first implementation of the hash() function, hard-wired for SHA256,

using vsha256.h from VRT

README.rst

@@ -27,8 +27,17 @@ import blobdigest [from "path"] ;
 CONTENTS
 ========
 
+* BLOB hash(ENUM, BLOB)
 * STRING version()
 
+.. _func_hash:
+
+BLOB hash(ENUM, BLOB)
+---------------------
+
+Prototype
+	BLOB hash(ENUM hash, BLOB msg)
+
 .. _func_version:
 
 STRING version()

src/tests/sha256.vtc

+# looks like -*- vcl -*-
+
+varnishtest "SHA256 hash"
+
+# VMOD blobcode must be installed
+
+varnish v1 -vcl {
+	import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so";
+	import blobcode;
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_recv {
+		return(synth(200));
+	}
+
+	sub vcl_synth {
+		set resp.http.empty
+		  = blobcode.encode(HEXLC, blobdigest.hash(SHA256,
+		                    blobcode.decode(IDENTITY, "")));
+
+		set resp.http.msgdigest
+		  = blobcode.encode(HEXLC, blobdigest.hash(SHA256,
+		                    blobcode.decode(IDENTITY,
+		                                    "message digest")));
+
+		set resp.http.alphanum
+		  = blobcode.encode(HEXLC, blobdigest.hash(SHA256,
+		                    blobcode.decode(IDENTITY,
+	    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789")));
+
+		set resp.http.a
+		  = blobcode.encode(HEXUC, blobdigest.hash(SHA256,
+		                    blobcode.decode(IDENTITY, "a")));
+
+		set resp.http.abc
+		  = blobcode.encode(HEXUC, blobdigest.hash(SHA256,
+		                    blobcode.decode(IDENTITY, "abc")));
+
+		set resp.http.alphalc
+		  = blobcode.encode(HEXUC, blobdigest.hash(SHA256,
+		                    blobcode.decode(IDENTITY,
+				    "abcdefghijklmnopqrstuvwxyz")));
+
+		set resp.http.pangram
+		  = blobcode.encode(HEXUC, blobdigest.hash(SHA256,
+		                    blobcode.decode(IDENTITY,
+			"The quick brown fox jumps over the lazy dog")));
+
+		set resp.http.alphasoup
+		  = blobcode.encode(HEXUC, blobdigest.hash(SHA256,
+		                    blobcode.decode(IDENTITY,
+		"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq")));
+
+		set resp.http.digits
+		  = blobcode.encode(HEXUC, blobdigest.hash(SHA256,
+		                    blobcode.decode(IDENTITY,
+"12345678901234567890123456789012345678901234567890123456789012345678901234567890")));
+
+		# all 256 byte values in ascending, big-endian order
+		set resp.http.allbytes
+		  = blobcode.encode(HEXLC, blobdigest.hash(SHA256,
+		                    blobcode.decode(BASE64,
+"AQACAQMCBAMFBAYFBwYIBwkICgkLCgwLDQwODQ8OEA8REBIRExIUExUUFhUXFhgXGRgaGRsaHBsdHB4dHx4gHyEgIiEjIiQjJSQmJScmKCcpKCopKyosKy0sLi0vLjAvMTAyMTMyNDM1NDY1NzY4Nzk4Ojk7Ojw7PTw+PT8+QD9BQEJBQ0JEQ0VERkVHRkhHSUhKSUtKTEtNTE5NT05QT1FQUlFTUlRTVVRWVVdWWFdZWFpZW1pcW11cXl1fXmBfYWBiYWNiZGNlZGZlZ2ZoZ2loamlramxrbWxubW9ucG9xcHJxc3J0c3V0dnV3dnh3eXh6eXt6fHt9fH59f36Afw==")));
+
+    	}
+} -start
+
+client c1 {
+	txreq
+	rxresp
+	expect resp.status == 200
+
+	# from libvarnish SHA256_Test
+	expect resp.http.empty == "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
+	expect resp.http.msgdigest == "f7846f55cf23e14eebeab5b4e1550cad5b509e3348fbc4efa3a1413d393cb650"
+	expect resp.http.alphanum == "db4bfcbd4da0cd85a60c3c37d3fbd8805c77f15fc6b1fdfe614ee0a7c8fdb4c0"
+
+	# from librhash
+	expect resp.http.a == "CA978112CA1BBDCAFAC231B39A23DC4DA786EFF8147C4E72B9807785AFEE48BB"
+	expect resp.http.abc == "BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD"
+	expect resp.http.alphalc == "71C480DF93D6AE2F1EFAD1447C66C9525E316218CF51FC8D9ED832F2DAF18B73"
+	expect resp.http.pangram == "D7A8FBB307D7809469CA9ABCB0082E4F8D5651E46D3CDB762D02D0BF37C9E592"
+	expect resp.http.alphasoup == "248D6A61D20638B8E5C026930C3E6039A33CE45964FF2167F6ECEDD419DB06C1"
+	expect resp.http.digits == "F371BC4A311F2B009EEF952DD83CA80E2B60026C8E935592D0F9C308453C813E"
+
+	# verified with: base 64 -d | sha256sum
+	expect resp.http.allbytes == "f62191c9a2deb78660d34fdf7070f1943211d46d13d1c26d9d8a1dc5bcb3e997"
+} -run

