versions). The Boost system library must also be installed.
Installing a header-only version of Boost is no longer recommended.
-- OpenSSL (at least version 1.0.1) or Botan (at least version 1.9).
- Note that OpenSSL version 1.0.2 or 1.1.0 or later and Botan version 2
- or later are strongly recommended.
+- OpenSSL (at least version 1.0.1) or Botan (at least version 2).
+ Note that OpenSSL version 1.0.2 or 1.1.0 or later is strongly recommended.
- log4cplus (at least version 1.0.3) development include headers.
- Kea supports two cryptographic libraries: Botan and OpenSSL. Only one
of them is required to be installed during compilation. Kea uses the
- Botan library for C++ (https://botan.randombit.net/), version 1.9 or
- later. Note that support for Botan versions earlier than 2.0 will be
- removed in Kea 1.6.0 and later. As an alternative to Botan, Kea can
+ Botan library for C++ (https://botan.randombit.net/), version 2.0 or
+ later. Note that support for Botan versions earlier than 2.0 was
+ removed in Kea 1.7.0 and later. As an alternative to Botan, Kea can
use the OpenSSL cryptographic library (https://www.openssl.org/),
version 1.0.2 or later.
IFS="$IFS_SAVED"
])
-AC_DEFUN([ACX_TRY_BOTAN1_TOOL], [
- TOOL=$1
- TOOL_ARG=$2
- BOTAN1_TOOL=""
- ACX_CHECK_PROG_NONCACHE([BOTAN1_TOOL], [${TOOL}])
- AC_MSG_CHECKING([usability of ${TOOL} ${TOOL_ARG}])
- if test "$BOTAN1_TOOL" != "" ; then
- if test -x ${BOTAN1_TOOL}; then
- CRYPTO_LIBS=`$BOTAN1_TOOL $TOOL_ARG --libs`
- LIBS_SAVED=${LIBS}
- LIBS="$LIBS $CRYPTO_LIBS"
- CRYPTO_INCLUDES=`$BOTAN1_TOOL $TOOL_ARG --cflags`
- CPPFLAGS_SAVED=${CPPFLAGS}
- CPPFLAGS="$CRYPTO_INCLUDES $CPPFLAGS"
- #AC_MSG_RESULT([found])
- AC_LINK_IFELSE(
- [AC_LANG_PROGRAM([#include <botan/botan.h>
- #include <botan/init.h>
- #include <botan/hash.h>
- ],
- [using namespace Botan;
- LibraryInitializer::initialize();
- HashFunction *h = get_hash("MD5");
- ])],
- [ AC_MSG_RESULT([ok])
- $3
- ],
- [ AC_MSG_RESULT([not usable]) ]
- )
- LIBS=${LIBS_SAVED}
- CPPFLAGS=${CPPFLAGS_SAVED}
- else
- AC_MSG_RESULT([not executable])
- fi
- else
- AC_MSG_RESULT([not found])
- fi
- BOTAN1_TOOL=""
- AC_SUBST(BOTAN1_TOOL)
- ]
-)
-# End of ACX_TRY_BOTAN1_TOOL
-
AC_DEFUN([ACX_TRY_BOTAN_TOOL], [
TOOL=$1
TOOL_ARG=$2
# Unless --with-botan-config is given, we first try to find these config
# scripts ourselves. Unfortunately, on some systems, these scripts do not
# provide the correct implementation, so for each script found, we try
-# a compilation test (ACX_TRY_BOTAN[1]_TOOL). If none are found, or none of
+# a compilation test (ACX_TRY_BOTAN_TOOL). If none are found, or none of
# them work, we see if pkg-config is available. If so, we try the several
# potential pkg-config .pc files. Again, on some systems, these can return
# incorrect information as well, so the try-compile test is repeated for
if test -x "${botan_config}" ; then
if test -d "${botan_config}" ; then
AC_MSG_ERROR([${botan_config} is a directory])
- else
- BOTAN1_CONFIG="${botan_config}"
fi
else
AC_MSG_ERROR([--with-botan-config should point to a botan-config program and not a directory (${botan_config})])
fi
- # determine Botan major version
- BOTAN_CONFIG="${BOTAN1_CONFIG}"
- cat > conftest.cpp << EOF
-#include <botan/version.h>
-MAJOR_VERSION=BOTAN_VERSION_MAJOR
-EOF
- CRYPTO_INCLUDES=`$BOTAN1_CONFIG --cflags`
- MAJOR_VERSION=`$CXX -E $CXXFLAGS $CRYPTO_INCLUDES conftest.cpp | grep '^MAJOR_VERSION=' | $SED -e 's/MAJOR_VERSION=//' -e 's/[[ ]]//g' -e 's/"//g' 2> /dev/null`
- if test "x${MAJOR_VERSION}" = "x2"; then
- BOTAN1_CONFIG=""
- fi
- $RM -f conftest.cpp
else
BOTAN_CONFIG=""
- BOTAN1_CONFIG=""
- # first try several possible names of the config script
- # (botan-config-1.9 is there just in case, the official name change
- # came later)
- BOTAN1_CONFIG_VERSIONS="botan-config-1.11 botan-config-1.10 botan-config-1.9 botan-config"
- for botan1_config in $BOTAN1_CONFIG_VERSIONS; do
- ACX_TRY_BOTAN1_TOOL([$botan1_config],,
- [ BOTAN1_CONFIG="$botan1_config" ]
- )
- if test "$BOTAN1_CONFIG" != "" ; then
- BOTAN_CONFIG="${BOTAN1_CONFIG}"
- break
- fi
- done
AC_PATH_PROG([PKG_CONFIG], [pkg-config])
if test "$PKG_CONFIG" != "" ; then
- if test "$BOTAN1_CONFIG" = "" ; then
- # Ok so no script found, see if pkg-config knows of it.
- # Unfortunately, the botan.pc files also have their minor version
- # in their name, so we need to try them one by one
- BOTAN1_VERSIONS="botan-1.11 botan-1.10 botan-1.9 botan-1.8"
- for version in $BOTAN1_VERSIONS; do
- ACX_TRY_BOTAN1_TOOL([pkg-config],
- ["$version --silence-errors"],
- [ BOTAN1_CONFIG="$PKG_CONFIG $version" ]
- )
- if test "$BOTAN1_CONFIG" != "" ; then
- BOTAN_CONFIG="${BOTAN1_CONFIG}"
- break
- fi
- done
- fi
- if test "$BOTAN_CONFIG" = "" ; then
- # Retry with Botan2
- BOTAN_VERSIONS="botan-2"
- for version in $BOTAN_VERSIONS; do
- ACX_TRY_BOTAN_TOOL([pkg-config], ["$version --silence-errors"],
- [ BOTAN_CONFIG="$PKG_CONFIG $version" ]
- )
- if test "$BOTAN_CONFIG" != "" ; then
- break
- fi
- done
- fi
+ BOTAN_VERSIONS="botan-2"
+ for version in $BOTAN_VERSIONS; do
+ ACX_TRY_BOTAN_TOOL([pkg-config], ["$version --silence-errors"],
+ [ BOTAN_CONFIG="$PKG_CONFIG $version" ]
+ )
+ if test "$BOTAN_CONFIG" != "" ; then
+ break
+ fi
+ done
fi
fi
# (or not even passing the pre-processor phase) and a header file resulting
# in compilation failures.
HEADER_TO_CHECK=botan/botan.h
- if test "BOTAN1_CONFIG" = ""; then
- HEADER_TO_CHECK=botan/lookup.h
- fi
AC_CHECK_HEADERS([${HEADER_TO_CHECK}],,[
CRYPTO_INCLUDES=""
CRYPTO_LIBS=""
LIBS=$LIBS_SAVED
fi
-if test "x${BOTAN1_CONFIG}" != "x"
-then
- CPPFLAGS_SAVED=$CPPFLAGS
- CPPFLAGS="$CRYPTO_INCLUDES $CPPFLAGS"
- LIBS_SAVED="$LIBS"
- LIBS="$LIBS $CRYPTO_LIBS"
- AC_LINK_IFELSE(
- [AC_LANG_PROGRAM([#include <botan/botan.h>
- #include <botan/init.h>
- #include <botan/hash.h>
- ],
- [using namespace Botan;
- LibraryInitializer::initialize();
- HashFunction *h = get_hash("MD5");
- ])],
- [AC_MSG_RESULT([checking for Botan1 library... yes])],
- [AC_MSG_RESULT([checking for Botan1 library... no])
- CRYPTO_INCLUDES=""
- CRYPTO_LIBS=""
- CRYPTO_LDFLAGS=""
- CRYPTO_RPATH=""
- AC_MSG_RESULT([Needs Botan library 1.9 or higher. On some systems,
- the botan package has a few missing dependencies (libbz2 and
- libgmp), if libbotan has been installed and you see this message,
- try upgrading to a higher version of botan or installing libbz2
- and libgmp.])]
- )
- CPPFLAGS=$CPPFLAGS_SAVED
- LIBS=$LIBS_SAVED
- CRYPTO_NAME="Botan1"
- CRYPTO_PACKAGE="botan-1.11"
-elif test "x${CRYPTO_LIBS}" != "x"
+if test "x${CRYPTO_LIBS}" != "x"
then
CPPFLAGS_SAVED=$CPPFLAGS
CPPFLAGS="$CRYPTO_INCLUDES $CPPFLAGS"
CPPFLAGS=${CPPFLAGS_SAVED}
fi
-AM_CONDITIONAL(HAVE_BOTAN1, test "$CRYPTO_NAME" = "Botan1")
AM_CONDITIONAL(HAVE_BOTAN, test "$CRYPTO_NAME" = "Botan")
AM_CONDITIONAL(HAVE_OPENSSL, test "$CRYPTO_NAME" = "OpenSSL")
AC_SUBST(CRYPTO_INCLUDES)
libkea_cryptolink_la_SOURCES += crypto_hash.h crypto_hash.cc
libkea_cryptolink_la_SOURCES += crypto_hmac.h crypto_hmac.cc
libkea_cryptolink_la_SOURCES += crypto_rng.h crypto_rng.cc
-if HAVE_BOTAN1
-libkea_cryptolink_la_SOURCES += botan1_link.cc
-libkea_cryptolink_la_SOURCES += botan_common.h
-libkea_cryptolink_la_SOURCES += botan1_hash.cc
-libkea_cryptolink_la_SOURCES += botan1_hmac.cc
-endif
if HAVE_BOTAN
libkea_cryptolink_la_SOURCES += botan_link.cc
libkea_cryptolink_la_SOURCES += botan_common.h
crypto_rng.h \
cryptolink.h
-if HAVE_BOTAN1
-libkea_cryptolink_include_HEADERS += \
- botan_common.h
-endif
-
if HAVE_BOTAN
libkea_cryptolink_include_HEADERS += \
botan_common.h
+++ /dev/null
-// Copyright (C) 2014-2018 Internet Systems Consortium, Inc. ("ISC")
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this
-// file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
-#include <config.h>
-
-#include <cryptolink.h>
-#include <cryptolink/crypto_hash.h>
-
-#include <boost/scoped_ptr.hpp>
-
-#include <botan/version.h>
-#include <botan/botan.h>
-#include <botan/hash.h>
-#include <botan/types.h>
-
-#include <cryptolink/botan_common.h>
-
-namespace isc {
-namespace cryptolink {
-
-/// @brief Decode the HashAlgorithm enum into a name usable by Botan
-///
-/// @param algorithm algorithm to be converted
-/// @return text representation of the algorithm name
-const std::string
-btn::getHashAlgorithmName(HashAlgorithm algorithm) {
- switch (algorithm) {
- case isc::cryptolink::MD5:
- return ("MD5");
- case isc::cryptolink::SHA1:
- return ("SHA-1");
- case isc::cryptolink::SHA256:
- return ("SHA-256");
- case isc::cryptolink::SHA224:
- return ("SHA-224");
- case isc::cryptolink::SHA384:
- return ("SHA-384");
- case isc::cryptolink::SHA512:
- return ("SHA-512");
- case isc::cryptolink::UNKNOWN_HASH:
- return ("Unknown");
- }
- // compiler should have prevented us to reach this, since we have
- // no default. But we need a return value anyway
- return ("Unknown");
-}
-
-/// @brief Botan implementation of Hash. Each method is the counterpart
-/// of the Hash corresponding method.
-class HashImpl {
-public:
-
- /// @brief Constructor for specific hash algorithm
- ///
- /// @param hash_algorithm The hash algorithm
- explicit HashImpl(const HashAlgorithm hash_algorithm)
- : hash_algorithm_(hash_algorithm), hash_() {
- Botan::HashFunction* hash;
- try {
- const std::string& name =
- btn::getHashAlgorithmName(hash_algorithm);
- hash = Botan::get_hash(name);
- } catch (const Botan::Algorithm_Not_Found&) {
- isc_throw(isc::cryptolink::UnsupportedAlgorithm,
- "Unknown hash algorithm: " <<
- static_cast<int>(hash_algorithm));
- } catch (const Botan::Exception& exc) {
- isc_throw(isc::cryptolink::LibraryError,
- "Botan error: " << exc.what());
- }
-
- hash_.reset(hash);
- }
-
- /// @brief Destructor
- ~HashImpl() { }
-
- /// @brief Returns the HashAlgorithm of the object
- HashAlgorithm getHashAlgorithm() const {
- return (hash_algorithm_);
- }
-
- /// @brief Returns the output size of the digest
- ///
- /// @return output size of the digest
- size_t getOutputLength() const {
-#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,0)
- return (hash_->output_length());
-#else
-#error "Unsupported Botan version (need 1.9 or higher)"
- // added to suppress irrelevant compiler errors
- return 0;
-#endif
- }
-
- /// @brief Adds data to the digest
- ///
- /// See @ref isc::cryptolink::Hash::update() for details.
- void update(const void* data, const size_t len) {
- try {
- hash_->update(static_cast<const Botan::byte*>(data), len);
- } catch (const Botan::Exception& exc) {
- isc_throw(isc::cryptolink::LibraryError,
- "Botan error: " << exc.what());
- }
- }
-
- /// @brief Calculate the final digest
- ///
- /// See @ref isc::cryptolink::Hash::final() for details.
- void final(isc::util::OutputBuffer& result, size_t len) {
- try {
- Botan::SecureVector<Botan::byte> b_result(hash_->final());
-
- if (len > b_result.size()) {
- len = b_result.size();
- }
- result.writeData(&b_result[0], len);
- } catch (const Botan::Exception& exc) {
- isc_throw(isc::cryptolink::LibraryError,
- "Botan error: " << exc.what());
- }
- }
-
- /// @brief Calculate the final digest
- ///
- /// See @ref isc::cryptolink::Hash::final() for details.
- void final(void* result, size_t len) {
- try {
- Botan::SecureVector<Botan::byte> b_result(hash_->final());
- size_t output_size = getOutputLength();
- if (output_size > len) {
- output_size = len;
- }
- std::memcpy(result, &b_result[0], output_size);
- } catch (const Botan::Exception& exc) {
- isc_throw(isc::cryptolink::LibraryError,
- "Botan error: " << exc.what());
- }
- }
-
- /// @brief Calculate the final digest
- ///
- /// See @ref isc::cryptolink::Hash::final() for details.
- std::vector<uint8_t> final(size_t len) {
- try {
- Botan::SecureVector<Botan::byte> b_result(hash_->final());
- if (len > b_result.size()) {
- len = b_result.size();
- }
- return (std::vector<uint8_t>(&b_result[0], &b_result[len]));
- } catch (const Botan::Exception& exc) {
- isc_throw(isc::cryptolink::LibraryError,
- "Botan error: " << exc.what());
- }
- }
-
-private:
- /// @brief The hash algorithm
- HashAlgorithm hash_algorithm_;
-
- /// @brief The protected pointer to the Botan HashFunction object
- boost::scoped_ptr<Botan::HashFunction> hash_;
-};
-
-Hash::Hash(const HashAlgorithm hash_algorithm)
-{
- impl_ = new HashImpl(hash_algorithm);
-}
-
-Hash::~Hash() {
- delete impl_;
-}
-
-HashAlgorithm
-Hash::getHashAlgorithm() const {
- return (impl_->getHashAlgorithm());
-}
-
-size_t
-Hash::getOutputLength() const {
- return (impl_->getOutputLength());
-}
-
-void
-Hash::update(const void* data, const size_t len) {
- impl_->update(data, len);
-}
-
-void
-Hash::final(isc::util::OutputBuffer& result, size_t len) {
- impl_->final(result, len);
-}
-
-void
-Hash::final(void* result, size_t len) {
- impl_->final(result, len);
-}
-
-std::vector<uint8_t>
-Hash::final(size_t len) {
- return impl_->final(len);
-}
-
-} // namespace cryptolink
-} // namespace isc
+++ /dev/null
-// Copyright (C) 2011-2018 Internet Systems Consortium, Inc. ("ISC")
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this
-// file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
-#include <config.h>
-
-#include <cryptolink.h>
-#include <cryptolink/crypto_hmac.h>
-
-#include <boost/scoped_ptr.hpp>
-
-#include <botan/version.h>
-#include <botan/botan.h>
-#include <botan/hmac.h>
-#include <botan/hash.h>
-#include <botan/types.h>
-
-#include <cryptolink/botan_common.h>
-
-namespace isc {
-namespace cryptolink {
-
-/// @brief Botan implementation of HMAC. Each method is the counterpart
-/// of the HMAC corresponding method.
-class HMACImpl {
-public:
- /// @brief Constructor from a secret and a hash algorithm
- ///
- /// See constructor of the @ref isc::cryptolink::HMAC class for details.
- ///
- /// @param secret The secret to sign with
- /// @param secret_len The length of the secret
- /// @param hash_algorithm The hash algorithm
- explicit HMACImpl(const void* secret, size_t secret_len,
- const HashAlgorithm hash_algorithm)
- : hash_algorithm_(hash_algorithm), hmac_() {
- Botan::HashFunction* hash;
- try {
- const std::string& name =
- btn::getHashAlgorithmName(hash_algorithm);
- hash = Botan::get_hash(name);
- } catch (const Botan::Algorithm_Not_Found&) {
- isc_throw(UnsupportedAlgorithm,
- "Unknown hash algorithm: " <<
- static_cast<int>(hash_algorithm));
- } catch (const Botan::Exception& exc) {
- isc_throw(LibraryError, "Botan error: " << exc.what());
- }
-
- hmac_.reset(new Botan::HMAC(hash));
-
- // If the key length is larger than the block size, we hash the
- // key itself first.
- try {
- // use a temp var so we don't have blocks spanning
- // preprocessor directives
-#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,0)
- size_t block_length = hash->hash_block_size();
-#else
-#error "Unsupported Botan version (need 1.9 or higher)"
- // added to suppress irrelevant compiler errors
- size_t block_length = 0;
-#endif
- if (secret_len > block_length) {
- Botan::SecureVector<Botan::byte> hashed_key =
- hash->process(static_cast<const Botan::byte*>(secret),
- secret_len);
- hmac_->set_key(&hashed_key[0], hashed_key.size());
- } else {
- // Botan 1.8 considers len 0 a bad key. 1.9 does not,
- // but we won't accept it anyway, and fail early
- if (secret_len == 0) {
- isc_throw(BadKey, "Bad HMAC secret length: 0");
- }
- hmac_->set_key(static_cast<const Botan::byte*>(secret),
- secret_len);
- }
- } catch (const Botan::Invalid_Key_Length& ikl) {
- isc_throw(BadKey, ikl.what());
- } catch (const Botan::Exception& exc) {
- isc_throw(LibraryError, "Botan error: " << exc.what());
- }
- }
-
- /// @brief Destructor
- ~HMACImpl() {
- }
-
- /// @brief Returns the HashAlgorithm of the object
- HashAlgorithm getHashAlgorithm() const {
- return (hash_algorithm_);
- }
-
- /// @brief Returns the output size of the digest
- ///
- /// @return output size of the digest
- size_t getOutputLength() const {
-#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,0)
- return (hmac_->output_length());
-#else
-#error "Unsupported Botan version (need 1.9 or higher)"
- // added to suppress irrelevant compiler errors
- return 0;
-#endif
- }
-
- /// @brief Add data to digest
- ///
- /// See @ref isc::cryptolink::HMAC::update() for details.
- void update(const void* data, const size_t len) {
- try {
- hmac_->update(static_cast<const Botan::byte*>(data), len);
- } catch (const Botan::Exception& exc) {
- isc_throw(LibraryError, "Botan error: " << exc.what());
- }
- }
-
- /// @brief Calculate the final signature
- ///
- /// See @ref isc::cryptolink::HMAC::sign() for details.
- void sign(isc::util::OutputBuffer& result, size_t len) {
- try {
- Botan::SecureVector<Botan::byte> b_result(hmac_->final());
-
- if (len > b_result.size()) {
- len = b_result.size();
- }
- result.writeData(&b_result[0], len);
- } catch (const Botan::Exception& exc) {
- isc_throw(LibraryError, "Botan error: " << exc.what());
- }
- }
-
- /// @brief Calculate the final signature
- ///
- /// See @ref isc::cryptolink::HMAC::sign() for details.
- void sign(void* result, size_t len) {
- try {
- Botan::SecureVector<Botan::byte> b_result(hmac_->final());
- size_t output_size = getOutputLength();
- if (output_size > len) {
- output_size = len;
- }
- std::memcpy(result, &b_result[0], output_size);
- } catch (const Botan::Exception& exc) {
- isc_throw(LibraryError, "Botan error: " << exc.what());
- }
- }
-
- /// @brief Calculate the final signature
- ///
- /// See @ref isc::cryptolink::HMAC::sign() for details.
- std::vector<uint8_t> sign(size_t len) {
- try {
- Botan::SecureVector<Botan::byte> b_result(hmac_->final());
- if (len > b_result.size()) {
- len = b_result.size();
- }
- return (std::vector<uint8_t>(&b_result[0], &b_result[len]));
- } catch (const Botan::Exception& exc) {
- isc_throw(LibraryError, "Botan error: " << exc.what());
- }
- }
-
-
- /// @brief Verify an existing signature
- ///
- /// See @ref isc::cryptolink::HMAC::verify() for details.
- bool verify(const void* sig, size_t len) {
- // Botan's verify_mac checks if len matches the output_length,
- // which causes it to fail for truncated signatures, so we do
- // the check ourselves
- try {
- size_t size = getOutputLength();
- if (len < 10 || len < size / 2) {
- return (false);
- }
- if (len > size) {
- len = size;
- }
- if (digest_.size() == 0) {
- digest_ = hmac_->final();
- }
- return (Botan::same_mem(&digest_[0],
- static_cast<const unsigned char*>(sig),
- len));
- } catch (const Botan::Exception& exc) {
- isc_throw(LibraryError, "Botan error: " << exc.what());
- }
- }
-
-private:
- /// @brief The hash algorithm
- HashAlgorithm hash_algorithm_;
-
- /// @brief The protected pointer to the Botan HMAC object
- boost::scoped_ptr<Botan::HMAC> hmac_;
-
- /// @brief The digest cache for multiple verify
- Botan::SecureVector<Botan::byte> digest_;
-};
-
-HMAC::HMAC(const void* secret, size_t secret_length,
- const HashAlgorithm hash_algorithm)
-{
- impl_ = new HMACImpl(secret, secret_length, hash_algorithm);
-}
-
-HMAC::~HMAC() {
- delete impl_;
-}
-
-HashAlgorithm
-HMAC::getHashAlgorithm() const {
- return (impl_->getHashAlgorithm());
-}
-
-size_t
-HMAC::getOutputLength() const {
- return (impl_->getOutputLength());
-}
-
-void
-HMAC::update(const void* data, const size_t len) {
- impl_->update(data, len);
-}
-
-void
-HMAC::sign(isc::util::OutputBuffer& result, size_t len) {
- impl_->sign(result, len);
-}
-
-void
-HMAC::sign(void* result, size_t len) {
- impl_->sign(result, len);
-}
-
-std::vector<uint8_t>
-HMAC::sign(size_t len) {
- return impl_->sign(len);
-}
-
-bool
-HMAC::verify(const void* sig, const size_t len) {
- return (impl_->verify(sig, len));
-}
-
-} // namespace cryptolink
-} // namespace isc
+++ /dev/null
-// Copyright (C) 2011-2018 Internet Systems Consortium, Inc. ("ISC")
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this
-// file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
-#include <config.h>
-
-#include <cryptolink/cryptolink.h>
-#include <cryptolink/crypto_hash.h>
-#include <cryptolink/crypto_hmac.h>
-#include <cryptolink/crypto_rng.h>
-
-#include <botan/botan.h>
-#include <botan/init.h>
-#include <botan/auto_rng.h>
-
-namespace isc {
-namespace cryptolink {
-
-// For Botan, we use the CryptoLink class object in RAII style
-class CryptoLinkImpl {
-private:
- Botan::LibraryInitializer botan_init_;
-};
-
-CryptoLink::~CryptoLink() {
- rng_.reset();
- delete impl_;
-}
-
-/// \brief Botan implementation of RNG.
-class RNGImpl : public RNG {
-public:
- RNGImpl() {
- rng.reset(new Botan::AutoSeeded_RNG());
- }
-
- ~RNGImpl() {
- }
-
-private:
- std::vector<uint8_t> random(size_t len) {
- std::vector<uint8_t> data;
- if (len > 0) {
- data.resize(len);
- try {
- rng->randomize(&data[0], len);
- } catch (const Botan::Exception& ex) {
- isc_throw(isc::cryptolink::LibraryError,
- "Botan error: " << ex.what());
- }
- }
- return (data);
- }
-
- boost::shared_ptr<Botan::RandomNumberGenerator> rng;
-};
-
-void
-CryptoLink::initialize() {
- CryptoLink& c = getCryptoLinkInternal();
- if (!c.impl_) {
- try {
- c.impl_ = new CryptoLinkImpl();
- } catch (const Botan::Exception& ex) {
- isc_throw(InitializationError, "Botan error: " << ex.what());
- }
- }
- if (!c.rng_) {
- try {
- c.rng_.reset(new RNGImpl());
- } catch (const Botan::Exception& ex) {
- isc_throw(InitializationError, "Botan error: " << ex.what());
- }
- }
-}
-
-std::string
-CryptoLink::getVersion() {
- return (Botan::version_string());
-}
-
-} // namespace cryptolink
-} // namespace isc
-
projects / thirdparty / kea.git / commitdiff
