You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@trafficserver.apache.org by shukitchan <gi...@git.apache.org> on 2016/05/31 16:55:40 UTC
[GitHub] trafficserver pull request: TS-4491: support sha256 and sha512 in ts_lua
GitHub user shukitchan opened a pull request:
https://github.com/apache/trafficserver/pull/681
TS-4491: support sha256 and sha512 in ts_lua
support sha256 and sha512 in ts_lua plugin
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/shukitchan/trafficserver sha256
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/trafficserver/pull/681.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #681
----
commit ed2e93cb641e37f22d13ee54bd1289d2a55856b2
Author: Kit Chan <ki...@apache.org>
Date: 2016-05-09T20:29:52Z
support sha256 and sha512 in ts_lua
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] trafficserver pull request #681: TS-4491: support sha256 and sha512 in ts_lu...
Posted by shukitchan <gi...@git.apache.org>.
Github user shukitchan closed the pull request at:
https://github.com/apache/trafficserver/pull/681
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] trafficserver pull request: TS-4491: support sha256 and sha512 in ts_lua
Posted by jpeach <gi...@git.apache.org>.
Github user jpeach commented on a diff in the pull request:
https://github.com/apache/trafficserver/pull/681#discussion_r65223795
--- Diff: plugins/experimental/ts_lua/ts_lua_crypto.c ---
@@ -198,6 +222,130 @@ ts_lua_sha1_bin(lua_State *L)
}
static int
+ts_lua_sha256(lua_State *L)
+{
+ u_char *src;
+ size_t slen;
+
+ SHA256_CTX sha;
+ u_char sha_buf[TS_LUA_SHA256_DIGEST_LENGTH];
+ u_char hex_buf[2 * sizeof(sha_buf)];
+
+ if (lua_gettop(L) != 1) {
+ return luaL_error(L, "expecting one argument");
+ }
+
+ if (lua_isnil(L, 1)) {
+ src = (u_char *)"";
+ slen = 0;
+
+ } else {
+ src = (u_char *)luaL_checklstring(L, 1, &slen);
+ }
+
+ SHA256_Init(&sha);
+ SHA256_Update(&sha, src, slen);
+ SHA256_Final(sha_buf, &sha);
+
+ ts_lua_hex_dump(hex_buf, sha_buf, sizeof(sha_buf));
+ lua_pushlstring(L, (char *)hex_buf, sizeof(hex_buf));
+
+ return 1;
+}
+
+static int
+ts_lua_sha256_bin(lua_State *L)
+{
+ u_char *src;
+ size_t slen;
+
+ SHA256_CTX sha;
+ u_char sha_buf[TS_LUA_SHA256_DIGEST_LENGTH];
+
+ if (lua_gettop(L) != 1) {
+ return luaL_error(L, "expecting one argument");
+ }
+
+ if (lua_isnil(L, 1)) {
+ src = (u_char *)"";
+ slen = 0;
+
+ } else {
+ src = (u_char *)luaL_checklstring(L, 1, &slen);
+ }
+
+ SHA256_Init(&sha);
+ SHA256_Update(&sha, src, slen);
+ SHA256_Final(sha_buf, &sha);
+
+ lua_pushlstring(L, (char *)sha_buf, sizeof(sha_buf));
+
+ return 1;
+}
+
+static int
+ts_lua_sha512(lua_State *L)
+{
+ u_char *src;
+ size_t slen;
+
+ SHA512_CTX sha;
+ u_char sha_buf[TS_LUA_SHA512_DIGEST_LENGTH];
+ u_char hex_buf[2 * sizeof(sha_buf)];
+
+ if (lua_gettop(L) != 1) {
+ return luaL_error(L, "expecting one argument");
+ }
+
+ if (lua_isnil(L, 1)) {
+ src = (u_char *)"";
+ slen = 0;
+
+ } else {
+ src = (u_char *)luaL_checklstring(L, 1, &slen);
+ }
+
+ SHA512_Init(&sha);
+ SHA512_Update(&sha, src, slen);
+ SHA512_Final(sha_buf, &sha);
+
+ ts_lua_hex_dump(hex_buf, sha_buf, sizeof(sha_buf));
+ lua_pushlstring(L, (char *)hex_buf, sizeof(hex_buf));
+
+ return 1;
+}
+
+static int
+ts_lua_sha512_bin(lua_State *L)
--- End diff --
Rather than duplicating all these hashing APIs, can we pass flags to a common implementation?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] trafficserver pull request: TS-4491: support sha256 and sha512 in ts_lua
Posted by jpeach <gi...@git.apache.org>.
Github user jpeach commented on a diff in the pull request:
https://github.com/apache/trafficserver/pull/681#discussion_r65223667
--- Diff: doc/admin-guide/plugins/ts_lua.en.rst ---
@@ -2107,6 +2107,85 @@ Here is an example:
bin = ts.sha1_bin(uri)
end
+`TOP <#ts-lua-plugin>`_
+
+ts.sha256
+-------
+**syntax:** *digest = ts.sha256(str)*
+
+**context:** global
+
+**description:** Returns the hexadecimal representation of the SHA256 digest of the ``str`` argument.
+
+Here is an example:
+
+::
+
+ function do_remap()
+ uri = ts.client_request.get_uri()
+ print(uri) -- /foo
+ print(ts.sha256(uri)) -- 6f64c6e6261f492ac220b0a4cd9a14c6373181b92a4a8040c1fcde5db31ffc94
+ end
+
+
+`TOP <#ts-lua-plugin>`_
+
+ts.sha256_bin
+-----------
+**syntax:** *digest = ts.sha256_bin(str)*
+
+**context:** global
+
+**description:** Returns the binary form of the SHA256 digest of the ``str`` argument.
+
+Here is an example:
+
+::
+
+ function do_remap()
+ uri = ts.client_request.get_uri()
+ bin = ts.sha256_bin(uri)
+ end
+
+`TOP <#ts-lua-plugin>`_
+
+ts.sha512
+-------
+**syntax:** *digest = ts.sha512(str)*
--- End diff --
I think a better syntax might be to explicitly pass a parameter to specify the result format, eg, ``RAW``, ``HEX``, ``BASE64``.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] trafficserver pull request: TS-4491: support sha256 and sha512 in ts_lua
Posted by shukitchan <gi...@git.apache.org>.
Github user shukitchan commented on the pull request:
https://github.com/apache/trafficserver/pull/681
@jpeach this one should be simple. would appreciate if you can take a quick look and see if there is any trivial thing i miss. thanks.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] trafficserver pull request: TS-4491: support sha256 and sha512 in ts_lua
Posted by shukitchan <gi...@git.apache.org>.
Github user shukitchan commented on the pull request:
https://github.com/apache/trafficserver/pull/681
These are just convenient and frequently used so we pulled them in instead of telling user to use external library.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] trafficserver pull request: TS-4491: support sha256 and sha512 in ts_lua
Posted by jpeach <gi...@git.apache.org>.
Github user jpeach commented on a diff in the pull request:
https://github.com/apache/trafficserver/pull/681#discussion_r65222759
--- Diff: plugins/experimental/ts_lua/ts_lua_crypto.c ---
@@ -23,13 +23,21 @@
#define TS_LUA_MD5_DIGEST_LENGTH 16
#define TS_LUA_SHA_DIGEST_LENGTH 20
+#define TS_LUA_SHA256_DIGEST_LENGTH 32
--- End diff --
OpenSSL already has ``SHA256_DIGEST_LENGTH``.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] trafficserver pull request: TS-4491: support sha256 and sha512 in ts_lua
Posted by jpeach <gi...@git.apache.org>.
Github user jpeach commented on a diff in the pull request:
https://github.com/apache/trafficserver/pull/681#discussion_r65222800
--- Diff: plugins/experimental/ts_lua/ts_lua_crypto.c ---
@@ -23,13 +23,21 @@
#define TS_LUA_MD5_DIGEST_LENGTH 16
#define TS_LUA_SHA_DIGEST_LENGTH 20
+#define TS_LUA_SHA256_DIGEST_LENGTH 32
+#define TS_LUA_SHA512_DIGEST_LENGTH 64
--- End diff --
OpenSSL already has ``SHA512_DIGEST_LENGTH``
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] trafficserver issue #681: TS-4491: support sha256 and sha512 in ts_lua
Posted by shukitchan <gi...@git.apache.org>.
Github user shukitchan commented on the issue:
https://github.com/apache/trafficserver/pull/681
I am now thinking using luacrypto is a better choice. Closing for now.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] trafficserver pull request: TS-4491: support sha256 and sha512 in ts_lua
Posted by jpeach <gi...@git.apache.org>.
Github user jpeach commented on the pull request:
https://github.com/apache/trafficserver/pull/681
It seems like [luacrypto](http://luacrypto.luaforge.net/manual.html) already gives pretty good access to the ``OpenSSL`` hash APIs. Do we need to duplicate that?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] trafficserver pull request: TS-4491: support sha256 and sha512 in ts_lua
Posted by shukitchan <gi...@git.apache.org>.
Github user shukitchan commented on a diff in the pull request:
https://github.com/apache/trafficserver/pull/681#discussion_r65225001
--- Diff: doc/admin-guide/plugins/ts_lua.en.rst ---
@@ -2107,6 +2107,85 @@ Here is an example:
bin = ts.sha1_bin(uri)
end
+`TOP <#ts-lua-plugin>`_
+
+ts.sha256
+-------
+**syntax:** *digest = ts.sha256(str)*
+
+**context:** global
+
+**description:** Returns the hexadecimal representation of the SHA256 digest of the ``str`` argument.
+
+Here is an example:
+
+::
+
+ function do_remap()
+ uri = ts.client_request.get_uri()
+ print(uri) -- /foo
+ print(ts.sha256(uri)) -- 6f64c6e6261f492ac220b0a4cd9a14c6373181b92a4a8040c1fcde5db31ffc94
+ end
+
+
+`TOP <#ts-lua-plugin>`_
+
+ts.sha256_bin
+-----------
+**syntax:** *digest = ts.sha256_bin(str)*
+
+**context:** global
+
+**description:** Returns the binary form of the SHA256 digest of the ``str`` argument.
+
+Here is an example:
+
+::
+
+ function do_remap()
+ uri = ts.client_request.get_uri()
+ bin = ts.sha256_bin(uri)
+ end
+
+`TOP <#ts-lua-plugin>`_
+
+ts.sha512
+-------
+**syntax:** *digest = ts.sha512(str)*
--- End diff --
we can add to that. And to keep backward compatibility, make those *_bin functions to be alias to that.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] trafficserver pull request: TS-4491: support sha256 and sha512 in ts_lua
Posted by shukitchan <gi...@git.apache.org>.
Github user shukitchan commented on a diff in the pull request:
https://github.com/apache/trafficserver/pull/681#discussion_r65224725
--- Diff: plugins/experimental/ts_lua/ts_lua_crypto.c ---
@@ -23,13 +23,21 @@
#define TS_LUA_MD5_DIGEST_LENGTH 16
#define TS_LUA_SHA_DIGEST_LENGTH 20
+#define TS_LUA_SHA256_DIGEST_LENGTH 32
+#define TS_LUA_SHA512_DIGEST_LENGTH 64
--- End diff --
same here
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] trafficserver pull request: TS-4491: support sha256 and sha512 in ts_lua
Posted by shukitchan <gi...@git.apache.org>.
Github user shukitchan commented on a diff in the pull request:
https://github.com/apache/trafficserver/pull/681#discussion_r65224696
--- Diff: plugins/experimental/ts_lua/ts_lua_crypto.c ---
@@ -23,13 +23,21 @@
#define TS_LUA_MD5_DIGEST_LENGTH 16
#define TS_LUA_SHA_DIGEST_LENGTH 20
+#define TS_LUA_SHA256_DIGEST_LENGTH 32
--- End diff --
I should change the other constants as well to use openssl.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---