src/vmod_blobdigest.c

@@ -29,8 +29,80 @@
 
 #include "vcl.h"
 #include "vrt.h"
+#include "vas.h"
+#include "vdef.h"
+#include "cache/cache.h"
+#include "vsb.h"
+#include "vsha256.h"
 
 #include "vcc_if.h"
+#include "parse_encoding.h"
+
+#define ERR(ctx, msg) \
+	errmsg((ctx), "vmod blobcode error: " msg)
+
+#define ERRNOMEM(ctx, msg) \
+	ERR((ctx), msg ", out of space")
+
+#define INIT_FINI(ctx) (((ctx)->method & (VCL_MET_INIT | VCL_MET_FINI)) != 0)
+
+#define ILLEGAL(ctx, m) \
+	ERR((ctx), m " is illegal in vcl_init() and vcl_fini().")
+
+static void
+errmsg(VRT_CTX, const char *fmt, ...)
+{
+	va_list args;
+
+	va_start(args, fmt);
+	if (ctx->method == VCL_MET_INIT) {
+		AN(ctx->msg);
+		VSB_vprintf(ctx->msg, fmt, args);
+		VRT_handling(ctx, VCL_RET_FAIL);
+	}
+	else if (ctx->vsl)
+		VSLbv(ctx->vsl, SLT_VCL_Error, fmt, args);
+	else
+		/* Should this ever happen in vcl_fini() ... */
+		VSL(SLT_VCL_Error, 0, fmt, args);
+	va_end(args);
+}
+
+VCL_BLOB
+vmod_hash(VRT_CTX, VCL_ENUM hashs, VCL_BLOB msg)
+{
+	/* enum encoding hash = parse_encoding(hashs); */
+	struct vmod_priv *b;
+	char *snap;
+	SHA256_CTX hashctx[1];
+	(void) hashs;
+
+	CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
+	if (INIT_FINI(ctx)) {
+		ILLEGAL(ctx, "hash()");
+		return NULL;
+	}
+	if (msg == NULL)
+		return NULL;
+
+	CHECK_OBJ_NOTNULL(ctx->ws, WS_MAGIC);
+	snap = WS_Snapshot(ctx->ws);
+	if ((b = WS_Alloc(ctx->ws, sizeof(struct vmod_priv))) == NULL) {
+		ERRNOMEM(ctx, "allocating blob in hash()");
+		return NULL;
+	}
+	if ((b->priv = WS_Alloc(ctx->ws, SHA256_LEN)) == NULL) {
+		WS_Reset(ctx->ws, snap);
+		ERRNOMEM(ctx, "allocating hash result in hash()");
+		return NULL;
+	}
+	b->len = SHA256_LEN;
+	b->free = NULL;
+	SHA256_Init(hashctx);
+	SHA256_Update(hashctx, msg->priv, msg->len);
+	SHA256_Final(b->priv, hashctx);
+	return b;
+}
 
 VCL_STRING
 vmod_version(VRT_CTX __attribute__((unused)))

src/vmod_blobdigest.vcc

@@ -9,6 +9,8 @@
 
 $Module blobdigest 3 digests and hmacs for the VCL blob type
 
+$Function BLOB hash(ENUM {SHA256} hash, BLOB msg)
+
 $Function STRING version()
 
 Description