22#include <boost/lexical_cast.hpp>
34 key_name_(key_name), algorithm_name_(algorithm_name),
35 algorithm_(algorithm), digestbits_(digestbits),
42 algorithm_name_.downcase();
47 const void* secret,
size_t secret_len) :
48 key_name_(key_name), algorithm_name_(algorithm_name),
49 algorithm_(algorithm), digestbits_(digestbits),
50 secret_(static_cast<const uint8_t*>(secret),
51 static_cast<const uint8_t*>(secret) + secret_len) {
57 algorithm_name_.downcase();
96 const void* secret,
size_t secret_len,
97 size_t digestbits ) : impl_(0) {
98 const HashAlgorithm algorithm = convertAlgorithmName(algorithm_name);
99 if ((secret && secret_len == 0) ||
100 (!secret && secret_len != 0)) {
102 "TSIGKey secret and its length are inconsistent: " <<
103 key_name <<
":" << algorithm_name);
107 "TSIGKey with unknown algorithm has non empty secret: " <<
108 key_name <<
":" << algorithm_name);
115 digestbits, secret, secret_len));
121 istringstream iss(str);
124 getline(iss, keyname_str,
':');
125 if (iss.fail() || iss.bad() || iss.eof()) {
130 getline(iss, secret_str,
':');
131 if (iss.fail() || iss.bad()) {
137 getline(iss, algo_str,
':');
139 if (iss.fail() || iss.bad()) {
145 getline(iss, dgstbt_str);
147 if (iss.fail() || iss.bad()) {
151 const Name algo_name(algo_str.empty() ?
"hmac-md5.sig-alg.reg.int" :
153 const HashAlgorithm algorithm = convertAlgorithmName(algo_name);
154 size_t digestbits = 0;
156 if (!dgstbt_str.empty()) {
157 digestbits = boost::lexical_cast<size_t>(dgstbt_str);
159 }
catch (
const boost::bad_lexical_cast&) {
161 "TSIG key with non-numeric digestbits: " << dgstbt_str);
164 vector<uint8_t> secret;
169 "TSIG key with unknown algorithm has non empty secret: "
173 if (secret.empty()) {
178 digestbits, &secret[0], secret.size()));
192 if (
this == &source) {
205 return (impl_->key_name_);
210 return (impl_->algorithm_name_);
215 return (impl_->algorithm_);
220 return (impl_->digestbits_);
225 return ((impl_->secret_.size() > 0) ? &impl_->secret_[0] : 0);
230 return (impl_->secret_.size());
236 const vector<uint8_t> secret_v(
static_cast<const uint8_t*
>(
getSecret()),
237 static_cast<const uint8_t*
>(
getSecret()) +
242 std::string dgstbt_str = boost::lexical_cast<std::string>(
static_cast<int>(digestbits));
265 return (impl_->keys.size());
284 TSIGKeyRingImpl::TSIGKeyMap::const_iterator found =
285 impl_->keys.find(key_name);
286 if (found == impl_->keys.end()) {
294 TSIGKeyRingImpl::TSIGKeyMap::const_iterator found =
295 impl_->keys.find(key_name);
296 if (found == impl_->keys.end() ||
297 (*found).second.getAlgorithmName() != algorithm_name) {
305 static Name alg_name(
"hmac-md5.sig-alg.reg.int");
311 static Name alg_name(
"hmac-md5");
317 static Name alg_name(
"hmac-sha1");
323 static Name alg_name(
"hmac-sha224");
329 static Name alg_name(
"hmac-sha256");
335 static Name alg_name(
"hmac-sha384");
341 static Name alg_name(
"hmac-sha512");
347 static Name alg_name(
"gss-tsig");
This is a base class for exceptions thrown from the DNS library module.
virtual const char * what() const
Returns a C-style character string of the cause of the exception.
A generic exception that is thrown if a parameter given to a method or function is considered invalid...
The Name class encapsulates DNS names.
~TSIGKeyRing()
The destructor.
unsigned int size() const
Return the number of keys stored in the TSIGKeyRing.
Result remove(const Name &key_name)
Remove a TSIGKey for the given name from the TSIGKeyRing.
TSIGKeyRing()
The default constructor.
Result add(const TSIGKey &key)
Add a TSIGKey to the TSIGKeyRing.
FindResult find(const Name &key_name) const
Find a TSIGKey for the given name in the TSIGKeyRing.
Result
Result codes of various public methods of TSIGKeyRing.
static const Name & HMACMD5_NAME()
Well known algorithm names as defined in RFC2845 and RFC4635.
static const Name & HMACSHA224_NAME()
const Name & getAlgorithmName() const
Return the algorithm name.
virtual ~TSIGKey()
The destructor.
static const Name & GSSTSIG_NAME()
size_t getDigestbits() const
Return the minimum truncated length.
static const Name & HMACSHA256_NAME()
TSIGKey & operator=(const TSIGKey &source)
Assignment operator.
isc::cryptolink::HashAlgorithm getAlgorithm() const
Return the hash algorithm name in the form of cryptolink::HashAlgorithm.
static const Name & HMACSHA1_NAME()
const Name & getKeyName() const
Getter Methods.
static const Name & HMACMD5_SHORT_NAME()
static const Name & HMACSHA512_NAME()
TSIGKey(const Name &key_name, const Name &algorithm_name, const void *secret, size_t secret_len, size_t digestbits=0)
Constructors, Assignment Operator and Destructor.
static const Name & HMACSHA384_NAME()
std::string toText() const
Converts the TSIGKey to a string value.
size_t getSecretLength() const
Return the length of the TSIG secret in bytes.
const void * getSecret() const
Return the value of the TSIG secret.
#define isc_throw(type, stream)
A shortcut macro to insert known values into exception arguments.
HashAlgorithm
Hash algorithm identifiers.
string encodeBase64(const vector< uint8_t > &binary)
Encode binary data in the base64 format.
void decodeBase64(const std::string &encoded_str, std::vector< uint8_t > &output)
Decode a base64 encoded string into binary data.
Defines the logger used by the top-level component of kea-lfc.
A helper structure to represent the search result of TSIGKeyRing::find().
pair< Name, TSIGKey > NameAndKey
map< Name, TSIGKey > TSIGKeyMap
const isc::cryptolink::HashAlgorithm algorithm_
TSIGKeyImpl(const Name &key_name, const Name &algorithm_name, isc::cryptolink::HashAlgorithm algorithm, size_t digestbits, const void *secret, size_t secret_len)
TSIGKeyImpl(const Name &key_name, const Name &algorithm_name, isc::cryptolink::HashAlgorithm algorithm, size_t digestbits)
const vector< uint8_t > secret_