1/* Part of SWI-Prolog 2 3 Author: Jan Wielemaker 4 E-mail: J.Wielemaker@vu.nl 5 WWW: http://www.swi-prolog.org 6 Copyright (c) 2007-2013, University of Amsterdam 7 VU University Amsterdam 8 All rights reserved. 9 10 Redistribution and use in source and binary forms, with or without 11 modification, are permitted provided that the following conditions 12 are met: 13 14 1. Redistributions of source code must retain the above copyright 15 notice, this list of conditions and the following disclaimer. 16 17 2. Redistributions in binary form must reproduce the above copyright 18 notice, this list of conditions and the following disclaimer in 19 the documentation and/or other materials provided with the 20 distribution. 21 22 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 23 "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 24 LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 25 FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 26 COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 27 INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 28 BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 29 LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 30 CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 32 ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 33 POSSIBILITY OF SUCH DAMAGE. 34*/ 35 36:- module(crypto_hash, 37 [ sha_hash/3, % +Data, -Hash, +Options 38 sha_new_ctx/2, % -NewContext, +Options 39 sha_hash_ctx/4, % +OldCtx, +Data, -NewCtx, -Hash 40 hmac_sha/4, % +Key, +Data, -Hash, +Options 41 file_sha1/2, % +File, -SHA1 42 hash_atom/2 % +Hash, -HexAtom 43 ]). 44:- use_foreign_library(foreign(sha4pl)). 45 46/** <module> SHA secure hashes 47 48This library provides a lightweight implementation for computing SHA 49secure hashes. A general secure hash interface is provided by 50library(crypto), part of the `ssl` package. 51 52@see library(md5), library(hash_stream) and library(crypto). 53*/ 54 55%! sha_hash(+Data, -Hash, +Options) is det 56% 57% Hash is the SHA hash of Data, The conversion is controlled 58% by Options: 59% 60% * algorithm(+Algorithm) 61% One of =sha1= (default), =sha224=, =sha256=, =sha384= or 62% =sha512= 63% * encoding(+Encoding) 64% If Data is a sequence of character _codes_, this must be 65% translated into a sequence of _bytes_, because that is what 66% the hashing requires. The default encoding is =utf8=. The 67% other meaningful value is =octet=, claiming that Data contains 68% raw bytes. 69% 70% @param Data is either an atom, string or code-list 71% @param Hash is a packed string 72 73%! sha_new_ctx(-NewContext, +Options) is det 74% 75% NewContext is unified with the empty SHA computation context 76% (which includes the Options.) It could later be passed to 77% sha_hash_ctx/4. For Options, see sha_hash/3. 78% 79% @param NewContext is an opaque pure Prolog term that is 80% subject to garbage collection. 81 82%! sha_hash_ctx(+OldContext, +Data, -NewContext, -Hash) is det 83% 84% Hash is the SHA hash of Data. NewContext is the new SHA 85% computation context, while OldContext is the old. OldContext 86% may be produced by a prior invocation of either sha_new_ctx/3 or 87% sha_hash_ctx/4 itself. 88% 89% This predicate allows a SHA function to be computed in chunks, 90% which may be important while working with Metalink (RFC 5854), 91% BitTorrent or similar technologies, or simply with big files. 92 93%! hmac_sha(+Key, +Data, -Hash, +Options) is det 94% 95% For Options, see sha_hash/3. 96 97%! file_sha1(+File, -SHA1:atom) is det. 98% 99% True when SHA1 is the SHA1 hash for the content of File. Options 100% is passed to open/4 and typically used to control whether binary 101% or text encoding must be used. The output is compatible to the 102% =sha1sum= program found in many systems. 103 104file_sha1(File, Hash) :- 105 setup_call_cleanup( 106 open(File, read, In, [type(binary)]), 107 stream_sha1(In, Hash), 108 close(In)). 109 110stream_sha1(Stream, Hash) :- 111 sha_new_ctx(Ctx0, [encoding(octet)]), 112 update_hash(Stream, Ctx0, _Ctx, 0, HashCodes), 113 hash_atom(HashCodes, Hash). 114 115update_hash(In, Ctx0, Ctx, Hash0, Hash) :- 116 at_end_of_stream(In), 117 !, 118 Ctx = Ctx0, 119 Hash = Hash0. 120update_hash(In, Ctx0, Ctx, _Hash0, Hash) :- 121 read_pending_codes(In, Data, []), 122 sha_hash_ctx(Ctx0, Data, Ctx1, Hash1), 123 update_hash(In, Ctx1, Ctx, Hash1, Hash). 124 125 126 127%! hash_atom(+HashCodes, -HexAtom) is det. 128% 129% Convert a list of bytes (integers 0..255) into the usual 130% hexadecimal notation. E.g. 131% 132% == 133% ?- sha_hash('SWI-Prolog', Hash, []), 134% hash_atom(Hash, Hex). 135% Hash = [61, 128, 252, 38, 121, 69, 229, 85, 199|...], 136% Hex = '3d80fc267945e555c730403bd0ab0716e2a68c68'. 137% == 138 139hash_atom(Codes, Hash) :- 140 phrase(bytes_hex(Codes), HexCodes), 141 atom_codes(Hash, HexCodes). 142 143bytes_hex([]) --> []. 144bytes_hex([H|T]) --> 145 { High is H>>4, 146 Low is H /\ 0xf, 147 code_type(C0, xdigit(High)), 148 code_type(C1, xdigit(Low)) 149 }, 150 [C0,C1], 151 bytes_hex(T). 152 153 154 /******************************* 155 * SANDBOX * 156 *******************************/ 157 158:- multifile sandbox:safe_primitive/1. 159 160sandbox:safe_primitive(crypto_hash:sha_hash(_,_,_)). 161sandbox:safe_primitive(crypto_hash:hmac_sha(_,_,_,_)). 162sandbox:safe_primitive(crypto_hash:hash_atom(_,_))