12#include <boost/scoped_ptr.hpp>
14#include <openssl/evp.h>
37 explicit HMACImpl(
const void* secret,
size_t secret_len,
39 : hash_algorithm_(hash_algorithm), md_(), digest_() {
43 "Unknown hash algorithm: " <<
44 static_cast<int>(hash_algorithm));
46 if (secret_len == 0) {
50 md_ = EVP_MD_CTX_new();
56 EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL,
57 reinterpret_cast<const unsigned char*
>(secret),
62 "OpenSSL EVP_PKEY_new_raw_private_key() failed");
65 if (!EVP_DigestSignInit(md_, NULL, algo, NULL, pkey)) {
83 return (hash_algorithm_);
90 return (EVP_MD_CTX_size(md_));
96 void update(
const void* data,
const size_t len) {
101 if (!EVP_DigestSignUpdate(md_, data, len)) {
112 size_t digest_len = size;
113 if (!EVP_DigestSignFinal(md_, &
digest[0], &digest_len)) {
116 if (digest_len != size) {
128 void sign(
void* result,
size_t len) {
131 size_t digest_len = size;
132 if (!EVP_DigestSignFinal(md_, &
digest[0], &digest_len)) {
135 if (digest_len != size) {
141 std::memcpy(result, &
digest[0], len);
147 std::vector<uint8_t>
sign(
size_t len) {
150 size_t digest_len = size;
151 if (!EVP_DigestSignFinal(md_, &
digest[0], &digest_len)) {
154 if (digest_len != size) {
160 return (std::vector<uint8_t>(
digest.begin(),
digest.end()));
166 bool verify(
const void* sig,
size_t len) {
169 if (len < 10 || len < size / 2) {
172 if (digest_.size() == 0) {
173 digest_.resize(size);
174 size_t digest_len = size;
175 if (!EVP_DigestSignFinal(md_, &digest_[0], &digest_len)) {
178 if (digest_len != size) {
185 return (digest_.same(sig, len));
199HMAC::HMAC(
const void* secret,
size_t secret_length,
202 impl_ =
new HMACImpl(secret, secret_length, hash_algorithm);
226 impl_->
sign(result, len);
231 impl_->
sign(result, len);
236 return impl_->
sign(len);
241 return (impl_->
verify(sig, len));
This exception is thrown when the underlying library could not handle the key data.
Botan implementation of HMAC.
std::vector< uint8_t > sign(size_t len)
Calculate the final signature.
void sign(void *result, size_t len)
Calculate the final signature.
size_t getOutputLength() const
Returns the output size of the digest.
HashAlgorithm getHashAlgorithm() const
Returns the HashAlgorithm of the object.
HMACImpl(const void *secret, size_t secret_len, const HashAlgorithm hash_algorithm)
Constructor from a secret and a hash algorithm.
void sign(isc::util::OutputBuffer &result, size_t len)
Calculate the final signature.
bool verify(const void *sig, size_t len)
Verify an existing signature.
void update(const void *data, const size_t len)
Add data to digest.
void update(const void *data, const size_t len)
Add data to digest.
bool verify(const void *sig, size_t len)
Verify an existing signature.
size_t getOutputLength() const
Returns the output size of the digest.
void sign(isc::util::OutputBuffer &result, size_t len)
Calculate the final signature.
HashAlgorithm getHashAlgorithm() const
Returns the HashAlgorithm of the object.
This exception is raised when a general error that was not specifically caught is thrown by the under...
This exception is thrown when a cryptographic action is requested for an algorithm that is not suppor...
Secure Buffers which are wiped out when released.
The OutputBuffer class is a buffer abstraction for manipulating mutable data.
void writeData(const void *data, size_t len)
Copy an arbitrary length of data into the buffer.
#define isc_throw(type, stream)
A shortcut macro to insert known values into exception arguments.
const EVP_MD * getHashAlgorithm(isc::cryptolink::HashAlgorithm algorithm)
Decode the HashAlgorithm enum into an EVP_MD pointer (or 0)
HashAlgorithm
Hash algorithm identifiers.
void digest(const void *data, const size_t data_len, const HashAlgorithm hash_algorithm, isc::util::OutputBuffer &result, size_t len)
Create an Hash digest for the given data.
Defines the logger used by the top-level component of kea-lfc.