[trac781] add a Crypto class for initialization (instead of static)

0334c179 · Jelte Jansen · 40f4efbb · 0334c179 · 0334c179 · 0334c179
Commit 0334c179 authored Apr 18, 2011 by Jelte Jansen
--- a/src/lib/crypto/crypto.cc
+++ b/src/lib/crypto/crypto.cc
@@ -50,16 +50,30 @@ getBotanHashAlgorithmName(isc::crypto::HMAC::HashAlgorithm algorithm) {
    return "Unknown";
 }

-// Library needs to have been inited during the entire program
-// should we make this a singleton? (for hsm we'll need more
-// initialization, and dynamic loading)
-Botan::LibraryInitializer init;
-
 } // local namespace

 namespace isc {
 namespace crypto {

+// For Botan, we use the Crypto class object in RAII style
+class CryptoImpl {
+public:
+    CryptoImpl() { _botan_init.initialize(); };
+    ~CryptoImpl() { _botan_init.deinitialize(); };
+        
+private:
+    Botan::LibraryInitializer _botan_init;
+};
+
+Crypto::Crypto() {
+    impl_ = new CryptoImpl();
+}
+
+Crypto::~Crypto() {
+    delete impl_;
+}
+
+
 class HMACImpl {
 public:
    explicit HMACImpl(const void* secret, size_t secret_len,
@@ -75,7 +89,6 @@ public:

        hmac_ = new Botan::HMAC::HMAC(hash);

-        // Take the 'secret' from the key
        // If the key length is larger than the block size, we hash the
        // key itself first.
        try {

--- a/src/lib/crypto/crypto.h
+++ b/src/lib/crypto/crypto.h
@@ -48,6 +48,25 @@ public:
        CryptoError(file, line, what) {}
 };

+class CryptoImpl;
+
+/// \brief Initializer object
+///
+/// This object represents 'global' state for the backend crypto
+/// library, and must be initialized before any cryptographic calls
+/// are made. It may not be destroyed until all cryptographic objects
+/// are.
+/// Preferably, this object is created in the program's main() function
+// Internal note: we can use this class later to initialize and manage
+// dynamic (PKCS#11) libs
+class Crypto {
+public:
+    Crypto();
+    ~Crypto();
+private:
+    CryptoImpl* impl_;
+};
+
 /// Forward declaration, pimpl style
 class HMACImpl;


--- a/src/lib/crypto/tests/crypto_unittests.cc
+++ b/src/lib/crypto/tests/crypto_unittests.cc
@@ -23,7 +23,6 @@ using namespace isc::dns;
 using namespace isc::crypto;

 namespace {
-    
    void checkBuffer(const OutputBuffer& buf, uint8_t *data, size_t len) {
        ASSERT_EQ(len, buf.getLength());
        const uint8_t* buf_d = static_cast<const uint8_t*>(buf.getData());

--- a/src/lib/crypto/tests/run_unittests.cc
+++ b/src/lib/crypto/tests/run_unittests.cc
@@ -15,10 +15,12 @@
 #include <gtest/gtest.h>

 #include <dns/tests/unittest_util.h>
+#include <crypto/crypto.h>

 int
 main(int argc, char* argv[]) {
    ::testing::InitGoogleTest(&argc, argv);
-
+    isc::crypto::Crypto crypto;
+    
    return (RUN_ALL_TESTS());
 }