177	object itself.
	178
	179	If more arguments are provided then they are all appended to the
	180	message, thus all these lines will have the same effect on the state
	181	of the $ctx object:
	182
	183	$ctx->add("a"); $ctx->add("b"); $ctx->add("c");
	184	$ctx->add("a")->add("b")->add("c");
	185	$ctx->add("a", "b", "c");
	186	$ctx->add("abc");
	187
	188	Most algorithms are only defined for strings of bytes and this method
	189	might therefore croak if the provided arguments contain chars with
	190	ordinal number above 255.
3357b1b1	191
e19eb3c1	192	=item $ctx->addfile( $io_handle )
3357b1b1 JH	193
	194	The $io_handle is read until EOF and the content is appended to the
	195	message we calculate the digest for. The return value is the $ctx
	196	object itself.
	197
5e50d565 GA	198	The addfile() method will croak() if it fails reading data for some
	199	reason. If it croaks it is unpredictable what the state of the $ctx
	200	object will be in. The addfile() method might have been able to read
	201	the file partially before it failed. It is probably wise to discard
	202	or reset the $ctx object if this occurs.
	203
	204	In most cases you want to make sure that the $io_handle is in
	205	"binmode" before you pass it as argument to the addfile() method.
	206
e19eb3c1	207	=item $ctx->add_bits( $data, $nbits )
b12d758c	208
e19eb3c1	209	=item $ctx->add_bits( $bitstring )
b12d758c	210
5e50d565 GA	211	The add_bits() method is an alternative to add() that allow partial
	212	bytes to be appended to the message. Most users should just ignore
	213	this method as partial bytes is very unlikely to be of any practical
	214	use.
b12d758c NC	215
b12d758c NC	216	The two argument form of add_bits() will add the first $nbits bits
5e50d565	217	from $data. For the last potentially partial byte only the high order
b12d758c NC	218	C<< $nbits % 8 >> bits are used. If $nbits is greater than C<<
b12d758c NC	219	length($data) * 8 >>, then this method would do the same as C<<
5e50d565	220	$ctx->add($data) >>.
b12d758c NC	221
	222	The one argument form of add_bits() takes a $bitstring of "1" and "0"
	223	chars as argument. It's a shorthand for C<< $ctx->add_bits(pack("B*",
	224	$bitstring), length($bitstring)) >>.
	225
5e50d565 GA	226	The return value is the $ctx object itself.
5e50d565 GA	227
b12d758c NC	228	This example shows two calls that should have the same effect:
	229
	230	$ctx->add_bits("111100001010");
	231	$ctx->add_bits("\xF0\xA0", 12);
	232
5e50d565	233	Most digest algorithms are byte based and for these it is not possible
b12d758c NC	234	to add bits that are not a multiple of 8, and the add_bits() method
	235	will croak if you try.
	236
3357b1b1 JH	237	=item $ctx->digest
	238
	239	Return the binary digest for the message.
	240
	241	Note that the C<digest> operation is effectively a destructive,
	242	read-once operation. Once it has been performed, the $ctx object is
	243	automatically C<reset> and can be used to calculate another digest
70ee4409	244	value. Call $ctx->clone->digest if you want to calculate the digest
3c4b39be	245	without resetting the digest state.
3357b1b1 JH	246
	247	=item $ctx->hexdigest
	248
	249	Same as $ctx->digest, but will return the digest in hexadecimal form.
	250
	251	=item $ctx->b64digest
	252
	253	Same as $ctx->digest, but will return the digest as a base64 encoded
	254	string.
	255
	256	=back
	257
e19eb3c1 NC	258	=head1 Digest speed
	259
	260	This table should give some indication on the relative speed of
	261	different algorithms. It is sorted by throughput based on a benchmark
	262	done with of some implementations of this API:
	263
371dcd31 RGS	264	Algorithm Size Implementation MB/s
	265
	266	MD4 128 Digest::MD4 v1.3 165.0
	267	MD5 128 Digest::MD5 v2.33 98.8
	268	SHA-256 256 Digest::SHA2 v1.1.0 66.7
	269	SHA-1 160 Digest::SHA v4.3.1 58.9
	270	SHA-1 160 Digest::SHA1 v2.10 48.8
	271	SHA-256 256 Digest::SHA v4.3.1 41.3
	272	Haval-256 256 Digest::Haval256 v1.0.4 39.8
	273	SHA-384 384 Digest::SHA2 v1.1.0 19.6
	274	SHA-512 512 Digest::SHA2 v1.1.0 19.3
	275	SHA-384 384 Digest::SHA v4.3.1 19.2
	276	SHA-512 512 Digest::SHA v4.3.1 19.2
	277	Whirlpool 512 Digest::Whirlpool v1.0.2 13.0
	278	MD2 128 Digest::MD2 v2.03 9.5
	279
	280	Adler-32 32 Digest::Adler32 v0.03 1.3
	281	CRC-16 16 Digest::CRC v0.05 1.1
	282	CRC-32 32 Digest::CRC v0.05 1.1
	283	MD5 128 Digest::Perl::MD5 v1.5 1.0
	284	CRC-CCITT 16 Digest::CRC v0.05 0.8
	285
	286	These numbers was achieved Apr 2004 with ActivePerl-5.8.3 running
	287	under Linux on a P4 2.8 GHz CPU. The last 5 entries differ by being
e19eb3c1 NC	288	pure perl implementations of the algorithms, which explains why they
	289	are so slow.
	290
3357b1b1 JH	291	=head1 SEE ALSO
3357b1b1 JH	292
371dcd31 RGS	293	L<Digest::Adler32>, L<Digest::CRC>, L<Digest::Haval256>,
	294	L<Digest::HMAC>, L<Digest::MD2>, L<Digest::MD4>, L<Digest::MD5>,
	295	L<Digest::SHA>, L<Digest::SHA1>, L<Digest::SHA2>, L<Digest::Whirlpool>
e19eb3c1 NC	296
e19eb3c1 NC	297	New digest implementations should consider subclassing from L<Digest::base>.
3357b1b1 JH	298
	299	L<MIME::Base64>
	300
5e50d565 GA	301	http://en.wikipedia.org/wiki/Cryptographic_hash_function
5e50d565 GA	302
3357b1b1 JH	303	=head1 AUTHOR
	304
	305	Gisle Aas <gisle@aas.no>
	306
	307	The C<Digest::> interface is based on the interface originally
	308	developed by Neil Winton for his C<MD5> module.
	309
e19eb3c1 NC	310	This library is free software; you can redistribute it and/or
	311	modify it under the same terms as Perl itself.
	312
5e50d565 GA	313	Copyright 1998-2006 Gisle Aas.
5e50d565 GA	314	Copyright 1995,1996 Neil Winton.
e19eb3c1	315
3357b1b1	316	=cut