Kea 2.7.6
|
Namespaces | |
namespace | btn |
namespace | ossl |
Classes | |
class | BadKey |
This exception is thrown when the underlying library could not handle the key data. More... | |
class | CryptoLink |
Singleton entry point and factory class. More... | |
class | CryptoLinkError |
General exception class that is the base for all crypto-related exceptions. More... | |
class | CryptoLinkImpl |
class | Hash |
Hash support. More... | |
class | HashImpl |
Botan implementation of Hash. More... | |
class | HMAC |
HMAC support. More... | |
class | HMACImpl |
Botan implementation of HMAC. More... | |
class | InitializationError |
This exception is thrown if there was a problem initializing the crypto library. More... | |
class | LibraryError |
This exception is raised when a general error that was not specifically caught is thrown by the underlying library. More... | |
class | RNG |
RNG support. More... | |
class | RNGImpl |
Botan implementation of RNG. More... | |
class | UnsupportedAlgorithm |
This exception is thrown when a cryptographic action is requested for an algorithm that is not supported by the underlying library. More... | |
Typedefs | |
typedef boost::shared_ptr< CryptoLinkImpl > | CryptoLinkImplPtr |
Type representing the pointer to the CryptoLinkImpl. | |
typedef boost::shared_ptr< RNG > | RNGPtr |
Type representing the pointer to the RNG. | |
Enumerations | |
enum | HashAlgorithm { UNKNOWN_HASH = 0 , MD5 = 1 , SHA1 = 2 , SHA256 = 3 , SHA224 = 4 , SHA384 = 5 , SHA512 = 6 } |
Hash algorithm identifiers. More... | |
Functions | |
void | deleteHash (Hash *hash) |
Delete an Hash object. | |
void | deleteHMAC (HMAC *hmac) |
Delete an HMAC object. | |
void | digest (const void *data, const size_t data_len, const HashAlgorithm hash_algorithm, isc::util::OutputBuffer &result, size_t len=0) |
Create an Hash digest for the given data. | |
uint16_t | generateQid () |
Generate a Qid. | |
std::vector< uint8_t > | random (size_t len) |
Generate random value. | |
void | signHMAC (const void *data, const size_t data_len, const void *secret, size_t secret_len, const HashAlgorithm hash_algorithm, isc::util::OutputBuffer &result, size_t len=0) |
Create an HMAC signature for the given data. | |
bool | verifyHMAC (const void *data, const size_t data_len, const void *secret, size_t secret_len, const HashAlgorithm hash_algorithm, const void *sig, const size_t sig_len) |
Verify an HMAC signature for the given data. | |
typedef boost::shared_ptr<CryptoLinkImpl> isc::cryptolink::CryptoLinkImplPtr |
Type representing the pointer to the CryptoLinkImpl.
Definition at line 96 of file cryptolink.h.
typedef boost::shared_ptr<RNG> isc::cryptolink::RNGPtr |
Type representing the pointer to the RNG.
Definition at line 48 of file cryptolink.h.
Hash algorithm identifiers.
Enumerator | |
---|---|
UNKNOWN_HASH | |
MD5 | |
SHA1 | |
SHA256 | |
SHA224 | |
SHA384 | |
SHA512 |
Definition at line 23 of file cryptolink.h.
void isc::cryptolink::deleteHash | ( | Hash * | hash | ) |
Delete an Hash object.
Definition at line 34 of file crypto_hash.cc.
void isc::cryptolink::deleteHMAC | ( | HMAC * | hmac | ) |
Delete an HMAC object.
Definition at line 54 of file crypto_hmac.cc.
Referenced by isc::dns::TSIGContext::TSIGContextImpl::TSIGContextImpl(), and isc::dns::TSIGContext::TSIGContextImpl::createHMAC().
void isc::cryptolink::digest | ( | const void * | data, |
const size_t | data_len, | ||
const HashAlgorithm | hash_algorithm, | ||
isc::util::OutputBuffer & | result, | ||
size_t | len = 0 ) |
Create an Hash digest for the given data.
This is a convenience function that calculates the hash digest, given a fixed amount of data. Internally it does the same as creating an Hash object, feeding it the data, and calculating the resulting digest.
UnsupportedAlgorithm | if the given algorithm is unknown or not supported by the underlying library |
LibraryError | if there was any unexpected exception in the underlying library |
data | The data to digest |
data_len | The length of the data |
hash_algorithm | The hash algorithm |
result | The digest will be appended to this buffer |
len | If this is non-zero and less than the output size, the result will be truncated to len bytes. If greater than output size (or equal to zero) only output size bytes are written |
Definition at line 20 of file crypto_hash.cc.
References isc::cryptolink::CryptoLink::getCryptoLink().
Referenced by isc::cryptolink::HashImpl::final(), isc::cryptolink::HashImpl::final(), isc::cryptolink::HashImpl::final(), isc::config::BaseCommandMgr::getHash(), isc::dns::TSIGContext::TSIGContextImpl::postVerifyUpdate(), isc::cryptolink::HMACImpl::sign(), isc::cryptolink::HMACImpl::sign(), isc::cryptolink::HMACImpl::sign(), isc::dns::TSIGContext::sign(), and isc::dns::TSIGContext::verify().
uint16_t isc::cryptolink::generateQid | ( | ) |
Generate a Qid.
Definition at line 31 of file crypto_rng.cc.
References random().
Referenced by isc::d2::NameChangeTransaction::prepNewRequest().
std::vector< uint8_t > isc::cryptolink::random | ( | size_t | len | ) |
Generate random value.
This is a convenience function that generate random data given a fixed amount of data. Internally it does the same as creating an RNG object and generating the resulting value.
LibraryError | if there was any unexpected exception in the underlying library |
len | The length of the data |
Definition at line 26 of file crypto_rng.cc.
References isc::cryptolink::CryptoLink::getCryptoLink().
Referenced by generateQid(), and isc::dhcp::AuthKey::getRandomKeyString().
void isc::cryptolink::signHMAC | ( | const void * | data, |
const size_t | data_len, | ||
const void * | secret, | ||
size_t | secret_len, | ||
const HashAlgorithm | hash_algorithm, | ||
isc::util::OutputBuffer & | result, | ||
size_t | len = 0 ) |
Create an HMAC signature for the given data.
This is a convenience function that calculates the HMAC signature, given a fixed amount of data. Internally it does the same as creating an HMAC object, feeding it the data, and calculating the resulting signature.
UnsupportedAlgorithm | if the given algorithm is unknown or not supported by the underlying library |
BadKey | if the given key secret_len is bad |
LibraryError | if there was any unexpected exception in the underlying library |
Notes: if the secret is longer than the block size of its algorithm, the constructor will run it through the hash algorithm, and use the digest as the secret for this HMAC operation
data | The data to sign |
data_len | The length of the data |
secret | The secret to sign with |
secret_len | The length of the secret |
hash_algorithm | The hash algorithm |
result | The signature will be appended to this buffer |
len | If this is non-zero and less than the output size, the result will be truncated to len bytes. If greater than output size (or equal to zero) only output size bytes are written |
Definition at line 20 of file crypto_hmac.cc.
References isc::cryptolink::CryptoLink::getCryptoLink().
bool isc::cryptolink::verifyHMAC | ( | const void * | data, |
const size_t | data_len, | ||
const void * | secret, | ||
size_t | secret_len, | ||
const HashAlgorithm | hash_algorithm, | ||
const void * | sig, | ||
const size_t | sig_len ) |
Verify an HMAC signature for the given data.
This is a convenience function that verifies an hmac signature, given a fixed amount of data. Internally it does the same as creating an HMAC object, feeding it the data, and checking the resulting signature at the exception a zero sig_len is internally replaced by the output size.
UnsupportedAlgorithm | if the given algorithm is unknown or not supported by the underlying library |
BadKey | if the given key secret_len is bad |
LibraryError | if there was any unexpected exception in the underlying library |
Notes: if the secret is longer than the block size of its algorithm, the constructor will run it through the hash algorithm, and use the digest as the secret for this HMAC operation
data | The data to verify |
data_len | The length of the data |
secret | The secret to sign with |
secret_len | The length of the secret |
hash_algorithm | The hash algorithm |
sig | The signature to verify |
sig_len | The length of the signature |
Definition at line 37 of file crypto_hmac.cc.
References isc::cryptolink::CryptoLink::getCryptoLink().