BIND 10 trac781, updated. a1703e5ae5fc9458c066fb4aab7666bf4e5fdb8a [trac781] some more updates (added doc and a few test changes)
BIND 10 source code commits
bind10-changes at lists.isc.org
Thu Apr 21 14:08:41 UTC 2011
The branch, trac781 has been updated
via a1703e5ae5fc9458c066fb4aab7666bf4e5fdb8a (commit)
via 145a6173191e6cd39be3d495a6e5d0511dfe867a (commit)
via 20336851f494ff1d9c8937400a99ed4d0203a340 (commit)
from fb7877b06ba873d4fb222409dd92b4701ae11ffb (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a1703e5ae5fc9458c066fb4aab7666bf4e5fdb8a
Author: Jelte Jansen <jelte at isc.org>
Date: Thu Apr 21 16:02:16 2011 +0200
[trac781] some more updates (added doc and a few test changes)
commit 145a6173191e6cd39be3d495a6e5d0511dfe867a
Merge: 20336851f494ff1d9c8937400a99ed4d0203a340 fb7877b06ba873d4fb222409dd92b4701ae11ffb
Author: Jelte Jansen <jelte at isc.org>
Date: Thu Apr 21 09:16:24 2011 +0200
Merge branch 'trac781' of ssh://bind10.isc.org/var/bind10/git/bind10 into trac781
commit 20336851f494ff1d9c8937400a99ed4d0203a340
Author: Jelte Jansen <jelte at isc.org>
Date: Wed Apr 20 17:16:30 2011 +0200
[trac781] rename 'main' cryptolink file, and clean up includes
-----------------------------------------------------------------------
Summary of changes:
src/lib/cryptolink/Makefile.am | 2 +-
src/lib/cryptolink/crypto_hmac.cc | 15 ++++++++-
src/lib/cryptolink/crypto_hmac.h | 4 +--
src/lib/cryptolink/{crypto.cc => cryptolink.cc} | 24 +++++++-------
src/lib/cryptolink/{crypto.h => cryptolink.h} | 24 +++++++++++--
src/lib/cryptolink/tests/crypto_unittests.cc | 41 +++++++++--------------
src/lib/cryptolink/tests/run_unittests.cc | 1 -
src/lib/dns/tsigkey.cc | 3 +-
8 files changed, 66 insertions(+), 48 deletions(-)
rename src/lib/cryptolink/{crypto.cc => cryptolink.cc} (83%)
rename src/lib/cryptolink/{crypto.h => cryptolink.h} (86%)
-----------------------------------------------------------------------
diff --git a/src/lib/cryptolink/Makefile.am b/src/lib/cryptolink/Makefile.am
index e12a147..2f5d9c3 100644
--- a/src/lib/cryptolink/Makefile.am
+++ b/src/lib/cryptolink/Makefile.am
@@ -8,5 +8,5 @@ CLEANFILES = *.gcno *.gcda
lib_LTLIBRARIES = libcryptolink.la
-libcryptolink_la_SOURCES = crypto.h crypto.cc
+libcryptolink_la_SOURCES = cryptolink.h cryptolink.cc
libcryptolink_la_SOURCES += crypto_hmac.h crypto_hmac.cc
diff --git a/src/lib/cryptolink/crypto.cc b/src/lib/cryptolink/crypto.cc
deleted file mode 100644
index 8cc8d00..0000000
--- a/src/lib/cryptolink/crypto.cc
+++ /dev/null
@@ -1,85 +0,0 @@
-// Copyright (C) 2011 Internet Systems Consortium, Inc. ("ISC")
-//
-// Permission to use, copy, modify, and/or distribute this software for any
-// purpose with or without fee is hereby granted, provided that the above
-// copyright notice and this permission notice appear in all copies.
-//
-// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
-// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
-// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-// PERFORMANCE OF THIS SOFTWARE.
-
-#include "crypto.h"
-
-#include <botan/botan.h>
-#include <botan/hmac.h>
-#include <botan/hash.h>
-#include <botan/types.h>
-
-#include <dns/buffer.h>
-#include <dns/name.h>
-#include <dns/util/base64.h>
-
-#include <string>
-
-#include <boost/scoped_ptr.hpp>
-
-#include <iostream>
-
-using namespace std;
-using namespace isc::dns;
-
-
-namespace isc {
-namespace cryptolink {
-
-// For Botan, we use the CryptoLink class object in RAII style
-class CryptoLinkImpl {
-private:
- Botan::LibraryInitializer botan_init_;
-};
-
-CryptoLink::~CryptoLink() {
- delete impl_;
-}
-
-CryptoLink&
-CryptoLink::getCryptoLink() {
- CryptoLink& c = getCryptoLinkInternal();
- if (c.impl_ == NULL) {
- c.initialize();
- }
- return (c);
-}
-
-CryptoLink&
-CryptoLink::getCryptoLinkInternal() {
- static CryptoLink instance;
- return (instance);
-}
-
-void
-CryptoLink::initialize() {
- CryptoLink& c = getCryptoLinkInternal();
- if (c.impl_ == NULL) {
- try {
- c.impl_ = new CryptoLinkImpl();
- } catch (const Botan::Exception& ex) {
- isc_throw(InitializationError, ex.what());
- }
- }
-}
-
-HMAC*
-CryptoLink::createHMAC(const void* secret, size_t secret_len,
- const HMAC::HashAlgorithm hash_algorithm)
-{
- return (new HMAC(secret, secret_len, hash_algorithm));
-}
-
-} // namespace cryptolink
-} // namespace isc
-
diff --git a/src/lib/cryptolink/crypto.h b/src/lib/cryptolink/crypto.h
deleted file mode 100644
index eaeb300..0000000
--- a/src/lib/cryptolink/crypto.h
+++ /dev/null
@@ -1,165 +0,0 @@
-// Copyright (C) 2011 Internet Systems Consortium, Inc. ("ISC")
-//
-// Permission to use, copy, modify, and/or distribute this software for any
-// purpose with or without fee is hereby granted, provided that the above
-// copyright notice and this permission notice appear in all copies.
-//
-// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
-// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
-// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-// PERFORMANCE OF THIS SOFTWARE.
-
-#ifndef _ISC_CRYPTO_H
-#define _ISC_CRYPTO_H
-
-#include <string>
-#include <dns/buffer.h>
-#include <exceptions/exceptions.h>
-
-#include <boost/noncopyable.hpp>
-
-#include <cryptolink/crypto_hmac.h>
-
-
-namespace isc {
-namespace cryptolink {
-
-/// General exception class that is the base for all crypto-related
-/// exceptions
-class CryptoLinkError : public Exception {
-public:
- CryptoLinkError(const char* file, size_t line, const char* what) :
- isc::Exception(file, line, what) {}
-};
-
-/// This exception is thrown if there was a problem initializing the
-/// crypto library
-class InitializationError : public CryptoLinkError {
-public:
- InitializationError(const char* file, size_t line, const char* what) :
- CryptoLinkError(file, line, what) {}
-};
-
-/// This exception is thrown when a cryptographic action is requested
-/// for an algorithm that is not supported by the underlying library.
-class UnsupportedAlgorithm : public CryptoLinkError {
-public:
- UnsupportedAlgorithm(const char* file, size_t line, const char* what) :
- CryptoLinkError(file, line, what) {}
-};
-
-/// This exception is thrown when the underlying library could not
-/// handle the key data.
-class BadKey : public CryptoLinkError {
-public:
- BadKey(const char* file, size_t line, const char* what) :
- CryptoLinkError(file, line, what) {}
-};
-
-/// This exception is raised when a general error that was not
-/// specifically caught is thrown by the underlying library. It
-/// is replaced by this one so as not have 'external' exceptions
-/// bubbling up
-class LibraryError : public CryptoLinkError {
-public:
- LibraryError(const char* file, size_t line, const char* what) :
- CryptoLinkError(file, line, what) {}
-};
-
-/// Forward declaration for pimpl
-class CryptoLinkImpl;
-
-/// \brief
-///
-/// This is singleton class that serves as the entry point to
-/// the underlying cryptography library, and as a factory for objects
-/// within the cryptolink library.
-///
-/// There is only one way to access it, through getCryptoLink(), which
-/// returns a reference to the initialized library. On the first call,
-/// it will be initialized automatically. You can however initialize it
-/// manually through a call to the initalize(), before your first call
-/// to getCryptoLink. Any subsequent call to initialize() will be a
-/// noop.
-///
-/// \note All other classes within cryptolink should have private
-/// constructors as well, and should have a factory function from this
-/// class.
-///
-// Internal note: we can use this class later to initialize and manage
-// dynamic (PKCS#11) libs
-class CryptoLink : private boost::noncopyable {
-public:
- /// \brief Returns a reference to the singleton instance
- ///
- /// If the library has not been initialized yet, it will be
- /// initialized with some default values.
- ///
- /// Since this class is noncopyable, you must use the return
- /// value directly, or store it in a reference variable.
- ///
- /// \exception InitializationError if initialization fails
- ///
- /// \return Reference to the singleton instance
- static CryptoLink& getCryptoLink();
-
- /// \brief Initialize the library manually
- ///
- /// If the library has already been initialized (either by a call
- /// to initialize() or automatically in getCryptoLink()), this
- /// function does nothing.
- ///
- /// \note A call to initialize() is not strictly necessary with
- /// the current implementation.
- ///
- /// \exception InitializationError if initialization fails
- ///
- static void initialize();
-
- /// \brief Factory function for HMAC objects
- ///
- /// CryptoLink objects cannot be constructed directly. This
- /// function creates a new HMAC object usable for signing or
- /// verification.
- ///
- /// The caller is responsible for deleting the object, and it is
- /// therefore highly recommended to place the return value of this
- /// function in a scoped_ptr or shared_ptr.
- ///
- /// Notes: if the secret is longer than the block size of its
- /// algorithm, the constructor will run it through the hash
- /// algorithm, and use the digest as the secret for this HMAC
- /// operation
- ///
- /// \exception UnsupportedAlgorithmException if the given algorithm
- /// is unknown or not supported by the underlying library
- /// \exception InvalidKeyLength if the given key secret_len is bad
- /// \exception LibraryError if there was any unexpected exception
- /// in the underlying library
- ///
- /// \param secret The secret to sign with
- /// \param secret_len The length of the secret
- /// \param hash_algorithm The hash algorithm
- HMAC* createHMAC(const void* secret, size_t secret_len,
- const HMAC::HashAlgorithm hash_algorithm);
-
-private:
- // To enable us to use an optional explicit initialization call,
- // the 'real' instance getter is private
- static CryptoLink& getCryptoLinkInternal();
-
- // To prevent people constructing their own, we make the constructor
- // private too.
- CryptoLink() : impl_(NULL) {}
- ~CryptoLink();
-
- CryptoLinkImpl* impl_;
-};
-
-} // namespace cryptolink
-} // namespace isc
-
-#endif // _ISC_CRYPTO_H
diff --git a/src/lib/cryptolink/crypto_hmac.cc b/src/lib/cryptolink/crypto_hmac.cc
index 48f3c35..9e20c1a 100644
--- a/src/lib/cryptolink/crypto_hmac.cc
+++ b/src/lib/cryptolink/crypto_hmac.cc
@@ -1,5 +1,18 @@
-
-#include <crypto.h>
+// Copyright (C) 2011 Internet Systems Consortium, Inc. ("ISC")
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+// PERFORMANCE OF THIS SOFTWARE.
+
+#include <cryptolink.h>
#include <boost/scoped_ptr.hpp>
diff --git a/src/lib/cryptolink/crypto_hmac.h b/src/lib/cryptolink/crypto_hmac.h
index 57f6626..c042def 100644
--- a/src/lib/cryptolink/crypto_hmac.h
+++ b/src/lib/cryptolink/crypto_hmac.h
@@ -12,13 +12,11 @@
// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
// PERFORMANCE OF THIS SOFTWARE.
-#include <string>
#include <dns/buffer.h>
-#include <exceptions/exceptions.h>
#include <boost/noncopyable.hpp>
-#include <cryptolink/crypto.h>
+#include <cryptolink/cryptolink.h>
#ifndef _ISC_CRYPTO_HMAC_H
#define _ISC_CRYPTO_HMAC_H
diff --git a/src/lib/cryptolink/cryptolink.cc b/src/lib/cryptolink/cryptolink.cc
new file mode 100644
index 0000000..2f2aeef
--- /dev/null
+++ b/src/lib/cryptolink/cryptolink.cc
@@ -0,0 +1,85 @@
+// Copyright (C) 2011 Internet Systems Consortium, Inc. ("ISC")
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+// PERFORMANCE OF THIS SOFTWARE.
+
+#include "cryptolink.h"
+
+#include <botan/botan.h>
+
+#include <boost/scoped_ptr.hpp>
+
+using namespace std;
+using namespace isc::dns;
+
+
+namespace isc {
+namespace cryptolink {
+
+// For Botan, we use the CryptoLink class object in RAII style
+class CryptoLinkImpl {
+private:
+ Botan::LibraryInitializer botan_init_;
+};
+
+CryptoLink::~CryptoLink() {
+ delete impl_;
+}
+
+CryptoLink&
+CryptoLink::getCryptoLink() {
+ CryptoLink& c = getCryptoLinkInternal();
+ if (c.impl_ == NULL) {
+ c.initialize();
+ }
+ return (c);
+}
+
+CryptoLink&
+CryptoLink::getCryptoLinkInternal() {
+ static CryptoLink instance;
+ return (instance);
+}
+
+void
+CryptoLink::initialize() {
+ CryptoLink& c = getCryptoLinkInternal();
+ if (c.impl_ == NULL) {
+ try {
+ c.impl_ = new CryptoLinkImpl();
+ } catch (const Botan::Exception& ex) {
+ isc_throw(InitializationError, ex.what());
+ }
+ }
+}
+
+HMAC*
+CryptoLink::createHMAC(const void* secret, size_t secret_len,
+ const HMAC::HashAlgorithm hash_algorithm)
+{
+ return (new HMAC(secret, secret_len, hash_algorithm));
+}
+
+auto_ptr<HMAC>
+CryptoLink::createHMAC2(const void* secret, size_t secret_len,
+ const HMAC::HashAlgorithm hash_algorithm)
+{
+ std::auto_ptr<HMAC> asdf(new HMAC(secret, secret_len, hash_algorithm));
+ return asdf;
+ //return asdf;
+ //HMAC* h = createHMAC(secret, secret_len, hash_algorithm);
+ //return (boost::scoped_ptr<HMAC>(h));
+}
+
+} // namespace cryptolink
+} // namespace isc
+
diff --git a/src/lib/cryptolink/cryptolink.h b/src/lib/cryptolink/cryptolink.h
new file mode 100644
index 0000000..77b55e9
--- /dev/null
+++ b/src/lib/cryptolink/cryptolink.h
@@ -0,0 +1,181 @@
+// Copyright (C) 2011 Internet Systems Consortium, Inc. ("ISC")
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+// PERFORMANCE OF THIS SOFTWARE.
+
+#ifndef _ISC_CRYPTO_H
+#define _ISC_CRYPTO_H
+
+#include <string>
+#include <dns/buffer.h>
+#include <exceptions/exceptions.h>
+
+#include <boost/noncopyable.hpp>
+#include <boost/scoped_ptr.hpp>
+
+#include <cryptolink/crypto_hmac.h>
+
+#include <memory>
+
+namespace isc {
+namespace cryptolink {
+
+/// General exception class that is the base for all crypto-related
+/// exceptions
+class CryptoLinkError : public Exception {
+public:
+ CryptoLinkError(const char* file, size_t line, const char* what) :
+ isc::Exception(file, line, what) {}
+};
+
+/// This exception is thrown if there was a problem initializing the
+/// crypto library
+class InitializationError : public CryptoLinkError {
+public:
+ InitializationError(const char* file, size_t line, const char* what) :
+ CryptoLinkError(file, line, what) {}
+};
+
+/// This exception is thrown when a cryptographic action is requested
+/// for an algorithm that is not supported by the underlying library.
+class UnsupportedAlgorithm : public CryptoLinkError {
+public:
+ UnsupportedAlgorithm(const char* file, size_t line, const char* what) :
+ CryptoLinkError(file, line, what) {}
+};
+
+/// This exception is thrown when the underlying library could not
+/// handle the key data.
+class BadKey : public CryptoLinkError {
+public:
+ BadKey(const char* file, size_t line, const char* what) :
+ CryptoLinkError(file, line, what) {}
+};
+
+/// This exception is raised when a general error that was not
+/// specifically caught is thrown by the underlying library. It
+/// is replaced by this one so as not have 'external' exceptions
+/// bubbling up
+class LibraryError : public CryptoLinkError {
+public:
+ LibraryError(const char* file, size_t line, const char* what) :
+ CryptoLinkError(file, line, what) {}
+};
+
+/// Forward declaration for pimpl
+class CryptoLinkImpl;
+
+/// \brief Singleton entry point and factory class
+///
+/// This is a singleton class that serves as the entry point to
+/// the underlying cryptography library, and as a factory for objects
+/// within the cryptolink library.
+///
+/// There is only one way to access it, through getCryptoLink(), which
+/// returns a reference to the initialized library. On the first call,
+/// it will be initialized automatically. You can however initialize it
+/// manually through a call to the initalize(), before your first call
+/// to getCryptoLink. Any subsequent call to initialize() will be a
+/// noop.
+///
+/// In order for the CryptoLink library to be sure that the underlying
+/// library has been initialized, and because we do not want to add
+/// such a check to every class and function within it, we have made
+/// the constructors of all classes within cryptolink private. This way
+/// a caller cannot instantiate an object before the library is
+/// initialized, but must use CryptoLink's create method (e.g.
+/// createHMAC()), which enforces (automatic) initialization.
+///
+/// In order for the CryptoLink class to be able to create objects that
+/// have private constructors, it is declared a friend class of these
+/// classes.
+///
+/// \note All other classes within cryptolink should have private
+/// constructors as well, and should have a factory function from
+/// CryptoLink.
+///
+// Internal note: we can use this class later to initialize and manage
+// dynamic (PKCS#11) libs
+class CryptoLink : private boost::noncopyable {
+public:
+ /// \brief Returns a reference to the singleton instance
+ ///
+ /// If the library has not been initialized yet, it will be
+ /// initialized with some default values.
+ ///
+ /// Since this class is noncopyable, you must use the return
+ /// value directly, or store it in a reference variable.
+ ///
+ /// \exception InitializationError if initialization fails
+ ///
+ /// \return Reference to the singleton instance
+ static CryptoLink& getCryptoLink();
+
+ /// \brief Initialize the library manually
+ ///
+ /// If the library has already been initialized (either by a call
+ /// to initialize() or automatically in getCryptoLink()), this
+ /// function does nothing.
+ ///
+ /// \note A call to initialize() is not strictly necessary with
+ /// the current implementation.
+ ///
+ /// \exception InitializationError if initialization fails
+ ///
+ static void initialize();
+
+ /// \brief Factory function for HMAC objects
+ ///
+ /// CryptoLink objects cannot be constructed directly. This
+ /// function creates a new HMAC object usable for signing or
+ /// verification.
+ ///
+ /// The caller is responsible for deleting the object, and it is
+ /// therefore highly recommended to place the return value of this
+ /// function in a scoped_ptr or shared_ptr.
+ ///
+ /// Notes: if the secret is longer than the block size of its
+ /// algorithm, the constructor will run it through the hash
+ /// algorithm, and use the digest as the secret for this HMAC
+ /// operation
+ ///
+ /// \exception UnsupportedAlgorithmException if the given algorithm
+ /// is unknown or not supported by the underlying library
+ /// \exception InvalidKeyLength if the given key secret_len is bad
+ /// \exception LibraryError if there was any unexpected exception
+ /// in the underlying library
+ ///
+ /// \param secret The secret to sign with
+ /// \param secret_len The length of the secret
+ /// \param hash_algorithm The hash algorithm
+ HMAC* createHMAC(const void* secret, size_t secret_len,
+ const HMAC::HashAlgorithm hash_algorithm);
+ std::auto_ptr<HMAC> createHMAC2(const void* secret, size_t secret_len,
+ const HMAC::HashAlgorithm hash_algorithm);
+
+private:
+ // To enable us to use an optional explicit initialization call,
+ // the 'real' instance getter is private
+ static CryptoLink& getCryptoLinkInternal();
+
+ // To prevent people constructing their own, we make the constructor
+ // private too.
+ CryptoLink() : impl_(NULL) {}
+ ~CryptoLink();
+
+ CryptoLinkImpl* impl_;
+};
+
+} // namespace cryptolink
+} // namespace isc
+
+#endif // _ISC_CRYPTO_H
diff --git a/src/lib/cryptolink/tests/crypto_unittests.cc b/src/lib/cryptolink/tests/crypto_unittests.cc
index e4c3693..4202bb9 100644
--- a/src/lib/cryptolink/tests/crypto_unittests.cc
+++ b/src/lib/cryptolink/tests/crypto_unittests.cc
@@ -15,7 +15,7 @@
#include <config.h>
#include <gtest/gtest.h>
-#include <cryptolink/crypto.h>
+#include <cryptolink/cryptolink.h>
#include <dns/buffer.h>
#include <exceptions/exceptions.h>
@@ -147,7 +147,7 @@ namespace {
hash_algorithm));
hmac_sign->update(data.c_str(), data.size());
- // note: this is not exception-safe, and will leak, but
+ // note: this is not exception-safe, and can leak, but
// if there is an unexpected exception in the code below we
// have more important things to fix.
uint8_t* sig = new uint8_t[hmac_len];
@@ -204,7 +204,6 @@ TEST(CryptoLinkTest, HMAC_MD5_RFC2202_SIGN) {
doHMACTest("what do ya want for nothing?", "Jefe", 4, HMAC::MD5,
hmac_expected2, 16);
- const std::string data3(50, 0xdd);
const uint8_t secret3[] = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa };
@@ -212,7 +211,7 @@ TEST(CryptoLinkTest, HMAC_MD5_RFC2202_SIGN) {
0x14, 0x4c, 0x88, 0xdb, 0xb8,
0xc7, 0x33, 0xf0, 0xe8, 0xb3,
0xf6};
- doHMACTest(data3, secret3, 16, HMAC::MD5, hmac_expected3, 16);
+ doHMACTest(std::string(50, 0xdd), secret3, 16, HMAC::MD5, hmac_expected3, 16);
const std::string data4(50, 0xcd);
const uint8_t secret4[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
@@ -238,22 +237,20 @@ TEST(CryptoLinkTest, HMAC_MD5_RFC2202_SIGN) {
doHMACTest("Test With Truncation", secret5, 16, HMAC::MD5,
hmac_expected5, 12);
- const std::string secret6(80, 0xaa);
const uint8_t hmac_expected6[] = { 0x6b, 0x1a, 0xb7, 0xfe, 0x4b,
0xd7, 0xbf, 0x8f, 0x0b, 0x62,
0xe6, 0xce, 0x61, 0xb9, 0xd0,
0xcd };
doHMACTest("Test Using Larger Than Block-Size Key - Hash Key First",
- secret6.c_str(), 80, HMAC::MD5, hmac_expected6, 16);
+ std::string(80, 0xaa).c_str(), 80, HMAC::MD5, hmac_expected6, 16);
- // same secret as for test 6
const uint8_t hmac_expected7[] = { 0x6f, 0x63, 0x0f, 0xad, 0x67,
0xcd, 0xa0, 0xee, 0x1f, 0xb1,
0xf5, 0x62, 0xdb, 0x3a, 0xa5,
0x3e };
doHMACTest("Test Using Larger Than Block-Size Key and Larger Than "
"One Block-Size Data",
- secret6.c_str(), 80, HMAC::MD5, hmac_expected7, 16);
+ std::string(80, 0xaa).c_str(), 80, HMAC::MD5, hmac_expected7, 16);
}
//
@@ -276,7 +273,6 @@ TEST(CryptoLinkTest, HMAC_SHA1_RFC2202_SIGN) {
doHMACTest("what do ya want for nothing?", "Jefe", 4, HMAC::SHA1,
hmac_expected2, 20);
- const std::string data3(50, 0xdd);
const uint8_t secret3[] = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
@@ -285,9 +281,8 @@ TEST(CryptoLinkTest, HMAC_SHA1_RFC2202_SIGN) {
0xac, 0x11, 0xcd, 0x91, 0xa3,
0x9a, 0xf4, 0x8a, 0xa1, 0x7b,
0x4f, 0x63, 0xf1, 0x75, 0xd3 };
- doHMACTest(data3, secret3, 20, HMAC::SHA1, hmac_expected3, 20);
+ doHMACTest(std::string(50, 0xdd), secret3, 20, HMAC::SHA1, hmac_expected3, 20);
- const std::string data4(50, 0xcd);
const uint8_t secret4[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12,
@@ -297,7 +292,7 @@ TEST(CryptoLinkTest, HMAC_SHA1_RFC2202_SIGN) {
0x62, 0x50, 0xc6, 0xbc, 0x84,
0x14, 0xf9, 0xbf, 0x50, 0xc8,
0x6c, 0x2d, 0x72, 0x35, 0xda };
- doHMACTest(data4, secret4, 25, HMAC::SHA1, hmac_expected4, 20);
+ doHMACTest(std::string(50, 0xcd), secret4, 25, HMAC::SHA1, hmac_expected4, 20);
const uint8_t secret5[] = { 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
@@ -312,22 +307,20 @@ TEST(CryptoLinkTest, HMAC_SHA1_RFC2202_SIGN) {
doHMACTest("Test With Truncation", secret5, 20, HMAC::SHA1,
hmac_expected5, 12);
- const std::string secret6(80, 0xaa);
const uint8_t hmac_expected6[] = { 0xaa, 0x4a, 0xe5, 0xe1, 0x52,
0x72, 0xd0, 0x0e, 0x95, 0x70,
0x56, 0x37, 0xce, 0x8a, 0x3b,
0x55, 0xed, 0x40, 0x21, 0x12 };
doHMACTest("Test Using Larger Than Block-Size Key - Hash Key First",
- secret6.c_str(), 80, HMAC::SHA1, hmac_expected6, 20);
+ std::string(80, 0xaa).c_str(), 80, HMAC::SHA1, hmac_expected6, 20);
- // same secret as for test 6
const uint8_t hmac_expected7[] = { 0xe8, 0xe9, 0x9d, 0x0f, 0x45,
0x23, 0x7d, 0x78, 0x6d, 0x6b,
0xba, 0xa7, 0x96, 0x5c, 0x78,
0x08, 0xbb, 0xff, 0x1a, 0x91 };
doHMACTest("Test Using Larger Than Block-Size Key and Larger Than "
"One Block-Size Data",
- secret6.c_str(), 80, HMAC::SHA1, hmac_expected7, 20);
+ std::string(80, 0xaa).c_str(), 80, HMAC::SHA1, hmac_expected7, 20);
}
//
@@ -356,7 +349,6 @@ TEST(CryptoLinkTest, HMAC_SHA256_RFC2202_SIGN) {
doHMACTest("what do ya want for nothing?", "Jefe", 4, HMAC::SHA256,
hmac_expected2, 32);
- const std::string data3(50, 0xdd);
const uint8_t secret3[] = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
@@ -368,9 +360,8 @@ TEST(CryptoLinkTest, HMAC_SHA256_RFC2202_SIGN) {
0x3e, 0xf8, 0xc1, 0x22, 0xd9,
0x63, 0x55, 0x14, 0xce, 0xd5,
0x65, 0xfe };
- doHMACTest(data3, secret3, 20, HMAC::SHA256, hmac_expected3, 32);
+ doHMACTest(std::string(50, 0xdd), secret3, 20, HMAC::SHA256, hmac_expected3, 32);
- const std::string data4(50, 0xcd);
const uint8_t secret4[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12,
@@ -383,7 +374,7 @@ TEST(CryptoLinkTest, HMAC_SHA256_RFC2202_SIGN) {
0xe5, 0x78, 0xf8, 0x07, 0x7a,
0x2e, 0x3f, 0xf4, 0x67, 0x29,
0x66, 0x5b };
- doHMACTest(data4, secret4, 25, HMAC::SHA256, hmac_expected4, 32);
+ doHMACTest(std::string(50, 0xcd), secret4, 25, HMAC::SHA256, hmac_expected4, 32);
const uint8_t secret5[] = { 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
@@ -396,7 +387,6 @@ TEST(CryptoLinkTest, HMAC_SHA256_RFC2202_SIGN) {
doHMACTest("Test With Truncation", secret5, 20, HMAC::SHA256,
hmac_expected5, 16);
- const std::string secret6(131, 0xaa);
const uint8_t hmac_expected6[] = { 0x60, 0xe4, 0x31, 0x59, 0x1e,
0xe0, 0xb6, 0x7f, 0x0d, 0x8a,
0x26, 0xaa, 0xcb, 0xf5, 0xb7,
@@ -405,9 +395,8 @@ TEST(CryptoLinkTest, HMAC_SHA256_RFC2202_SIGN) {
0x46, 0x04, 0x0f, 0x0e, 0xe3,
0x7f, 0x54 };
doHMACTest("Test Using Larger Than Block-Size Key - Hash Key First",
- secret6.c_str(), 131, HMAC::SHA256, hmac_expected6, 32);
+ std::string(131, 0xaa).c_str(), 131, HMAC::SHA256, hmac_expected6, 32);
- // Same secret as test 6
const uint8_t hmac_expected7[] = { 0x9b, 0x09, 0xff, 0xa7, 0x1b,
0x94, 0x2f, 0xcb, 0x27, 0x63,
0x5f, 0xbc, 0xd5, 0xb0, 0xe9,
@@ -418,14 +407,16 @@ TEST(CryptoLinkTest, HMAC_SHA256_RFC2202_SIGN) {
doHMACTest("This is a test using a larger than block-size key and a"
" larger than block-size data. The key needs to be hashe"
"d before being used by the HMAC algorithm.",
- secret6.c_str(), 131, HMAC::SHA256, hmac_expected7, 32);
+ std::string(131, 0xaa).c_str(), 131, HMAC::SHA256, hmac_expected7, 32);
}
namespace {
size_t
sigVectorLength(HMAC::HashAlgorithm alg, size_t len) {
- boost::scoped_ptr<HMAC> hmac_sign(
+ std::auto_ptr<HMAC> hmac_sign(
CryptoLink::getCryptoLink().createHMAC("asdf", 4, alg));
+ //boost::scoped_ptr<HMAC> hmac_sign(
+ // CryptoLink::getCryptoLink().createHMAC("asdf", 4, alg));
hmac_sign->update("asdf", 4);
const std::vector<uint8_t> sig = hmac_sign->sign(len);
return (sig.size());
diff --git a/src/lib/cryptolink/tests/run_unittests.cc b/src/lib/cryptolink/tests/run_unittests.cc
index 4b0f27a..d5e20c9 100644
--- a/src/lib/cryptolink/tests/run_unittests.cc
+++ b/src/lib/cryptolink/tests/run_unittests.cc
@@ -15,7 +15,6 @@
#include <gtest/gtest.h>
#include <dns/tests/unittest_util.h>
-#include <cryptolink/crypto.h>
int
main(int argc, char* argv[]) {
diff --git a/src/lib/dns/tsigkey.cc b/src/lib/dns/tsigkey.cc
index 5376c70..fa96843 100644
--- a/src/lib/dns/tsigkey.cc
+++ b/src/lib/dns/tsigkey.cc
@@ -15,10 +15,11 @@
#include <map>
#include <utility>
#include <vector>
+#include <sstream>
#include <exceptions/exceptions.h>
-#include <cryptolink/crypto.h>
+#include <cryptolink/cryptolink.h>
#include <dns/name.h>
#include <dns/util/base64.h>
More information about the bind10-changes
mailing list