Commit a1703e5a authored by Jelte Jansen's avatar Jelte Jansen
Browse files

[trac781] some more updates (added doc and a few test changes)

parent 145a6173
......@@ -69,6 +69,17 @@ CryptoLink::createHMAC(const void* secret, size_t secret_len,
return (new HMAC(secret, secret_len, hash_algorithm));
}
auto_ptr<HMAC>
CryptoLink::createHMAC2(const void* secret, size_t secret_len,
const HMAC::HashAlgorithm hash_algorithm)
{
std::auto_ptr<HMAC> asdf(new HMAC(secret, secret_len, hash_algorithm));
return asdf;
//return asdf;
//HMAC* h = createHMAC(secret, secret_len, hash_algorithm);
//return (boost::scoped_ptr<HMAC>(h));
}
} // namespace cryptolink
} // namespace isc
......@@ -20,9 +20,11 @@
#include <exceptions/exceptions.h>
#include <boost/noncopyable.hpp>
#include <boost/scoped_ptr.hpp>
#include <cryptolink/crypto_hmac.h>
#include <memory>
namespace isc {
namespace cryptolink {
......@@ -72,9 +74,9 @@ public:
/// Forward declaration for pimpl
class CryptoLinkImpl;
/// \brief
/// \brief Singleton entry point and factory class
///
/// This is singleton class that serves as the entry point to
/// This is a singleton class that serves as the entry point to
/// the underlying cryptography library, and as a factory for objects
/// within the cryptolink library.
///
......@@ -85,9 +87,21 @@ class CryptoLinkImpl;
/// to getCryptoLink. Any subsequent call to initialize() will be a
/// noop.
///
/// In order for the CryptoLink library to be sure that the underlying
/// library has been initialized, and because we do not want to add
/// such a check to every class and function within it, we have made
/// the constructors of all classes within cryptolink private. This way
/// a caller cannot instantiate an object before the library is
/// initialized, but must use CryptoLink's create method (e.g.
/// createHMAC()), which enforces (automatic) initialization.
///
/// In order for the CryptoLink class to be able to create objects that
/// have private constructors, it is declared a friend class of these
/// classes.
///
/// \note All other classes within cryptolink should have private
/// constructors as well, and should have a factory function from this
/// class.
/// constructors as well, and should have a factory function from
/// CryptoLink.
///
// Internal note: we can use this class later to initialize and manage
// dynamic (PKCS#11) libs
......@@ -145,6 +159,8 @@ public:
/// \param hash_algorithm The hash algorithm
HMAC* createHMAC(const void* secret, size_t secret_len,
const HMAC::HashAlgorithm hash_algorithm);
std::auto_ptr<HMAC> createHMAC2(const void* secret, size_t secret_len,
const HMAC::HashAlgorithm hash_algorithm);
private:
// To enable us to use an optional explicit initialization call,
......
......@@ -147,7 +147,7 @@ namespace {
hash_algorithm));
hmac_sign->update(data.c_str(), data.size());
// note: this is not exception-safe, and will leak, but
// note: this is not exception-safe, and can leak, but
// if there is an unexpected exception in the code below we
// have more important things to fix.
uint8_t* sig = new uint8_t[hmac_len];
......@@ -204,7 +204,6 @@ TEST(CryptoLinkTest, HMAC_MD5_RFC2202_SIGN) {
doHMACTest("what do ya want for nothing?", "Jefe", 4, HMAC::MD5,
hmac_expected2, 16);
const std::string data3(50, 0xdd);
const uint8_t secret3[] = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa };
......@@ -212,7 +211,7 @@ TEST(CryptoLinkTest, HMAC_MD5_RFC2202_SIGN) {
0x14, 0x4c, 0x88, 0xdb, 0xb8,
0xc7, 0x33, 0xf0, 0xe8, 0xb3,
0xf6};
doHMACTest(data3, secret3, 16, HMAC::MD5, hmac_expected3, 16);
doHMACTest(std::string(50, 0xdd), secret3, 16, HMAC::MD5, hmac_expected3, 16);
const std::string data4(50, 0xcd);
const uint8_t secret4[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
......@@ -238,22 +237,20 @@ TEST(CryptoLinkTest, HMAC_MD5_RFC2202_SIGN) {
doHMACTest("Test With Truncation", secret5, 16, HMAC::MD5,
hmac_expected5, 12);
const std::string secret6(80, 0xaa);
const uint8_t hmac_expected6[] = { 0x6b, 0x1a, 0xb7, 0xfe, 0x4b,
0xd7, 0xbf, 0x8f, 0x0b, 0x62,
0xe6, 0xce, 0x61, 0xb9, 0xd0,
0xcd };
doHMACTest("Test Using Larger Than Block-Size Key - Hash Key First",
secret6.c_str(), 80, HMAC::MD5, hmac_expected6, 16);
std::string(80, 0xaa).c_str(), 80, HMAC::MD5, hmac_expected6, 16);
// same secret as for test 6
const uint8_t hmac_expected7[] = { 0x6f, 0x63, 0x0f, 0xad, 0x67,
0xcd, 0xa0, 0xee, 0x1f, 0xb1,
0xf5, 0x62, 0xdb, 0x3a, 0xa5,
0x3e };
doHMACTest("Test Using Larger Than Block-Size Key and Larger Than "
"One Block-Size Data",
secret6.c_str(), 80, HMAC::MD5, hmac_expected7, 16);
std::string(80, 0xaa).c_str(), 80, HMAC::MD5, hmac_expected7, 16);
}
//
......@@ -276,7 +273,6 @@ TEST(CryptoLinkTest, HMAC_SHA1_RFC2202_SIGN) {
doHMACTest("what do ya want for nothing?", "Jefe", 4, HMAC::SHA1,
hmac_expected2, 20);
const std::string data3(50, 0xdd);
const uint8_t secret3[] = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
......@@ -285,9 +281,8 @@ TEST(CryptoLinkTest, HMAC_SHA1_RFC2202_SIGN) {
0xac, 0x11, 0xcd, 0x91, 0xa3,
0x9a, 0xf4, 0x8a, 0xa1, 0x7b,
0x4f, 0x63, 0xf1, 0x75, 0xd3 };
doHMACTest(data3, secret3, 20, HMAC::SHA1, hmac_expected3, 20);
doHMACTest(std::string(50, 0xdd), secret3, 20, HMAC::SHA1, hmac_expected3, 20);
const std::string data4(50, 0xcd);
const uint8_t secret4[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12,
......@@ -297,7 +292,7 @@ TEST(CryptoLinkTest, HMAC_SHA1_RFC2202_SIGN) {
0x62, 0x50, 0xc6, 0xbc, 0x84,
0x14, 0xf9, 0xbf, 0x50, 0xc8,
0x6c, 0x2d, 0x72, 0x35, 0xda };
doHMACTest(data4, secret4, 25, HMAC::SHA1, hmac_expected4, 20);
doHMACTest(std::string(50, 0xcd), secret4, 25, HMAC::SHA1, hmac_expected4, 20);
const uint8_t secret5[] = { 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
......@@ -312,22 +307,20 @@ TEST(CryptoLinkTest, HMAC_SHA1_RFC2202_SIGN) {
doHMACTest("Test With Truncation", secret5, 20, HMAC::SHA1,
hmac_expected5, 12);
const std::string secret6(80, 0xaa);
const uint8_t hmac_expected6[] = { 0xaa, 0x4a, 0xe5, 0xe1, 0x52,
0x72, 0xd0, 0x0e, 0x95, 0x70,
0x56, 0x37, 0xce, 0x8a, 0x3b,
0x55, 0xed, 0x40, 0x21, 0x12 };
doHMACTest("Test Using Larger Than Block-Size Key - Hash Key First",
secret6.c_str(), 80, HMAC::SHA1, hmac_expected6, 20);
std::string(80, 0xaa).c_str(), 80, HMAC::SHA1, hmac_expected6, 20);
// same secret as for test 6
const uint8_t hmac_expected7[] = { 0xe8, 0xe9, 0x9d, 0x0f, 0x45,
0x23, 0x7d, 0x78, 0x6d, 0x6b,
0xba, 0xa7, 0x96, 0x5c, 0x78,
0x08, 0xbb, 0xff, 0x1a, 0x91 };
doHMACTest("Test Using Larger Than Block-Size Key and Larger Than "
"One Block-Size Data",
secret6.c_str(), 80, HMAC::SHA1, hmac_expected7, 20);
std::string(80, 0xaa).c_str(), 80, HMAC::SHA1, hmac_expected7, 20);
}
//
......@@ -356,7 +349,6 @@ TEST(CryptoLinkTest, HMAC_SHA256_RFC2202_SIGN) {
doHMACTest("what do ya want for nothing?", "Jefe", 4, HMAC::SHA256,
hmac_expected2, 32);
const std::string data3(50, 0xdd);
const uint8_t secret3[] = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
......@@ -368,9 +360,8 @@ TEST(CryptoLinkTest, HMAC_SHA256_RFC2202_SIGN) {
0x3e, 0xf8, 0xc1, 0x22, 0xd9,
0x63, 0x55, 0x14, 0xce, 0xd5,
0x65, 0xfe };
doHMACTest(data3, secret3, 20, HMAC::SHA256, hmac_expected3, 32);
doHMACTest(std::string(50, 0xdd), secret3, 20, HMAC::SHA256, hmac_expected3, 32);
const std::string data4(50, 0xcd);
const uint8_t secret4[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12,
......@@ -383,7 +374,7 @@ TEST(CryptoLinkTest, HMAC_SHA256_RFC2202_SIGN) {
0xe5, 0x78, 0xf8, 0x07, 0x7a,
0x2e, 0x3f, 0xf4, 0x67, 0x29,
0x66, 0x5b };
doHMACTest(data4, secret4, 25, HMAC::SHA256, hmac_expected4, 32);
doHMACTest(std::string(50, 0xcd), secret4, 25, HMAC::SHA256, hmac_expected4, 32);
const uint8_t secret5[] = { 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
......@@ -396,7 +387,6 @@ TEST(CryptoLinkTest, HMAC_SHA256_RFC2202_SIGN) {
doHMACTest("Test With Truncation", secret5, 20, HMAC::SHA256,
hmac_expected5, 16);
const std::string secret6(131, 0xaa);
const uint8_t hmac_expected6[] = { 0x60, 0xe4, 0x31, 0x59, 0x1e,
0xe0, 0xb6, 0x7f, 0x0d, 0x8a,
0x26, 0xaa, 0xcb, 0xf5, 0xb7,
......@@ -405,9 +395,8 @@ TEST(CryptoLinkTest, HMAC_SHA256_RFC2202_SIGN) {
0x46, 0x04, 0x0f, 0x0e, 0xe3,
0x7f, 0x54 };
doHMACTest("Test Using Larger Than Block-Size Key - Hash Key First",
secret6.c_str(), 131, HMAC::SHA256, hmac_expected6, 32);
std::string(131, 0xaa).c_str(), 131, HMAC::SHA256, hmac_expected6, 32);
// Same secret as test 6
const uint8_t hmac_expected7[] = { 0x9b, 0x09, 0xff, 0xa7, 0x1b,
0x94, 0x2f, 0xcb, 0x27, 0x63,
0x5f, 0xbc, 0xd5, 0xb0, 0xe9,
......@@ -418,14 +407,16 @@ TEST(CryptoLinkTest, HMAC_SHA256_RFC2202_SIGN) {
doHMACTest("This is a test using a larger than block-size key and a"
" larger than block-size data. The key needs to be hashe"
"d before being used by the HMAC algorithm.",
secret6.c_str(), 131, HMAC::SHA256, hmac_expected7, 32);
std::string(131, 0xaa).c_str(), 131, HMAC::SHA256, hmac_expected7, 32);
}
namespace {
size_t
sigVectorLength(HMAC::HashAlgorithm alg, size_t len) {
boost::scoped_ptr<HMAC> hmac_sign(
std::auto_ptr<HMAC> hmac_sign(
CryptoLink::getCryptoLink().createHMAC("asdf", 4, alg));
//boost::scoped_ptr<HMAC> hmac_sign(
// CryptoLink::getCryptoLink().createHMAC("asdf", 4, alg));
hmac_sign->update("asdf", 4);
const std::vector<uint8_t> sig = hmac_sign->sign(len);
return (sig.size());
......
......@@ -15,6 +15,7 @@
#include <map>
#include <utility>
#include <vector>
#include <sstream>
#include <exceptions/exceptions.h>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment