Tidy up digest functions:

* Add sha512_half_hasher
* Move sha512Half functions to digest.h
* Add explicit OpenSSL equivalents

Builds/VisualStudio2013/RippleD.vcxproj

@@ -1971,8 +1971,6 @@
     </ClInclude>
     <ClInclude Include="..\..\src\ripple\basics\ResolverAsio.h">
     </ClInclude>
-    <ClInclude Include="..\..\src\ripple\basics\SHA512Half.h">
-    </ClInclude>
     <ClInclude Include="..\..\src\ripple\basics\Slice.h">
     </ClInclude>
     <ClInclude Include="..\..\src\ripple\basics\strHex.h">

Builds/VisualStudio2013/RippleD.vcxproj.filters

@@ -2721,9 +2721,6 @@
     <ClInclude Include="..\..\src\ripple\basics\ResolverAsio.h">
       <Filter>ripple\basics</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\src\ripple\basics\SHA512Half.h">
-      <Filter>ripple\basics</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\src\ripple\basics\Slice.h">
       <Filter>ripple\basics</Filter>
     </ClInclude>

src/ripple/app/ledger/ConsensusTransSetSF.cpp

@@ -23,7 +23,7 @@
 #include <ripple/app/misc/NetworkOPs.h>
 #include <ripple/app/tx/TransactionMaster.h>
 #include <ripple/basics/Log.h>
-#include <ripple/basics/SHA512Half.h>
+#include <ripple/protocol/digest.h>
 #include <ripple/core/JobQueue.h>
 #include <ripple/nodestore/Database.h>
 #include <ripple/protocol/HashPrefix.h>

src/ripple/app/ledger/Ledger.cpp

@@ -32,7 +32,7 @@
 #include <ripple/app/misc/NetworkOPs.h>
 #include <ripple/app/tx/TransactionMaster.h>
 #include <ripple/basics/Log.h>
-#include <ripple/basics/SHA512Half.h>
+#include <ripple/protocol/digest.h>
 #include <ripple/basics/StringUtilities.h>
 #include <ripple/core/DatabaseCon.h>
 #include <ripple/core/SociDB.h>

src/ripple/app/ledger/LedgerProposal.cpp

@@ -19,7 +19,7 @@
 
 #include <BeastConfig.h>
 #include <ripple/app/ledger/LedgerProposal.h>
-#include <ripple/basics/SHA512Half.h>
+#include <ripple/protocol/digest.h>
 #include <ripple/core/Config.h>
 #include <ripple/protocol/JsonFields.h>
 #include <ripple/protocol/HashPrefix.h>

src/ripple/app/main/Main.cpp

@@ -19,7 +19,7 @@
 
 #include <BeastConfig.h>
 #include <ripple/basics/Log.h>
-#include <ripple/basics/SHA512Half.h>
+#include <ripple/protocol/digest.h>
 #include <ripple/app/main/Application.h>
 #include <ripple/basics/CheckLibraryVersions.h>
 #include <ripple/basics/StringUtilities.h>

src/ripple/app/misc/NetworkOPs.cpp

@@ -42,7 +42,7 @@
 #include <ripple/app/tx/TransactionMaster.h>
 #include <ripple/basics/Log.h>
 #include <ripple/basics/Time.h>
-#include <ripple/basics/SHA512Half.h>
+#include <ripple/protocol/digest.h>
 #include <ripple/basics/StringUtilities.h>
 #include <ripple/basics/UptimeTimer.h>
 #include <ripple/protocol/JsonFields.h>

src/ripple/app/misc/UniqueNodeList.cpp

@@ -25,7 +25,7 @@
 #include <ripple/overlay/ClusterNodeStatus.h>
 #include <ripple/app/misc/UniqueNodeList.h>
 #include <ripple/basics/Log.h>
-#include <ripple/basics/SHA512Half.h>
+#include <ripple/protocol/digest.h>
 #include <ripple/basics/Slice.h>
 #include <ripple/basics/StringUtilities.h>
 #include <ripple/basics/Time.h>

src/ripple/basics/SHA512Half.h

@@ -1,123 +0,0 @@
-//------------------------------------------------------------------------------
-/*
-    This file is part of rippled: https://github.com/ripple/rippled
-    Copyright (c) 2014 Ripple Labs Inc.
-
-    Permission to use, copy, modify, and/or distribute this software for any
-    purpose  with  or without fee is hereby granted, provided that the above
-    copyright notice and this permission notice appear in all copies.
-
-    THE  SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-    WITH  REGARD  TO  THIS  SOFTWARE  INCLUDING  ALL  IMPLIED  WARRANTIES  OF
-    MERCHANTABILITY  AND  FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-    ANY  SPECIAL ,  DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-    WHATSOEVER  RESULTING  FROM  LOSS  OF USE, DATA OR PROFITS, WHETHER IN AN
-    ACTION  OF  CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-*/
-//==============================================================================
-
-#ifndef RIPPLE_BASICS_SHA512HALF_H_INCLUDED
-#define RIPPLE_BASICS_SHA512HALF_H_INCLUDED
-
-#include <ripple/basics/base_uint.h>
-#include <ripple/basics/Slice.h> // needed by most callers
-#include <beast/crypto/sha2.h>
-#include <beast/hash/hash_append.h>
-#include <beast/cxx14/type_traits.h> // <type_traits>
-
-namespace ripple {
-
-namespace detail {
-
-template <bool Secure>
-class SHA512HalfHasher
-{
-private:
-    using hasher_type =
-        std::conditional_t<Secure,
-            beast::sha512_hasher_s,
-                beast::sha512_hasher>;
-
-    hasher_type hasher_;
-
-public:
-    static beast::endian const endian =
-        beast::endian::big;
-
-    using result_type = uint256;
-
-    void
-    operator() (void const* data,
-        std::size_t size) noexcept
-    {
-        hasher_(data, size);
-    }
-
-    result_type
-    finish() noexcept
-    {
-        result_type digest;
-        auto const result = static_cast<
-            typename decltype(hasher_)::result_type>
-                (hasher_);
-        std::memcpy(digest.data(),
-            result.data(), 32);
-        return digest;
-    };
-
-    explicit
-    operator result_type() noexcept
-    {
-        return finish();
-    }
-};
-
-} // detail
-
-#ifdef _MSC_VER
-// Call from main to fix magic statics pre-VS2015
-inline
-void
-sha512_deprecatedMSVCWorkaround()
-{
-    beast::sha512_hasher h;
-    auto const digest = static_cast<
-        beast::sha512_hasher::result_type>(h);
-}
-#endif
-
-using SHA512HalfHasher = detail::SHA512HalfHasher<false>;
-
-/** Returns the SHA512-Half of a series of objects. */
-template <class... Args>
-SHA512HalfHasher::result_type
-sha512Half (Args const&... args)
-{
-    SHA512HalfHasher h;
-    using beast::hash_append;
-    hash_append(h, args...);
-    return static_cast<typename
-        SHA512HalfHasher::result_type>(h);
-}
-
-/** Returns the SHA512-Half of a series of objects.
-
-    Postconditions:
-        Temporary memory storing copies of
-        input messages will be cleared.
-*/
-template <class... Args>
-SHA512HalfHasher::result_type
-sha512Half_s (Args const&... args)
-{
-    detail::SHA512HalfHasher<true> h;
-    using beast::hash_append;
-    hash_append(h, args...);
-    return static_cast<typename
-        SHA512HalfHasher::result_type>(h);
-}
-
-}
-
-#endif

src/ripple/crypto/impl/GenerateDeterministicKey.cpp

@@ -21,7 +21,7 @@
 #include <ripple/crypto/GenerateDeterministicKey.h>
 #include <ripple/crypto/impl/ec_key.h>
 #include <ripple/crypto/impl/openssl.h>
-#include <ripple/basics/SHA512Half.h>
+#include <ripple/protocol/digest.h>
 #include <array>
 #include <string>
 #include <openssl/pem.h>

src/ripple/nodestore/impl/DatabaseImp.h

@@ -26,7 +26,7 @@
 #include <ripple/basics/KeyCache.h>
 #include <ripple/basics/Log.h>
 #include <ripple/basics/chrono.h>
-#include <ripple/basics/SHA512Half.h>
+#include <ripple/protocol/digest.h>
 #include <ripple/basics/Slice.h>
 #include <ripple/basics/TaggedCache.h>
 #include <beast/threads/Thread.h>

src/ripple/overlay/impl/PeerImp.cpp

@@ -28,7 +28,7 @@
 #include <ripple/overlay/ClusterNodeStatus.h>
 #include <ripple/app/misc/UniqueNodeList.h>
 #include <ripple/app/tx/InboundTransactions.h>
-#include <ripple/basics/SHA512Half.h>
+#include <ripple/protocol/digest.h>
 #include <ripple/basics/StringUtilities.h>
 #include <ripple/basics/UptimeTimer.h>
 #include <ripple/core/JobQueue.h>

src/ripple/overlay/impl/TMHello.cpp

@@ -22,7 +22,7 @@
 #include <ripple/app/main/Application.h>
 #include <ripple/app/main/LocalCredentials.h>
 #include <ripple/app/misc/NetworkOPs.h>
-#include <ripple/basics/SHA512Half.h>
+#include <ripple/protocol/digest.h>
 #include <ripple/protocol/BuildInfo.h>
 #include <ripple/overlay/impl/TMHello.h>
 #include <beast/crypto/base64.h>

src/ripple/protocol/digest.h

@@ -20,10 +20,12 @@
 #ifndef RIPPLE_PROTOCOL_DIGEST_H_INCLUDED
 #define RIPPLE_PROTOCOL_DIGEST_H_INCLUDED
 
+#include <ripple/basics/base_uint.h>
 #include <beast/crypto/ripemd.h>
 #include <beast/crypto/sha2.h>
 #include <beast/hash/endian.h>
 #include <beast/utility/noexcept.h>
+#include <algorithm>
 #include <array>
 
 namespace ripple {
@@ -65,6 +67,32 @@ private:
     char ctx_[96];
 };
 
+/** SHA-512 digest
+
+    @note This uses the OpenSSL implementation
+*/
+struct openssl_sha512_hasher
+{
+public:
+    static beast::endian const endian =
+        beast::endian::native;
+
+    using result_type =
+        std::array<std::uint8_t, 64>;
+
+    openssl_sha512_hasher();
+
+    void
+    operator()(void const* data,
+        std::size_t size) noexcept;
+
+    explicit
+    operator result_type() noexcept;
+
+private:
+    char ctx_[216];
+};
+
 /** SHA-256 digest
 
     @note This uses the OpenSSL implementation
@@ -98,9 +126,11 @@ private:
 #if RIPPLE_USE_OPENSSL
 using ripemd160_hasher = openssl_ripemd160_hasher;
 using sha256_hasher = openssl_sha256_hasher;
+using sha512_hasher = openssl_sha512_hasher;
 #else
 using ripemd160_hasher = beast::ripemd160_hasher;
 using sha256_hasher = beast::sha256_hasher;
+using sha512_hasher = beast::sha512_hasher;
 #endif
 
 //------------------------------------------------------------------------------
@@ -119,8 +149,6 @@ using sha256_hasher = beast::sha256_hasher;
     formula for calculating the account identifier.
 
     Meets the requirements of Hasher (in hash_append)
-
-    @param digest A buffer of at least 20 bytes
 */
 struct ripesha_hasher
 {
@@ -144,15 +172,126 @@ public:
     explicit
     operator result_type() noexcept
     {
-        auto const d0 = static_cast<
-            decltype(h_)::result_type>(h_);
+        auto const d0 =
+            sha256_hasher::result_type(h_);
         ripemd160_hasher rh;
         rh(d0.data(), d0.size());
-        return  static_cast<
-            decltype(rh)::result_type>(rh);
+        return ripemd160_hasher::result_type(rh);
     }
 };
 
+//------------------------------------------------------------------------------
+
+namespace detail {
+
+/** Returns the SHA512-Half digest of a message.
+
+    The SHA512-Half is the first 256 bits of the
+    SHA-512 digest of the message.
+*/
+template <bool Secure>
+struct basic_sha512_half_hasher
+{
+private:
+    sha512_hasher h_;
+
+public:
+    static beast::endian const endian =
+        beast::endian::big;
+
+    using result_type = uint256;
+
+    ~basic_sha512_half_hasher()
+    {
+        erase(std::integral_constant<
+            bool, Secure>{});
+    }
+
+    void
+    operator()(void const* data,
+        std::size_t size) noexcept
+    {
+        h_(data, size);
+    }
+
+    explicit
+    operator result_type() noexcept
+    {
+        auto const digest = 
+            sha512_hasher::result_type(h_);
+        result_type result;
+        std::copy(digest.begin(),
+            digest.begin() + 32, result.begin());
+        return result;
+    }
+
+private:
+    inline
+    void
+    erase (std::false_type)
+    {
+    }
+
+    inline
+    void
+    erase (std::true_type)
+    {
+        beast::secure_erase(&h_, sizeof(h_));
+    }
+};
+
+} // detail
+
+using sha512_half_hasher =
+    detail::basic_sha512_half_hasher<false>;
+
+// secure version
+using sha512_half_hasher_s =
+    detail::basic_sha512_half_hasher<true>;
+
+//------------------------------------------------------------------------------
+
+#ifdef _MSC_VER
+// Call from main to fix magic statics pre-VS2015
+inline
+void
+sha512_deprecatedMSVCWorkaround()
+{
+    beast::sha512_hasher h;
+    auto const digest = static_cast<
+        beast::sha512_hasher::result_type>(h);
+}
+#endif
+
+/** Returns the SHA512-Half of a series of objects. */
+template <class... Args>
+sha512_half_hasher::result_type
+sha512Half (Args const&... args)
+{
+    sha512_half_hasher h;
+    using beast::hash_append;
+    hash_append(h, args...);
+    return static_cast<typename
+        sha512_half_hasher::result_type>(h);
+}
+
+/** Returns the SHA512-Half of a series of objects.
+
+    Postconditions:
+        Temporary memory storing copies of
+        input messages will be cleared.
+*/
+template <class... Args>
+sha512_half_hasher_s::result_type
+sha512Half_s (Args const&... args)
+{
+    sha512_half_hasher_s h;
+    using beast::hash_append;
+    hash_append(h, args...);
+    return static_cast<typename
+        sha512_half_hasher_s::result_type>(h);
+}
+
 } // ripple
 
 #endif

src/ripple/protocol/impl/Indexes.cpp

@@ -18,7 +18,7 @@
 //==============================================================================
 
 #include <BeastConfig.h>
-#include <ripple/basics/SHA512Half.h>
+#include <ripple/protocol/digest.h>
 #include <ripple/protocol/Indexes.h>
 #include <beast/utility/static_initializer.h>
 #include <cassert>

src/ripple/protocol/impl/RippleAddress.cpp

@@ -19,7 +19,7 @@
 
 #include <BeastConfig.h>
 #include <ripple/basics/Log.h>
-#include <ripple/basics/SHA512Half.h>
+#include <ripple/protocol/digest.h>
 #include <ripple/basics/StringUtilities.h>
 #include <ripple/crypto/ECDSA.h>
 #include <ripple/crypto/ECIES.h>

src/ripple/protocol/impl/Serializer.cpp

@@ -19,7 +19,7 @@
 
 #include <BeastConfig.h>
 #include <ripple/basics/Log.h>
-#include <ripple/basics/SHA512Half.h>
+#include <ripple/protocol/digest.h>
 #include <ripple/protocol/Serializer.h>
 
 namespace ripple {

src/ripple/protocol/impl/digest.cpp

@@ -53,6 +53,38 @@ openssl_ripemd160_hasher::operator result_type() noexcept
     return digest;
 }
 
+//------------------------------------------------------------------------------
+
+openssl_sha512_hasher::openssl_sha512_hasher()
+{
+    static_assert(sizeof(decltype(
+        openssl_sha512_hasher::ctx_)) ==
+            sizeof(SHA512_CTX), "");
+    auto const ctx = reinterpret_cast<
+        SHA512_CTX*>(ctx_);
+    SHA512_Init(ctx);
+}
+
+void
+openssl_sha512_hasher::operator()(void const* data,
+    std::size_t size) noexcept
+{
+    auto const ctx = reinterpret_cast<
+        SHA512_CTX*>(ctx_);
+    SHA512_Update(ctx, data, size);
+}
+
+openssl_sha512_hasher::operator result_type() noexcept
+{
+    auto const ctx = reinterpret_cast<
+        SHA512_CTX*>(ctx_);
+    result_type digest;
+    SHA512_Final(digest.data(), ctx);
+    return digest;
+}
+
+//------------------------------------------------------------------------------
+
 openssl_sha256_hasher::openssl_sha256_hasher()
 {
     static_assert(sizeof(decltype(

src/ripple/protocol/tests/RippleAddress.test.cpp

@@ -18,7 +18,7 @@
 //==============================================================================
 
 #include <BeastConfig.h>
-#include <ripple/basics/SHA512Half.h>
+#include <ripple/protocol/digest.h>
 #include <ripple/basics/TestSuite.h>
 #include <ripple/protocol/RippleAddress.h>
 #include <ripple/protocol/RipplePublicKey.h>

src/ripple/shamap/impl/SHAMapTreeNode.cpp

@@ -20,7 +20,7 @@
 #include <BeastConfig.h>
 #include <ripple/shamap/SHAMapTreeNode.h>
 #include <ripple/basics/Log.h>
-#include <ripple/basics/SHA512Half.h>
+#include <ripple/protocol/digest.h>
 #include <ripple/basics/Slice.h>
 #include <ripple/basics/StringUtilities.h>
 #include <ripple/protocol/HashPrefix.h>
@@ -275,13 +275,6 @@ SHAMapInnerNode::updateHash()
         nh = sha512Half(HashPrefix::innerNode,
             Slice(reinterpret_cast<unsigned char const*>(mHashes),
                 sizeof (mHashes)));
-#if RIPPLE_VERIFY_NODEOBJECT_KEYS
-        SHA512HalfHasher h;
-        using beast::hash_append;
-        hash_append(h, HashPrefix::innerNode, mHashes);
-        assert (nh == sha512Half(
-            static_cast<uint256>(h)));
-#endif
     }
     if (nh == mHash)
         return false;

src/ripple/shamap/tests/FetchPack.test.cpp

@@ -20,7 +20,7 @@
 #include <BeastConfig.h>
 #include <ripple/shamap/SHAMap.h>
 #include <ripple/shamap/tests/common.h>
-#include <ripple/basics/SHA512Half.h>
+#include <ripple/protocol/digest.h>
 #include <ripple/basics/StringUtilities.h>
 #include <ripple/basics/UnorderedContainers.h>
 #include <ripple/protocol/UInt160.h>