Only in Mojolicious-0.999925.hmac: Changes.orig Only in Mojolicious-0.999925.hmac: Changes.rej diff -ur Mojolicious-0.999925/lib/Mojo/ByteStream.pm Mojolicious-0.999925.hmac/lib/Mojo/ByteStream.pm --- Mojolicious-0.999925/lib/Mojo/ByteStream.pm 2010-06-03 21:53:02.000000000 +0300 +++ Mojolicious-0.999925.hmac/lib/Mojo/ByteStream.pm 2011-05-03 19:46:33.282802902 +0300 @@ -24,6 +24,9 @@ use constant PUNYCODE_INITIAL_BIAS => 72; use constant PUNYCODE_INITIAL_N => 128; +# Core module since Perl 5.9.3 +use constant SHA1 => eval 'use Digest::SHA (); 1'; + __PACKAGE__->attr(raw_size => 0); # Punycode delimiter @@ -467,21 +470,9 @@ return $line; } -sub hmac_md5_sum { - my ($self, $secret) = @_; +sub hmac_md5_sum { shift->_hmac(\&_md5, @_) } - #Secret - $secret ||= 'Very unsecure!'; - $secret = _md5_sum($secret) if length $secret > 64; - - # HMAC - my $ipad = $secret ^ (chr(0x36) x 64); - my $opad = $secret ^ (chr(0x5c) x 64); - $self->{bytestream} = - _md5_sum($opad . _md5_sum($ipad . $self->{bytestream})); - - return $self; -} +sub hmac_sha1_sum { shift->_hmac(\&_sha1, @_) } sub html_escape { my $self = shift; @@ -521,7 +512,7 @@ sub md5_bytes { my $self = shift; utf8::encode $self->{bytestream} if utf8::is_utf8 $self->{bytestream}; - $self->{bytestream} = Digest::MD5::md5($self->{bytestream}); + $self->{bytestream} = _md5($self->{bytestream}); return $self; } @@ -716,6 +707,24 @@ return substr $self->{bytestream}, 0, $length, $chunk; } +sub sha1_bytes { + my $self = shift; + utf8::encode $self->{bytestream} if utf8::is_utf8 $self->{bytestream}; + $self->{bytestream} = _sha1($self->{bytestream}); + return $self; +} + +sub sha1_sum { + my $self = shift; + die <<'EOF' unless SHA1; +Module "Digest::SHA" not present in this version of Perl. +Please install it manually or upgrade Perl to at least version 5.10. +EOF + utf8::encode $self->{bytestream} if utf8::is_utf8 $self->{bytestream}; + $self->{bytestream} = Digest::SHA::sha1_hex($self->{bytestream}); + return $self; +} + sub size { length shift->{bytestream} } sub to_string { shift->{bytestream} } @@ -800,8 +809,24 @@ / ($delta + PUNYCODE_SKEW)); } -# Helper for hmac_md5_sum -sub _md5_sum { Mojo::ByteStream->new(shift)->md5_sum->to_string } +sub _hmac { + my ($self, $cb, $secret) = @_; + + #Secret + $secret ||= 'Very unsecure!'; + $secret = $cb->($secret) if length $secret > 64; + + # HMAC + my $ipad = $secret ^ (chr(0x36) x 64); + my $opad = $secret ^ (chr(0x5c) x 64); + $self->{bytestream} = unpack 'H*', + $cb->($opad . $cb->($ipad . $self->{bytestream})); + + return $self; +} + +# Helper for md5_bytes +sub _md5 { Digest::MD5::md5(shift) } # Helper for url_sanitize sub _sanitize { @@ -813,6 +838,15 @@ return '%' . uc $hex; } +# Helper for sha1_bytes +sub _sha1 { + die <<'EOF' unless SHA1; +Module "Digest::SHA" not present in this version of Perl. +Please install it manually or upgrade Perl to at least version 5.10. +EOF + Digest::SHA::sha1(shift); +} + # Helper for html_unescape sub _unescape { my ($num, $entitie, $hex) = @_; @@ -850,6 +884,7 @@ $stream->encode('UTF-8'); $stream->decode('UTF-8'); $stream->hmac_md5_sum('secret'); + $stream->hmac_sha1_sum('secret'); $stream->html_escape; $stream->html_unescape; $stream->md5_bytes; @@ -857,6 +892,8 @@ $stream->qp_encode; $stream->qp_decode; $stream->quote; + $stream->sha1_bytes; + $stream->sha1_sum; $stream->unquote; $stream->url_escape; $stream->url_sanitize; @@ -994,6 +1031,13 @@ Turn bytestream into HMAC-MD5 checksum of old content. +=head2 C<hmac_sha1_sum> + + $stream = $stream->hmac_sha1_sum($secret); + +Turn bytestream into HMAC-SHA1 checksum of old content. +Note that Perl 5.10 or L<Digest::SHA> are required for C<SHA1> support. + =head2 C<html_escape> $stream = $stream->html_escape; @@ -1010,7 +1054,7 @@ $stream = $stream->md5_bytes; -Turn bytestream into 16 byte MD5 checksum of old content. +Turn bytestream into binary MD5 checksum of old content. =head2 C<md5_sum> @@ -1055,6 +1099,20 @@ Remove a specific number of bytes from bytestream. +=head2 C<sha1_bytes> + + $stream = $stream->sha1_bytes; + +Turn bytestream into binary SHA1 checksum of old content. +Note that Perl 5.10 or L<Digest::SHA> are required for C<SHA1> support. + +=head2 C<sha1_sum> + + $stream = $stream->sha1_sum; + +Turn bytestream into SHA1 checksum of old content. +Note that Perl 5.10 or L<Digest::SHA> are required for C<SHA1> support. + =head2 C<size> my $size = $stream->size; Only in Mojolicious-0.999925.hmac/lib/Mojo: ByteStream.pm.orig diff -ur Mojolicious-0.999925/t/mojo/bytestream.t Mojolicious-0.999925.hmac/t/mojo/bytestream.t --- Mojolicious-0.999925/t/mojo/bytestream.t 2010-06-03 22:00:13.000000000 +0300 +++ Mojolicious-0.999925.hmac/t/mojo/bytestream.t 2011-05-03 19:53:52.685802950 +0300 @@ -10,7 +10,7 @@ # Homer, we're going to ask you a few simple yes or no questions. # Do you understand? # Yes. *lie dectector blows up* -use Test::More tests => 59; +use Test::More tests => 72; use_ok('Mojo::ByteStream', 'b'); @@ -130,7 +130,7 @@ $stream = b('foo bar baz'); is( unpack('H*', $stream->md5_bytes), "ab07acbb1e496801937adfa772424bf7", - 'right 16 byte md5 checksum' + 'right binary md5 checksum' ); # md5_sum @@ -138,6 +138,20 @@ is($stream->md5_sum, 'ab07acbb1e496801937adfa772424bf7', 'right md5 checksum'); +# sha1_bytes +$stream = b('foo bar baz'); +is( unpack('H*', $stream->sha1_bytes), + "c7567e8b39e2428e38bf9c9226ac68de4c67dc39", + 'right binary sha1 checksum' +); + +# sha1_sum +$stream = b('foo bar baz'); +is( $stream->sha1_sum, + 'c7567e8b39e2428e38bf9c9226ac68de4c67dc39', + 'right sha1 checksum' +); + # length $stream = b('foo bar baz'); is($stream->size, 11, 'size is 11'); @@ -147,20 +161,74 @@ is($stream->size, 1, 'size is 1'); is($stream->to_string, '0', 'right buffer content'); -# hmac_md5_sum -is( b('some secret message')->hmac_md5_sum('secret'), - '5a7dcc4c407032ad10758abdda017f7b', +# hmac_md5_sum (RFC2202) +is( b("Hi There")->hmac_md5_sum(chr(0x0b) x 16), + '9294727a3638bb1c13f48ef8158bfc9d', + 'right hmac md5 checksum' +); +is( b("what do ya want for nothing?")->hmac_md5_sum("Jefe"), + '750c783e6ab0b503eaa86e310a5db738', + 'right hmac md5 checksum' +); +is( b(chr(0xdd) x 50)->hmac_md5_sum(chr(0xaa) x 16), + '56be34521d144c88dbb8c733f0e8b3f6', + 'right hmac md5 checksum' +); +is( b(chr(0xcd) x 50)->hmac_md5_sum( + pack 'H*' => '0102030405060708090a0b0c0d0e0f10111213141516171819' + ), + '697eaf0aca3a3aea3a75164746ffaa79', + 'right hmac md5 checksum' +); +is( b("Test With Truncation")->hmac_md5_sum(chr(0x0c) x 16), + '56461ef2342edc00f9bab995690efd4c', 'right hmac md5 checksum' ); -is( b('some other message')->hmac_md5_sum('secret'), - '9ab78f427440259a33abb088d4400526', +is( b("Test Using Larger Than Block-Size Key - Hash Key First") + ->hmac_md5_sum(chr(0xaa) x 80), + '6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd', 'right hmac md5 checksum' ); -is( b('some secret message')->hmac_md5_sum('secret'), - '5a7dcc4c407032ad10758abdda017f7b', +is( b( "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data" + )->hmac_md5_sum(chr(0xaa) x 80), + '6f630fad67cda0ee1fb1f562db3aa53e', 'right hmac md5 checksum' ); +# hmac_sha1_sum (RFC2202) +is( b("Hi There")->hmac_sha1_sum(chr(0x0b) x 20), + 'b617318655057264e28bc0b6fb378c8ef146be00', + 'right hmac sha1 checksum' +); +is( b("what do ya want for nothing?")->hmac_sha1_sum("Jefe"), + 'effcdf6ae5eb2fa2d27416d5f184df9c259a7c79', + 'right hmac sha1 checksum' +); +is( b(chr(0xdd) x 50)->hmac_sha1_sum(chr(0xaa) x 20), + '125d7342b9ac11cd91a39af48aa17b4f63f175d3', + 'right hmac sha1 checksum' +); +is( b(chr(0xcd) x 50)->hmac_sha1_sum( + pack 'H*' => '0102030405060708090a0b0c0d0e0f10111213141516171819' + ), + '4c9007f4026250c6bc8414f9bf50c86c2d7235da', + 'right hmac sha1 checksum' +); +is( b("Test With Truncation")->hmac_sha1_sum(chr(0x0c) x 20), + '4c1a03424b55e07fe7f27be1d58bb9324a9a5a04', + 'right hmac sha1 checksum' +); +is( b("Test Using Larger Than Block-Size Key - Hash Key First") + ->hmac_sha1_sum(chr(0xaa) x 80), + 'aa4ae5e15272d00e95705637ce8a3b55ed402112', + 'right hmac sha1 checksum' +); +is( b( "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data" + )->hmac_sha1_sum(chr(0xaa) x 80), + 'e8e99d0f45237d786d6bbaa7965c7808bbff1a91', + 'right hmac sha1 checksum' +); + # html_escape $stream = b('foobar<baz>'); is($stream->html_escape, 'foobar<baz>', 'right html escaped result'); Only in Mojolicious-0.999925.hmac/t/mojo: bytestream.t.orig Only in Mojolicious-0.999925.hmac/t/mojo: bytestream.t.rej