[trac781] make sig args for verify() also raw data

c374a5c5 · Jelte Jansen · cd3ce64a · c374a5c5 · c374a5c5 · c374a5c5
Commit c374a5c5 authored Apr 14, 2011 by Jelte Jansen
--- a/src/lib/crypto/crypto.cc
+++ b/src/lib/crypto/crypto.cc
@@ -138,11 +138,11 @@ signHMAC(const void* data, size_t data_len, TSIGKey key,

 bool
 verifyHMAC(const void* data, size_t data_len, TSIGKey key,
-           const isc::dns::OutputBuffer& result)
+           const void* sig, size_t sig_len)
 {
    HMAC hmac(key);
    hmac.update(data, data_len);
-    return (hmac.verify(result.getData(), result.getLength()));
+    return (hmac.verify(sig, sig_len));
 }

 } // namespace crypto

--- a/src/lib/crypto/crypto.h
+++ b/src/lib/crypto/crypto.h
@@ -138,7 +138,8 @@ void signHMAC(const void* data,
 bool verifyHMAC(const void* data,
                size_t data_len,
                isc::dns::TSIGKey key,
-                const isc::dns::OutputBuffer& mac);
+                const void* sig,
+                size_t sig_len);

 } // namespace crypto
 } // namespace isc

--- a/src/lib/crypto/tests/crypto_unittests.cc
+++ b/src/lib/crypto/tests/crypto_unittests.cc
@@ -49,13 +49,15 @@ namespace {

        // Check whether we can verify it ourselves
        EXPECT_TRUE(verifyHMAC(data_buf.getData(), data_buf.getLength(),
-                               key, hmac_sig));
+                               key, hmac_sig.getData(),
+                               hmac_sig.getLength()));

        // Change the sig by flipping the first octet, and check
        // whether verification fails then
        hmac_sig.writeUint8At(~hmac_sig[0], 0);
        EXPECT_FALSE(verifyHMAC(data_buf.getData(), data_buf.getLength(),
-                               key, hmac_sig));
+                               key, hmac_sig.getData(),
+                               hmac_sig.getLength()));
    }
 }

@@ -291,5 +293,6 @@ TEST(CryptoTest, BadKey) {
    EXPECT_THROW(signHMAC(data_buf.getData(), data_buf.getLength(),
                          bad_key, hmac_sig), BadKey);
    EXPECT_THROW(verifyHMAC(data_buf.getData(), data_buf.getLength(),
-                            bad_key, hmac_sig), BadKey);
+                            bad_key, hmac_sig.getData(),
+                            hmac_sig.getLength()), BadKey);
 }