Know-How für Ihr Projekt

Perl Documentation


Digest::SHA - Perl extension for SHA-1/224/256/384/512


In programs:

		# Functional interface
	use Digest::SHA qw(sha1 sha1_hex sha1_base64 ...);
	$digest = sha1($data);
	$digest = sha1_hex($data);
	$digest = sha1_base64($data);
	$digest = sha256($data);
	$digest = sha384_hex($data);
	$digest = sha512_base64($data);
		# Object-oriented
	use Digest::SHA;
	$sha = Digest::SHA->new($alg);
	$sha->add($data);		# feed data into stream
	$sha->add_bits($data, $nbits);
	$sha_copy = $sha->clone;	# make copy of digest object
	$state = $sha->getstate;	# save current state to string
	$sha->putstate($state);		# restore previous $state
	$digest = $sha->digest;		# compute digest
	$digest = $sha->hexdigest;
	$digest = $sha->b64digest;

From the command line:

	$ shasum files
	$ shasum --help


		# Functional interface only
	use Digest::SHA qw(hmac_sha1 hmac_sha1_hex ...);
	$digest = hmac_sha1($data, $key);
	$digest = hmac_sha224_hex($data, $key);
	$digest = hmac_sha256_base64($data, $key);


Digest::SHA is a complete implementation of the NIST Secure Hash Standard. It gives Perl programmers a convenient way to calculate SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and SHA-512/256 message digests. The module can handle all types of input, including partial-byte data.


Digest::SHA is written in C for speed. If your platform lacks a C compiler, you can install the functionally equivalent (but much slower) Digest::SHA::PurePerl module.

The programming interface is easy to use: it's the same one found in CPAN's Digest module. So, if your applications currently use Digest::MD5 and you'd prefer the stronger security of SHA, it's a simple matter to convert them.

The interface provides two ways to calculate digests: all-at-once, or in stages. To illustrate, the following short program computes the SHA-256 digest of "hello world" using each approach:

	use Digest::SHA qw(sha256_hex);
	$data = "hello world";
	@frags = split(//, $data);
	# all-at-once (Functional style)
	$digest1 = sha256_hex($data);
	# in-stages (OOP style)
	$state = Digest::SHA->new(256);
	for (@frags) { $state->add($_) }
	$digest2 = $state->hexdigest;
	print $digest1 eq $digest2 ?
		"whew!\n" : "oops!\n";

To calculate the digest of an n-bit message where n is not a multiple of 8, use the add_bits() method. For example, consider the 446-bit message consisting of the bit-string "110" repeated 148 times, followed by "11". Here's how to display its SHA-1 digest:

	use Digest::SHA;
	$bits = "110" x 148 . "11";
	$sha = Digest::SHA->new(1)->add_bits($bits);
	print $sha->hexdigest, "\n";

Note that for larger bit-strings, it's more efficient to use the two-argument version add_bits($data, $nbits), where $data is in the customary packed binary format used for Perl strings.

The module also lets you save intermediate SHA states to a string. The getstate() method generates portable, human-readable text describing the current state of computation. You can subsequently restore that state with putstate() to resume where the calculation left off.

To see what a state description looks like, just run the following:

	use Digest::SHA;
	print Digest::SHA->new->add("Shaw" x 1962)->getstate;

As an added convenience, the Digest::SHA module offers routines to calculate keyed hashes using the HMAC-SHA-1/224/256/384/512 algorithms. These services exist in functional form only, and mimic the style and behavior of the sha(), sha_hex(), and sha_base64() functions.

	# Test vector from draft-ietf-ipsec-ciph-sha-256-01.txt
	use Digest::SHA qw(hmac_sha256_hex);
	print hmac_sha256_hex("Hi There", chr(0x0b) x 32), "\n";


Perl supports Unicode strings as of version 5.6. Such strings may contain wide characters, namely, characters whose ordinal values are greater than 255. This can cause problems for digest algorithms such as SHA that are specified to operate on sequences of bytes.

The rule by which Digest::SHA handles a Unicode string is easy to state, but potentially confusing to grasp: the string is interpreted as a sequence of byte values, where each byte value is equal to the ordinal value (viz. code point) of its corresponding Unicode character. That way, the Unicode string 'abc' has exactly the same digest value as the ordinary string 'abc'.

Since a wide character does not fit into a byte, the Digest::SHA routines croak if they encounter one. Whereas if a Unicode string contains no wide characters, the module accepts it quite happily. The following code illustrates the two cases:

	$str1 = pack('U*', (0..255));
	print sha1_hex($str1);		# ok
	$str2 = pack('U*', (0..256));
	print sha1_hex($str2);		# croaks

Be aware that the digest routines silently convert UTF-8 input into its equivalent byte sequence in the native encoding (cf. utf8::downgrade). This side effect influences only the way Perl stores the data internally, but otherwise leaves the actual value of the data intact.


NIST acknowledges that the work of Prof. Xiaoyun Wang constitutes a practical collision attack on SHA-1. Therefore, NIST encourages the rapid adoption of the SHA-2 hash functions (e.g. SHA-256) for applications requiring strong collision resistance, such as digital signatures.



By convention, CPAN Digest modules do not pad their Base64 output. Problems can occur when feeding such digests to other software that expects properly padded Base64 encodings.

For the time being, any necessary padding must be done by the user. Fortunately, this is a simple operation: if the length of a Base64-encoded digest isn't a multiple of 4, simply append "=" characters to the end of the digest until it is:

	while (length($b64_digest) % 4) {
		$b64_digest .= '=';

To illustrate, sha256_base64("abc") is computed to be


which has a length of 43. So, the properly padded version is



None by default.


Provided your C compiler supports a 64-bit type (e.g. the long long of C99, or __int64 used by Microsoft C/C++), all of these functions will be available for use. Otherwise, you won't be able to perform the SHA-384 and SHA-512 transforms, both of which require 64-bit operations.

Functional style

OOP style



Digest, Digest::SHA::PurePerl

The Secure Hash Standard (Draft FIPS PUB 180-4) can be found at:

The Keyed-Hash Message Authentication Code (HMAC):


	Mark Shelor	<>


The author is particularly grateful to

	Gisle Aas
	H. Merijn Brand
	Sean Burke
	Chris Carey
	Alexandr Ciornii
	Jim Doble
	Thomas Drugeon
	Julius Duque
	Jeffrey Friedl
	Robert Gilmour
	Brian Gladman
	Jarkko Hietaniemi
	Adam Kennedy
	Mark Lawrence
	Andy Lester
	Alex Muntada
	Steve Peters
	Chris Skiscim
	Martin Thurn
	Gunnar Wolf
	Adam Woodbury

"who by trained skill rescued life from such great billows and such thick darkness and moored it in so perfect a calm and in so brilliant a light" - Lucretius


Copyright (C) 2003-2016 Mark Shelor

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.