Commit 8cf2ee46 authored by Francis Dupont's avatar Francis Dupont
Browse files

[trac3471] cryptolink code cleanup

parent 456f65e5
836. [bug] fdupont
Moved duplicated getXXXHashAlgorithm() function to new
xxx_common.h include files in the cryptolink library.
(Trac #3471, git xxx)
835. [build] fdupont
The configure script checks if OpenSSL supports SHA-2, in order
to avoid very old (and likely subject to unfixed security bugs)
......
......@@ -13,11 +13,13 @@ libkea_cryptolink_la_SOURCES += crypto_hash.h crypto_hash.cc
libkea_cryptolink_la_SOURCES += crypto_hmac.h crypto_hmac.cc
if HAVE_BOTAN
libkea_cryptolink_la_SOURCES += botan_link.cc
libkea_cryptolink_la_SOURCES += botan_common.h
libkea_cryptolink_la_SOURCES += botan_hash.cc
libkea_cryptolink_la_SOURCES += botan_hmac.cc
endif
if HAVE_OPENSSL
libkea_cryptolink_la_SOURCES += openssl_link.cc
libkea_cryptolink_la_SOURCES += openssl_common.h
libkea_cryptolink_la_SOURCES += openssl_hash.cc
libkea_cryptolink_la_SOURCES += openssl_hmac.cc
endif
......
// Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
// PERFORMANCE OF THIS SOFTWARE.
namespace isc {
namespace cryptolink {
/// @brief Decode the HashAlgorithm enum into a name usable by Botan
///
/// @param algorithm algorithm to be converted
/// @return static text representation of the algorithm name
const char*
getBotanHashAlgorithmName(isc::cryptolink::HashAlgorithm algorithm);
} // namespace cryptolink
} // namespace isc
......@@ -22,9 +22,13 @@
#include <botan/hash.h>
#include <botan/types.h>
#include <cryptolink/botan_common.h>
#include <cstring>
namespace {
namespace isc {
namespace cryptolink {
/// @brief Decode the HashAlgorithm enum into a name usable by Botan
///
/// @param algorithm algorithm to be converted
......@@ -52,12 +56,6 @@ getBotanHashAlgorithmName(isc::cryptolink::HashAlgorithm algorithm) {
return ("Unknown");
}
} // local namespace
namespace isc {
namespace cryptolink {
/// @brief Botan implementation of Hash. Each method is the counterpart
/// of the Hash corresponding method.
class HashImpl {
......
......@@ -23,39 +23,9 @@
#include <botan/hash.h>
#include <botan/types.h>
#include <cstring>
namespace {
/// @brief Decode the HashAlgorithm enum into a name usable by Botan
///
/// @param algorithm algorithm to be converted
/// @return text representation of the algorithm name
const char*
getBotanHashAlgorithmName(isc::cryptolink::HashAlgorithm algorithm) {
switch (algorithm) {
case isc::cryptolink::MD5:
return ("MD5");
case isc::cryptolink::SHA1:
return ("SHA-1");
case isc::cryptolink::SHA256:
return ("SHA-256");
case isc::cryptolink::SHA224:
return ("SHA-224");
case isc::cryptolink::SHA384:
return ("SHA-384");
case isc::cryptolink::SHA512:
return ("SHA-512");
case isc::cryptolink::UNKNOWN_HASH:
return ("Unknown");
}
// compiler should have prevented us to reach this, since we have
// no default. But we need a return value anyway
return ("Unknown");
}
} // local namespace
#include <cryptolink/botan_common.h>
#include <cstring>
namespace isc {
namespace cryptolink {
......
// Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
// PERFORMANCE OF THIS SOFTWARE.
namespace isc {
namespace cryptolink {
/// @brief Decode the HashAlgorithm enum into an EVP_MD pointer (or 0)
///
/// EVP_MD pointer is a OpenSSL's way of identifying hash algorithms
/// @param algorithm algorithm to be converted
/// @return pointer to a static EVP_MD which identifies the algorithm
const EVP_MD*
getOpenSSLHashAlgorithm(isc::cryptolink::HashAlgorithm algorithm);
} // namespace cryptolink
} // namespace isc
......@@ -19,9 +19,12 @@
#include <openssl/evp.h>
#include <cryptolink/openssl_common.h>
#include <cstring>
namespace {
namespace isc {
namespace cryptolink {
/// @brief Decode the HashAlgorithm enum into an EVP_MD pointer (or 0)
///
......@@ -51,12 +54,6 @@ getOpenSSLHashAlgorithm(isc::cryptolink::HashAlgorithm algorithm) {
return (0);
}
} // local namespace
namespace isc {
namespace cryptolink {
/// \brief OpenSSL implementation of Hash. Each method is the counterpart
/// of the Hash corresponding method.
class HashImpl {
......
......@@ -19,38 +19,12 @@
#include <openssl/hmac.h>
#include <cryptolink/openssl_common.h>
#include <cstring>
namespace {
/// @brief Decode the HashAlgorithm enum into an EVP_MD pointer (or 0)
///
/// EVP_MD pointer is a OpenSSL's way of identifying hash algorithms
/// @param algorithm algorithm to be converted
/// @return pointer to EVP_MD which identifies the algorithm
const EVP_MD*
getOpenSSLHashAlgorithm(isc::cryptolink::HashAlgorithm algorithm) {
switch (algorithm) {
case isc::cryptolink::MD5:
return (EVP_md5());
case isc::cryptolink::SHA1:
return (EVP_sha1());
case isc::cryptolink::SHA256:
return (EVP_sha256());
case isc::cryptolink::SHA224:
return (EVP_sha224());
case isc::cryptolink::SHA384:
return (EVP_sha384());
case isc::cryptolink::SHA512:
return (EVP_sha512());
case isc::cryptolink::UNKNOWN_HASH:
return (0);
}
// compiler should have prevented us to reach this, since we have
// no default. But we need a return value anyway
return (0);
}
/// Secure Buffers which are wiped out when released.
template<typename T>
struct SecBuf {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment