← Back to team overview

zorba-coders team mailing list archive

  1. zorba-coders team
  2. Mailing list archive
  3. Message #12449

[Merge] lp:~zorba-coders/zorba/security-module-v2 into lp:zorba/security-module

  Thread PreviousDate PreviousThread Next 
Matthias Brantner has proposed merging lp:~zorba-coders/zorba/security-module-v2 into lp:zorba/security-module.

Requested reviews:
  Matthias Brantner (matthias-brantner)

For more details, see:
https://code.launchpad.net/~zorba-coders/zorba/security-module-v2/+merge/115881

hash module v. 2
- based on openssl
- handling streamable strings
- hashing binaries
- sha256 support
-- 
https://code.launchpad.net/~zorba-coders/zorba/security-module-v2/+merge/115881
Your team Zorba Coders is subscribed to branch lp:zorba/security-module.

=== modified file 'CMakeLists.txt'
--- CMakeLists.txt	2011-08-10 14:05:21 +0000
+++ CMakeLists.txt	2012-07-20 03:38:19 +0000
@@ -21,6 +21,13 @@
 FIND_PACKAGE (Zorba REQUIRED HINTS "${ZORBA_BUILD_DIR}")
 INCLUDE ("${Zorba_USE_FILE}")
 
+FIND_PACKAGE(OpenSSL) 
+IF (NOT OPENSSL_FOUND)
+  MESSAGE(FATAL_ERROR "Could not find the OpenSSL library and development headers")
+ENDIF (NOT OPENSSL_FOUND)
+
+INCLUDE_DIRECTORIES(${OPENSSL_INCLUDE_DIR})
+
 ADD_TEST_DIRECTORY("${PROJECT_SOURCE_DIR}/test")
 ADD_SUBDIRECTORY("src")
 

=== modified file 'src/CMakeLists.txt'
--- src/CMakeLists.txt	2011-08-02 08:51:47 +0000
+++ src/CMakeLists.txt	2012-07-20 03:38:19 +0000
@@ -12,5 +12,15 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-DECLARE_ZORBA_MODULE (URI "http://www.zorba-xquery.com/modules/cryptography/hmac"; VERSION 1.0 FILE "hmac.xq")
-DECLARE_ZORBA_MODULE (URI "http://www.zorba-xquery.com/modules/cryptography/hash"; VERSION 1.0 FILE "hash.xq")
+DECLARE_ZORBA_MODULE (
+  URI "http://www.zorba-xquery.com/modules/cryptography/hmac";
+  VERSION 1.0
+  FILE "hmac.xq"
+  LINK_LIBRARIES ${OPENSSL_LIBRARIES}
+)
+DECLARE_ZORBA_MODULE (
+  URI "http://www.zorba-xquery.com/modules/cryptography/hash";
+  VERSION 2.0
+  FILE "hash.xq"
+  LINK_LIBRARIES ${OPENSSL_LIBRARIES}
+)

=== modified file 'src/hash.xq'
--- src/hash.xq	2011-08-13 00:08:45 +0000
+++ src/hash.xq	2012-07-20 03:38:19 +0000
@@ -1,7 +1,7 @@
 xquery version "1.0";
 
 (:
- : Copyright 2006-2009 The FLWOR Foundation.
+ : Copyright 2006-2012 The FLWOR Foundation.
  :
  : Licensed under the Apache License, Version 2.0 (the "License");
  : you may not use this file except in compliance with the License.
@@ -18,6 +18,8 @@
 
 (:~
  : This module provides functions that perform different hash operations.
+ : For example, they compute MD5 and various SHA functions on either
+ : strings or binary. The result is the base64 encoded value of the hash.
  :
  : @author Gabriel Petrovay, Markus Pilman
  : @project cryptography
@@ -25,28 +27,60 @@
 module namespace hash = "http://www.zorba-xquery.com/modules/cryptography/hash";;
 
 declare namespace ver = "http://www.zorba-xquery.com/options/versioning";;
-declare option ver:module-version "1.0";
+declare option ver:module-version "2.0";
 
 (:~
  : Computes the MD5 hash of the string provided as parameter.
  :
- : @param $value The string to hash.
- : @return The MD5 hash of the provided string.
+ : @param $value The string to hash
+ :
+ : @return The MD5 hash as xs:base64Binary
  :)
-declare function hash:md5($value as xs:string) as xs:string
+declare function hash:md5($value as xs:string)
+  as xs:base64Binary
 {
-  hash:hash-impl($value, "md5")
+  hash:hash($value, "md5")
 };
 
 (:~
  : Computes the SHA1 hash of the string provided as parameter.
  :
  : @param $value The string to hash.
- : @return The base64 encoded SHA1 hash of the provided string.
- :)
-declare function hash:sha1($value as xs:string) as xs:string
-{
-  hash:hash-impl($value, "sha1")
+ :
+ : @return The SHA1 hash as xs:base64Binary
+ :)
+declare function hash:sha1($value as xs:string)
+  as xs:base64Binary
+{
+  hash:hash($value, "sha1")
+};
+
+(:~
+ : This function computes the MD5 hash value of the binary form of the given
+ : base64Binary item, i.e. the item is base64-decoded before hashing.
+ :
+ : @param $value The binary item to hash.
+ :
+ : @return The MD5 hash of the provided binary.
+ :)
+declare function hash:md5-binary($value as xs:base64Binary)
+  as xs:base64Binary
+{
+  hash:hash-binary($value, "md5")
+};
+
+(:~
+ : This function computes the SHA1 hash value of the binary form of the given
+ : base64Binary item, i.e. the item is base64-decoded before hashing.
+ :
+ : @param $value The binary item to hash.
+ :
+ : @return The base64 encoded SHA1 hash of the provided binary.
+ :)
+declare function hash:sha1-binary($value as xs:base64Binary)
+  as xs:base64Binary
+{
+  hash:hash-binary($value, "sha1")
 };
 
 (:~
@@ -54,10 +88,31 @@
  : The function expects the hash algorithm to be used as parameter.
  :
  : @param $value The string to be hashed.
- : @param $alg The algorithm to use for this hashing operation. Currently only
- :        "md5" and "sha1" algorithms are available. If no valid algorithm
- :        name is given, md5 will be used.
- : @return The hash of the provided string. In case SHA1 is used, the resulting
- :         hash value is base64 encoded.
- :)
-declare function hash:hash-impl($value as xs:string, $alg as xs:string) as xs:string external;
+ :
+ : @param $alg The algorithm to use for this hashing operation. Supported
+ :        algorithms are "md5", "sha1", and "sha256".
+ :
+ : @return The hash as xs:base64binary of the provided string
+ :
+ : @error hash:unsupported-algorithm if the given hash algorithm is not
+ :  supported
+ :)
+declare function hash:hash($value as xs:string, $alg as xs:string)
+  as xs:base64Binary external;
+
+(:~
+ : This function computes a hash value of the binary form of the given
+ : base64Binary item, i.e. the item is base64-decoded before hashing.
+ :
+ : @param $value The binary item to be hashed.
+ :
+ : @param $alg The algorithm to use for this hashing operation. Supported
+ :        algorithms are "md5", "sha1", and "sha256".
+ :
+ : @return The hash as xs:base64Binary of the provided binary
+ :
+ : @error hash:unsupported-algorithm if the given hash algorithm is not
+ :  supported
+ :)
+declare function hash:hash-binary($value as xs:base64Binary, $alg as xs:string)
+  as xs:base64Binary external;

=== modified file 'src/hash.xq.src/hash.cpp'
--- src/hash.xq.src/hash.cpp	2011-11-29 00:56:02 +0000
+++ src/hash.xq.src/hash.cpp	2012-07-20 03:38:19 +0000
@@ -23,29 +23,46 @@
 #include <zorba/user_exception.h>
 #include <zorba/item_factory.h>
 #include <zorba/singleton_item_sequence.h>
+#include <zorba/empty_sequence.h>
 #include <zorba/xquery_exception.h>
 #include <zorba/zorba.h>
 #include "hash.h"
 
-#include "md5_impl.h"
-#include "sha1.h"
+#include "openssl/md5.h"
+#include "openssl/sha.h"
+
 
 namespace zorba { namespace security {
 
-zorba::String getOneStringArgument(
-    const HashModule* aModule,
+/******************************************************************************
+ ******************************************************************************/
+zorba::String
+HashModule::getStringArgument(
     const ExternalFunction::Arguments_t& aArgs,
     int aIndex)
 {
   zorba::Item lItem;
   Iterator_t args_iter = aArgs[aIndex]->getIterator();
   args_iter->open();
-  args_iter->next(lItem); // must have one because the signature is defined like this
+  args_iter->next(lItem);
   zorba::String lTmpString = lItem.getStringValue();
   args_iter->close();
   return lTmpString;
 }
 
+zorba::Item
+HashModule::getItemArgument(
+    const ExternalFunction::Arguments_t& aArgs,
+    int aIndex)
+{
+  zorba::Item lItem;
+  Iterator_t args_iter = aArgs[aIndex]->getIterator();
+  args_iter->open();
+  args_iter->next(lItem);
+  args_iter->close();
+  return lItem;
+}
+
 HashModule::~HashModule()
 {
   for (FuncMap_t::const_iterator lIter = theFunctions.begin();
@@ -65,63 +82,16 @@
   delete this;
 }
 
-class HashFunction : public NonContextualExternalFunction
-{
-protected:
-  const HashModule* theModule;
-
-public:
-  HashFunction(const HashModule* aModule): theModule(aModule){}
-  ~HashFunction(){}
-
-  virtual String
-  getLocalName() const { return "hash-impl"; }
-
-  virtual zorba::ItemSequence_t
-  evaluate(const Arguments_t& aArgs) const
-  {
-    zorba::String lText = getOneStringArgument(theModule, aArgs, 0);
-    zorba::String lAlg = getOneStringArgument(theModule, aArgs, 1);
-    zorba::String lHash;
-    if (lAlg == "sha1") {
-      CSHA1 lSha1;
-      const unsigned char* lData = (const unsigned char*) lText.c_str();
-      lSha1.Update(lData, lText.size());
-      lSha1.Final();
-      char lRes[65];
-      lSha1.GetHash((UINT_8 *)lRes);
-
-      // SHA1 is always 20bytes long
-      // avoid using a stream here because it might contain 0's
-      // (i.e. be null terminated)
-      std::stringstream lTmp;
-      lTmp.write(lRes, 20);
-
-      lHash = zorba::encoding::Base64::encode(lTmp);
-    } else {
-      lHash = md5(lText.str());
-    }
-    // implement here
-    zorba::Item lItem;
-    lItem = theModule->getItemFactory()->createString(lHash);
-    return zorba::ItemSequence_t(new zorba::SingletonItemSequence(lItem));
-  }
-
-  virtual String
-  getURI() const
-  {
-    return theModule->getURI();
-  }
-
-};
-
-ExternalFunction* HashModule::getExternalFunction(const 
+ExternalFunction*
+HashModule::getExternalFunction(const 
     String& aLocalname)
 {
   ExternalFunction*& lFunc = theFunctions[aLocalname];
   if (!lFunc) {
-    if (!aLocalname.compare("hash-impl")) {
+    if (!aLocalname.compare("hash")) {
       lFunc = new HashFunction(this);
+    } else if (!aLocalname.compare("hash-binary")) {
+      lFunc = new HashBinaryFunction(this);
     }
   }
   return lFunc;
@@ -129,6 +99,81 @@
 
 ItemFactory* HashModule::theFactory = 0;
 
+
+/******************************************************************************
+ ******************************************************************************/
+zorba::ItemSequence_t
+HashFunction::evaluate(const Arguments_t& aArgs) const
+{
+  zorba::Item lMessage = theModule->getItemArgument(aArgs, 0);
+  zorba::String lAlg = theModule->getStringArgument(aArgs, 1);
+
+  if (lAlg == "sha1" || lAlg == "SHA1")
+  {
+    return theModule->hash<SHA_CTX, SHA_DIGEST_LENGTH>
+      (&SHA1_Init, &SHA1_Update, &SHA1_Final, &SHA1, lMessage);
+  }
+  else if (lAlg == "sha256" || lAlg == "SHA256")
+  {
+    return theModule->hash<SHA256_CTX, SHA256_DIGEST_LENGTH>
+      (&SHA256_Init, &SHA256_Update, &SHA256_Final, &SHA256, lMessage);
+  }
+  else if (lAlg == "md5" || lAlg == "MD5")
+  {
+    return theModule->hash<MD5_CTX, MD5_DIGEST_LENGTH>
+      (&MD5_Init, &MD5_Update, &MD5_Final, &MD5, lMessage);
+  } 
+  else
+  {
+    std::ostringstream lMsg;
+    lMsg << lAlg << ": unsupported hash algorithm";
+    throw USER_EXCEPTION(
+        theModule->getItemFactory()->createQName(
+          theModule->getURI(), "unsupported-algorithm"),
+          lMsg.str());
+  }
+  return zorba::ItemSequence_t(new EmptySequence());
+}
+
+
+/******************************************************************************
+ ******************************************************************************/
+zorba::ItemSequence_t
+HashBinaryFunction::evaluate(const Arguments_t& aArgs) const
+{
+  zorba::Item lMessage = theModule->getItemArgument(aArgs, 0);
+  zorba::String lAlg = theModule->getStringArgument(aArgs, 1);
+
+  bool lDecode = lMessage.isEncoded();
+
+  if (lAlg == "sha1" || lAlg == "SHA1")
+  {
+    return theModule->hash<SHA_CTX, SHA_DIGEST_LENGTH>
+      (&SHA1_Init, &SHA1_Update, &SHA1_Final, &SHA1, lMessage, lDecode);
+  }
+  else if (lAlg == "sha256" || lAlg == "SHA256")
+  {
+    return theModule->hash<SHA256_CTX, SHA256_DIGEST_LENGTH>
+      (&SHA256_Init, &SHA256_Update, &SHA256_Final, &SHA256, lMessage, lDecode);
+  }
+  else if (lAlg == "md5" || lAlg == "MD5")
+  {
+    return theModule->hash<MD5_CTX, MD5_DIGEST_LENGTH>
+      (&MD5_Init, &MD5_Update, &MD5_Final, &MD5, lMessage, lDecode);
+  } 
+  else
+  {
+    std::ostringstream lMsg;
+    lMsg << lAlg << ": unsupported hash algorithm";
+    throw USER_EXCEPTION(
+        theModule->getItemFactory()->createQName(
+          theModule->getURI(), "unsupported-algorithm"),
+          lMsg.str());
+  }
+  
+  return zorba::ItemSequence_t(new EmptySequence());
+}
+
 } /* namespace security */
 } /* namespace zorba */
 

=== modified file 'src/hash.xq.src/hash.h'
--- src/hash.xq.src/hash.h	2011-08-03 08:33:59 +0000
+++ src/hash.xq.src/hash.h	2012-07-20 03:38:19 +0000
@@ -33,7 +33,7 @@
     protected:
 		class ltstr
 		{
-        public:
+    public:
 			bool
 			operator()(const String& s1, const String& s2) const
 			{
@@ -55,6 +55,12 @@
 		
 		virtual void
 		destroy();
+
+    static String
+    getStringArgument(const ExternalFunction::Arguments_t& aArgs, int aIndex);
+
+    static Item
+    getItemArgument(const ExternalFunction::Arguments_t& aArgs, int aIndex);
 		
 		static ItemFactory*
 		getItemFactory()
@@ -63,36 +69,119 @@
 				theFactory = Zorba::getInstance(0)->getItemFactory();
 			return theFactory;
 		}
-		
+
+    template <class CONTEXT, int DIGEST_LENGTH> zorba::ItemSequence_t
+    hash(
+        int(*init)(CONTEXT*),
+        int(*update)(CONTEXT*, const void*, size_t),
+        int(*final)(unsigned char*, CONTEXT*),
+        unsigned char*(hash)(const unsigned char*, size_t, unsigned char*),
+        zorba::Item& aMessage,
+        bool aDecode = false
+      ) const
+    {
+      unsigned char lBuf[DIGEST_LENGTH];
+
+      CONTEXT lCtx;
+
+      if (aMessage.isStreamable())
+      {
+        std::istream& lStream = aMessage.getStream();
+
+        (*init)(&lCtx);
+
+        char lBuf2[1024];
+        while (lStream.good())
+        {
+          lStream.read(lBuf2, 1024);
+          if (aDecode)
+          {
+            // TODO
+            return 0;
+          }
+          (*update)(&lCtx, &lBuf2[0], lStream.gcount());
+        }
+        (*final)(&lBuf[0], &lCtx);
+      }
+      else
+      {
+        if (aMessage.getTypeCode() == store::XS_BASE64BINARY)
+        {
+          size_t lLen;
+          const char* lTmp = aMessage.getBase64BinaryValue(lLen);
+          if (aDecode)
+          {
+            // TODO
+            return 0;
+          }
+          (*hash)(
+              reinterpret_cast<const unsigned char*>(lTmp),
+              lLen,
+              &lBuf[0]
+            );
+        }
+        else
+        {
+          String lTmp = aMessage.getStringValue();
+          (*hash)(
+              reinterpret_cast<const unsigned char*>(lTmp.data()),
+              lTmp.size(),
+              &lBuf[0]
+            );
+        }
+      }
+      return
+        zorba::ItemSequence_t(new zorba::SingletonItemSequence(
+              getItemFactory()->createBase64Binary(&lBuf[0], DIGEST_LENGTH)));
+    }
 	};
+
+  class HashFunction : public NonContextualExternalFunction
+  {
+  protected:
+    const HashModule* theModule;
+  
+  public:
+    HashFunction(const HashModule* aModule): theModule(aModule){}
+    ~HashFunction(){}
+  
+    virtual String
+    getLocalName() const { return "hash"; }
+  
+    virtual zorba::ItemSequence_t
+    evaluate(const Arguments_t& aArgs) const;
+
+    virtual String
+    getURI() const
+    {
+      return theModule->getURI();
+    }
+  
+  };
+
+  class HashBinaryFunction : public NonContextualExternalFunction
+  {
+  protected:
+    const HashModule* theModule;
+  
+  public:
+    HashBinaryFunction(const HashModule* aModule): theModule(aModule){}
+    ~HashBinaryFunction(){}
+  
+    virtual String
+    getLocalName() const { return "hash-binary"; }
+  
+    virtual zorba::ItemSequence_t
+    evaluate(const Arguments_t& aArgs) const;
+
+    virtual String
+    getURI() const
+    {
+      return theModule->getURI();
+    }
+  
+  };
 	
-	class HashSHA1Function : public NonContextualExternalFunction
-	{
-    protected:
-		const HashModule* theModule;
-		
-		static void
-		throwError(
-				   const std::string aErrorMessage,
-				   const Error& aErrorType);
-		
-    private:
-		
-    public:
-		HashSHA1Function(const HashModule* aModule): theModule(aModule){}
-		~HashSHA1Function(){}
-		
-		virtual String
-		getLocalName() const { return "sha1"; }
-		
-		virtual zorba::ItemSequence_t
-		evaluate(const Arguments_t&) const;
-		
-		virtual String
-		getURI() const;
-		
-	};
-
 } /* namespace security */ 
 } /* namespace zorba */
 

=== removed file 'src/hash.xq.src/md5_impl.cpp'
--- src/hash.xq.src/md5_impl.cpp	2011-08-02 08:51:47 +0000
+++ src/hash.xq.src/md5_impl.cpp	1970-01-01 00:00:00 +0000
@@ -1,371 +0,0 @@
-/* MD5
- converted to C++ class by Frank Thilo (thilo@xxxxxxxxxxx)
- for bzflag (http://www.bzflag.org)
-
-   based on:
-
-   md5.h and md5.c
-   reference implemantion of RFC 1321
-
-   Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
-rights reserved.
-
-License to copy and use this software is granted provided that it
-is identified as the "RSA Data Security, Inc. MD5 Message-Digest
-Algorithm" in all material mentioning or referencing this software
-or this function.
-
-License is also granted to make and use derivative works provided
-that such works are identified as "derived from the RSA Data
-Security, Inc. MD5 Message-Digest Algorithm" in all material
-mentioning or referencing the derived work.
-
-RSA Data Security, Inc. makes no representations concerning either
-the merchantability of this software or the suitability of this
-software for any particular purpose. It is provided "as is"
-without express or implied warranty of any kind.
-
-These notices must be retained in any copies of any part of this
-documentation and/or software.
-
-*/
-
-/* system implementation headers */
-#include <stdio.h>
-#include <string.h>
-
-//md5 class include
-#include "md5_impl.h"
-
-namespace zorba { namespace security {
-
-// Constants for MD5Transform routine.
-#define S11 7
-#define S12 12
-#define S13 17
-#define S14 22
-#define S21 5
-#define S22 9
-#define S23 14
-#define S24 20
-#define S31 4
-#define S32 11
-#define S33 16
-#define S34 23
-#define S41 6
-#define S42 10
-#define S43 15
-#define S44 21
-
-///////////////////////////////////////////////
-
-// F, G, H and I are basic MD5 functions.
-inline MD5::uint4 MD5::F(uint4 x, uint4 y, uint4 z) {
-  return (x&y) | (~x&z);
-}
-
-inline MD5::uint4 MD5::G(uint4 x, uint4 y, uint4 z) {
-  return (x&z) | (y&~z);
-}
-
-inline MD5::uint4 MD5::H(uint4 x, uint4 y, uint4 z) {
-  return x^y^z;
-}
-
-inline MD5::uint4 MD5::I(uint4 x, uint4 y, uint4 z) {
-  return y ^ (x | ~z);
-}
-
-// rotate_left rotates x left n bits.
-inline MD5::uint4 MD5::rotate_left(uint4 x, int n) {
-  return (x << n) | (x >> (32-n));
-}
-
-// FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
-// Rotation is separate from addition to prevent recomputation.
-inline void MD5::FF(uint4 &a, uint4 b, uint4 c, uint4 d, uint4 x, uint4 s, uint4 ac) {
-  a = rotate_left(a+ F(b,c,d) + x + ac, s) + b;
-}
-
-inline void MD5::GG(uint4 &a, uint4 b, uint4 c, uint4 d, uint4 x, uint4 s, uint4 ac) {
-  a = rotate_left(a + G(b,c,d) + x + ac, s) + b;
-}
-
-inline void MD5::HH(uint4 &a, uint4 b, uint4 c, uint4 d, uint4 x, uint4 s, uint4 ac) {
-  a = rotate_left(a + H(b,c,d) + x + ac, s) + b;
-}
-
-inline void MD5::II(uint4 &a, uint4 b, uint4 c, uint4 d, uint4 x, uint4 s, uint4 ac) {
-  a = rotate_left(a + I(b,c,d) + x + ac, s) + b;
-}
-
-//////////////////////////////////////////////
-
-// default ctor, just initailize
-MD5::MD5()
-{
-  init();
-}
-
-//////////////////////////////////////////////
-
-// nifty shortcut ctor, compute MD5 for string and finalize it right away
-MD5::MD5(const std::string &text)
-{
-  init();
-  update(text.c_str(), text.length());
-  finalize();
-}
-
-//////////////////////////////
-
-void MD5::init()
-{
-  finalized=false;
-
-  count[0] = 0;
-  count[1] = 0;
-
-  // load magic initialization constants.
-  state[0] = 0x67452301;
-  state[1] = 0xefcdab89;
-  state[2] = 0x98badcfe;
-  state[3] = 0x10325476;
-}
-
-//////////////////////////////
-
-// decodes input (unsigned char) into output (uint4). Assumes len is a multiple of 4.
-void MD5::decode(uint4 output[], const uint1 input[], size_type len)
-{
-  for (unsigned int i = 0, j = 0; j < len; i++, j += 4)
-    output[i] = ((uint4)input[j]) | (((uint4)input[j+1]) << 8) |
-      (((uint4)input[j+2]) << 16) | (((uint4)input[j+3]) << 24);
-}
-
-//////////////////////////////
-
-// encodes input (uint4) into output (unsigned char). Assumes len is
-// a multiple of 4.
-void MD5::encode(uint1 output[], const uint4 input[], size_type len)
-{
-  for (size_type i = 0, j = 0; j < len; i++, j += 4) {
-    output[j] = input[i] & 0xff;
-    output[j+1] = (input[i] >> 8) & 0xff;
-    output[j+2] = (input[i] >> 16) & 0xff;
-    output[j+3] = (input[i] >> 24) & 0xff;
-  }
-}
-
-//////////////////////////////
-
-// apply MD5 algo on a block
-void MD5::transform(const uint1 block[blocksize])
-{
-  uint4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
-  decode (x, block, blocksize);
-
-  /* Round 1 */
-  FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
-  FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
-  FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
-  FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
-  FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
-  FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
-  FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
-  FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
-  FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
-  FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
-  FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
-  FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
-  FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
-  FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
-  FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
-  FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
-
-  /* Round 2 */
-  GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
-  GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
-  GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
-  GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
-  GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
-  GG (d, a, b, c, x[10], S22,  0x2441453); /* 22 */
-  GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
-  GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
-  GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
-  GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
-  GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
-  GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */
-  GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
-  GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */
-  GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */
-  GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
-
-  /* Round 3 */
-  HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
-  HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
-  HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
-  HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
-  HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
-  HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
-  HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
-  HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
-  HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
-  HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
-  HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
-  HH (b, c, d, a, x[ 6], S34,  0x4881d05); /* 44 */
-  HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
-  HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
-  HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
-  HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */
-
-  /* Round 4 */
-  II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
-  II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
-  II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
-  II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
-  II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
-  II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
-  II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
-  II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
-  II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
-  II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
-  II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
-  II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
-  II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
-  II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
-  II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
-  II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */
-
-  state[0] += a;
-  state[1] += b;
-  state[2] += c;
-  state[3] += d;
-
-  // Zeroize sensitive information.
-  memset(x, 0, sizeof x);
-}
-
-//////////////////////////////
-
-// MD5 block update operation. Continues an MD5 message-digest
-// operation, processing another message block
-void MD5::update(const unsigned char input[], size_type length)
-{
-  // compute number of bytes mod 64
-  size_type index = count[0] / 8 % blocksize;
-
-  // Update number of bits
-  if ((count[0] += (length << 3)) < (length << 3))
-    count[1]++;
-  count[1] += (length >> 29);
-
-  // number of bytes we need to fill in buffer
-  size_type firstpart = 64 - index;
-
-  size_type i;
-
-  // transform as many times as possible.
-  if (length >= firstpart)
-  {
-    // fill buffer first, transform
-    memcpy(&buffer[index], input, firstpart);
-    transform(buffer);
-
-    // transform chunks of blocksize (64 bytes)
-    for (i = firstpart; i + blocksize <= length; i += blocksize)
-      transform(&input[i]);
-
-    index = 0;
-  }
-  else
-    i = 0;
-
-  // buffer remaining input
-  memcpy(&buffer[index], &input[i], length-i);
-}
-
-//////////////////////////////
-
-// for convenience provide a verson with signed char
-void MD5::update(const char input[], size_type length)
-{
-  update((const unsigned char*)input, length);
-}
-
-//////////////////////////////
-
-// MD5 finalization. Ends an MD5 message-digest operation, writing the
-// the message digest and zeroizing the context.
-MD5& MD5::finalize()
-{
-  static unsigned char padding[64] = {
-    0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-  };
-
-  if (!finalized) {
-    // Save number of bits
-    unsigned char bits[8];
-    encode(bits, count, 8);
-
-    // pad out to 56 mod 64.
-    size_type index = count[0] / 8 % 64;
-    size_type padLen = (index < 56) ? (56 - index) : (120 - index);
-    update(padding, padLen);
-
-    // Append length (before padding)
-    update(bits, 8);
-
-    // Store state in digest
-    encode(digest, state, 16);
-
-    // Zeroize sensitive information.
-    memset(buffer, 0, sizeof buffer);
-    memset(count, 0, sizeof count);
-
-    finalized=true;
-  }
-
-  return *this;
-}
-
-//////////////////////////////
-
-// return hex representation of digest as string
-std::string MD5::hexdigest() const
-{
-  if (!finalized)
-    return "";
-
-  char buf[33];
-  for (int i=0; i<16; i++)
-    sprintf(buf+i*2, "%02x", digest[i]);
-  buf[32]=0;
-
-  return std::string(buf);
-}
-
-//////////////////////////////
-
-std::ostream& operator<<(std::ostream& out, MD5 md5)
-{
-  return out << md5.hexdigest();
-}
-
-//////////////////////////////
-
-std::string md5(const std::string str)
-{
-    MD5 md5 = MD5(str);
-
-    return md5.hexdigest();
-}
-
-} // namespace zorba
-} // namespace security
-
-/*
- * EOF
- */

