Commit 4eda7bbc authored by Jelte Jansen's avatar Jelte Jansen
Browse files

[trac781] rename 'crypto' to cryptolink

renamed the directory, libname, namespace and main class
parent 122d4778
...@@ -699,8 +699,8 @@ AC_CONFIG_FILES([Makefile ...@@ -699,8 +699,8 @@ AC_CONFIG_FILES([Makefile
src/lib/config/Makefile src/lib/config/Makefile
src/lib/config/tests/Makefile src/lib/config/tests/Makefile
src/lib/config/tests/testdata/Makefile src/lib/config/tests/testdata/Makefile
src/lib/crypto/Makefile src/lib/cryptolink/Makefile
src/lib/crypto/tests/Makefile src/lib/cryptolink/tests/Makefile
src/lib/dns/Makefile src/lib/dns/Makefile
src/lib/dns/tests/Makefile src/lib/dns/tests/Makefile
src/lib/dns/tests/testdata/Makefile src/lib/dns/tests/testdata/Makefile
......
SUBDIRS = exceptions dns crypto cc config python xfr bench log \ SUBDIRS = exceptions dns cryptolink cc config python xfr bench log \
asiolink nsas cache resolve testutils datasrc server_common asiolink nsas cache resolve testutils datasrc server_common
...@@ -6,7 +6,7 @@ AM_CXXFLAGS = $(B10_CXXFLAGS) ...@@ -6,7 +6,7 @@ AM_CXXFLAGS = $(B10_CXXFLAGS)
CLEANFILES = *.gcno *.gcda CLEANFILES = *.gcno *.gcda
lib_LTLIBRARIES = libb10crypto.la lib_LTLIBRARIES = libcryptolink.la
libb10crypto_la_SOURCES = crypto.h crypto.cc libcryptolink_la_SOURCES = crypto.h crypto.cc
libb10crypto_la_SOURCES += crypto_hmac.h crypto_hmac.cc libcryptolink_la_SOURCES += crypto_hmac.h crypto_hmac.cc
...@@ -34,45 +34,47 @@ using namespace isc::dns; ...@@ -34,45 +34,47 @@ using namespace isc::dns;
namespace isc { namespace isc {
namespace crypto { namespace cryptolink {
// For Botan, we use the Crypto class object in RAII style // For Botan, we use the CryptoLink class object in RAII style
class CryptoImpl { class CryptoLinkImpl {
private: private:
Botan::LibraryInitializer _botan_init; Botan::LibraryInitializer _botan_init;
}; };
Crypto::~Crypto() { CryptoLink::~CryptoLink() {
delete impl_; delete impl_;
} }
Crypto& CryptoLink&
Crypto::getCrypto() { CryptoLink::getCryptoLink() {
Crypto &c = getCryptoInternal(); CryptoLink &c = getCryptoLinkInternal();
if (!c.impl_) { if (!c.impl_) {
c.initialize(); c.initialize();
} }
return c; return c;
} }
Crypto& CryptoLink&
Crypto::getCryptoInternal() { CryptoLink::getCryptoLinkInternal() {
static Crypto instance; static CryptoLink instance;
return (instance); return (instance);
} }
void void
Crypto::initialize() { CryptoLink::initialize() {
Crypto& c = getCryptoInternal(); CryptoLink& c = getCryptoLinkInternal();
try { if (!c.impl_) {
c.impl_ = new CryptoImpl(); try {
} catch (const Botan::Exception& ex) { c.impl_ = new CryptoLinkImpl();
isc_throw(InitializationError, ex.what()); } catch (const Botan::Exception& ex) {
isc_throw(InitializationError, ex.what());
}
} }
} }
HMAC* HMAC*
Crypto::createHMAC(const void* secret, size_t secret_len, CryptoLink::createHMAC(const void* secret, size_t secret_len,
const HMAC::HashAlgorithm hash_algorithm) { const HMAC::HashAlgorithm hash_algorithm) {
return new HMAC(secret, secret_len, hash_algorithm); return new HMAC(secret, secret_len, hash_algorithm);
} }
...@@ -82,7 +84,7 @@ signHMAC(const void* data, size_t data_len, const void* secret, ...@@ -82,7 +84,7 @@ signHMAC(const void* data, size_t data_len, const void* secret,
size_t secret_len, const HMAC::HashAlgorithm hash_algorithm, size_t secret_len, const HMAC::HashAlgorithm hash_algorithm,
isc::dns::OutputBuffer& result, size_t len) isc::dns::OutputBuffer& result, size_t len)
{ {
boost::scoped_ptr<HMAC> hmac(Crypto::getCrypto().createHMAC(secret, secret_len, hash_algorithm)); boost::scoped_ptr<HMAC> hmac(CryptoLink::getCryptoLink().createHMAC(secret, secret_len, hash_algorithm));
