12#include <boost/scoped_ptr.hpp>
14#include <openssl/evp.h>
34 explicit HMACImpl(
const void* secret,
size_t secret_len,
36 : hash_algorithm_(hash_algorithm), md_(), digest_() {
40 "Unknown hash algorithm: " <<
41 static_cast<int>(hash_algorithm));
43 if (secret_len == 0) {
47 md_ = EVP_MD_CTX_new();
53 EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL,
54 reinterpret_cast<const unsigned char*
>(secret),
59 "OpenSSL EVP_PKEY_new_raw_private_key() failed");
62 if (!EVP_DigestSignInit(md_, NULL, algo, NULL, pkey)) {
34 explicit HMACImpl(
const void* secret,
size_t secret_len, {
…}
80 return (hash_algorithm_);
87 return (EVP_MD_CTX_size(md_));
93 void update(
const void* data,
const size_t len) {
98 if (!EVP_DigestSignUpdate(md_, data, len)) {
93 void update(
const void* data,
const size_t len) {
…}
109 size_t digest_len = size;
110 if (!EVP_DigestSignFinal(md_, &
digest[0], &digest_len)) {
113 if (digest_len != size) {
125 void sign(
void* result,
size_t len) {
128 size_t digest_len = size;
129 if (!EVP_DigestSignFinal(md_, &
digest[0], &digest_len)) {
132 if (digest_len != size) {
138 std::memcpy(result, &
digest[0], len);
125 void sign(
void* result,
size_t len) {
…}
144 std::vector<uint8_t>
sign(
size_t len) {
147 size_t digest_len = size;
148 if (!EVP_DigestSignFinal(md_, &
digest[0], &digest_len)) {
151 if (digest_len != size) {
157 return (std::vector<uint8_t>(
digest.begin(),
digest.end()));
144 std::vector<uint8_t>
sign(
size_t len) {
…}
163 bool verify(
const void* sig,
size_t len) {
166 if (len < 10 || len < size / 2) {
169 if (digest_.size() == 0) {
170 digest_.resize(size);
171 size_t digest_len = size;
172 if (!EVP_DigestSignFinal(md_, &digest_[0], &digest_len)) {
175 if (digest_len != size) {
182 return (digest_.same(sig, len));
196HMAC::HMAC(
const void* secret,
size_t secret_length,
199 impl_ =
new HMACImpl(secret, secret_length, hash_algorithm);
223 impl_->
sign(result, len);
228 impl_->
sign(result, len);
233 return impl_->
sign(len);
238 return (impl_->
verify(sig, len));
This exception is thrown when the underlying library could not handle the key data.
Botan implementation of HMAC.
std::vector< uint8_t > sign(size_t len)
Calculate the final signature.
void sign(void *result, size_t len)
Calculate the final signature.
size_t getOutputLength() const
Returns the output size of the digest.
HashAlgorithm getHashAlgorithm() const
Returns the HashAlgorithm of the object.
HMACImpl(const void *secret, size_t secret_len, const HashAlgorithm hash_algorithm)
Constructor from a secret and a hash algorithm.
void sign(isc::util::OutputBuffer &result, size_t len)
Calculate the final signature.
bool verify(const void *sig, size_t len)
Verify an existing signature.
void update(const void *data, const size_t len)
Add data to digest.
void update(const void *data, const size_t len)
Add data to digest.
bool verify(const void *sig, size_t len)
Verify an existing signature.
size_t getOutputLength() const
Returns the output size of the digest.
void sign(isc::util::OutputBuffer &result, size_t len)
Calculate the final signature.
HashAlgorithm getHashAlgorithm() const
Returns the HashAlgorithm of the object.
This exception is raised when a general error that was not specifically caught is thrown by the under...
This exception is thrown when a cryptographic action is requested for an algorithm that is not suppor...
Secure Buffers which are wiped out when released.
The OutputBuffer class is a buffer abstraction for manipulating mutable data.
void writeData(const void *data, size_t len)
Copy an arbitrary length of data into the buffer.
#define isc_throw(type, stream)
A shortcut macro to insert known values into exception arguments.
const EVP_MD * getHashAlgorithm(isc::cryptolink::HashAlgorithm algorithm)
Decode the HashAlgorithm enum into an EVP_MD pointer (or 0)
HashAlgorithm
Hash algorithm identifiers.
void digest(const void *data, const size_t data_len, const HashAlgorithm hash_algorithm, isc::util::OutputBuffer &result, size_t len)
Create an Hash digest for the given data.
Defines the logger used by the top-level component of kea-lfc.