Hawkin
/
arangodb
mirror of https://gitee.com/bigwinds/arangodb
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Added support for sha384, sha512.

This commit is contained in:
Alan Plum 2014-09-04 23:17:58 +02:00
parent e2c4a62ff7
commit 4e3659c01a
6 changed files with 288 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
js/common/bootstrap/module-internal.js
View File

@ -6,7 +6,7 @@
SYS_DOWNLOAD, SYS_EXECUTE, SYS_GET_CURRENT_REQUEST, SYS_GET_CURRENT_RESPONSE,
SYS_LOAD, SYS_LOG_LEVEL, SYS_MD5, SYS_OUTPUT, SYS_PROCESS_STATISTICS,
SYS_RAND, SYS_SERVER_STATISTICS, SYS_SPRINTF, SYS_TIME, SYS_START_PAGER, SYS_STOP_PAGER,
SYS_HMAC, SYS_SHA256, SYS_SHA224, SYS_SHA1, SYS_SLEEP, SYS_WAIT,
SYS_HMAC, SYS_SHA512, SYS_SHA384, SYS_SHA256, SYS_SHA224, SYS_SHA1, SYS_SLEEP, SYS_WAIT,
SYS_PARSE, SYS_IMPORT_CSV_FILE, SYS_IMPORT_JSON_FILE, SYS_LOG,
SYS_GEN_RANDOM_NUMBERS, SYS_GEN_RANDOM_ALPHA_NUMBERS, SYS_GEN_RANDOM_SALT, SYS_CREATE_NONCE,
SYS_CHECK_AND_MARK_NONCE, SYS_CLIENT_STATISTICS, SYS_HTTP_STATISTICS, SYS_UNIT_TESTS, SYS_UNIT_TESTS_RESULT:true,
@ -536,6 +536,24 @@
delete SYS_RAND;
}
////////////////////////////////////////////////////////////////////////////////
/// @brief sha512
////////////////////////////////////////////////////////////////////////////////
if (typeof SYS_SHA512 !== "undefined") {
exports.sha512 = SYS_SHA512;
delete SYS_SHA512;
}
////////////////////////////////////////////////////////////////////////////////
/// @brief sha384
////////////////////////////////////////////////////////////////////////////////
if (typeof SYS_SHA384 !== "undefined") {
exports.sha384 = SYS_SHA384;
delete SYS_SHA384;
}
////////////////////////////////////////////////////////////////////////////////
/// @brief sha256
////////////////////////////////////////////////////////////////////////////////

54
js/common/modules/org/arangodb/crypto.js
View File

@ -73,6 +73,22 @@ exports.md5 = function (value) {
return internal.md5(value);
};
////////////////////////////////////////////////////////////////////////////////
/// @brief apply an SHA 512 hash
////////////////////////////////////////////////////////////////////////////////
exports.sha512 = function (value) {
return internal.sha512(value);
};
////////////////////////////////////////////////////////////////////////////////
/// @brief apply an SHA 384 hash
////////////////////////////////////////////////////////////////////////////////
exports.sha384 = function (value) {
return internal.sha384(value);
};
////////////////////////////////////////////////////////////////////////////////
/// @brief apply an SHA 256 hash
////////////////////////////////////////////////////////////////////////////////
@ -163,19 +179,35 @@ function jwtUrlEncode(str) {
return str.replace(/[+]/g, '-').replace(/[\/]/g, '_').replace(/[=]/g, '');
}
function jwtHmacSigner(algorithm) {
'use strict';
return function (key, segments) {
return new Buffer(exports.hmac(key, segments.join('.'), algorithm), 'hex').toString('base64');
};
}
function jwtHmacVerifier(algorithm) {
'use strict';
return function (key, segments) {
return exports.constantEquals(
exports.hmac(key, segments.slice(0, 2).join('.'), algorithm),
segments[2]
);
};
}
exports.jwtAlgorithms = {
HS256: {
sign: function (key, segments) {
'use strict';
return new Buffer(exports.hmac(key, segments.join('.'), 'sha256'), 'hex').toString('base64');
},
verify: function (key, segments) {
'use strict';
return exports.constantEquals(
exports.hmac(key, segments.slice(0, 2).join('.'), 'sha256'),
segments[2]
);
}
sign: jwtHmacSigner('sha256'),
verify: jwtHmacVerifier('sha256')
},
HS384: {
sign: jwtHmacSigner('sha384'),
verify: jwtHmacVerifier('sha384')
},
HS512: {
sign: jwtHmacSigner('sha512'),
verify: jwtHmacVerifier('sha512')
},
none: {
sign: function () {

70
js/common/tests/shell-crypto.js
View File

@ -72,6 +72,72 @@ function CryptoSuite () {
});
},
////////////////////////////////////////////////////////////////////////////////
/// @brief test sha512, invalid values
////////////////////////////////////////////////////////////////////////////////
testSha512Invalid : function () {
[ undefined, null, true, false, 0, 1, -1, 32.5, [ ], { } ].forEach(function (value) {
try {
crypto.sha512(value);
fail();
}
catch (err) {
}
});
},
////////////////////////////////////////////////////////////////////////////////
/// @brief test sha512
////////////////////////////////////////////////////////////////////////////////
testSha512 : function () {
var data = [
[ "", "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" ],
[ " ", "f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768"],
[ "arangodb", "87509a178c07ce9f75bf70042297e414fded142109644781774bee3a5634ef0986de9806b9a63e18353037ef9fc04c6fc0cab2b12eff5d081e0a9d4d8412c4eb" ],
[ "Arangodb", "fb4d3ac6ccf6ac32751943ae10aa4cb86e1495042898e2d24fae79220f9421d94394db3be05a5e5f92b4ffe7ca4356bff56aa3eee0e68365e77245ebb6c34fb5" ],
[ "ArangoDB is a database", "b6a1ca6cdc7d8085ceda20a5b78251787df5f959daa36929f6bc6bb517dd9adc5d1610f43443151d14294ece1885e5560c12ca44d10e430d0208ca4bc481ebbd" ]
];
data.forEach(function (value) {
assertEqual(value[1], crypto.sha512(value[0]));
});
},
////////////////////////////////////////////////////////////////////////////////
/// @brief test sha256, invalid values
////////////////////////////////////////////////////////////////////////////////
testSha384Invalid : function () {
[ undefined, null, true, false, 0, 1, -1, 32.5, [ ], { } ].forEach(function (value) {
try {
crypto.sha384(value);
fail();
}
catch (err) {
}
});
},
////////////////////////////////////////////////////////////////////////////////
/// @brief test sha384
////////////////////////////////////////////////////////////////////////////////
testSha384 : function () {
var data = [
[ "", "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" ],
[ " ", "588016eb10045dd85834d67d187d6b97858f38c58c690320c4a64e0c2f92eebd9f1bd74de256e8268815905159449566"],
[ "arangodb", "d2b5ff08b3784080520f11535243c2314e3f9ef42335d8e80d17cb8b002626d9833d9cd68c50b0b5aea8f2c111fb95dd" ],
[ "Arangodb", "643d99c8edd96d48075161ad92f541bdd6d77460c1b1fd14353abcc309155f84ca7c138df1b647db59c537afd7b80521" ],
[ "ArangoDB is a database", "579f8b2972baf5b0acb3b4db39afeebd7274b1a2083cd110a554df0b63cdc0cc757d1e8d771e51e71cfe2c2ac2617e93" ]
];
data.forEach(function (value) {
assertEqual(value[1], crypto.sha384(value[0]));
});
},
////////////////////////////////////////////////////////////////////////////////
/// @brief test sha256, invalid values
////////////////////////////////////////////////////////////////////////////////
@ -210,6 +276,10 @@ function CryptoSuite () {
[ "SECRET", "ArangoDB is a database", "sha256", "a04df5ce362f49439db5e30032b20e0fa64d01c60ceb32a9150e58d3c2c929af" ],
[ "secret", "ArangoDB is a database", "sha224", "b55c13e25227abf919b510cf2289f4501fa13584676e7e4d56108172" ],
[ "secret", "ArangoDB is a database", "SHA224", "b55c13e25227abf919b510cf2289f4501fa13584676e7e4d56108172" ],
[ "secret", "ArangoDB is a database", "sha384", "bb8da1979a964225996280d30c1ff73b1297145aaaa57520d4a1f38c648a85541f2d8e22f7e20dc3a556563e386521a7" ],
[ "secret", "ArangoDB is a database", "SHA384", "bb8da1979a964225996280d30c1ff73b1297145aaaa57520d4a1f38c648a85541f2d8e22f7e20dc3a556563e386521a7" ],
[ "secret", "ArangoDB is a database", "sha512", "8ef4e708db5bbc13ecf675ab81c9bfac72faedaf68fae91c51c0736746d087396af758a43cd60f763a5a8187d856c906c1677c7525b756cdb1ad5a7df823df73" ],
[ "secret", "ArangoDB is a database", "SHA512", "8ef4e708db5bbc13ecf675ab81c9bfac72faedaf68fae91c51c0736746d087396af758a43cd60f763a5a8187d856c906c1677c7525b756cdb1ad5a7df823df73" ],
[ "secret", "ArangoDB is a database", "sha1", "f39d7a76e502ba3f79d663cfbc9ac43eb6fd323e" ],
[ "secret", "ArangoDB is a database", "SHA1", "f39d7a76e502ba3f79d663cfbc9ac43eb6fd323e" ],
[ "secret", "ArangoDB is a database", "md5", "6eecfc947725974efc24bbaaafe15a13" ],

40
lib/Rest/SslInterface.cpp
View File

@ -139,6 +139,40 @@ namespace triagens {
void sslSHA384 (char const* inputStr, size_t length, char*& outputStr, size_t& outputLen) {
if (outputStr == 0) {
outputStr = new char[SHA384_DIGEST_LENGTH];
outputLen = SHA384_DIGEST_LENGTH;
}
SHA384((const unsigned char*) inputStr, length, (unsigned char*) outputStr);
}
void sslSHA384 (char const* inputStr, char*& outputStr, size_t& outputLen) {
sslSHA384(inputStr, strlen(inputStr), outputStr, outputLen);
}
void sslSHA512 (char const* inputStr, size_t length, char*& outputStr, size_t& outputLen) {
if (outputStr == 0) {
outputStr = new char[SHA512_DIGEST_LENGTH];
outputLen = SHA512_DIGEST_LENGTH;
}
SHA512((const unsigned char*) inputStr, length, (unsigned char*) outputStr);
}
void sslSHA512 (char const* inputStr, char*& outputStr, size_t& outputLen) {
sslSHA512(inputStr, strlen(inputStr), outputStr, outputLen);
}
void sslHEX (char const* inputStr, size_t length, char*& outputStr, size_t& outputLen) {
static char const hexval[16] = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
@ -196,6 +230,12 @@ namespace triagens {
else if (algorithm == Algorithm::ALGORITHM_MD5) {
evp_md = const_cast<EVP_MD*>(EVP_md5());
}
else if (algorithm == Algorithm::ALGORITHM_SHA384) {
evp_md = const_cast<EVP_MD*>(EVP_sha384());
}
else if (algorithm == Algorithm::ALGORITHM_SHA512) {
evp_md = const_cast<EVP_MD*>(EVP_sha512());
}
else {
// default
evp_md = const_cast<EVP_MD*>(EVP_sha256());

28
lib/Rest/SslInterface.h
View File

@ -40,7 +40,9 @@ namespace triagens {
ALGORITHM_SHA256 = 0,
ALGORITHM_SHA1 = 1,
ALGORITHM_MD5 = 2,
ALGORITHM_SHA224 = 3
ALGORITHM_SHA224 = 3,
ALGORITHM_SHA384 = 4,
ALGORITHM_SHA512 = 5
};
//////////////////////////////////////////////////////////////////////////
@ -97,6 +99,30 @@ namespace triagens {
void sslSHA256 (char const* inputStr, char*& outputStr, size_t& outputLen);
//////////////////////////////////////////////////////////////////////////
/// @brief sha384 hash
//////////////////////////////////////////////////////////////////////////
void sslSHA384 (char const* inputStr, const size_t length, char*& outputStr, size_t& outputLen);
//////////////////////////////////////////////////////////////////////////
/// @brief sha384 hash
//////////////////////////////////////////////////////////////////////////
void sslSHA384 (char const* inputStr, char*& outputStr, size_t& outputLen);
//////////////////////////////////////////////////////////////////////////
/// @brief sha512 hash
//////////////////////////////////////////////////////////////////////////
void sslSHA512 (char const* inputStr, const size_t length, char*& outputStr, size_t& outputLen);
//////////////////////////////////////////////////////////////////////////
/// @brief sha512 hash
//////////////////////////////////////////////////////////////////////////
void sslSHA512 (char const* inputStr, char*& outputStr, size_t& outputLen);
//////////////////////////////////////////////////////////////////////////
/// @brief HEX
//////////////////////////////////////////////////////////////////////////

90
lib/V8/v8-utils.cpp
View File

@ -192,7 +192,7 @@ static bool LoadJavaScriptFile (char const* filename,
length += strlen(prologue) + strlen(epilogue);
content = contentWrapper;
}
if (content == nullptr) {
LOG_TRACE("cannot load java script file '%s': %s", filename, TRI_errno_string(TRI_ERROR_OUT_OF_MEMORY));
return false;
@ -2277,6 +2277,86 @@ static v8::Handle<v8::Value> JS_SPrintF (v8::Arguments const& argv) {
return scope.Close(v8::String::New(result.c_str(), (int) result.size()));
}
////////////////////////////////////////////////////////////////////////////////
/// @brief computes the sha512 sum
///
/// @FUN{internal.sha512(@FA{text})}
///
/// Computes an sha512 for the @FA{text}.
////////////////////////////////////////////////////////////////////////////////
static v8::Handle<v8::Value> JS_Sha512 (v8::Arguments const& argv) {
v8::HandleScope scope;
// extract arguments
if (argv.Length() != 1 || ! argv[0]->IsString()) {
TRI_V8_EXCEPTION_USAGE(scope, "sha512(<text>)");
}
string key = TRI_ObjectToString(argv[0]);
// create sha512
char* hash = 0;
size_t hashLen;
SslInterface::sslSHA512(key.c_str(), key.size(), hash, hashLen);
// as hex
char* hex = 0;
size_t hexLen;
SslInterface::sslHEX(hash, hashLen, hex, hexLen);
delete[] hash;
// and return
v8::Handle<v8::String> hashStr = v8::String::New(hex, (int) hexLen);
delete[] hex;
return scope.Close(hashStr);
}
////////////////////////////////////////////////////////////////////////////////
/// @brief computes the sha384 sum
///
/// @FUN{internal.sha384(@FA{text})}
///
/// Computes an sha384 for the @FA{text}.
////////////////////////////////////////////////////////////////////////////////
static v8::Handle<v8::Value> JS_Sha384 (v8::Arguments const& argv) {
v8::HandleScope scope;
// extract arguments
if (argv.Length() != 1 || ! argv[0]->IsString()) {
TRI_V8_EXCEPTION_USAGE(scope, "sha384(<text>)");
}
string key = TRI_ObjectToString(argv[0]);
// create sha384
char* hash = 0;
size_t hashLen;
SslInterface::sslSHA384(key.c_str(), key.size(), hash, hashLen);
// as hex
char* hex = 0;
size_t hexLen;
SslInterface::sslHEX(hash, hashLen, hex, hexLen);
delete[] hash;
// and return
v8::Handle<v8::String> hashStr = v8::String::New(hex, (int) hexLen);
delete[] hex;
return scope.Close(hashStr);
}
////////////////////////////////////////////////////////////////////////////////
/// @brief computes the sha256 sum
///
@ -2686,6 +2766,12 @@ static v8::Handle<v8::Value> JS_HMAC (v8::Arguments const& argv) {
if (algorithm == "sha1") {
al = SslInterface::Algorithm::ALGORITHM_SHA1;
}
else if (algorithm == "sha512") {
al = SslInterface::Algorithm::ALGORITHM_SHA512;
}
else if (algorithm == "sha384") {
al = SslInterface::Algorithm::ALGORITHM_SHA384;
}
else if (algorithm == "sha256") {
al = SslInterface::Algorithm::ALGORITHM_SHA256;
}
@ -3546,6 +3632,8 @@ void TRI_InitV8Utils (v8::Handle<v8::Context> context,
TRI_AddGlobalFunctionVocbase(context, "SYS_SHA1", JS_Sha1);
TRI_AddGlobalFunctionVocbase(context, "SYS_SHA224", JS_Sha224);
TRI_AddGlobalFunctionVocbase(context, "SYS_SHA256", JS_Sha256);
TRI_AddGlobalFunctionVocbase(context, "SYS_SHA384", JS_Sha384);
TRI_AddGlobalFunctionVocbase(context, "SYS_SHA512", JS_Sha512);
TRI_AddGlobalFunctionVocbase(context, "SYS_SLEEP", JS_Sleep);
TRI_AddGlobalFunctionVocbase(context, "SYS_SPRINTF", JS_SPrintF);
TRI_AddGlobalFunctionVocbase(context, "SYS_STATUS_EXTERNAL", JS_StatusExternal);