Update Digest-SHA to CPAN version 5.82

  [DELTA]

  5.82  Thu Jan 24 04:54:12 MST 2013
    - introduced workaround to SvPVbyte bug in Perl 5.6
        -- module behavior now consistent under all Perls 5.6+
            -- ref: new test script t/unicode.t
        -- SHA routines now always croak on wide chars (5.6+)
    - removed "static" message schedules from C code
        -- default "auto" is now just as fast
        -- thread-safe option (-t) no longer necessary
            -- still allowed, but ignored
        -- simplifies source and header files
            -- eliminates SHA_STO_CLASS and SHA_THREAD_SAFE
            -- ref. Bug #82784
        -- thanks to Steve Hay for initial patch
    - provided documentation to describe Unicode handling
        -- ref: Bug #82378
    - updated documentation of NIST statement on SHA-1

12 files changed, 131 insertions, 67 deletions

diff --git a/cpan/Digest-SHA/Changes b/cpan/Digest-SHA/Changes
index 59fb090c27..de996623e8 100644
--- a/cpan/Digest-SHA/Changes
+++ b/cpan/Digest-SHA/Changes
@@ -1,5 +1,22 @@
 Revision history for Perl extension Digest::SHA.
 
+5.82  Thu Jan 24 04:54:12 MST 2013
+	- introduced workaround to SvPVbyte bug in Perl 5.6
+		-- module behavior now consistent under all Perls 5.6+
+			-- ref: new test script t/unicode.t
+		-- SHA routines now always croak on wide chars (5.6+)
+	- removed "static" message schedules from C code
+		-- default "auto" is now just as fast
+		-- thread-safe option (-t) no longer necessary
+			-- still allowed, but ignored
+		-- simplifies source and header files
+			-- eliminates SHA_STO_CLASS and SHA_THREAD_SAFE
+			-- ref. Bug #82784
+		-- thanks to Steve Hay for initial patch
+	- provided documentation to describe Unicode handling
+		-- ref: Bug #82378
+	- updated documentation of NIST statement on SHA-1
+
 5.81  Mon Jan 14 05:17:08 MST 2013
 	- corrected load subroutine (SHA.pm) to prevent double-free
 		-- Bug #82655: Security issue - segfault
diff --git a/cpan/Digest-SHA/Makefile.PL b/cpan/Digest-SHA/Makefile.PL
index 9e87594275..721aaeb0c6 100644
--- a/cpan/Digest-SHA/Makefile.PL
+++ b/cpan/Digest-SHA/Makefile.PL
@@ -8,21 +8,11 @@ use Config qw(%Config);
 my $PM = 'lib/Digest/SHA.pm';
 
 my %opts;
-getopts('tx', \%opts);
+getopts('tx', \%opts);	# -t is no longer used, but allow it anyway
 
 my @defines;
 push(@defines, '-DSHA_PERL_MODULE') if $] >= 5.004;
-push(@defines, '-DSHA_THREAD_SAFE') if $opts{'t'};
 push(@defines, '-DNO_SHA_384_512')  if $opts{'x'};
-
-	# Configure SHA source to use static arrays for
-	# message schedules if compiling on Intel platforms.
-	# This seems to speed things up a bit.  However,
-	# DON'T do this if thread-safe option is in force.
-	
-if ($Config{archname} =~ /^i[3456]86/) {
-	push(@defines, '-DSHA_STO_CLASS=static') unless $opts{'t'};
-}
 my $define = join(' ', @defines);
 
 	# Workaround for DEC compiler bug, adapted from Digest::MD5
diff --git a/cpan/Digest-SHA/README b/cpan/Digest-SHA/README
index 8e0dca138b..510a56c104 100644
--- a/cpan/Digest-SHA/README
+++ b/cpan/Digest-SHA/README
@@ -1,4 +1,4 @@
-Digest::SHA version 5.81
+Digest::SHA version 5.82
 ========================
 
 Digest::SHA is a complete implementation of the NIST Secure Hash
@@ -28,13 +28,15 @@ The Makefile.PL options are:
 	-t : build a thread-safe version of module
 	-x : exclude support for SHA-384/512
 
+	NOTE: Option -t is still allowed but no longer necessary.
+
 DEPENDENCIES
 
 	None
 
 COPYRIGHT AND LICENSE
 
-Copyright (C) 2003-2012 Mark Shelor
+Copyright (C) 2003-2013 Mark Shelor
 
 This library is free software; you can redistribute it and/or modify
 it under the same terms as Perl itself.
diff --git a/cpan/Digest-SHA/SHA.xs b/cpan/Digest-SHA/SHA.xs
index cb89152592..3f5d07bf55 100644
--- a/cpan/Digest-SHA/SHA.xs
+++ b/cpan/Digest-SHA/SHA.xs
@@ -2,8 +2,14 @@
 #include "perl.h"
 #include "XSUB.h"
 
-#ifndef SvPVbyte
-#define SvPVbyte SvPV
+#ifdef SvPVbyte
+	#if PERL_REVISION == 5 && PERL_VERSION < 8
+		#undef SvPVbyte
+		#define SvPVbyte(sv, lp) \
+			(sv_utf8_downgrade((sv), 0), SvPV((sv), (lp)))
+	#endif
+#else
+	#define SvPVbyte SvPV
 #endif
 
 #include "src/sha.c"
diff --git a/cpan/Digest-SHA/lib/Digest/SHA.pm b/cpan/Digest-SHA/lib/Digest/SHA.pm
index 24fbc8b274..8372eb0360 100644
--- a/cpan/Digest-SHA/lib/Digest/SHA.pm
+++ b/cpan/Digest-SHA/lib/Digest/SHA.pm
@@ -7,7 +7,7 @@ use vars qw($VERSION @ISA @EXPORT @EXPORT_OK);
 use Fcntl;
 use integer;
 
-$VERSION = '5.81';
+$VERSION = '5.82';
 
 require Exporter;
 require DynaLoader;
@@ -49,7 +49,7 @@ sub new {
 			sharewind($$class);
 			return($class);
 		}
-		shaclose($$class) if $$class;
+		if ($$class) { shaclose($$class); $$class = undef }
 		return unless $$class = shaopen($alg);
 		return($class);
 	}
@@ -176,7 +176,7 @@ sub load {
 
 	$file = "" unless defined $file;
 	if (ref($class)) {	# instance method
-		shaclose($$class) if $$class;
+		if ($$class) { shaclose($$class); $$class = undef }
 		return unless $$class = shaload($file);
 		return($class);
 	}
@@ -324,21 +324,43 @@ I<sha_base64()> functions.
 	use Digest::SHA qw(hmac_sha256_hex);
 	print hmac_sha256_hex("Hi There", chr(0x0b) x 32), "\n";
 
-=head1 NIST STATEMENT ON SHA-1
+=head1 UNICODE AND SIDE EFFECTS
+
+Perl supports Unicode strings as of version 5.6.  Such strings may
+contain wide characters, namely, characters whose ordinal values are
+greater than 255.  This can cause problems for digest algorithms such
+as SHA that are specified to operate on sequences of bytes.
+
+The rule by which Digest::SHA handles a Unicode string is easy to
+state, but potentially confusing to grasp: the string is interpreted
+as a sequence of bytes, where each byte is equal to the ordinal value
+(viz. code point) of its corresponding Unicode character.  That way,
+the Unicode version of the string 'abc' has exactly the same digest
+value as the ordinary string 'abc'.
+
+Since a wide character does not fit into a byte, the Digest::SHA routines
+croak if they encounter one.  Whereas if a Unicode string contains no
+wide characters, the module accepts it quite happily.  The following
+code illustrates the two cases:
 
-I<NIST was recently informed that researchers had discovered a way
-to "break" the current Federal Information Processing Standard SHA-1
-algorithm, which has been in effect since 1994. The researchers
-have not yet published their complete results, so NIST has not
-confirmed these findings. However, the researchers are a reputable
-research team with expertise in this area.>
+	$str1 = pack('U*', (0..255));
+	print sha1_hex($str1);		# ok
+
+	$str2 = pack('U*', (0..256));
+	print sha1_hex($str2);		# croaks
+
+Be aware that the digest routines silently convert UTF-8 input into its
+equivalent byte sequence in the native encoding (cf. utf8::downgrade).
+This side effect only influences the way Perl stores data internally.
+
+=head1 NIST STATEMENT ON SHA-1
 
-I<Due to advances in computing power, NIST already planned to phase
-out SHA-1 in favor of the larger and stronger hash functions (SHA-224,
-SHA-256, SHA-384 and SHA-512) by 2010. New developments should use
-the larger and stronger hash functions.>
+NIST acknowledges that the work of Prof. Xiaoyun Wang constitutes a
+practical collision attack on SHA-1.  Therefore, NIST encourages the
+rapid adoption of the SHA-2 hash functions (e.g. SHA-256) for applications
+requiring strong collision resistance, such as digital signatures.
 
-ref. L<http://www.csrc.nist.gov/pki/HashWorkshop/NIST%20Statement/Burr_Mar2005.html>
+ref. L<http://csrc.nist.gov/groups/ST/hash/statement.html>
 
 =head1 PADDING OF BASE64 DIGESTS
 
@@ -710,7 +732,7 @@ darkness and moored it in so perfect a calm and in so brilliant a light"
 
 =head1 COPYRIGHT AND LICENSE
 
-Copyright (C) 2003-2012 Mark Shelor
+Copyright (C) 2003-2013 Mark Shelor
 
 This library is free software; you can redistribute it and/or modify
 it under the same terms as Perl itself.
diff --git a/cpan/Digest-SHA/shasum b/cpan/Digest-SHA/shasum
index c8a67b1afa..e72ccc6512 100644
--- a/cpan/Digest-SHA/shasum
+++ b/cpan/Digest-SHA/shasum
@@ -2,10 +2,10 @@
 
 	## shasum: filter for computing SHA digests (ref. sha1sum/md5sum)
 	##
-	## Copyright (C) 2003-2012 Mark Shelor, All Rights Reserved
+	## Copyright (C) 2003-2013 Mark Shelor, All Rights Reserved
 	##
-	## Version: 5.81
-	## Mon Jan 14 05:17:08 MST 2013
+	## Version: 5.82
+	## Thu Jan 24 04:54:12 MST 2013
 
 	## shasum SYNOPSIS adapted from GNU Coreutils sha1sum.
 	## Add an "-a" option for algorithm selection, a "-p"
@@ -82,7 +82,7 @@ the 7-bit message I<0001100>:
 
 =head1 AUTHOR
 
-Copyright (c) 2003-2012 Mark Shelor <mshelor@cpan.org>.
+Copyright (c) 2003-2013 Mark Shelor <mshelor@cpan.org>.
 
 =head1 SEE ALSO
 
@@ -97,7 +97,7 @@ use strict;
 use Fcntl;
 use Getopt::Long;
 
-my $VERSION = "5.81";
+my $VERSION = "5.82";
 
 
 	## Try to use Digest::SHA.  If not installed, use the slower
diff --git a/cpan/Digest-SHA/src/hmac.c b/cpan/Digest-SHA/src/hmac.c
index b9a7809d3d..7380a74fc5 100644
--- a/cpan/Digest-SHA/src/hmac.c
+++ b/cpan/Digest-SHA/src/hmac.c
@@ -3,10 +3,10 @@
  *
  * Ref: FIPS PUB 198 The Keyed-Hash Message Authentication Code
  *
- * Copyright (C) 2003-2012 Mark Shelor, All Rights Reserved
+ * Copyright (C) 2003-2013 Mark Shelor, All Rights Reserved
  *
- * Version: 5.81
- * Mon Jan 14 05:17:08 MST 2013
+ * Version: 5.82
+ * Thu Jan 24 04:54:12 MST 2013
  *
  */
 
diff --git a/cpan/Digest-SHA/src/hmac.h b/cpan/Digest-SHA/src/hmac.h
index d10b9e8503..6fb860225e 100644
--- a/cpan/Digest-SHA/src/hmac.h
+++ b/cpan/Digest-SHA/src/hmac.h
@@ -3,10 +3,10 @@
  *
  * Ref: FIPS PUB 198 The Keyed-Hash Message Authentication Code
  *
- * Copyright (C) 2003-2012 Mark Shelor, All Rights Reserved
+ * Copyright (C) 2003-2013 Mark Shelor, All Rights Reserved
  *
- * Version: 5.81
- * Mon Jan 14 05:17:08 MST 2013
+ * Version: 5.82
+ * Thu Jan 24 04:54:12 MST 2013
  *
  */
 
diff --git a/cpan/Digest-SHA/src/sha.c b/cpan/Digest-SHA/src/sha.c
index 7bd6f1bf92..61b782e7d3 100644
--- a/cpan/Digest-SHA/src/sha.c
+++ b/cpan/Digest-SHA/src/sha.c
@@ -3,10 +3,10 @@
  *
  * Ref: NIST FIPS PUB 180-2 Secure Hash Standard
  *
- * Copyright (C) 2003-2012 Mark Shelor, All Rights Reserved
+ * Copyright (C) 2003-2013 Mark Shelor, All Rights Reserved
  *
- * Version: 5.81
- * Mon Jan 14 05:17:08 MST 2013
+ * Version: 5.82
+ * Thu Jan 24 04:54:12 MST 2013
  *
  */
 
@@ -86,7 +86,7 @@ static W32 H0256[8] =			/* SHA-256 initial hash value */
 static void sha1(SHA *s, UCHR *block)		/* SHA-1 transform */
 {
 	W32 a, b, c, d, e;
-	SHA_STO_CLASS W32 W[16];
+	W32 W[16];
 	W32 *wp = W;
 	W32 *H = (W32 *) s->H;
 
@@ -153,7 +153,7 @@ static void sha1(SHA *s, UCHR *block)		/* SHA-1 transform */
 static void sha256(SHA *s, UCHR *block)		/* SHA-224/256 transform */
 {
 	W32 a, b, c, d, e, f, g, h, T1;
-	SHA_STO_CLASS W32 W[16];
+	W32 W[16];
 	W32 *kp = K256;
 	W32 *wp = W;
 	W32 *H = (W32 *) s->H;
diff --git a/cpan/Digest-SHA/src/sha.h b/cpan/Digest-SHA/src/sha.h
index 6534b76350..7103493e01 100644
--- a/cpan/Digest-SHA/src/sha.h
+++ b/cpan/Digest-SHA/src/sha.h
@@ -3,10 +3,10 @@
  *
  * Ref: NIST FIPS PUB 180-2 Secure Hash Standard
  *
- * Copyright (C) 2003-2012 Mark Shelor, All Rights Reserved
+ * Copyright (C) 2003-2013 Mark Shelor, All Rights Reserved
  *
- * Version: 5.81
- * Mon Jan 14 05:17:08 MST 2013
+ * Version: 5.82
+ * Thu Jan 24 04:54:12 MST 2013
  *
  */
 
@@ -102,22 +102,6 @@
 			(SHA64) b[6] <<  8 | (SHA64) b[7]; }
 #endif
 
-/*
- * SHA_STO_CLASS: default to auto storage class for message schedule
- * arrays inside transform routines.  Note that redefining this to
- * static might improve performance on some platforms (e.g. Intel).
- */
-
-#if !defined(SHA_STO_CLASS)
-	#define SHA_STO_CLASS	auto
-#endif
-
-/* Override use of static arrays if compiling for thread-safety */
-#ifdef SHA_THREAD_SAFE
-	#undef  SHA_STO_CLASS
-	#define SHA_STO_CLASS	auto
-#endif
-
 /* Configure memory management and I/O for Perl or standalone C */
 #ifdef SHA_PERL_MODULE
 	#define SHA_new			New
diff --git a/cpan/Digest-SHA/src/sha64bit.c b/cpan/Digest-SHA/src/sha64bit.c
index b37d6f3c09..6c9096670f 100644
--- a/cpan/Digest-SHA/src/sha64bit.c
+++ b/cpan/Digest-SHA/src/sha64bit.c
@@ -95,7 +95,7 @@ static W64 strto64(char *s)
 static void sha512(SHA *s, unsigned char *block) /* SHA-384/512 transform */
 {
 	W64 a, b, c, d, e, f, g, h, T1, T2;
-	SHA_STO_CLASS W64 W[80];
+	W64 W[80];
 	W64 *H = (W64 *) s->H;
 	int t;
 
diff --git a/cpan/Digest-SHA/t/unicode.t b/cpan/Digest-SHA/t/unicode.t
new file mode 100644
index 0000000000..1e7bd13d53
--- /dev/null
+++ b/cpan/Digest-SHA/t/unicode.t
@@ -0,0 +1,43 @@
+use strict;
+
+my $MODULE;
+
+BEGIN {
+	$MODULE = (-d "src") ? "Digest::SHA" : "Digest::SHA::PurePerl";
+	eval "require $MODULE" || die $@;
+	$MODULE->import(qw(sha1_hex));
+}
+
+BEGIN {
+	if ($ENV{PERL_CORE}) {
+		chdir 't' if -d 't';
+		@INC = '../lib';
+	}
+}
+
+my $skip = $] < 5.006 ? 1 : 0;
+
+my $TEMPLATE = $] >= 5.006 ? 'U*' : 'C*';
+my $empty_unicode = pack($TEMPLATE, ());
+my $ok_unicode    = pack($TEMPLATE, (0..255));
+my $wide_unicode  = pack($TEMPLATE, (0..256));
+
+print "1..3\n";
+
+unless ($skip) {
+	print "not " unless sha1_hex($empty_unicode."abc") eq
+		"a9993e364706816aba3e25717850c26c9cd0d89d";
+}
+print "ok 1", $skip ? " # skip: no Unicode" : "", "\n";
+
+unless ($skip) {
+	print "not " unless sha1_hex($ok_unicode) eq
+		"4916d6bdb7f78e6803698cab32d1586ea457dfc8";
+}
+print "ok 2", $skip ? " # skip: no Unicode" : "", "\n";
+
+unless ($skip) {
+	eval { sha1_hex($wide_unicode) };
+	print "not " unless $@ =~ /Wide character/;
+}
+print "ok 3", $skip ? " # skip: no Unicode" : "", "\n";