hmac->update(data, data_len); hmac->update(data, data_len);
hmac->sign(result, len); hmac->sign(result, len);
} }
...@@ -93,11 +95,11 @@ verifyHMAC(const void* data, const size_t data_len, const void* secret, ...@@ -93,11 +95,11 @@ verifyHMAC(const void* data, const size_t data_len, const void* secret,
size_t secret_len, const HMAC::HashAlgorithm hash_algorithm, size_t secret_len, const HMAC::HashAlgorithm hash_algorithm,
const void* sig, const size_t sig_len) const void* sig, const size_t sig_len)
{ {
boost::scoped_ptr<HMAC> hmac(Crypto::getCrypto().createHMAC(secret, secret_len, hash_algorithm)); boost::scoped_ptr<HMAC> hmac(CryptoLink::getCryptoLink().createHMAC(secret, secret_len, hash_algorithm));
hmac->update(data, data_len); hmac->update(data, data_len);
return (hmac->verify(sig, sig_len)); return (hmac->verify(sig, sig_len));
} }
} // namespace crypto } // namespace cryptolink
} // namespace isc } // namespace isc
...@@ -21,70 +21,100 @@ ...@@ -21,70 +21,100 @@
#include <boost/noncopyable.hpp> #include <boost/noncopyable.hpp>
#include <crypto/crypto_hmac.h> #include <cryptolink/crypto_hmac.h>
namespace isc { namespace isc {
namespace crypto { namespace cryptolink {
/// General exception class that is the base for all crypto-related /// General exception class that is the base for all crypto-related
/// exceptions /// exceptions
class CryptoError : public Exception { class CryptoLinkError : public Exception {
public: public:
CryptoError(const char* file, size_t line, const char* what) : CryptoLinkError(const char* file, size_t line, const char* what) :
isc::Exception(file, line, what) {} isc::Exception(file, line, what) {}
}; };
/// This exception is thrown if there was a problem initializing the /// This exception is thrown if there was a problem initializing the
/// crypto library /// crypto library
class InitializationError : public CryptoError { class InitializationError : public CryptoLinkError {
public: public:
InitializationError(const char* file, size_t line, const char* what) : InitializationError(const char* file, size_t line, const char* what) :
CryptoError(file, line, what) {} CryptoLinkError(file, line, what) {}
}; };
/// This exception is thrown when a cryptographic action is requested /// This exception is thrown when a cryptographic action is requested
/// for an algorithm that is not supported by the underlying algorithm. /// for an algorithm that is not supported by the underlying algorithm.
class UnsupportedAlgorithm : public CryptoError { class UnsupportedAlgorithm : public CryptoLinkError {
public: public:
UnsupportedAlgorithm(const char* file, size_t line, const char* what) : UnsupportedAlgorithm(const char* file, size_t line, const char* what) :
CryptoError(file, line, what) {} CryptoLinkError(file, line, what) {}
}; };
/// This exception is thrown when the underlying library could not /// This exception is thrown when the underlying library could not
/// handle this key /// handle this key
class BadKey : public CryptoError { class BadKey : public CryptoLinkError {
public: public:
BadKey(const char* file, size_t line, const char* what) : BadKey(const char* file, size_t line, const char* what) :
CryptoError(file, line, what) {} CryptoLinkError(file, line, what) {}
}; };
class CryptoImpl; class CryptoLinkImpl;
/// \brief Initializer object /// \brief
///
/// This is singleton class that serves as the entry point to
/// the underlying cryptography library, and as a factory for objects
/// within the cryptolink library.
///
/// There is only one way to access it, through getCryptoLink(), which
/// returns a reference to the initialized library. On the first call,
/// it will be initialized automatically. You can however initialize it
/// manually through a call to the initalize(). Any subsequent call to
/// initialize() will be a noop.
///
/// All other classes within cryptolink should have private
/// constructors, and should have a factory function from this class.
/// ///
/// This object represents 'global' state for the backend crypto
/// library, and must be initialized before any cryptographic calls
/// are made. It may not be destroyed until all cryptographic objects
/// are.
/// Preferably, this object is created in the program's main() function
// Internal note: we can use this class later to initialize and manage // Internal note: we can use this class later to initialize and manage
// dynamic (PKCS#11) libs // dynamic (PKCS#11) libs
class Crypto : private boost::noncopyable { class CryptoLink : private boost::noncopyable {
public: public:
static Crypto& getCrypto(); /// \brief Returns a reference to the singleton instance
///
/// If the library has not been initialized yet, it will be
/// initialized with some default values.
static CryptoLink& getCryptoLink();
/// \brief Initialize the library manually
///
/// \note A call to initialize() is not strictly necessary with
/// the current implementation.
static void initialize(); static void initialize();
bool initialized() { return (impl_ != NULL); } /// \brief Factory function for HMAC objects
///
/// CryptoLink objects cannot be constructed directly. This
/// function creates a new HMAC object usable for signing or
/// verification.
///
/// The caller is responsible for deleting the object later, and
/// it is therefore highly recommended to place the return value
/// of this function in a scoped_ptr or shared_ptr.
HMAC* createHMAC(const void* secret, size_t secret_len, HMAC* createHMAC(const void* secret, size_t secret_len,
const HMAC::HashAlgorithm hash_algorithm); const HMAC::HashAlgorithm hash_algorithm);
private: private:
static Crypto& getCryptoInternal(); // To enable us to use an optional explicit initialization call,
Crypto() : impl_(NULL) {}; // the 'real' instance getter is private
~Crypto(); static CryptoLink& getCryptoLinkInternal();
// To prevent people constructing their own, we make the constructor
// private too.
CryptoLink() : impl_(NULL) {};
~CryptoLink();
CryptoImpl* impl_; CryptoLinkImpl* impl_;
}; };
/// Entry point for the API /// Entry point for the API
...@@ -155,7 +185,7 @@ bool verifyHMAC(const void* data, ...@@ -155,7 +185,7 @@ bool verifyHMAC(const void* data,
const void* sig, const void* sig,
const size_t sig_len); const size_t sig_len);
} // namespace crypto } // namespace cryptolink
} // namespace isc } // namespace isc
#endif // _ISC_CRYPTO_H #endif // _ISC_CRYPTO_H
#include <crypto.h> #include <crypto.h>
#include <crypto/crypto_hmac.h>
#include <boost/scoped_ptr.hpp> #include <boost/scoped_ptr.hpp>
...@@ -11,18 +10,18 @@ ...@@ -11,18 +10,18 @@
namespace { namespace {
const char* const char*
getBotanHashAlgorithmName(isc::crypto::HMAC::HashAlgorithm algorithm) { getBotanHashAlgorithmName(isc::cryptolink::HMAC::HashAlgorithm algorithm) {
switch (algorithm) { switch (algorithm) {
case isc::crypto::HMAC::MD5: case isc::cryptolink::HMAC::MD5:
return ("MD5"); return ("MD5");
break; break;
case isc::crypto::HMAC::SHA1: case isc::cryptolink::HMAC::SHA1:
return ("SHA-1"); return ("SHA-1");
break; break;
case isc::crypto::HMAC::SHA256: case isc::cryptolink::HMAC::SHA256:
return ("SHA-256"); return ("SHA-256");
break; break;
case isc::crypto::HMAC::UNKNOWN: case isc::cryptolink::HMAC::UNKNOWN:
return ("Unknown"); return ("Unknown");
break; break;
} }
...@@ -35,7 +34,7 @@ getBotanHashAlgorithmName(isc::crypto::HMAC::HashAlgorithm algorithm) { ...@@ -35,7 +34,7 @@ getBotanHashAlgorithmName(isc::crypto::HMAC::HashAlgorithm algorithm) {
namespace isc { namespace isc {
namespace crypto { namespace cryptolink {
class HMACImpl { class HMACImpl {
public: public:
...@@ -46,7 +45,7 @@ public: ...@@ -46,7 +45,7 @@ public:
hash = Botan::get_hash( hash = Botan::get_hash(
getBotanHashAlgorithmName(hash_algorithm)); getBotanHashAlgorithmName(hash_algorithm));
} catch (const Botan::Algorithm_Not_Found&) { } catch (const Botan::Algorithm_Not_Found&) {
isc_throw(isc::crypto::UnsupportedAlgorithm, isc_throw(isc::cryptolink::UnsupportedAlgorithm,
"Unknown hash algorithm: " + hash_algorithm); "Unknown hash algorithm: " + hash_algorithm);
} }
...@@ -164,5 +163,5 @@ HMAC::verify(const void* sig, const size_t len) { ...@@ -164,5 +163,5 @@ HMAC::verify(const void* sig, const size_t len) {
return (impl_->verify(sig, len)); return (impl_->verify(sig, len));
} }
} // namespace crypto } // namespace cryptolink
} // namespace isc } // namespace isc
...@@ -18,13 +18,13 @@ ...@@ -18,13 +18,13 @@
#include <boost/noncopyable.hpp> #include <boost/noncopyable.hpp>
#include <crypto/crypto.h> #include <cryptolink/crypto.h>
#ifndef _ISC_CRYPTO_HMAC_H #ifndef _ISC_CRYPTO_HMAC_H
#define _ISC_CRYPTO_HMAC_H #define _ISC_CRYPTO_HMAC_H
namespace isc { namespace isc {
namespace crypto { namespace cryptolink {
/// Forward declaration, pimpl style /// Forward declaration, pimpl style
class HMACImpl; class HMACImpl;
...@@ -48,7 +48,7 @@ public: ...@@ -48,7 +48,7 @@ public:
}; };
private: private:
friend class Crypto; friend class CryptoLink;
/// \brief Constructor from a secret and a hash algorithm /// \brief Constructor from a secret and a hash algorithm
/// ///
...@@ -127,7 +127,7 @@ private: ...@@ -127,7 +127,7 @@ private:
HMACImpl* impl_; HMACImpl* impl_;
}; };
} // namespace crypto } // namespace cryptolink
} // namespace isc } // namespace isc
#endif // __ISC_CRYPTO_HMAC #endif // __ISC_CRYPTO_HMAC
......
...@@ -18,7 +18,7 @@ run_unittests_SOURCES += crypto_unittests.cc ...@@ -18,7 +18,7 @@ run_unittests_SOURCES += crypto_unittests.cc
run_unittests_CPPFLAGS = $(AM_CPPFLAGS) $(GTEST_INCLUDES) run_unittests_CPPFLAGS = $(AM_CPPFLAGS) $(GTEST_INCLUDES)
run_unittests_LDFLAGS = $(AM_LDFLAGS) $(GTEST_LDFLAGS) run_unittests_LDFLAGS = $(AM_LDFLAGS) $(GTEST_LDFLAGS)
run_unittests_LDADD = $(GTEST_LDADD) run_unittests_LDADD = $(GTEST_LDADD)
run_unittests_LDADD += $(top_builddir)/src/lib/crypto/libb10crypto.la run_unittests_LDADD += $(top_builddir)/src/lib/cryptolink/libcryptolink.la
run_unittests_LDADD += $(top_builddir)/src/lib/dns/libdns++.la run_unittests_LDADD += $(top_builddir)/src/lib/dns/libdns++.la
run_unittests_LDADD += $(top_builddir)/src/lib/exceptions/libexceptions.la run_unittests_LDADD += $(top_builddir)/src/lib/exceptions/libexceptions.la
endif endif
......
...@@ -15,14 +15,14 @@ ...@@ -15,14 +15,14 @@
#include <config.h> #include <config.h>
#include <gtest/gtest.h> #include <gtest/gtest.h>
#include <crypto/crypto.h> #include <cryptolink/crypto.h>
#include <dns/buffer.h> #include <dns/buffer.h>
#include <exceptions/exceptions.h> #include <exceptions/exceptions.h>
#include <boost/scoped_ptr.hpp> #include <boost/scoped_ptr.hpp>
using namespace isc::dns; using namespace isc::dns;
using namespace isc::crypto; using namespace isc::cryptolink;
namespace { namespace {
void checkData(const uint8_t* data, const uint8_t* expected, void checkData(const uint8_t* data, const uint8_t* expected,
...@@ -85,7 +85,7 @@ namespace { ...@@ -85,7 +85,7 @@ namespace {
OutputBuffer hmac_sig(1); OutputBuffer hmac_sig(1);
// Sign it // Sign it
boost::scoped_ptr<HMAC> hmac_sign(Crypto::getCrypto().createHMAC(secret, secret_len, hash_algorithm)); boost::scoped_ptr<HMAC> hmac_sign(CryptoLink::getCryptoLink().createHMAC(secret, secret_len, hash_algorithm));
hmac_sign->update(data_buf.getData(), data_buf.getLength()); hmac_sign->update(data_buf.getData(), data_buf.getLength());
hmac_sign->sign(hmac_sig, hmac_len); hmac_sign->sign(hmac_sig, hmac_len);
...@@ -93,7 +93,7 @@ namespace { ...@@ -93,7 +93,7 @@ namespace {
checkBuffer(hmac_sig, expected_hmac, hmac_len); checkBuffer(hmac_sig, expected_hmac, hmac_len);
// Check whether we can verify it ourselves // Check whether we can verify it ourselves
boost::scoped_ptr<HMAC> hmac_verify(Crypto::getCrypto().createHMAC(secret, secret_len, hash_algorithm)); boost::scoped_ptr<HMAC> hmac_verify(CryptoLink::getCryptoLink().createHMAC(secret, secret_len, hash_algorithm));
hmac_verify->update(data_buf.getData(), data_buf.getLength()); hmac_verify->update(data_buf.getData(), data_buf.getLength());
EXPECT_TRUE(hmac_verify->verify(hmac_sig.getData(), EXPECT_TRUE(hmac_verify->verify(hmac_sig.getData(),
hmac_sig.getLength())); hmac_sig.getLength()));
...@@ -111,13 +111,13 @@ namespace { ...@@ -111,13 +111,13 @@ namespace {
const HMAC::HashAlgorithm hash_algorithm, const HMAC::HashAlgorithm hash_algorithm,
const uint8_t* expected_hmac, const uint8_t* expected_hmac,
size_t hmac_len) { size_t hmac_len) {
boost::scoped_ptr<HMAC> hmac_sign(Crypto::getCrypto().createHMAC(secret, secret_len, hash_algorithm)); boost::scoped_ptr<HMAC> hmac_sign(CryptoLink::getCryptoLink().createHMAC(secret, secret_len, hash_algorithm));
hmac_sign->update(data.c_str(), data.size()); hmac_sign->update(data.c_str(), data.size());
std::vector<uint8_t> sig = hmac_sign->sign(hmac_len); std::vector<uint8_t> sig = hmac_sign->sign(hmac_len);
ASSERT_EQ(hmac_len, sig.size()); ASSERT_EQ(hmac_len, sig.size());
checkData(&sig[0], expected_hmac, hmac_len); checkData(&sig[0], expected_hmac, hmac_len);
boost::scoped_ptr<HMAC> hmac_verify(Crypto::getCrypto().createHMAC(secret, secret_len, hash_algorithm)); boost::scoped_ptr<HMAC> hmac_verify(CryptoLink::getCryptoLink().createHMAC(secret, secret_len, hash_algorithm));
hmac_verify->update(data.c_str(), data.size()); hmac_verify->update(data.c_str(), data.size());
EXPECT_TRUE(hmac_verify->verify(&sig[0], sig.size())); EXPECT_TRUE(hmac_verify->verify(&sig[0], sig.size()));
...@@ -131,7 +131,7 @@ namespace { ...@@ -131,7 +131,7 @@ namespace {
const HMAC::HashAlgorithm hash_algorithm, const HMAC::HashAlgorithm hash_algorithm,
const uint8_t* expected_hmac, const uint8_t* expected_hmac,
size_t hmac_len) { size_t hmac_len) {
boost::scoped_ptr<HMAC> hmac_sign(Crypto::getCrypto().createHMAC(secret, secret_len, hash_algorithm)); boost::scoped_ptr<HMAC> hmac_sign(CryptoLink::getCryptoLink().createHMAC(secret, secret_len, hash_algorithm));
hmac_sign->update(data.c_str(), data.size()); hmac_sign->update(data.c_str(), data.size());
// note: this is not exception-safe, and will leak, but // note: this is not exception-safe, and will leak, but
...@@ -142,7 +142,7 @@ namespace { ...@@ -142,7 +142,7 @@ namespace {
hmac_sign->sign(sig, hmac_len); hmac_sign->sign(sig, hmac_len);
checkData(sig, expected_hmac, hmac_len); checkData(sig, expected_hmac, hmac_len);
boost::scoped_ptr<HMAC> hmac_verify(Crypto::getCrypto().createHMAC(secret, secret_len, hash_algorithm)); boost::scoped_ptr<HMAC> hmac_verify(CryptoLink::getCryptoLink().createHMAC(secret, secret_len, hash_algorithm));
hmac_verify->update(data.c_str(), data.size()); hmac_verify->update(data.c_str(), data.size());
EXPECT_TRUE(hmac_verify->verify(sig, hmac_len)); EXPECT_TRUE(hmac_verify->verify(sig, hmac_len));
...@@ -172,7 +172,7 @@ namespace { ...@@ -172,7 +172,7 @@ namespace {
// //
// Test values taken from RFC 2202 // Test values taken from RFC 2202
// //
TEST(CryptoTest, HMAC_MD5_RFC2202_SIGN) { TEST(CryptoLinkTest, HMAC_MD5_RFC2202_SIGN) {
const uint8_t secret[] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, const uint8_t secret[] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b }; 0x0b, 0x0b };
...@@ -244,7 +244,7 @@ TEST(CryptoTest, HMAC_MD5_RFC2202_SIGN) { ...@@ -244,7 +244,7 @@ TEST(CryptoTest, HMAC_MD5_RFC2202_SIGN) {
// //
// Test values taken from RFC 2202 // Test values taken from RFC 2202
// //
TEST(CryptoTest, HMAC_SHA1_RFC2202_SIGN) { TEST(CryptoLinkTest, HMAC_SHA1_RFC2202_SIGN) {
const uint8_t secret[] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, const uint8_t secret[] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b };
...@@ -318,7 +318,7 @@ TEST(CryptoTest, HMAC_SHA1_RFC2202_SIGN) { ...@@ -318,7 +318,7 @@ TEST(CryptoTest, HMAC_SHA1_RFC2202_SIGN) {
// //
// Test values taken from RFC 4231 // Test values taken from RFC 4231
// //
TEST(CryptoTest, HMAC_SHA256_RFC2202_SIGN) { TEST(CryptoLinkTest, HMAC_SHA256_RFC2202_SIGN) {
const uint8_t secret[] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, const uint8_t secret[] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b };
...