Kea  2.3.2-git
tsig.h
Go to the documentation of this file.
1 // Copyright (C) 2011-2021 Internet Systems Consortium, Inc. ("ISC")
2 //
3 // This Source Code Form is subject to the terms of the Mozilla Public
4 // License, v. 2.0. If a copy of the MPL was not distributed with this
5 // file, You can obtain one at http://mozilla.org/MPL/2.0/.
6 
7 // IMPORTANT: the server side of this code MUST NOT be used until
8 // it was fixed, cf RFC 8945. Note that Kea uses only the client side.
9 
10 #ifndef TSIG_H
11 #define TSIG_H 1
12 
13 #include <boost/noncopyable.hpp>
14 #include <boost/shared_ptr.hpp>
15 
16 #include <exceptions/exceptions.h>
17 
18 #include <dns/tsigerror.h>
19 #include <dns/tsigkey.h>
20 #include <dns/tsigrecord.h>
21 
22 namespace isc {
23 namespace dns {
24 
31 class TSIGContextError : public isc::Exception {
32 public:
33  TSIGContextError(const char* file, size_t line, const char* what) :
34  isc::Exception(file, line, what) {}
35 };
36 
171 class TSIGContext : boost::noncopyable {
172 public:
181  enum State {
182  INIT,
183  SENT_REQUEST,
184  RECEIVED_REQUEST,
185  SENT_RESPONSE,
186  VERIFIED_RESPONSE
187  };
188 
191 
192  explicit TSIGContext(const TSIGKey& key);
198 
200  TSIGContext(const Name& key_name, const Name& algorithm_name,
201  const TSIGKeyRing& keyring);
202 
204  virtual ~TSIGContext();
206 
263  virtual ConstTSIGRecordPtr
264  sign(const uint16_t qid, const void* const data, const size_t data_len);
265 
353  virtual TSIGError
354  verify(const TSIGRecord* const record, const void* const data, const size_t data_len);
355 
367  virtual bool lastHadSignature() const;
368 
388  virtual size_t getTSIGLength() const;
389 
397  virtual State getState() const;
398 
405  virtual TSIGError getError() const;
406 
409 
410  static const uint16_t DEFAULT_FUDGE = 300;
416 
417 protected:
428  void update(const void* const data, size_t len);
429 
430 private:
431  struct TSIGContextImpl;
432  TSIGContextImpl* impl_;
433 };
434 
435 typedef boost::shared_ptr<TSIGContext> TSIGContextPtr;
436 typedef boost::shared_ptr<TSIGKey> TSIGKeyPtr;
437 
438 }
439 }
440 
441 #endif // TSIG_H
442 
443 // Local Variables:
444 // mode: c++
445 // End:
isc::dns::Name
The Name class encapsulates DNS names.
Definition: name.h:223
isc::dns::TSIGContextError::TSIGContextError
TSIGContextError(const char *file, size_t line, const char *what)
Definition: tsig.h:33
isc::dns::TSIGContext
TSIG session context.
Definition: tsig.h:171
isc::dns::TSIGKey
TSIG key.
Definition: tsigkey.h:56
isc::dns::TSIGContext::SENT_RESPONSE
Server sent a signed response.
Definition: tsig.h:185
isc::dns::TSIGContext::State
State
Internal state of context.
Definition: tsig.h:181
isc::dns::TSIGRecord
TSIG resource record.
Definition: tsigrecord.h:54
isc::dns::TSIGContext::RECEIVED_REQUEST
Server received a signed request.
Definition: tsig.h:184
isc::Exception::what
virtual const char * what() const
Returns a C-style character string of the cause of the exception.
Definition: exceptions/exceptions.cc:32
isc::dns::TSIGContext::SENT_REQUEST
Client sent a signed request, waiting response.
Definition: tsig.h:183
isc::dns::TSIGKeyPtr
boost::shared_ptr< TSIGKey > TSIGKeyPtr
Definition: tsig.h:436
isc::dns::TSIGContextError
An exception that is thrown for logic errors identified in TSIG sign/verify operations.
Definition: tsig.h:31
isc::dns::ConstTSIGRecordPtr
boost::shared_ptr< const TSIGRecord > ConstTSIGRecordPtr
A pointer-like type pointing to an immutable TSIGRecord object.
Definition: tsigrecord.h:280
isc::Exception
This is a base class for exceptions thrown from the DNS library module.
Definition: exceptions/exceptions.h:23
isc
Defines the logger used by the top-level component of kea-lfc.
Definition: agent_parser.cc:143
isc::dns::TSIGError
TSIG errors.
Definition: tsigerror.h:22
isc::dns::TSIGKeyRing
A simple repository of a set of TSIGKey objects.
Definition: tsigkey.h:246
isc::dns::TSIGContextPtr
boost::shared_ptr< TSIGContext > TSIGContextPtr
Definition: tsig.h:435
isc::dns::TSIGContext::INIT
Initial state.
Definition: tsig.h:182