Permalink
Browse files

[enhance] stdlib.crypto: Rewrites crypto functions (change the interf…

…ace compute on binary intead of string)
  • Loading branch information...
1 parent f2181b7 commit e0073bc52270a6e852a42d5a1a1584c716481d91 @BourgerieQuentin BourgerieQuentin committed Sep 26, 2012
@@ -42,41 +42,21 @@ let base64_decode str =
let base64_decode2 str =
Buf.of_string (Cryptokit.transform_string (Cryptokit.Base64.decode ()) str)
-##register hmac_sha1 : string, string -> string
-let hmac_sha1 key text =
- Cryptokit.hash_string (Cryptokit.MAC.hmac_sha1 key) text
-
-##register hmac_sha256 : string, string -> string
-let hmac_sha256 key text =
- Cryptokit.hash_string (Cryptokit.MAC.hmac_sha256 key) text
-
-##register hmac : string, string, string, string -> string
-let hmac algo encoding key text =
- let hash =
- match algo with
- | "md5" -> Cryptokit.MAC.hmac_md5 key
- | "sha1" -> Cryptokit.MAC.hmac_sha1 key
- | "sha256" -> Cryptokit.MAC.hmac_sha256 key
- | "ripemd160" -> Cryptokit.MAC.hmac_ripemd160 key
- | _ -> raise (BslCrypto ("Unknown algorithm "^algo))
- in
- let str = Cryptokit.hash_string hash text in
- match encoding with
- | "binary" -> str
- | "hex" -> BaseString.to_hex(str)
- | "base64" -> BaseString.base64encode(str)
- | _ -> raise (BslCrypto ("Unknown output encoding"^encoding))
-
-##register sha2 : string -> string
-let sha2 s =
- let hashobj = Cryptokit.Hash.sha256 () in
- begin
- hashobj#add_string s;
- hashobj#result
- end
-
-##register hash : string, string, string -> string
-let hash algo encoding s =
+##register hmac_digest : string, string, binary -> binary
+let hmac_digest algo key data =
+ Buf.of_string
+ (Cryptokit.hash_string
+ (match algo with
+ | "md5" -> Cryptokit.MAC.hmac_md5 key
+ | "sha1" -> Cryptokit.MAC.hmac_sha1 key
+ | "sha256" -> Cryptokit.MAC.hmac_sha256 key
+ | "ripemd160" -> Cryptokit.MAC.hmac_ripemd160 key
+ | _ -> raise (BslCrypto ("Unknown algorithm "^algo))
+ ) (Buf.to_string data)
+ )
+
+##register hash_digest : string, binary -> binary
+let hash_digest algo data =
let hashobj =
match algo with
| "md5" -> Cryptokit.Hash.md5 ()
@@ -85,14 +65,10 @@ let hash algo encoding s =
| "ripemd160" -> Cryptokit.Hash.ripemd160 ()
| _ -> raise (BslCrypto ("Unknown algorithm "^algo))
in
- begin
- hashobj#add_string s;
- match encoding with
- | "binary" -> hashobj#result
- | "hex" -> BaseString.to_hex(hashobj#result)
- | "base64" -> BaseString.base64encode(hashobj#result)
- | _ -> raise (BslCrypto ("Unknown output encoding"^encoding))
- end
+ hashobj#add_string (Buf.to_string data);
+ Buf.of_string (hashobj#result)
+
+
##extern-type Crypto.RSA.key = Cryptokit.RSA.key
@@ -16,8 +16,6 @@ var Crypto = require('crypto');
/**
* Compute the MD5 signature of a string.
*
- * @param {!string} str A text of arbitrary length.
- * @return {!string} A 32 digits long hexadecimal string
* @register {string -> string}
*/
function md5(data) {
@@ -46,19 +44,6 @@ function base64_decode(data) {
return binary_of_buffer(new Buffer(data, 'base64'));
}
-/**
- * Compute the SHA1 signature of a string
- *
- * @param {!string} salt
- * @param {!string} str The message to be hashed.
- * @return {!string} The resulting signature
- * @register {string, string -> string}
- */
-function hmac_sha1(salt, str) {
- // See the 'binary' warning in base64_encode()
- return Crypto.createHmac('sha1', salt).update(str).digest('binary');
-}
-
/**
* @register {binary -> string}
*/
@@ -99,33 +84,21 @@ function base64_decode2(data) {
}
/**
- * @register {string, string -> string}
- */
-function hmac_sha256(salt, str) {
- return Crypto.createHmac('sha256', salt).update(str).digest('binary');
-}
-
-/**
- * @register {string, string, string, string -> string}
- */
-function hmac(algo, encoding, salt, str) {
- return Crypto.createHmac(algo, salt).update(str).digest(encoding);
-}
-
-/**
- * @register {string -> string}
+ * @register {string, binary -> binary}
*/
-function sha2(str) {
- var hash = Crypto.createHash('sha256');
- hash.update(str);
- return hash.digest('binary');
+function hash_digest(algo, bin) {
+ return binary_of_buffer(
+ new Buffer(Crypto.createHash(algo).update(bin.contents).digest('binary'),
+ 'binary')
+ );
}
/**
- * @register {string, string, string -> string}
+ * @register {string, string, binary -> binary}
*/
-function hash(algo, format, str) {
- var hash = Crypto.createHash(algo);
- hash.update(str);
- return hash.digest(format);
+function hmac_digest(algo, key, bin) {
+ return binary_of_buffer(
+ new Buffer(Crypto.createHmac(algo, key).update(bin.contents).digest('binary'),
+ 'binary')
+ );
}
@@ -192,7 +192,9 @@ Server_private = {{
* url (but the client never uses it, it is meant for us because having a stable
* url is convenient for scripts) */
js_code = Client_code.retrieve_js_file()
- js_unique_stamp = ( %% BslCrypto.md5 %% )(js_code) //As some bits of the JS are generated at launch-time and can be randomized (e.g. @public sessions), the server id isn't sufficient
+
+ //As some bits of the JS are generated at launch-time and can be randomized (e.g. @public sessions), the server id isn't sufficient
+ js_unique_stamp = %% BslCrypto.md5 %%(js_code)
js_file_no_internal_without_version = "code/all.js"
js_file_no_internal_with_version = "{js_unique_stamp}/{js_file_no_internal_without_version}"
js_file_with_version = "{base_url_string}/{_internal_}/{js_file_no_internal_with_version}"
@@ -48,48 +48,104 @@ Crypto = {{
}}
- Hash = {{
+ /**
+ * The [HMAC] module implements keyed-hash functions (see the RFC2104).
+ */
+ HMAC = {{
/**
- * Produces a HMAC_SHA1 for the given key and message. The first argument
- * is the key, the second is the message.
+ * A generic HMAC digest of the message [m].
+ * @param H is the name of cryptographic hash function
+ * @param K is a secret key
+ * @param m is a message
+ * @return the digest of [m]
*/
- hmac_sha1 = %% BslCrypto.hmac_sha1 %% : string, string -> string
+ @private
+ digest(H, K, m) = %% BslCrypto.hmac_digest %%(H, K, m)
/**
- * Produces a HMAC_SHA256 for the given key and message. The first argument
- * is the key, the second is the message.
+ * Calculates the HMAC-MD5 digest of [data] with the secret [key].
+ * @param key is a secret key
+ * @param data is a message
+ * @return the calculated digest
*/
- hmac_sha256 = %% BslCrypto.hmac_sha256 %% : string, string -> string
+ md5(key, data) = digest("md5", key, data)
/**
- * Generalised hmac.
- * Valid output encodings are "hex", "binary" and "base64".
- * Valid algorithms depend on what is available in OpenSSL, eg. "sha1", "md5", "sha256" and "sha512".
- * Note that [hmac_sha1 = hash("sha1","binary",_)] and [hmac_sha256 = hash("sha256","binary",_)].
- *
- * @param algorithm the algorithm to use
- * @param output_encoding the output encoding
- * @param key the key for the encryption
- * @param str the string to encode
+ * Calculates the HMAC-SHA1 digest of [data] with the secret [key].
+ * @param key is a secret key
+ * @param data is a message
+ * @return the calculated digest
+ */
+ sha1(key, data) = digest("sha1", key, data)
+
+ /**
+ * Calculates the HMAC-SHA1 digest of [data] with the secret [key].
+ * @param key is a secret key
+ * @param data is a message
+ * @return the calculated digest
*/
- hmac = %%BslCrypto.hmac%% : string, string, string, string -> string
+ sha256(key, data) = digest("sha256", key, data)
- md5 = %% BslCrypto.md5 %% : string -> string
+ /**
+ * Calculates the HMAC-SHA1 digest of [data] with the secret [key].
+ * @param key is a secret key
+ * @param data is a message
+ * @return the calculated digest
+ */
+ ripemd160(key, data) = digest("ripemd160", key, data)
- sha2 = %%BslCrypto.sha2%% : string -> string
+ }}
+
+ /**
+ * The [Hash] module implements (unkeyed) hash functions.
+ */
+ Hash = {{
/**
- * Generalised hash.
- * Valid output encodings are "hex", "binary" and "base64".
- * Valid algorithms depend on what is available in OpenSSL, eg. "sha1", "md5", "sha256" and "sha512".
- * Note that [sha2 = hash("sha256","binary",_)] and [md5 = hash("md5","hex",_)].
+ * A generic digest of the message [m].
+ * @param H is the name of cryptographic hash function
+ * @param m is a message
+ * @return the digest of [m]
+ */
+ @private
+ digest(H, m) = %% BslCrypto.hash_digest %%(H, m)
+
+ /**
+ * Compute the MD5 signature of a string.
*
- * @param algorithm the algorithm to use
- * @param output_encoding the output encoding
- * @param str the string to hash
+ * @param data A text of arbitrary length.
+ * @return A 32 digit long hexadecimal string
+ */
+ md5(data) = %%BslCrypto.md5%%(data)
+
+ /**
+ * Calculates the MD5 digest of [data].
+ * @param data is a message
+ * @return the calculated digest
+ */
+ md5_bin(data) = digest("md5", data)
+
+ /**
+ * Calculates the SHA1 digest of [data].
+ * @param data is a message
+ * @return the calculated digest
*/
- hash = %%BslCrypto.hash%% : string, string, string -> string
+ sha1(data) = digest("sha1", data)
+
+ /**
+ * Calculates the SHA256 digest of [data].
+ * @param data is a message
+ * @return the calculated digest
+ */
+ sha256(data) = digest("sha256", data)
+
+ /**
+ * Calculates the HMAC-RIPEM160 digest of [data].
+ * @param data is a message
+ * @return the calculated digest
+ */
+ ripemd160(data) = digest("ripemd160", data)
}}
@@ -117,15 +173,3 @@ Crypto = {{
#<End>
}}
-
-/**
- * {1 Deprecated API}
- *
- * function used to be exported to the global namespace, which is bad
-**/
-
-@deprecated({use="Crypto.Base64.encode"}) base64_encode = Crypto.Base64.encode
-@deprecated({use="Crypto.Base64.decode"}) base64_decode = Crypto.Base64.decode
-@deprecated({use="Crypto.Hash.hmac_sha1"}) hmac_sha1 = Crypto.Hash.hmac_sha1
-@deprecated({use="Crypto.Hash.md5"}) md5 = Crypto.Hash.md5
-@deprecated({use="Crypto.Hash.md5"}) Hash = Crypto.Hash

0 comments on commit e0073bc

Please sign in to comment.