NAME
sha − Message digest "sha"
SYNOPSIS
package require Tcl ?8.2?
package require Trf ?2.1.3?
sha ?options...? ?data?
DESCRIPTION
The command
sha is one of several message digests provided by the
package trf. See trf-intro for an overview of
the whole package.
sha ?options...? ?data?
The options listed below are
understood by the digest if and only if the digest is
attached to a channel. See section IMMEDIATE
versus ATTACHED for an explanation of the term
attached.
-mode absorb|write|transparent
This option has to be present. The specified argument determines the behaviour of the digest in attached mode.
Beyond the argument values listed above all unique abbreviations are recognized too. Their meaning is explained below:
absorb |
All data written to the channel is used to calculate the value of the message digest and then passed unchanged to the next level in the stack of transformations for the channel the digest is attached to. When the channel is closed the completed digest is written out too, essentially attaching the vlaue of the diggest after the information actually written to the channel. |
When reading from the channel a value for the digest is computed too, and after closing of the channel compared to the digest which was attached, i.e. came behind the actual data. The option -matchflag has to be specified so that the digest knows where to store the result of said comparison. This result is a string and either "ok", or "failed".
write |
All data read from or written to the channel the digest is attached to is ignored and thrown away. Only a value for the digest of the data is computed. When the channel is closed the computed values are stored as ordered through the options -write-destination, -write-type, -read-destination, and -read-type. |
transparent
This mode is a mixture of both absorb and write modes. As for absorb all data, read or written, passes through the digest unchanged. The generated values for the digest however are handled in the same way as for write.
-matchflag varname
This option can be used if and only if the option "-mode absorb" is present. In that situation the argument is the name of a global or namespaced variable. The digest will write the result of comparing two digest values into this variable. The option will be ignored if the channel is write-only, because in that case there will be no comparison of digest values.
-write-type variable|channel
This option can be used for digests in mode write or transparent. Beyond the values listed above all their unique abbreviations are also allowed as argument values. The option determines the type of the argument to option -write-destination. It defaults to variable.
-read-type variable|channel
Like option -write-type, but for option -read-destination.
-write-destination data
This option can be used for digests in mode write or transparent. The value data is either the name of a global (or namespaced) variable or the handle of a writable channel, dependent on the value of option -write-type. The message digest computed for data written to the attached channel is written into it after the attached channel was closed. The option is ignored if the channel is read-only.
Note that using a variable may yield incorrect results under tcl 7.6, due to embedded \0’s.
-read-destination data
This option can be used for digests in mode write or transparent. The value data is either the name of a global (or namespaced) variable or the handle of a writable channel, dependent on the value of option -read-type. The message digest computed for data read from the attached channel is written into it after the attached channel was closed. The option is ignored if the channel is write-only.
Note that using a variable may yield incorrect results under tcl 7.6, due to embedded \0’s.
The options listed below are always understood by the digest, attached versus immediate does not matter. See section IMMEDIATE versus ATTACHED for explanations of these two terms.
-attach channel
The presence/absence of this option determines the main operation mode of the transformation.
If present the transformation will be stacked onto the channel whose handle was given to the option and run in attached mode. More about this in section IMMEDIATE versus ATTACHED.
If the option is absent the transformation is used in immediate mode and the options listed below are recognized. More about this in section IMMEDIATE versus ATTACHED.
-in channel
This options is legal if and only if the transformation is used in immediate mode. It provides the handle of the channel the data to transform has to be read from.
If the transformation is in immediate mode and this option is absent the data to transform is expected as the last argument to the transformation.
-out channel
This options is legal if and only if the transformation is used in immediate mode. It provides the handle of the channel the generated transformation result is written to.
If the transformation is in immediate mode and this option is absent the generated data is returned as the result of the command itself.
IMMEDIATE VERSUS ATTACHED
The transformation distinguishes between two main ways of using it. These are the immediate and attached operation modes.
For the attached mode the option -attach is used to associate the transformation with an existing channel. During the execution of the command no transformation is performed, instead the channel is changed in such a way, that from then on all data written to or read from it passes through the transformation and is modified by it according to the definition above. This attachment can be revoked by executing the command unstack for the chosen channel. This is the only way to do this at the Tcl level.
In the second mode, which can be detected by the absence of option -attach, the transformation immediately takes data from either its commandline or a channel, transforms it, and returns the result either as result of the command, or writes it into a channel. The mode is named after the immediate nature of its execution.
Where the data is taken from, and delivered to, is governed by the presence and absence of the options -in and -out. It should be noted that this ability to immediately read from and/or write to a channel is an historic artifact which was introduced at the beginning of Trf’s life when Tcl version 7.6 was current as this and earlier versions have trouble to deal with \0 characters embedded into either input or output.
SEE ALSO
adler, crc, crc-zlib, haval, md2, md5, md5_otp, ripemd-128, ripemd-160, sha, sha1, sha1_otp, trf-intro
KEYWORDS
authentication, hash, hashing, mac, message digest, sha
COPYRIGHT
Copyright (c) 1996-2003, Andreas Kupries <andreas_kupries [AT] users.net>