=== removed file 'src/hash.xq.src/md5_impl.h'
--- src/hash.xq.src/md5_impl.h	2011-08-02 08:51:47 +0000
+++ src/hash.xq.src/md5_impl.h	1970-01-01 00:00:00 +0000
@@ -1,93 +0,0 @@
-/* MD5
- converted to C++ class by Frank Thilo (thilo@xxxxxxxxxxx)
- for bzflag (http://www.bzflag.org)
-
-   based on:
-
-   md5.h and md5.c
-   reference implementation of RFC 1321
-
-   Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
-rights reserved.
-
-License to copy and use this software is granted provided that it
-is identified as the "RSA Data Security, Inc. MD5 Message-Digest
-Algorithm" in all material mentioning or referencing this software
-or this function.
-
-License is also granted to make and use derivative works provided
-that such works are identified as "derived from the RSA Data
-Security, Inc. MD5 Message-Digest Algorithm" in all material
-mentioning or referencing the derived work.
-
-RSA Data Security, Inc. makes no representations concerning either
-the merchantability of this software or the suitability of this
-software for any particular purpose. It is provided "as is"
-without express or implied warranty of any kind.
-
-These notices must be retained in any copies of any part of this
-documentation and/or software.
-
-*/
-
-//---------------------------------------------------------------------- 
-//include protection
-#ifndef SAUSALITO_SECURITYMODULE_MD5_IMPL_H
-#define SAUSALITO_SECURITYMODULE_MD5_IMPL_H
-
-//---------------------------------------------------------------------- 
-//STL includes
-#include <string>
-#include <iostream>
-
-namespace zorba { namespace security {
-
-	class MD5
-	{
-	public:
-	  typedef unsigned int size_type; // must be 32bit
-
-	  MD5();
-	  MD5(const std::string& text);
-	  void update(const unsigned char *buf, size_type length);
-	  void update(const char *buf, size_type length);
-	  MD5& finalize();
-	  std::string hexdigest() const;
-	  friend std::ostream& operator<<(std::ostream&, MD5 md5);
-
-	private:
-	  void init();
-	  typedef unsigned char uint1; //  8bit
-	  typedef unsigned int uint4;  // 32bit
-	  enum {blocksize = 64}; // VC6 won't eat a const static int here
-
-	  void transform(const uint1 block[blocksize]);
-	  static void decode(uint4 output[], const uint1 input[], size_type len);
-	  static void encode(uint1 output[], const uint4 input[], size_type len);
-
-	  bool finalized;
-	  uint1 buffer[blocksize]; // bytes that didn't fit in last 64 byte chunk
-	  uint4 count[2];   // 64bit counter for number of bits (lo, hi)
-	  uint4 state[4];   // digest so far
-	  uint1 digest[16]; // the result
-
-	  // low level logic operations
-	  static inline uint4 F(uint4 x, uint4 y, uint4 z);
-	  static inline uint4 G(uint4 x, uint4 y, uint4 z);
-	  static inline uint4 H(uint4 x, uint4 y, uint4 z);
-	  static inline uint4 I(uint4 x, uint4 y, uint4 z);
-	  static inline uint4 rotate_left(uint4 x, int n);
-	  static inline void FF(uint4 &a, uint4 b, uint4 c, uint4 d, uint4 x, uint4 s, uint4 ac);
-	  static inline void GG(uint4 &a, uint4 b, uint4 c, uint4 d, uint4 x, uint4 s, uint4 ac);
-	  static inline void HH(uint4 &a, uint4 b, uint4 c, uint4 d, uint4 x, uint4 s, uint4 ac);
-	  static inline void II(uint4 &a, uint4 b, uint4 c, uint4 d, uint4 x, uint4 s, uint4 ac);
-	};
-
-	std::string md5(const std::string str);
-
-
-} // namespace zorba
-} // namespace security
-//---------------------------------------------------------------------- 
-//End of include protection
-#endif

=== removed file 'src/hash.xq.src/sha1.cpp'
--- src/hash.xq.src/sha1.cpp	2011-08-02 08:51:47 +0000
+++ src/hash.xq.src/sha1.cpp	1970-01-01 00:00:00 +0000
@@ -1,264 +0,0 @@
-/*
-  100% free public domain implementation of the SHA-1 algorithm
-  by Dominik Reichl <dominik.reichl@xxxxxxxxxxx>
-  Web: http://www.dominik-reichl.de/
-
-  See header file for version history.
-*/
-
-// If compiling with MFC, you might want to add #include "StdAfx.h"
-
-#define _CRT_SECURE_NO_WARNINGS
-//#include "security_sha1.h"
-#include "sha1.h"
-
-#ifdef SHA1_UTILITY_FUNCTIONS
-#define SHA1_MAX_FILE_BUFFER 8000
-#endif
-
-// Rotate x bits to the left
-#ifndef ROL32
-#ifdef _MSC_VER
-#define ROL32(_val32,_nBits) _rotl(_val32,_nBits)
-#else
-#define ROL32(_val32,_nBits) (((_val32)<<(_nBits))|((_val32)>>(32-(_nBits))))
-#endif
-#endif
-
-#ifdef SHA1_LITTLE_ENDIAN
-#define SHABLK0(i) (m_block->l[i] = \
-  (ROL32(m_block->l[i],24) & 0xFF00FF00) | (ROL32(m_block->l[i],8) & 0x00FF00FF))
-#else
-#define SHABLK0(i) (m_block->l[i])
-#endif
-
-#define SHABLK(i) (m_block->l[i&15] = ROL32(m_block->l[(i+13)&15] ^ m_block->l[(i+8)&15] \
-  ^ m_block->l[(i+2)&15] ^ m_block->l[i&15],1))
-
-// SHA-1 rounds
-#define _R0(v,w,x,y,z,i) {z+=((w&(x^y))^y)+SHABLK0(i)+0x5A827999+ROL32(v,5);w=ROL32(w,30);}
-#define _R1(v,w,x,y,z,i) {z+=((w&(x^y))^y)+SHABLK(i)+0x5A827999+ROL32(v,5);w=ROL32(w,30);}
-#define _R2(v,w,x,y,z,i) {z+=(w^x^y)+SHABLK(i)+0x6ED9EBA1+ROL32(v,5);w=ROL32(w,30);}
-#define _R3(v,w,x,y,z,i) {z+=(((w|x)&y)|(w&x))+SHABLK(i)+0x8F1BBCDC+ROL32(v,5);w=ROL32(w,30);}
-#define _R4(v,w,x,y,z,i) {z+=(w^x^y)+SHABLK(i)+0xCA62C1D6+ROL32(v,5);w=ROL32(w,30);}
-
-namespace zorba { namespace security {
-
-CSHA1::CSHA1()
-{
-  m_block = (SHA1_WORKSPACE_BLOCK*)m_workspace;
-
-  Reset();
-}
-
-CSHA1::~CSHA1()
-{
-  Reset();
-}
-
-void CSHA1::Reset()
-{
-  // SHA1 initialization constants
-  m_state[0] = 0x67452301;
-  m_state[1] = 0xEFCDAB89;
-  m_state[2] = 0x98BADCFE;
-  m_state[3] = 0x10325476;
-  m_state[4] = 0xC3D2E1F0;
-
-  m_count[0] = 0;
-  m_count[1] = 0;
-}
-
-void CSHA1::Transform(UINT_32* pState, const UINT_8* pBuffer)
-{
-  UINT_32 a = pState[0], b = pState[1], c = pState[2], d = pState[3], e = pState[4];
-
-  memcpy(m_block, pBuffer, 64);
-
-  // 4 rounds of 20 operations each. Loop unrolled.
-  _R0(a,b,c,d,e, 0); _R0(e,a,b,c,d, 1); _R0(d,e,a,b,c, 2); _R0(c,d,e,a,b, 3);
-  _R0(b,c,d,e,a, 4); _R0(a,b,c,d,e, 5); _R0(e,a,b,c,d, 6); _R0(d,e,a,b,c, 7);
-  _R0(c,d,e,a,b, 8); _R0(b,c,d,e,a, 9); _R0(a,b,c,d,e,10); _R0(e,a,b,c,d,11);
-  _R0(d,e,a,b,c,12); _R0(c,d,e,a,b,13); _R0(b,c,d,e,a,14); _R0(a,b,c,d,e,15);
-  _R1(e,a,b,c,d,16); _R1(d,e,a,b,c,17); _R1(c,d,e,a,b,18); _R1(b,c,d,e,a,19);
-  _R2(a,b,c,d,e,20); _R2(e,a,b,c,d,21); _R2(d,e,a,b,c,22); _R2(c,d,e,a,b,23);
-  _R2(b,c,d,e,a,24); _R2(a,b,c,d,e,25); _R2(e,a,b,c,d,26); _R2(d,e,a,b,c,27);
-  _R2(c,d,e,a,b,28); _R2(b,c,d,e,a,29); _R2(a,b,c,d,e,30); _R2(e,a,b,c,d,31);
-  _R2(d,e,a,b,c,32); _R2(c,d,e,a,b,33); _R2(b,c,d,e,a,34); _R2(a,b,c,d,e,35);
-  _R2(e,a,b,c,d,36); _R2(d,e,a,b,c,37); _R2(c,d,e,a,b,38); _R2(b,c,d,e,a,39);
-  _R3(a,b,c,d,e,40); _R3(e,a,b,c,d,41); _R3(d,e,a,b,c,42); _R3(c,d,e,a,b,43);
-  _R3(b,c,d,e,a,44); _R3(a,b,c,d,e,45); _R3(e,a,b,c,d,46); _R3(d,e,a,b,c,47);
-  _R3(c,d,e,a,b,48); _R3(b,c,d,e,a,49); _R3(a,b,c,d,e,50); _R3(e,a,b,c,d,51);
-  _R3(d,e,a,b,c,52); _R3(c,d,e,a,b,53); _R3(b,c,d,e,a,54); _R3(a,b,c,d,e,55);
-  _R3(e,a,b,c,d,56); _R3(d,e,a,b,c,57); _R3(c,d,e,a,b,58); _R3(b,c,d,e,a,59);
-  _R4(a,b,c,d,e,60); _R4(e,a,b,c,d,61); _R4(d,e,a,b,c,62); _R4(c,d,e,a,b,63);
-  _R4(b,c,d,e,a,64); _R4(a,b,c,d,e,65); _R4(e,a,b,c,d,66); _R4(d,e,a,b,c,67);
-  _R4(c,d,e,a,b,68); _R4(b,c,d,e,a,69); _R4(a,b,c,d,e,70); _R4(e,a,b,c,d,71);
-  _R4(d,e,a,b,c,72); _R4(c,d,e,a,b,73); _R4(b,c,d,e,a,74); _R4(a,b,c,d,e,75);
-  _R4(e,a,b,c,d,76); _R4(d,e,a,b,c,77); _R4(c,d,e,a,b,78); _R4(b,c,d,e,a,79);
-
-  // Add the working vars back into state
-  pState[0] += a;
-  pState[1] += b;
-  pState[2] += c;
-  pState[3] += d;
-  pState[4] += e;
-
-  // Wipe variables
-#ifdef SHA1_WIPE_VARIABLES
-  a = b = c = d = e = 0;
-#endif
-}
-
-// Use this function to hash in binary data and strings
-void CSHA1::Update(const UINT_8* pbData, UINT_32 uLen)
-{
-  UINT_32 j = ((m_count[0] >> 3) & 0x3F);
-
-  if((m_count[0] += (uLen << 3)) < (uLen << 3))
-    ++m_count[1]; // Overflow
-
-  m_count[1] += (uLen >> 29);
-
-  UINT_32 i;
-  if((j + uLen) > 63)
-  {
-    i = 64 - j;
-    memcpy(&m_buffer[j], pbData, i);
-    Transform(m_state, m_buffer);
-
-    for( ; (i + 63) < uLen; i += 64)
-      Transform(m_state, &pbData[i]);
-
-    j = 0;
-  }
-  else i = 0;
-
-  if((uLen - i) != 0)
-    memcpy(&m_buffer[j], &pbData[i], uLen - i);
-}
-
-#ifdef SHA1_UTILITY_FUNCTIONS
-// Hash in file contents
-bool CSHA1::HashFile(const TCHAR* tszFileName)
-{
-  if(tszFileName == NULL) return false;
-
-  FILE* fpIn = _tfopen(tszFileName, _T("rb"));
-  if(fpIn == NULL) return false;
-
-  _fseeki64(fpIn, 0, SEEK_END);
-  const INT_64 lFileSize = _ftelli64(fpIn);
-  _fseeki64(fpIn, 0, SEEK_SET);
-
-  const INT_64 lMaxBuf = SHA1_MAX_FILE_BUFFER;
-  UINT_8 vData[SHA1_MAX_FILE_BUFFER];
-  INT_64 lRemaining = lFileSize;
-
-  while(lRemaining > 0)
-  {
-    const size_t uMaxRead = static_cast<size_t>((lRemaining > lMaxBuf) ?
-      lMaxBuf : lRemaining);
-
-    const size_t uRead = fread(vData, 1, uMaxRead, fpIn);
-    if(uRead == 0)
-    {
-      fclose(fpIn);
-      return false;
-    }
-
-    Update(vData, static_cast<UINT_32>(uRead));
-
-    lRemaining -= static_cast<INT_64>(uRead);
-  }
-
-  fclose(fpIn);
-  return (lRemaining == 0);
-}
-#endif
-
-void CSHA1::Final()
-{
-  UINT_32 i;
-
-  UINT_8 finalcount[8];
-  for(i = 0; i < 8; ++i)
-    finalcount[i] = (UINT_8)((m_count[((i >= 4) ? 0 : 1)]
-      >> ((3 - (i & 3)) * 8) ) & 255); // Endian independent
-
-  Update((UINT_8*)"\200", 1);
-
-  while ((m_count[0] & 504) != 448)
-    Update((UINT_8*)"\0", 1);
-
-  Update(finalcount, 8); // Cause a SHA1Transform()
-
-  for(i = 0; i < 20; ++i)
-    m_digest[i] = (UINT_8)((m_state[i >> 2] >> ((3 - (i & 3)) * 8)) & 0xFF);
-
-  // Wipe variables for security reasons
-#ifdef SHA1_WIPE_VARIABLES
-  memset(m_buffer, 0, 64);
-  memset(m_state, 0, 20);
-  memset(m_count, 0, 8);
-  memset(finalcount, 0, 8);
-  Transform(m_state, m_buffer);
-#endif
-}
-
-#ifdef SHA1_UTILITY_FUNCTIONS
-// Get the final hash as a pre-formatted string
-bool CSHA1::ReportHash(TCHAR* tszReport, REPORT_TYPE rtReportType) const
-{
-  if(tszReport == NULL) return false;
-
-  TCHAR tszTemp[16];
-
-  if((rtReportType == REPORT_HEX) || (rtReportType == REPORT_HEX_SHORT))
-  {
-    _sntprintf(tszTemp, 15, _T("%02X"), m_digest[0]);
-    _tcscpy(tszReport, tszTemp);
-
-    const TCHAR* lpFmt = ((rtReportType == REPORT_HEX) ? _T(" %02X") : _T("%02X"));
-    for(size_t i = 1; i < 20; ++i)
-    {
-      _sntprintf(tszTemp, 15, lpFmt, m_digest[i]);
-      _tcscat(tszReport, tszTemp);
-    }
-  }
-  else if(rtReportType == REPORT_DIGIT)
-  {
-    _sntprintf(tszTemp, 15, _T("%u"), m_digest[0]);
-    _tcscpy(tszReport, tszTemp);
-
-    for(size_t i = 1; i < 20; ++i)
-    {
-      _sntprintf(tszTemp, 15, _T(" %u"), m_digest[i]);
-      _tcscat(tszReport, tszTemp);
-    }
-  }
-  else return false;
-
-  return true;
-}
-#endif
-
-#ifdef SHA1_STL_FUNCTIONS
-bool CSHA1::ReportHashStl(std::basic_string<TCHAR>& strOut, REPORT_TYPE rtReportType) const
-{
-  TCHAR tszOut[84];
-  const bool bResult = ReportHash(tszOut, rtReportType);
-  if(bResult) strOut = tszOut;
-  return bResult;
-}
-#endif
-
-// Get the raw message digest
-bool CSHA1::GetHash(UINT_8* pbDest) const
-{
-  if(pbDest == NULL) return false;
-  memcpy(pbDest, m_digest, 20);
-  return true;
-}
-
-}}

=== removed file 'src/hash.xq.src/sha1.h'
--- src/hash.xq.src/sha1.h	2011-08-02 08:51:47 +0000
+++ src/hash.xq.src/sha1.h	1970-01-01 00:00:00 +0000
@@ -1,259 +0,0 @@
-/*
-  100% free public domain implementation of the SHA-1 algorithm
-  by Dominik Reichl <dominik.reichl@xxxxxxxxxxx>
-  Web: http://www.dominik-reichl.de/
-
-  Version 1.8 - 2008-03-16
-  - Converted project files to Visual Studio 2008 format.
-  - Added Unicode support for HashFile utility method.
-  - Added support for hashing files using the HashFile method that are
-    larger than 2 GB.
-  - HashFile now returns an error code instead of copying an error
-    message into the output buffer.
-  - GetHash now returns an error code and validates the input parameter.
-  - Added ReportHashStl STL utility method.
-  - Added REPORT_HEX_SHORT reporting mode.
-  - Improved Linux compatibility of test program.
-
-  Version 1.7 - 2006-12-21
-  - Fixed buffer underrun warning that appeared when compiling with
-    Borland C Builder (thanks to Rex Bloom and Tim Gallagher for the
-    patch).
-  - Breaking change: ReportHash writes the final hash to the start
-    of the buffer, i.e. it's not appending it to the string anymore.
-  - Made some function parameters const.
-  - Added Visual Studio 2005 project files to demo project.
-
-  Version 1.6 - 2005-02-07 (thanks to Howard Kapustein for patches)
-  - You can set the endianness in your files, no need to modify the
-    header file of the CSHA1 class anymore.
-  - Aligned data support.
-  - Made support/compilation of the utility functions (ReportHash and
-    HashFile) optional (useful when bytes count, for example in embedded
-    environments).
-
-  Version 1.5 - 2005-01-01
-  - 64-bit compiler compatibility added.
-  - Made variable wiping optional (define SHA1_WIPE_VARIABLES).
-  - Removed unnecessary variable initializations.
-  - ROL32 improvement for the Microsoft compiler (using _rotl).
-
-  Version 1.4 - 2004-07-22
-  - CSHA1 now compiles fine with GCC 3.3 under MacOS X  (thanks to Larry
-    Hastings).
-
-  Version 1.3 - 2003-08-17
-  - Fixed a small memory bug and made a buffer array a class member to
-    ensure correct working when using multiple CSHA1 class instances at
-    one time.
-
-  Version 1.2 - 2002-11-16
-  - Borlands C++ compiler seems to have problems with string addition
-    using sprintf. Fixed the bug which caused the digest report function
-    not to work properly. CSHA1 is now Borland compatible.
-
-  Version 1.1 - 2002-10-11
-  - Removed two unnecessary header file includes and changed BOOL to
-    bool. Fixed some minor bugs in the web page contents.
-
-  Version 1.0 - 2002-06-20
-  - First official release.
-
-  ======== Test Vectors (from FIPS PUB 180-1) ========
-
-  SHA1("abc") =
-    A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D
-
-  SHA1("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq") =
-    84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1
-
-  SHA1(A million repetitions of "a") =
-    34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F
-*/
-
-#ifndef SAUSA_UTILS_SHA1_HDR
-#define SAUSA_UTILS_SHA1_HDR
-
-#if !defined(SHA1_UTILITY_FUNCTIONS) && !defined(SHA1_NO_UTILITY_FUNCTIONS)
-#define SHA1_UTILITY_FUNCTIONS
-#endif
-
-#if !defined(SHA1_STL_FUNCTIONS) && !defined(SHA1_NO_STL_FUNCTIONS)
-#define SHA1_STL_FUNCTIONS
-#if !defined(SHA1_UTILITY_FUNCTIONS)
-#error STL functions require SHA1_UTILITY_FUNCTIONS.
-#endif
-#endif
-
-#include <memory.h>
-
-#ifdef SHA1_UTILITY_FUNCTIONS
-#include <stdio.h>
-#include <string.h>
-#endif
-
-#ifdef SHA1_STL_FUNCTIONS
-#include <string>
-#endif
-
-#ifdef _MSC_VER
-#include <stdlib.h>
-#endif
-
-// You can define the endian mode in your files without modifying the SHA-1
-// source files. Just #define SHA1_LITTLE_ENDIAN or #define SHA1_BIG_ENDIAN
-// in your files, before including the SHA1.h header file. If you don't
-// define anything, the class defaults to little endian.
-#if !defined(SHA1_LITTLE_ENDIAN) && !defined(SHA1_BIG_ENDIAN)
-#define SHA1_LITTLE_ENDIAN
-#endif
-
-// If you want variable wiping, #define SHA1_WIPE_VARIABLES, if not,
-// #define SHA1_NO_WIPE_VARIABLES. If you don't define anything, it
-// defaults to wiping.
-#if !defined(SHA1_WIPE_VARIABLES) && !defined(SHA1_NO_WIPE_VARIABLES)
-#define SHA1_WIPE_VARIABLES
-#endif
-
-#if defined(SHA1_HAS_TCHAR)
-#include <tchar.h>
-#else
-#ifdef _MSC_VER
-#include <tchar.h>
-#else
-#ifndef TCHAR
-#define TCHAR char
-#endif
-#ifndef _T
-#define _T(__x) (__x)
-#define _tmain main
-#define _tprintf printf
-#define _getts gets
-#define _tcslen strlen
-#define _tfopen fopen
-#define _tcscpy strcpy
-#define _tcscat strcat
-#define _sntprintf snprintf
-#endif
-#endif
-#endif
-
-// Fallback, if no 64-bit support
-#ifndef _fseeki64
-#define _fseeki64 fseek
-#endif
-#ifndef _ftelli64
-#define _ftelli64 ftell
-#endif
-
-///////////////////////////////////////////////////////////////////////////
-// Define variable types
-
-#ifndef UINT_8
-#ifdef _MSC_VER // Compiling with Microsoft compiler
-#define UINT_8  unsigned __int8
-#else // !_MSC_VER
-#define UINT_8 unsigned char
-#endif // _MSC_VER
-#endif
-
-#ifndef UINT_32
-#ifdef _MSC_VER // Compiling with Microsoft compiler
-#define UINT_32 unsigned __int32
-#else // !_MSC_VER
-#if (ULONG_MAX == 0xFFFFFFFF)
-#define UINT_32 unsigned long
-#else
-#define UINT_32 unsigned int
-#endif
-#endif // _MSC_VER
-#endif // UINT_32
-
-#ifndef INT_64
-#ifdef _MSC_VER // Compiling with Microsoft compiler
-#define INT_64 __int64
-#else // !_MSC_VER
-#define INT_64 long long
-#endif // _MSC_VER
-#endif // INT_64
-
-#ifndef UINT_64
-#ifdef _MSC_VER // Compiling with Microsoft compiler
-#define UINT_64 unsigned __int64
-#else // !_MSC_VER
-#define UINT_64 unsigned long long
-#endif // _MSC_VER
-#endif // UINT_64
-
-///////////////////////////////////////////////////////////////////////////
-// Declare SHA-1 workspace
-
-namespace zorba { namespace security {
-
-typedef union
-{
-  UINT_8 c[64];
-  UINT_32 l[16];
-} SHA1_WORKSPACE_BLOCK;
-
-class CSHA1
-{
-public:
-#ifdef SHA1_UTILITY_FUNCTIONS
-  // Different formats for ReportHash
-  enum REPORT_TYPE
-  {
-    REPORT_HEX = 0,
-    REPORT_DIGIT = 1,
-    REPORT_HEX_SHORT = 2
-  };
-#endif
-
-  // Constructor and destructor
-  CSHA1();
-  ~CSHA1();
-
-  UINT_32 m_state[5];
-  UINT_32 m_count[2];
-  UINT_32 m_reserved0[1]; // Memory alignment padding
-  UINT_8 m_buffer[64];
-  UINT_8 m_digest[20];
-  UINT_32 m_reserved1[3]; // Memory alignment padding
-
-  void Reset();
-
-  // Update the hash value
-  void Update(const UINT_8* pbData, UINT_32 uLen);
-
-#ifdef SHA1_UTILITY_FUNCTIONS
-  // Hash in file contents
-  bool HashFile(const TCHAR* tszFileName);
-#endif
-
-  // Finalize hash, call before using ReportHash(Stl)
-  void Final();
-
-#ifdef SHA1_UTILITY_FUNCTIONS
-  bool ReportHash(TCHAR* tszReport, REPORT_TYPE rtReportType = REPORT_HEX) const;
-#endif
-
-#ifdef SHA1_STL_FUNCTIONS
-  bool ReportHashStl(std::basic_string<TCHAR>& strOut, REPORT_TYPE rtReportType =
-    REPORT_HEX) const;
-#endif
-
-  bool GetHash(UINT_8* pbDest) const;
-
-private:
-  // Private SHA-1 transformation
-  void Transform(UINT_32* pState, const UINT_8* pBuffer);
-
-  // Member variables
-  UINT_8 m_workspace[64];
-  SHA1_WORKSPACE_BLOCK* m_block; // SHA1 pointer to the byte array above
-};
-
-}}//end of namespace
-
-#endif // ZORBA_SECURITY_MODULE_SHA1_HDR
-

=== added file 'test/ExpQueryResults/security/hash-binary.xml.res'
--- test/ExpQueryResults/security/hash-binary.xml.res	1970-01-01 00:00:00 +0000
+++ test/ExpQueryResults/security/hash-binary.xml.res	2012-07-20 03:38:19 +0000
@@ -0,0 +1,1 @@
+C7C73C51A659682EBA186FD13D9F25814CD46273A0E4E14A0AFFA266B4DD80DD

=== added file 'test/ExpQueryResults/security/hash-sha256.xml.res'
--- test/ExpQueryResults/security/hash-sha256.xml.res	1970-01-01 00:00:00 +0000
+++ test/ExpQueryResults/security/hash-sha256.xml.res	2012-07-20 03:38:19 +0000
@@ -0,0 +1,1 @@
+ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0= JI1qYdIGOLjlwCaTDD5gOaM85Flk/yFn9uzt1BnbBsE=

=== added file 'test/Queries/security/hash-binary.xq'
--- test/Queries/security/hash-binary.xq	1970-01-01 00:00:00 +0000
+++ test/Queries/security/hash-binary.xq	2012-07-20 03:38:19 +0000
@@ -0,0 +1,4 @@
+import module namespace hash = "http://www.zorba-xquery.com/modules/cryptography/hash";;
+import module namespace f = "http://expath.org/ns/file";;
+
+xs:hexBinary(hash:hash-binary(f:read-binary(resolve-uri("ls")), "sha256"))

=== added file 'test/Queries/security/hash-sha256.xq'
--- test/Queries/security/hash-sha256.xq	1970-01-01 00:00:00 +0000
+++ test/Queries/security/hash-sha256.xq	2012-07-20 03:38:19 +0000
@@ -0,0 +1,6 @@
+(: Values compared to php -r 'echo base64_encode(sha1($string, true));' :)
+import module namespace hash = "http://www.zorba-xquery.com/modules/cryptography/hash";;
+
+hash:hash("abc", "sha256"),
+hash:hash("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", "sha256")
+

=== added file 'test/Queries/security/ls'
Binary files test/Queries/security/ls	1970-01-01 00:00:00 +0000 and test/Queries/security/ls	2012-07-20 03:38:19 +0000 differ

Follow ups

  Thread PreviousDate PreviousThread Next