Kea 2.5.8
isc::cryptolink Namespace Reference

Namespaces

 
 

Classes

class  BadKey
 This exception is thrown when the underlying library could not handle the key data. More...
 
class  CryptoLink
 Singleton entry point and factory class. More...
 
class  CryptoLinkError
 General exception class that is the base for all crypto-related exceptions. More...
 
class  CryptoLinkImpl
 
class  Hash
 Hash support. More...
 
class  HashImpl
 Botan implementation of Hash. More...
 
class  HMAC
 HMAC support. More...
 
class  HMACImpl
 Botan implementation of HMAC. More...
 
class  InitializationError
 This exception is thrown if there was a problem initializing the crypto library. More...
 
class  LibraryError
 This exception is raised when a general error that was not specifically caught is thrown by the underlying library. More...
 
class  RNG
 RNG support. More...
 
class  RNGImpl
 Botan implementation of RNG. More...
 
class  UnsupportedAlgorithm
 This exception is thrown when a cryptographic action is requested for an algorithm that is not supported by the underlying library. More...
 

Typedefs

typedef boost::shared_ptr< CryptoLinkImplCryptoLinkImplPtr
 Type representing the pointer to the CryptoLinkImpl.
 
typedef boost::shared_ptr< RNGRNGPtr
 Type representing the pointer to the RNG.
 

Enumerations

enum  HashAlgorithm {
  UNKNOWN_HASH = 0 , MD5 = 1 , SHA1 = 2 , SHA256 = 3 ,
  SHA224 = 4 , SHA384 = 5 , SHA512 = 6
}
 Hash algorithm identifiers. More...
 

Functions

void deleteHash (Hash *hash)
 Delete an Hash object.
 
void deleteHMAC (HMAC *hmac)
 Delete an HMAC object.
 
void digest (const void *data, const size_t data_len, const HashAlgorithm hash_algorithm, isc::util::OutputBuffer &result, size_t len=0)
 Create an Hash digest for the given data.
 
uint16_t generateQid ()
 Generate a Qid.
 
std::vector< uint8_t > random (size_t len)
 Generate random value.
 
void signHMAC (const void *data, const size_t data_len, const void *secret, size_t secret_len, const HashAlgorithm hash_algorithm, isc::util::OutputBuffer &result, size_t len=0)
 Create an HMAC signature for the given data.
 
bool verifyHMAC (const void *data, const size_t data_len, const void *secret, size_t secret_len, const HashAlgorithm hash_algorithm, const void *sig, const size_t sig_len)
 Verify an HMAC signature for the given data.
 

Typedef Documentation

◆ CryptoLinkImplPtr

Type representing the pointer to the CryptoLinkImpl.

Definition at line 97 of file cryptolink.h.

◆ RNGPtr

typedef boost::shared_ptr<RNG> isc::cryptolink::RNGPtr

Type representing the pointer to the RNG.

Definition at line 49 of file cryptolink.h.

Enumeration Type Documentation

◆ HashAlgorithm

Hash algorithm identifiers.

Enumerator
UNKNOWN_HASH 

This value can be used in conversion functions, to be returned when the input is unknown (but a value MUST be returned), for instance when the input is a Name or a string, and the return value is a HashAlgorithm.

MD5 

MD5.

SHA1 

SHA-1.

SHA256 

SHA-256.

SHA224 

SHA-224.

SHA384 

SHA-384.

SHA512 

SHA-512.

Definition at line 23 of file cryptolink.h.

Function Documentation

◆ deleteHash()

void isc::cryptolink::deleteHash ( Hash hash)

Delete an Hash object.

Definition at line 34 of file crypto_hash.cc.

◆ deleteHMAC()

void isc::cryptolink::deleteHMAC ( HMAC hmac)

◆ digest()

void isc::cryptolink::digest ( const void *  data,
const size_t  data_len,
const HashAlgorithm  hash_algorithm,
isc::util::OutputBuffer result,
size_t  len = 0 
)

Create an Hash digest for the given data.

This is a convenience function that calculates the hash digest, given a fixed amount of data. Internally it does the same as creating an Hash object, feeding it the data, and calculating the resulting digest.

