Commit | Line | Data |
---|---|---|
3357b1b1 JH |
1 | package Digest; |
2 | ||
3 | use strict; | |
4 | use vars qw($VERSION %MMAP $AUTOLOAD); | |
5 | ||
23be15b7 | 6 | $VERSION = "1.16"; |
3357b1b1 JH |
7 | |
8 | %MMAP = ( | |
23be15b7 | 9 | "SHA-1" => [["Digest::SHA", 1], "Digest::SHA1", ["Digest::SHA2", 1]], |
3cea4b92 | 10 | "SHA-224" => [["Digest::SHA", 224]], |
b12d758c NC |
11 | "SHA-256" => [["Digest::SHA", 256], ["Digest::SHA2", 256]], |
12 | "SHA-384" => [["Digest::SHA", 384], ["Digest::SHA2", 384]], | |
13 | "SHA-512" => [["Digest::SHA", 512], ["Digest::SHA2", 512]], | |
3357b1b1 JH |
14 | "HMAC-MD5" => "Digest::HMAC_MD5", |
15 | "HMAC-SHA-1" => "Digest::HMAC_SHA1", | |
371dcd31 RGS |
16 | "CRC-16" => [["Digest::CRC", type => "crc16"]], |
17 | "CRC-32" => [["Digest::CRC", type => "crc32"]], | |
18 | "CRC-CCITT" => [["Digest::CRC", type => "crcccitt"]], | |
23be15b7 | 19 | "RIPEMD-160" => "Crypt::PIPEMD160", |
3357b1b1 JH |
20 | ); |
21 | ||
22 | sub new | |
23 | { | |
24 | shift; # class ignored | |
25 | my $algorithm = shift; | |
b12d758c NC |
26 | my $impl = $MMAP{$algorithm} || do { |
27 | $algorithm =~ s/\W+//; | |
28 | "Digest::$algorithm"; | |
29 | }; | |
30 | $impl = [$impl] unless ref($impl); | |
31 | my $err; | |
32 | for (@$impl) { | |
33 | my $class = $_; | |
34 | my @args; | |
35 | ($class, @args) = @$class if ref($class); | |
36 | no strict 'refs'; | |
37 | unless (exists ${"$class\::"}{"VERSION"}) { | |
38 | eval "require $class"; | |
39 | if ($@) { | |
40 | $err ||= $@; | |
41 | next; | |
42 | } | |
43 | } | |
44 | return $class->new(@args, @_); | |
3357b1b1 | 45 | } |
b12d758c | 46 | die $err; |
3357b1b1 JH |
47 | } |
48 | ||
49 | sub AUTOLOAD | |
50 | { | |
51 | my $class = shift; | |
52 | my $algorithm = substr($AUTOLOAD, rindex($AUTOLOAD, '::')+2); | |
53 | $class->new($algorithm, @_); | |
54 | } | |
55 | ||
56 | 1; | |
57 | ||
58 | __END__ | |
59 | ||
60 | =head1 NAME | |
61 | ||
e19eb3c1 | 62 | Digest - Modules that calculate message digests |
3357b1b1 JH |
63 | |
64 | =head1 SYNOPSIS | |
65 | ||
e19eb3c1 | 66 | $md5 = Digest->new("MD5"); |
3357b1b1 | 67 | $sha1 = Digest->new("SHA-1"); |
e19eb3c1 NC |
68 | $sha256 = Digest->new("SHA-256"); |
69 | $sha384 = Digest->new("SHA-384"); | |
70 | $sha512 = Digest->new("SHA-512"); | |
3357b1b1 JH |
71 | |
72 | $hmac = Digest->HMAC_MD5($key); | |
73 | ||
74 | =head1 DESCRIPTION | |
75 | ||
76 | The C<Digest::> modules calculate digests, also called "fingerprints" | |
77 | or "hashes", of some data, called a message. The digest is (usually) | |
78 | some small/fixed size string. The actual size of the digest depend of | |
79 | the algorithm used. The message is simply a sequence of arbitrary | |
b12d758c | 80 | bytes or bits. |
3357b1b1 JH |
81 | |
82 | An important property of the digest algorithms is that the digest is | |
83 | I<likely> to change if the message change in some way. Another | |
ec81b1ec | 84 | property is that digest functions are one-way functions, that is it |
3357b1b1 JH |
85 | should be I<hard> to find a message that correspond to some given |
86 | digest. Algorithms differ in how "likely" and how "hard", as well as | |
87 | how efficient they are to compute. | |
88 | ||
ec81b1ec SP |
89 | Note that the properties of the algorithms change over time, as the |
90 | algorithms are analyzed and machines grow faster. If your application | |
91 | for instance depends on it being "impossible" to generate the same | |
92 | digest for a different message it is wise to make it easy to plug in | |
93 | stronger algorithms as the one used grow weaker. Using the interface | |
94 | documented here should make it easy to change algorithms later. | |
95 | ||
3357b1b1 JH |
96 | All C<Digest::> modules provide the same programming interface. A |
97 | functional interface for simple use, as well as an object oriented | |
98 | interface that can handle messages of arbitrary length and which can | |
99 | read files directly. | |
100 | ||
101 | The digest can be delivered in three formats: | |
102 | ||
103 | =over 8 | |
104 | ||
105 | =item I<binary> | |
106 | ||
107 | This is the most compact form, but it is not well suited for printing | |
108 | or embedding in places that can't handle arbitrary data. | |
109 | ||
110 | =item I<hex> | |
111 | ||
e19eb3c1 | 112 | A twice as long string of lowercase hexadecimal digits. |
3357b1b1 JH |
113 | |
114 | =item I<base64> | |
115 | ||
116 | A string of portable printable characters. This is the base64 encoded | |
117 | representation of the digest with any trailing padding removed. The | |
118 | string will be about 30% longer than the binary version. | |
119 | L<MIME::Base64> tells you more about this encoding. | |
120 | ||
121 | =back | |
122 | ||
123 | ||
124 | The functional interface is simply importable functions with the same | |
125 | name as the algorithm. The functions take the message as argument and | |
126 | return the digest. Example: | |
127 | ||
128 | use Digest::MD5 qw(md5); | |
129 | $digest = md5($message); | |
130 | ||
131 | There are also versions of the functions with "_hex" or "_base64" | |
132 | appended to the name, which returns the digest in the indicated form. | |
133 | ||
134 | =head1 OO INTERFACE | |
135 | ||
136 | The following methods are available for all C<Digest::> modules: | |
137 | ||
138 | =over 4 | |
139 | ||
140 | =item $ctx = Digest->XXX($arg,...) | |
141 | ||
142 | =item $ctx = Digest->new(XXX => $arg,...) | |
143 | ||
144 | =item $ctx = Digest::XXX->new($arg,...) | |
145 | ||
146 | The constructor returns some object that encapsulate the state of the | |
147 | message-digest algorithm. You can add data to the object and finally | |
148 | ask for the digest. The "XXX" should of course be replaced by the proper | |
149 | name of the digest algorithm you want to use. | |
150 | ||
151 | The two first forms are simply syntactic sugar which automatically | |
152 | load the right module on first use. The second form allow you to use | |
153 | algorithm names which contains letters which are not legal perl | |
897ff129 RGS |
154 | identifiers, e.g. "SHA-1". If no implementation for the given algorithm |
155 | can be found, then an exception is raised. | |
3357b1b1 | 156 | |
67859229 | 157 | If new() is called as an instance method (i.e. $ctx->new) it will just |
3357b1b1 JH |
158 | reset the state the object to the state of a newly created object. No |
159 | new object is created in this case, and the return value is the | |
160 | reference to the object (i.e. $ctx). | |
161 | ||
70ee4409 JH |
162 | =item $other_ctx = $ctx->clone |
163 | ||
164 | The clone method creates a copy of the digest state object and returns | |
165 | a reference to the copy. | |
166 | ||
3357b1b1 JH |
167 | =item $ctx->reset |
168 | ||
169 | This is just an alias for $ctx->new. | |
170 | ||
5e50d565 | 171 | =item $ctx->add( $data ) |
3357b1b1 | 172 | |
5e50d565 GA |
173 | =item $ctx->add( $chunk1, $chunk2, ... ) |
174 | ||
175 | The string value of the $data provided as argument is appended to the | |
176 | message we calculate the digest for. The return value is the $ctx | |
177 | object itself. | |
178 | ||
179 | If more arguments are provided then they are all appended to the | |
180 | message, thus all these lines will have the same effect on the state | |
181 | of the $ctx object: | |
182 | ||
183 | $ctx->add("a"); $ctx->add("b"); $ctx->add("c"); | |
184 | $ctx->add("a")->add("b")->add("c"); | |
185 | $ctx->add("a", "b", "c"); | |
186 | $ctx->add("abc"); | |
187 | ||
188 | Most algorithms are only defined for strings of bytes and this method | |
189 | might therefore croak if the provided arguments contain chars with | |
190 | ordinal number above 255. | |
3357b1b1 | 191 | |
e19eb3c1 | 192 | =item $ctx->addfile( $io_handle ) |
3357b1b1 JH |
193 | |
194 | The $io_handle is read until EOF and the content is appended to the | |
195 | message we calculate the digest for. The return value is the $ctx | |
196 | object itself. | |
197 | ||
5e50d565 GA |
198 | The addfile() method will croak() if it fails reading data for some |
199 | reason. If it croaks it is unpredictable what the state of the $ctx | |
200 | object will be in. The addfile() method might have been able to read | |
201 | the file partially before it failed. It is probably wise to discard | |
202 | or reset the $ctx object if this occurs. | |
203 | ||
204 | In most cases you want to make sure that the $io_handle is in | |
205 | "binmode" before you pass it as argument to the addfile() method. | |
206 | ||
e19eb3c1 | 207 | =item $ctx->add_bits( $data, $nbits ) |
b12d758c | 208 | |
e19eb3c1 | 209 | =item $ctx->add_bits( $bitstring ) |
b12d758c | 210 | |
5e50d565 GA |
211 | The add_bits() method is an alternative to add() that allow partial |
212 | bytes to be appended to the message. Most users should just ignore | |
213 | this method as partial bytes is very unlikely to be of any practical | |
214 | use. | |
b12d758c NC |
215 | |
216 | The two argument form of add_bits() will add the first $nbits bits | |
5e50d565 | 217 | from $data. For the last potentially partial byte only the high order |
b12d758c NC |
218 | C<< $nbits % 8 >> bits are used. If $nbits is greater than C<< |
219 | length($data) * 8 >>, then this method would do the same as C<< | |
5e50d565 | 220 | $ctx->add($data) >>. |
b12d758c NC |
221 | |
222 | The one argument form of add_bits() takes a $bitstring of "1" and "0" | |
223 | chars as argument. It's a shorthand for C<< $ctx->add_bits(pack("B*", | |
224 | $bitstring), length($bitstring)) >>. | |
225 | ||
5e50d565 GA |
226 | The return value is the $ctx object itself. |
227 | ||
b12d758c NC |
228 | This example shows two calls that should have the same effect: |
229 | ||
230 | $ctx->add_bits("111100001010"); | |
231 | $ctx->add_bits("\xF0\xA0", 12); | |
232 | ||
5e50d565 | 233 | Most digest algorithms are byte based and for these it is not possible |
b12d758c NC |
234 | to add bits that are not a multiple of 8, and the add_bits() method |
235 | will croak if you try. | |
236 | ||
3357b1b1 JH |
237 | =item $ctx->digest |
238 | ||
239 | Return the binary digest for the message. | |
240 | ||
241 | Note that the C<digest> operation is effectively a destructive, | |
242 | read-once operation. Once it has been performed, the $ctx object is | |
243 | automatically C<reset> and can be used to calculate another digest | |
70ee4409 | 244 | value. Call $ctx->clone->digest if you want to calculate the digest |
3c4b39be | 245 | without resetting the digest state. |
3357b1b1 JH |
246 | |
247 | =item $ctx->hexdigest | |
248 | ||
249 | Same as $ctx->digest, but will return the digest in hexadecimal form. | |
250 | ||
251 | =item $ctx->b64digest | |
252 | ||
253 | Same as $ctx->digest, but will return the digest as a base64 encoded | |
254 | string. | |
255 | ||
256 | =back | |
257 | ||
e19eb3c1 NC |
258 | =head1 Digest speed |
259 | ||
260 | This table should give some indication on the relative speed of | |
261 | different algorithms. It is sorted by throughput based on a benchmark | |
262 | done with of some implementations of this API: | |
263 | ||
371dcd31 RGS |
264 | Algorithm Size Implementation MB/s |
265 | ||
266 | MD4 128 Digest::MD4 v1.3 165.0 | |
267 | MD5 128 Digest::MD5 v2.33 98.8 | |
268 | SHA-256 256 Digest::SHA2 v1.1.0 66.7 | |
269 | SHA-1 160 Digest::SHA v4.3.1 58.9 | |
270 | SHA-1 160 Digest::SHA1 v2.10 48.8 | |
271 | SHA-256 256 Digest::SHA v4.3.1 41.3 | |
272 | Haval-256 256 Digest::Haval256 v1.0.4 39.8 | |
273 | SHA-384 384 Digest::SHA2 v1.1.0 19.6 | |
274 | SHA-512 512 Digest::SHA2 v1.1.0 19.3 | |
275 | SHA-384 384 Digest::SHA v4.3.1 19.2 | |
276 | SHA-512 512 Digest::SHA v4.3.1 19.2 | |
277 | Whirlpool 512 Digest::Whirlpool v1.0.2 13.0 | |
278 | MD2 128 Digest::MD2 v2.03 9.5 | |
279 | ||
280 | Adler-32 32 Digest::Adler32 v0.03 1.3 | |
281 | CRC-16 16 Digest::CRC v0.05 1.1 | |
282 | CRC-32 32 Digest::CRC v0.05 1.1 | |
283 | MD5 128 Digest::Perl::MD5 v1.5 1.0 | |
284 | CRC-CCITT 16 Digest::CRC v0.05 0.8 | |
285 | ||
286 | These numbers was achieved Apr 2004 with ActivePerl-5.8.3 running | |
287 | under Linux on a P4 2.8 GHz CPU. The last 5 entries differ by being | |
e19eb3c1 NC |
288 | pure perl implementations of the algorithms, which explains why they |
289 | are so slow. | |
290 | ||
3357b1b1 JH |
291 | =head1 SEE ALSO |
292 | ||
371dcd31 RGS |
293 | L<Digest::Adler32>, L<Digest::CRC>, L<Digest::Haval256>, |
294 | L<Digest::HMAC>, L<Digest::MD2>, L<Digest::MD4>, L<Digest::MD5>, | |
295 | L<Digest::SHA>, L<Digest::SHA1>, L<Digest::SHA2>, L<Digest::Whirlpool> | |
e19eb3c1 NC |
296 | |
297 | New digest implementations should consider subclassing from L<Digest::base>. | |
3357b1b1 JH |
298 | |
299 | L<MIME::Base64> | |
300 | ||
5e50d565 GA |
301 | http://en.wikipedia.org/wiki/Cryptographic_hash_function |
302 | ||
3357b1b1 JH |
303 | =head1 AUTHOR |
304 | ||
305 | Gisle Aas <gisle@aas.no> | |
306 | ||
307 | The C<Digest::> interface is based on the interface originally | |
308 | developed by Neil Winton for his C<MD5> module. | |
309 | ||
e19eb3c1 NC |
310 | This library is free software; you can redistribute it and/or |
311 | modify it under the same terms as Perl itself. | |
312 | ||
5e50d565 GA |
313 | Copyright 1998-2006 Gisle Aas. |
314 | Copyright 1995,1996 Neil Winton. | |
e19eb3c1 | 315 | |
3357b1b1 | 316 | =cut |