13#include <botan/exceptn.h>
26 return (
"HMAC(SHA-1)");
28 return (
"HMAC(SHA-256)");
30 return (
"HMAC(SHA-224)");
32 return (
"HMAC(SHA-384)");
34 return (
"HMAC(SHA-512)");
36 return (
"HMAC(Unknown)");
54 explicit HMACImpl(
const void* secret,
size_t secret_len,
56 : hash_algorithm_(hash_algorithm), hmac_() {
58 const std::string& name =
60 hmac_ = Botan::MessageAuthenticationCode::create_or_throw(name);
61 }
catch (
const Botan::Lookup_Error&) {
63 "Unknown hash algorithm: " <<
64 static_cast<int>(hash_algorithm));
65 }
catch (
const Botan::Exception& exc) {
72 if (secret_len == 0) {
75 hmac_->set_key(
static_cast<const Botan::byte*
>(secret),
77 }
catch (
const Botan::Invalid_Key_Length& ikl) {
79 }
catch (
const Botan::Exception& exc) {
89 return (hash_algorithm_);
96 return (hmac_->output_length());
102 void update(
const void* data,
const size_t len) {
104 hmac_->update(
static_cast<const Botan::byte*
>(data), len);
105 }
catch (
const Botan::Exception& exc) {
115 Botan::secure_vector<Botan::byte> b_result(hmac_->final());
117 if (len > b_result.size()) {
118 len = b_result.size();
121 }
catch (
const Botan::Exception& exc) {
129 void sign(
void* result,
size_t len) {
131 Botan::secure_vector<Botan::byte> b_result(hmac_->final());
133 if (output_size > len) {
136 std::memcpy(result, &b_result[0], output_size);
137 }
catch (
const Botan::Exception& exc) {
145 std::vector<uint8_t>
sign(
size_t len) {
147 Botan::secure_vector<Botan::byte> b_result(hmac_->final());
148 if (len > b_result.size()) {
149 len = b_result.size();
154 return (std::vector<uint8_t>(&b_result[0], &b_result[0]+len));
155 }
catch (
const Botan::Exception& exc) {
164 bool verify(
const void* sig,
size_t len) {
170 if (len < 10 || len < size / 2) {
176 if (digest_.size() == 0) {
177 digest_ = hmac_->final();
179 const uint8_t* sig8 =
static_cast<const uint8_t*
>(sig);
180 return (Botan::constant_time_compare(&digest_[0], sig8, len));
181 }
catch (
const Botan::Exception& exc) {
191 std::unique_ptr<Botan::MessageAuthenticationCode> hmac_;
194 Botan::secure_vector<Botan::byte> digest_;
197HMAC::HMAC(
const void* secret,
size_t secret_length,
200 impl_ =
new HMACImpl(secret, secret_length, hash_algorithm);
224 impl_->
sign(result, len);
229 impl_->
sign(result, len);
234 return impl_->
sign(len);
239 return (impl_->
verify(sig, len));
virtual const char * what() const
Returns a C-style character string of the cause of the exception.
This exception is thrown when the underlying library could not handle the key data.
Botan implementation of HMAC.
std::vector< uint8_t > sign(size_t len)
Calculate the final signature.
void sign(void *result, size_t len)
Calculate the final signature.
size_t getOutputLength() const
Returns the output size of the digest.
~HMACImpl()=default
Destructor.
HashAlgorithm getHashAlgorithm() const
Returns the HashAlgorithm of the object.
HMACImpl(const void *secret, size_t secret_len, const HashAlgorithm hash_algorithm)
Constructor from a secret and a hash algorithm.
void sign(isc::util::OutputBuffer &result, size_t len)
Calculate the final signature.
bool verify(const void *sig, size_t len)
Verify an existing signature.
void update(const void *data, const size_t len)
Add data to digest.
void update(const void *data, const size_t len)
Add data to digest.
bool verify(const void *sig, size_t len)
Verify an existing signature.
size_t getOutputLength() const
Returns the output size of the digest.
void sign(isc::util::OutputBuffer &result, size_t len)
Calculate the final signature.
HashAlgorithm getHashAlgorithm() const
Returns the HashAlgorithm of the object.
This exception is raised when a general error that was not specifically caught is thrown by the under...
This exception is thrown when a cryptographic action is requested for an algorithm that is not suppor...
The OutputBuffer class is a buffer abstraction for manipulating mutable data.
void writeData(const void *data, size_t len)
Copy an arbitrary length of data into the buffer.
#define isc_throw(type, stream)
A shortcut macro to insert known values into exception arguments.
const std::string getHmacAlgorithmName(isc::cryptolink::HashAlgorithm algorithm)
Decode the HashAlgorithm enum into a name usable by Botan.
HashAlgorithm
Hash algorithm identifiers.
Defines the logger used by the top-level component of kea-lfc.