Exceptions
UnsupportedAlgorithmif the given algorithm is unknown or not supported by the underlying library
LibraryErrorif there was any unexpected exception in the underlying library
Parameters
dataThe data to digest
data_lenThe length of the data
hash_algorithmThe hash algorithm
resultThe digest will be appended to this buffer
lenIf this is non-zero and less than the output size, the result will be truncated to len bytes. If greater than output size (or equal to zero) only output size bytes are written

Definition at line 20 of file crypto_hash.cc.

References isc::cryptolink::CryptoLink::getCryptoLink().

Referenced by isc::cryptolink::HashImpl::final(), isc::config::BaseCommandMgr::getHash(), isc::dns::TSIGContext::TSIGContextImpl::postVerifyUpdate(), isc::dns::TSIGContext::sign(), isc::cryptolink::HMACImpl::sign(), and isc::dns::TSIGContext::verify().

+ Here is the call graph for this function:

◆ generateQid()

uint16_t isc::cryptolink::generateQid ( )

Generate a Qid.

Returns
A random Qid

Definition at line 31 of file crypto_rng.cc.

References random().

Referenced by isc::d2::NameChangeTransaction::prepNewRequest().

+ Here is the call graph for this function:

◆ random()

std::vector< uint8_t > isc::cryptolink::random ( size_t  len)

Generate random value.

This is a convenience function that generate random data given a fixed amount of data. Internally it does the same as creating an RNG object and generating the resulting value.

Exceptions
LibraryErrorif there was any unexpected exception in the underlying library
Parameters
lenThe length of the data

Definition at line 26 of file crypto_rng.cc.

References isc::cryptolink::CryptoLink::getCryptoLink().

Referenced by generateQid(), and isc::dhcp::AuthKey::getRandomKeyString().

+ Here is the call graph for this function:

◆ signHMAC()

void isc::cryptolink::signHMAC ( const void *  data,
const size_t  data_len,
const void *  secret,
size_t  secret_len,
const HashAlgorithm  hash_algorithm,
isc::util::OutputBuffer result,
size_t  len = 0 
)

Create an HMAC signature for the given data.

This is a convenience function that calculates the HMAC signature, given a fixed amount of data. Internally it does the same as creating an HMAC object, feeding it the data, and calculating the resulting signature.

Exceptions
UnsupportedAlgorithmif the given algorithm is unknown or not supported by the underlying library
BadKeyif the given key secret_len is bad
LibraryErrorif there was any unexpected exception in the underlying library

Notes: if the secret is longer than the block size of its algorithm, the constructor will run it through the hash algorithm, and use the digest as the secret for this HMAC operation

Parameters
dataThe data to sign
data_lenThe length of the data
secretThe secret to sign with
secret_lenThe length of the secret
hash_algorithmThe hash algorithm
resultThe signature will be appended to this buffer
lenIf this is non-zero and less than the output size, the result will be truncated to len bytes. If greater than output size (or equal to zero) only output size bytes are written

Definition at line 20 of file crypto_hmac.cc.

References isc::cryptolink::CryptoLink::getCryptoLink().

+ Here is the call graph for this function:

◆ verifyHMAC()

bool isc::cryptolink::verifyHMAC ( const void *  data,
const size_t  data_len,
const void *  secret,
size_t  secret_len,
const HashAlgorithm  hash_algorithm,
const void *  sig,
const size_t  sig_len 
)

Verify an HMAC signature for the given data.

This is a convenience function that verifies an hmac signature, given a fixed amount of data. Internally it does the same as creating an HMAC object, feeding it the data, and checking the resulting signature at the exception a zero sig_len is internally replaced by the output size.

Exceptions
UnsupportedAlgorithmif the given algorithm is unknown or not supported by the underlying library
BadKeyif the given key secret_len is bad
LibraryErrorif there was any unexpected exception in the underlying library

Notes: if the secret is longer than the block size of its algorithm, the constructor will run it through the hash algorithm, and use the digest as the secret for this HMAC operation

Parameters
dataThe data to verify
data_lenThe length of the data
secretThe secret to sign with
secret_lenThe length of the secret
hash_algorithmThe hash algorithm
sigThe signature to verify
sig_lenThe length of the signature
Returns
True if the signature verifies, false if not

Definition at line 37 of file crypto_hmac.cc.

References isc::cryptolink::CryptoLink::getCryptoLink().

+ Here is the call graph for this function: