diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 12:15:43 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 12:15:43 +0000 |
commit | f5f56e1a1c4d9e9496fcb9d81131066a964ccd23 (patch) | |
tree | 49e44c6f87febed37efb953ab5485aa49f6481a7 /src/lib/cryptolink | |
parent | Initial commit. (diff) | |
download | isc-kea-upstream.tar.xz isc-kea-upstream.zip |
Adding upstream version 2.4.1.upstream/2.4.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/lib/cryptolink')
25 files changed, 5599 insertions, 0 deletions
diff --git a/src/lib/cryptolink/Makefile.am b/src/lib/cryptolink/Makefile.am new file mode 100644 index 0000000..8a7e72e --- /dev/null +++ b/src/lib/cryptolink/Makefile.am @@ -0,0 +1,52 @@ +SUBDIRS = . tests + +AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib +AM_CPPFLAGS += $(BOOST_INCLUDES) $(CRYPTO_CFLAGS) $(CRYPTO_INCLUDES) +AM_CXXFLAGS = $(KEA_CXXFLAGS) + +CLEANFILES = *.gcno *.gcda + +lib_LTLIBRARIES = libkea-cryptolink.la + +libkea_cryptolink_la_SOURCES = cryptolink.h cryptolink.cc +libkea_cryptolink_la_SOURCES += crypto_hash.h crypto_hash.cc +libkea_cryptolink_la_SOURCES += crypto_hmac.h crypto_hmac.cc +libkea_cryptolink_la_SOURCES += crypto_rng.h crypto_rng.cc +if HAVE_BOTAN +libkea_cryptolink_la_SOURCES += botan_link.cc +libkea_cryptolink_la_SOURCES += botan_common.h +libkea_cryptolink_la_SOURCES += botan_hash.cc +libkea_cryptolink_la_SOURCES += botan_hmac.cc +endif +if HAVE_OPENSSL +libkea_cryptolink_la_SOURCES += openssl_link.cc +libkea_cryptolink_la_SOURCES += openssl_common.h +libkea_cryptolink_la_SOURCES += openssl_hash.cc +libkea_cryptolink_la_SOURCES += openssl_compat.h +libkea_cryptolink_la_SOURCES += openssl_hmac.cc +endif + +libkea_cryptolink_la_LDFLAGS = $(CRYPTO_LDFLAGS) +libkea_cryptolink_la_LDFLAGS += -no-undefined -version-info 38:0:0 +libkea_cryptolink_la_LIBADD = $(top_builddir)/src/lib/exceptions/libkea-exceptions.la +libkea_cryptolink_la_LIBADD += $(CRYPTO_LIBS) + + +# Specify the headers for copying into the installation directory tree. +libkea_cryptolink_includedir = $(pkgincludedir)/cryptolink +libkea_cryptolink_include_HEADERS = \ + crypto_hash.h \ + crypto_hmac.h \ + crypto_rng.h \ + cryptolink.h + +if HAVE_BOTAN +libkea_cryptolink_include_HEADERS += \ + botan_common.h +endif + +if HAVE_OPENSSL +libkea_cryptolink_include_HEADERS += \ + openssl_common.h \ + openssl_compat.h +endif diff --git a/src/lib/cryptolink/Makefile.in b/src/lib/cryptolink/Makefile.in new file mode 100644 index 0000000..0757ffd --- /dev/null +++ b/src/lib/cryptolink/Makefile.in @@ -0,0 +1,1003 @@ +# Makefile.in generated by automake 1.16.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2018 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + + +VPATH = @srcdir@ +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +@HAVE_BOTAN_TRUE@am__append_1 = botan_link.cc botan_common.h \ +@HAVE_BOTAN_TRUE@ botan_hash.cc botan_hmac.cc +@HAVE_OPENSSL_TRUE@am__append_2 = openssl_link.cc openssl_common.h \ +@HAVE_OPENSSL_TRUE@ openssl_hash.cc openssl_compat.h \ +@HAVE_OPENSSL_TRUE@ openssl_hmac.cc +@HAVE_BOTAN_TRUE@am__append_3 = \ +@HAVE_BOTAN_TRUE@ botan_common.h + +@HAVE_OPENSSL_TRUE@am__append_4 = \ +@HAVE_OPENSSL_TRUE@ openssl_common.h \ +@HAVE_OPENSSL_TRUE@ openssl_compat.h + +subdir = src/lib/cryptolink +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4macros/ax_boost_for_kea.m4 \ + $(top_srcdir)/m4macros/ax_cpp11.m4 \ + $(top_srcdir)/m4macros/ax_cpp20.m4 \ + $(top_srcdir)/m4macros/ax_crypto.m4 \ + $(top_srcdir)/m4macros/ax_find_library.m4 \ + $(top_srcdir)/m4macros/ax_gssapi.m4 \ + $(top_srcdir)/m4macros/ax_gtest.m4 \ + $(top_srcdir)/m4macros/ax_isc_rpath.m4 \ + $(top_srcdir)/m4macros/ax_netconf.m4 \ + $(top_srcdir)/m4macros/libtool.m4 \ + $(top_srcdir)/m4macros/ltoptions.m4 \ + $(top_srcdir)/m4macros/ltsugar.m4 \ + $(top_srcdir)/m4macros/ltversion.m4 \ + $(top_srcdir)/m4macros/lt~obsolete.m4 \ + $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am \ + $(am__libkea_cryptolink_include_HEADERS_DIST) \ + $(am__DIST_COMMON) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__uninstall_files_from_dir = { \ + test -z "$$files" \ + || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ + || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ + $(am__cd) "$$dir" && rm -f $$files; }; \ + } +am__installdirs = "$(DESTDIR)$(libdir)" \ + "$(DESTDIR)$(libkea_cryptolink_includedir)" +LTLIBRARIES = $(lib_LTLIBRARIES) +am__DEPENDENCIES_1 = +libkea_cryptolink_la_DEPENDENCIES = \ + $(top_builddir)/src/lib/exceptions/libkea-exceptions.la \ + $(am__DEPENDENCIES_1) +am__libkea_cryptolink_la_SOURCES_DIST = cryptolink.h cryptolink.cc \ + crypto_hash.h crypto_hash.cc crypto_hmac.h crypto_hmac.cc \ + crypto_rng.h crypto_rng.cc botan_link.cc botan_common.h \ + botan_hash.cc botan_hmac.cc openssl_link.cc openssl_common.h \ + openssl_hash.cc openssl_compat.h openssl_hmac.cc +@HAVE_BOTAN_TRUE@am__objects_1 = botan_link.lo botan_hash.lo \ +@HAVE_BOTAN_TRUE@ botan_hmac.lo +@HAVE_OPENSSL_TRUE@am__objects_2 = openssl_link.lo openssl_hash.lo \ +@HAVE_OPENSSL_TRUE@ openssl_hmac.lo +am_libkea_cryptolink_la_OBJECTS = cryptolink.lo crypto_hash.lo \ + crypto_hmac.lo crypto_rng.lo $(am__objects_1) $(am__objects_2) +libkea_cryptolink_la_OBJECTS = $(am_libkea_cryptolink_la_OBJECTS) +AM_V_lt = $(am__v_lt_@AM_V@) +am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) +am__v_lt_0 = --silent +am__v_lt_1 = +libkea_cryptolink_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CXX \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CXXLD) \ + $(AM_CXXFLAGS) $(CXXFLAGS) $(libkea_cryptolink_la_LDFLAGS) \ + $(LDFLAGS) -o $@ +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__maybe_remake_depfiles = depfiles +am__depfiles_remade = ./$(DEPDIR)/botan_hash.Plo \ + ./$(DEPDIR)/botan_hmac.Plo ./$(DEPDIR)/botan_link.Plo \ + ./$(DEPDIR)/crypto_hash.Plo ./$(DEPDIR)/crypto_hmac.Plo \ + ./$(DEPDIR)/crypto_rng.Plo ./$(DEPDIR)/cryptolink.Plo \ + ./$(DEPDIR)/openssl_hash.Plo ./$(DEPDIR)/openssl_hmac.Plo \ + ./$(DEPDIR)/openssl_link.Plo +am__mv = mv -f +CXXCOMPILE = $(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) +LTCXXCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CXX $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(CXX) $(DEFS) \ + $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ + $(AM_CXXFLAGS) $(CXXFLAGS) +AM_V_CXX = $(am__v_CXX_@AM_V@) +am__v_CXX_ = $(am__v_CXX_@AM_DEFAULT_V@) +am__v_CXX_0 = @echo " CXX " $@; +am__v_CXX_1 = +CXXLD = $(CXX) +CXXLINK = $(LIBTOOL) $(AM_V_lt) --tag=CXX $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CXXLD) $(AM_CXXFLAGS) \ + $(CXXFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CXXLD = $(am__v_CXXLD_@AM_V@) +am__v_CXXLD_ = $(am__v_CXXLD_@AM_DEFAULT_V@) +am__v_CXXLD_0 = @echo " CXXLD " $@; +am__v_CXXLD_1 = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ + $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ + $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = +CCLD = $(CC) +LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = +SOURCES = $(libkea_cryptolink_la_SOURCES) +DIST_SOURCES = $(am__libkea_cryptolink_la_SOURCES_DIST) +RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \ + ctags-recursive dvi-recursive html-recursive info-recursive \ + install-data-recursive install-dvi-recursive \ + install-exec-recursive install-html-recursive \ + install-info-recursive install-pdf-recursive \ + install-ps-recursive install-recursive installcheck-recursive \ + installdirs-recursive pdf-recursive ps-recursive \ + tags-recursive uninstall-recursive +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__libkea_cryptolink_include_HEADERS_DIST = crypto_hash.h \ + crypto_hmac.h crypto_rng.h cryptolink.h botan_common.h \ + openssl_common.h openssl_compat.h +HEADERS = $(libkea_cryptolink_include_HEADERS) +RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ + distclean-recursive maintainer-clean-recursive +am__recursive_targets = \ + $(RECURSIVE_TARGETS) \ + $(RECURSIVE_CLEAN_TARGETS) \ + $(am__extra_recursive_targets) +AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \ + distdir distdir-am +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +DIST_SUBDIRS = $(SUBDIRS) +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +am__relativize = \ + dir0=`pwd`; \ + sed_first='s,^\([^/]*\)/.*$$,\1,'; \ + sed_rest='s,^[^/]*/*,,'; \ + sed_last='s,^.*/\([^/]*\)$$,\1,'; \ + sed_butlast='s,/*[^/]*$$,,'; \ + while test -n "$$dir1"; do \ + first=`echo "$$dir1" | sed -e "$$sed_first"`; \ + if test "$$first" != "."; then \ + if test "$$first" = ".."; then \ + dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ + dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ + else \ + first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ + if test "$$first2" = "$$first"; then \ + dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ + else \ + dir2="../$$dir2"; \ + fi; \ + dir0="$$dir0"/"$$first"; \ + fi; \ + fi; \ + dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ + done; \ + reldir="$$dir2" +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +ASCIIDOC = @ASCIIDOC@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +BOOST_INCLUDES = @BOOST_INCLUDES@ +BOOST_LIBS = @BOOST_LIBS@ +BOTAN_TOOL = @BOTAN_TOOL@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CONTRIB_DIR = @CONTRIB_DIR@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CRYPTO_CFLAGS = @CRYPTO_CFLAGS@ +CRYPTO_INCLUDES = @CRYPTO_INCLUDES@ +CRYPTO_LDFLAGS = @CRYPTO_LDFLAGS@ +CRYPTO_LIBS = @CRYPTO_LIBS@ +CRYPTO_PACKAGE = @CRYPTO_PACKAGE@ +CRYPTO_RPATH = @CRYPTO_RPATH@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ +CXXDEPMODE = @CXXDEPMODE@ +CXXFLAGS = @CXXFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DISTCHECK_BOOST_CONFIGURE_FLAG = @DISTCHECK_BOOST_CONFIGURE_FLAG@ +DISTCHECK_CONTRIB_CONFIGURE_FLAG = @DISTCHECK_CONTRIB_CONFIGURE_FLAG@ +DISTCHECK_CRYPTO_CONFIGURE_FLAG = @DISTCHECK_CRYPTO_CONFIGURE_FLAG@ +DISTCHECK_GSSAPI_CONFIGURE_FLAG = @DISTCHECK_GSSAPI_CONFIGURE_FLAG@ +DISTCHECK_GTEST_CONFIGURE_FLAG = @DISTCHECK_GTEST_CONFIGURE_FLAG@ +DISTCHECK_KEA_SHELL_CONFIGURE_FLAG = @DISTCHECK_KEA_SHELL_CONFIGURE_FLAG@ +DISTCHECK_LIBYANGCPP_CONFIGURE_FLAG = @DISTCHECK_LIBYANGCPP_CONFIGURE_FLAG@ +DISTCHECK_LIBYANG_CONFIGURE_FLAG = @DISTCHECK_LIBYANG_CONFIGURE_FLAG@ +DISTCHECK_LOG4CPLUS_CONFIGURE_FLAG = @DISTCHECK_LOG4CPLUS_CONFIGURE_FLAG@ +DISTCHECK_MYSQL_CONFIGURE_FLAG = @DISTCHECK_MYSQL_CONFIGURE_FLAG@ +DISTCHECK_PERFDHCP_CONFIGURE_FLAG = @DISTCHECK_PERFDHCP_CONFIGURE_FLAG@ +DISTCHECK_PGSQL_CONFIGURE_FLAG = @DISTCHECK_PGSQL_CONFIGURE_FLAG@ +DISTCHECK_PREMIUM_CONFIGURE_FLAG = @DISTCHECK_PREMIUM_CONFIGURE_FLAG@ +DISTCHECK_SYSREPOCPP_CONFIGURE_FLAG = @DISTCHECK_SYSREPOCPP_CONFIGURE_FLAG@ +DISTCHECK_SYSREPO_CONFIGURE_FLAG = @DISTCHECK_SYSREPO_CONFIGURE_FLAG@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GENHTML = @GENHTML@ +GREP = @GREP@ +GSSAPI_CFLAGS = @GSSAPI_CFLAGS@ +GSSAPI_LIBS = @GSSAPI_LIBS@ +GTEST_CONFIG = @GTEST_CONFIG@ +GTEST_INCLUDES = @GTEST_INCLUDES@ +GTEST_LDADD = @GTEST_LDADD@ +GTEST_LDFLAGS = @GTEST_LDFLAGS@ +GTEST_SOURCE = @GTEST_SOURCE@ +HAVE_NETCONF = @HAVE_NETCONF@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +KEA_CXXFLAGS = @KEA_CXXFLAGS@ +KEA_SRCID = @KEA_SRCID@ +KRB5_CONFIG = @KRB5_CONFIG@ +LCOV = @LCOV@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIBYANGCPP_CPPFLAGS = @LIBYANGCPP_CPPFLAGS@ +LIBYANGCPP_INCLUDEDIR = @LIBYANGCPP_INCLUDEDIR@ +LIBYANGCPP_LIBS = @LIBYANGCPP_LIBS@ +LIBYANGCPP_PREFIX = @LIBYANGCPP_PREFIX@ +LIBYANGCPP_VERSION = @LIBYANGCPP_VERSION@ +LIBYANG_CPPFLAGS = @LIBYANG_CPPFLAGS@ +LIBYANG_INCLUDEDIR = @LIBYANG_INCLUDEDIR@ +LIBYANG_LIBS = @LIBYANG_LIBS@ +LIBYANG_PREFIX = @LIBYANG_PREFIX@ +LIBYANG_VERSION = @LIBYANG_VERSION@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LOG4CPLUS_INCLUDES = @LOG4CPLUS_INCLUDES@ +LOG4CPLUS_LIBS = @LOG4CPLUS_LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +MYSQL_CPPFLAGS = @MYSQL_CPPFLAGS@ +MYSQL_LIBS = @MYSQL_LIBS@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PACKAGE_VERSION_TYPE = @PACKAGE_VERSION_TYPE@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PDFLATEX = @PDFLATEX@ +PERL = @PERL@ +PGSQL_CPPFLAGS = @PGSQL_CPPFLAGS@ +PGSQL_LIBS = @PGSQL_LIBS@ +PKGPYTHONDIR = @PKGPYTHONDIR@ +PKG_CONFIG = @PKG_CONFIG@ +PLANTUML = @PLANTUML@ +PREMIUM_DIR = @PREMIUM_DIR@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +RANLIB = @RANLIB@ +SED = @SED@ +SEP = @SEP@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SPHINXBUILD = @SPHINXBUILD@ +SRPD_PLUGINS_PATH = @SRPD_PLUGINS_PATH@ +SR_PLUGINS_PATH = @SR_PLUGINS_PATH@ +SR_REPO_PATH = @SR_REPO_PATH@ +STRIP = @STRIP@ +SYSREPOCPP_CPPFLAGS = @SYSREPOCPP_CPPFLAGS@ +SYSREPOCPP_INCLUDEDIR = @SYSREPOCPP_INCLUDEDIR@ +SYSREPOCPP_LIBS = @SYSREPOCPP_LIBS@ +SYSREPOCPP_PREFIX = @SYSREPOCPP_PREFIX@ +SYSREPOCPP_VERSION = @SYSREPOCPP_VERSION@ +SYSREPO_CPPFLAGS = @SYSREPO_CPPFLAGS@ +SYSREPO_INCLUDEDIR = @SYSREPO_INCLUDEDIR@ +SYSREPO_LIBS = @SYSREPO_LIBS@ +SYSREPO_PREFIX = @SYSREPO_PREFIX@ +SYSREPO_VERSION = @SYSREPO_VERSION@ +USE_LCOV = @USE_LCOV@ +VALGRIND = @VALGRIND@ +VERSION = @VERSION@ +WARNING_GCC_44_STRICT_ALIASING_CFLAG = @WARNING_GCC_44_STRICT_ALIASING_CFLAG@ +YACC = @YACC@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_CXX = @ac_ct_CXX@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +runstatedir = @runstatedir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +SUBDIRS = . tests +AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib \ + $(BOOST_INCLUDES) $(CRYPTO_CFLAGS) $(CRYPTO_INCLUDES) +AM_CXXFLAGS = $(KEA_CXXFLAGS) +CLEANFILES = *.gcno *.gcda +lib_LTLIBRARIES = libkea-cryptolink.la +libkea_cryptolink_la_SOURCES = cryptolink.h cryptolink.cc \ + crypto_hash.h crypto_hash.cc crypto_hmac.h crypto_hmac.cc \ + crypto_rng.h crypto_rng.cc $(am__append_1) $(am__append_2) +libkea_cryptolink_la_LDFLAGS = $(CRYPTO_LDFLAGS) -no-undefined \ + -version-info 38:0:0 +libkea_cryptolink_la_LIBADD = \ + $(top_builddir)/src/lib/exceptions/libkea-exceptions.la \ + $(CRYPTO_LIBS) + +# Specify the headers for copying into the installation directory tree. +libkea_cryptolink_includedir = $(pkgincludedir)/cryptolink +libkea_cryptolink_include_HEADERS = crypto_hash.h crypto_hmac.h \ + crypto_rng.h cryptolink.h $(am__append_3) $(am__append_4) +all: all-recursive + +.SUFFIXES: +.SUFFIXES: .cc .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/lib/cryptolink/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign src/lib/cryptolink/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ + if test -f $$p; then \ + list2="$$list2 $$p"; \ + else :; fi; \ + done; \ + test -z "$$list2" || { \ + echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ + done + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + @list='$(lib_LTLIBRARIES)'; \ + locs=`for p in $$list; do echo $$p; done | \ + sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ + sort -u`; \ + test -z "$$locs" || { \ + echo rm -f $${locs}; \ + rm -f $${locs}; \ + } + +libkea-cryptolink.la: $(libkea_cryptolink_la_OBJECTS) $(libkea_cryptolink_la_DEPENDENCIES) $(EXTRA_libkea_cryptolink_la_DEPENDENCIES) + $(AM_V_CXXLD)$(libkea_cryptolink_la_LINK) -rpath $(libdir) $(libkea_cryptolink_la_OBJECTS) $(libkea_cryptolink_la_LIBADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/botan_hash.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/botan_hmac.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/botan_link.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypto_hash.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypto_hmac.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypto_rng.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cryptolink.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_hash.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_hmac.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl_link.Plo@am__quote@ # am--include-marker + +$(am__depfiles_remade): + @$(MKDIR_P) $(@D) + @echo '# dummy' >$@-t && $(am__mv) $@-t $@ + +am--depfiles: $(am__depfiles_remade) + +.cc.o: +@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXXCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCXX_FALSE@ $(AM_V_CXX@am__nodep@)$(CXXCOMPILE) -c -o $@ $< + +.cc.obj: +@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXXCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCXX_FALSE@ $(AM_V_CXX@am__nodep@)$(CXXCOMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +.cc.lo: +@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(LTCXXCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCXX_FALSE@ $(AM_V_CXX@am__nodep@)$(LTCXXCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-libkea_cryptolink_includeHEADERS: $(libkea_cryptolink_include_HEADERS) + @$(NORMAL_INSTALL) + @list='$(libkea_cryptolink_include_HEADERS)'; test -n "$(libkea_cryptolink_includedir)" || list=; \ + if test -n "$$list"; then \ + echo " $(MKDIR_P) '$(DESTDIR)$(libkea_cryptolink_includedir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(libkea_cryptolink_includedir)" || exit 1; \ + fi; \ + for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(libkea_cryptolink_includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(libkea_cryptolink_includedir)" || exit $$?; \ + done + +uninstall-libkea_cryptolink_includeHEADERS: + @$(NORMAL_UNINSTALL) + @list='$(libkea_cryptolink_include_HEADERS)'; test -n "$(libkea_cryptolink_includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + dir='$(DESTDIR)$(libkea_cryptolink_includedir)'; $(am__uninstall_files_from_dir) + +# This directory's subdirectories are mostly independent; you can cd +# into them and run 'make' without going through this Makefile. +# To change the values of 'make' variables: instead of editing Makefiles, +# (1) if the variable is set in 'config.status', edit 'config.status' +# (which will cause the Makefiles to be regenerated when you run 'make'); +# (2) otherwise, pass the desired values on the 'make' command line. +$(am__recursive_targets): + @fail=; \ + if $(am__make_keepgoing); then \ + failcom='fail=yes'; \ + else \ + failcom='exit 1'; \ + fi; \ + dot_seen=no; \ + target=`echo $@ | sed s/-recursive//`; \ + case "$@" in \ + distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ + *) list='$(SUBDIRS)' ;; \ + esac; \ + for subdir in $$list; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + dot_seen=yes; \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || eval $$failcom; \ + done; \ + if test "$$dot_seen" = "no"; then \ + $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ + fi; test -z "$$fail" + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-recursive +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ + include_option=--etags-include; \ + empty_fix=.; \ + else \ + include_option=--include; \ + empty_fix=; \ + fi; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + test ! -f $$subdir/TAGS || \ + set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ + fi; \ + done; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-recursive + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-recursive + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(BUILT_SOURCES) + $(MAKE) $(AM_MAKEFLAGS) distdir-am + +distdir-am: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + $(am__make_dryrun) \ + || test -d "$(distdir)/$$subdir" \ + || $(MKDIR_P) "$(distdir)/$$subdir" \ + || exit 1; \ + dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ + $(am__relativize); \ + new_distdir=$$reldir; \ + dir1=$$subdir; dir2="$(top_distdir)"; \ + $(am__relativize); \ + new_top_distdir=$$reldir; \ + echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ + echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ + ($(am__cd) $$subdir && \ + $(MAKE) $(AM_MAKEFLAGS) \ + top_distdir="$$new_top_distdir" \ + distdir="$$new_distdir" \ + am__remove_distdir=: \ + am__skip_length_check=: \ + am__skip_mode_fix=: \ + distdir) \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-recursive +all-am: Makefile $(LTLIBRARIES) $(HEADERS) +installdirs: installdirs-recursive +installdirs-am: + for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(libkea_cryptolink_includedir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-recursive +install-exec: install-exec-recursive +install-data: install-data-recursive +uninstall: uninstall-recursive + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-recursive +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-recursive + +clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \ + mostlyclean-am + +distclean: distclean-recursive + -rm -f ./$(DEPDIR)/botan_hash.Plo + -rm -f ./$(DEPDIR)/botan_hmac.Plo + -rm -f ./$(DEPDIR)/botan_link.Plo + -rm -f ./$(DEPDIR)/crypto_hash.Plo + -rm -f ./$(DEPDIR)/crypto_hmac.Plo + -rm -f ./$(DEPDIR)/crypto_rng.Plo + -rm -f ./$(DEPDIR)/cryptolink.Plo + -rm -f ./$(DEPDIR)/openssl_hash.Plo + -rm -f ./$(DEPDIR)/openssl_hmac.Plo + -rm -f ./$(DEPDIR)/openssl_link.Plo + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-recursive + +dvi-am: + +html: html-recursive + +html-am: + +info: info-recursive + +info-am: + +install-data-am: install-libkea_cryptolink_includeHEADERS + +install-dvi: install-dvi-recursive + +install-dvi-am: + +install-exec-am: install-libLTLIBRARIES + +install-html: install-html-recursive + +install-html-am: + +install-info: install-info-recursive + +install-info-am: + +install-man: + +install-pdf: install-pdf-recursive + +install-pdf-am: + +install-ps: install-ps-recursive + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-recursive + -rm -f ./$(DEPDIR)/botan_hash.Plo + -rm -f ./$(DEPDIR)/botan_hmac.Plo + -rm -f ./$(DEPDIR)/botan_link.Plo + -rm -f ./$(DEPDIR)/crypto_hash.Plo + -rm -f ./$(DEPDIR)/crypto_hmac.Plo + -rm -f ./$(DEPDIR)/crypto_rng.Plo + -rm -f ./$(DEPDIR)/cryptolink.Plo + -rm -f ./$(DEPDIR)/openssl_hash.Plo + -rm -f ./$(DEPDIR)/openssl_hmac.Plo + -rm -f ./$(DEPDIR)/openssl_link.Plo + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-recursive + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-recursive + +pdf-am: + +ps: ps-recursive + +ps-am: + +uninstall-am: uninstall-libLTLIBRARIES \ + uninstall-libkea_cryptolink_includeHEADERS + +.MAKE: $(am__recursive_targets) install-am install-strip + +.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am \ + am--depfiles check check-am clean clean-generic \ + clean-libLTLIBRARIES clean-libtool cscopelist-am ctags \ + ctags-am distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-libLTLIBRARIES \ + install-libkea_cryptolink_includeHEADERS install-man \ + install-pdf install-pdf-am install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + installdirs-am maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \ + uninstall-am uninstall-libLTLIBRARIES \ + uninstall-libkea_cryptolink_includeHEADERS + +.PRECIOUS: Makefile + + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/src/lib/cryptolink/botan_common.h b/src/lib/cryptolink/botan_common.h new file mode 100644 index 0000000..05cae30 --- /dev/null +++ b/src/lib/cryptolink/botan_common.h @@ -0,0 +1,20 @@ +// Copyright (C) 2014-2017 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +namespace isc { +namespace cryptolink { +namespace btn { + +/// @brief Decode the HashAlgorithm enum into a name usable by Botan +/// +/// @param algorithm algorithm to be converted +/// @return static text representation of the algorithm name +const std::string +getHashAlgorithmName(isc::cryptolink::HashAlgorithm algorithm); + +} // namespace btn +} // namespace cryptolink +} // namespace isc diff --git a/src/lib/cryptolink/botan_hash.cc b/src/lib/cryptolink/botan_hash.cc new file mode 100644 index 0000000..06dca6d --- /dev/null +++ b/src/lib/cryptolink/botan_hash.cc @@ -0,0 +1,199 @@ +// Copyright (C) 2014-2020 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#include <config.h> + +#include <cryptolink.h> +#include <cryptolink/crypto_hash.h> + +#include <boost/scoped_ptr.hpp> + +#include <botan/lookup.h> + +#include <cryptolink/botan_common.h> + +namespace isc { +namespace cryptolink { + +const std::string +btn::getHashAlgorithmName(HashAlgorithm algorithm) { + switch (algorithm) { + case isc::cryptolink::MD5: + return ("MD5"); + case isc::cryptolink::SHA1: + return ("SHA-1"); + case isc::cryptolink::SHA256: + return ("SHA-256"); + case isc::cryptolink::SHA224: + return ("SHA-224"); + case isc::cryptolink::SHA384: + return ("SHA-384"); + case isc::cryptolink::SHA512: + return ("SHA-512"); + case isc::cryptolink::UNKNOWN_HASH: + return ("Unknown"); + } + // compiler should have prevented us to reach this, since we have + // no default. But we need a return value anyway + return ("Unknown"); +} + +/// @brief Botan implementation of Hash. Each method is the counterpart +/// of the Hash corresponding method. +class HashImpl { +public: + + /// @brief Constructor for specific hash algorithm + /// + /// @param hash_algorithm The hash algorithm + explicit HashImpl(const HashAlgorithm hash_algorithm) + : hash_algorithm_(hash_algorithm), hash_() { + Botan::HashFunction* hash; + try { + const std::string& name = + btn::getHashAlgorithmName(hash_algorithm); + hash = Botan::HashFunction::create(name).release(); + } catch (const Botan::Algorithm_Not_Found&) { + isc_throw(isc::cryptolink::UnsupportedAlgorithm, + "Unknown hash algorithm: " << + static_cast<int>(hash_algorithm)); + } catch (const Botan::Exception& exc) { + isc_throw(isc::cryptolink::LibraryError, + "Botan error: " << exc.what()); + } + + hash_.reset(hash); + } + + /// @brief Destructor + ~HashImpl() { } + + /// @brief Returns the HashAlgorithm of the object + HashAlgorithm getHashAlgorithm() const { + return (hash_algorithm_); + } + + /// @brief Returns the output size of the digest + /// + /// @return output size of the digest + size_t getOutputLength() const { + return (hash_->output_length()); + } + + /// @brief Adds data to the digest + /// + /// See @ref isc::cryptolink::Hash::update() for details. + void update(const void* data, const size_t len) { + try { + hash_->update(static_cast<const Botan::byte*>(data), len); + } catch (const Botan::Exception& exc) { + isc_throw(isc::cryptolink::LibraryError, + "Botan error: " << exc.what()); + } + } + + /// @brief Calculate the final digest + /// + /// See @ref isc::cryptolink::Hash::final() for details. + void final(isc::util::OutputBuffer& result, size_t len) { + try { + Botan::secure_vector<Botan::byte> b_result(hash_->final()); + + if (len > b_result.size()) { + len = b_result.size(); + } + result.writeData(&b_result[0], len); + } catch (const Botan::Exception& exc) { + isc_throw(isc::cryptolink::LibraryError, + "Botan error: " << exc.what()); + } + } + + /// @brief Calculate the final digest + /// + /// See @ref isc::cryptolink::Hash::final() for details. + void final(void* result, size_t len) { + try { + Botan::secure_vector<Botan::byte> b_result(hash_->final()); + size_t output_size = getOutputLength(); + if (output_size > len) { + output_size = len; + } + std::memcpy(result, &b_result[0], output_size); + } catch (const Botan::Exception& exc) { + isc_throw(isc::cryptolink::LibraryError, + "Botan error: " << exc.what()); + } + } + + /// @brief Calculate the final digest + /// + /// See @ref isc::cryptolink::Hash::final() for details. + std::vector<uint8_t> final(size_t len) { + try { + Botan::secure_vector<Botan::byte> b_result(hash_->final()); + if (len > b_result.size()) { + len = b_result.size(); + } + // Return vector with content. Construct &b_result[len] attempts + // to get an address of one element beyond the b_result. Replaced + // with the address of first element + len + return (std::vector<uint8_t>(&b_result[0], &b_result[0]+len)); + } catch (const Botan::Exception& exc) { + isc_throw(isc::cryptolink::LibraryError, + "Botan error: " << exc.what()); + } + } + +private: + /// @brief The hash algorithm + HashAlgorithm hash_algorithm_; + + /// @brief The protected pointer to the Botan HashFunction object + boost::scoped_ptr<Botan::HashFunction> hash_; +}; + +Hash::Hash(const HashAlgorithm hash_algorithm) +{ + impl_ = new HashImpl(hash_algorithm); +} + +Hash::~Hash() { + delete impl_; +} + +HashAlgorithm +Hash::getHashAlgorithm() const { + return (impl_->getHashAlgorithm()); +} + +size_t +Hash::getOutputLength() const { + return (impl_->getOutputLength()); +} + +void +Hash::update(const void* data, const size_t len) { + impl_->update(data, len); +} + +void +Hash::final(isc::util::OutputBuffer& result, size_t len) { + impl_->final(result, len); +} + +void +Hash::final(void* result, size_t len) { + impl_->final(result, len); +} + +std::vector<uint8_t> +Hash::final(size_t len) { + return impl_->final(len); +} + +} // namespace cryptolink +} // namespace isc diff --git a/src/lib/cryptolink/botan_hmac.cc b/src/lib/cryptolink/botan_hmac.cc new file mode 100644 index 0000000..88efb2e --- /dev/null +++ b/src/lib/cryptolink/botan_hmac.cc @@ -0,0 +1,245 @@ +// Copyright (C) 2011-2019 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#include <config.h> + +#include <cryptolink.h> +#include <cryptolink/crypto_hmac.h> + +#include <boost/scoped_ptr.hpp> + +#include <botan/hmac.h> +#include <botan/lookup.h> + +#include <cryptolink/botan_common.h> + +namespace isc { +namespace cryptolink { + +/// @brief Botan implementation of HMAC. Each method is the counterpart +/// of the HMAC corresponding method. +class HMACImpl { +public: + /// @brief Constructor from a secret and a hash algorithm + /// + /// See constructor of the @ref isc::cryptolink::HMAC class for details. + /// + /// @param secret The secret to sign with + /// @param secret_len The length of the secret + /// @param hash_algorithm The hash algorithm + explicit HMACImpl(const void* secret, size_t secret_len, + const HashAlgorithm hash_algorithm) + : hash_algorithm_(hash_algorithm), hmac_() { + Botan::HashFunction* hash; + try { + const std::string& name = + btn::getHashAlgorithmName(hash_algorithm); + std::unique_ptr<Botan::HashFunction> hash_ptr = + Botan::HashFunction::create(name); + if (hash_ptr) { + hash = hash_ptr.release(); + } else { + throw Botan::Algorithm_Not_Found(name); + } + } catch (const Botan::Algorithm_Not_Found&) { + isc_throw(UnsupportedAlgorithm, + "Unknown hash algorithm: " << + static_cast<int>(hash_algorithm)); + } catch (const Botan::Exception& exc) { + isc_throw(LibraryError, "Botan error: " << exc.what()); + } + + hmac_.reset(new Botan::HMAC(hash)); + + // If the key length is larger than the block size, we hash the + // key itself first. + try { + // use a temp var so we don't have blocks spanning + // preprocessor directives + size_t block_length = hash->hash_block_size(); + if (secret_len > block_length) { + Botan::secure_vector<Botan::byte> hashed_key = + hash->process(static_cast<const Botan::byte*>(secret), + secret_len); + hmac_->set_key(&hashed_key[0], hashed_key.size()); + } else { + // Botan 1.8 considers len 0 a bad key. 1.9 does not, + // but we won't accept it anyway, and fail early + if (secret_len == 0) { + isc_throw(BadKey, "Bad HMAC secret length: 0"); + } + hmac_->set_key(static_cast<const Botan::byte*>(secret), + secret_len); + } + } catch (const Botan::Invalid_Key_Length& ikl) { + isc_throw(BadKey, ikl.what()); + } catch (const Botan::Exception& exc) { + isc_throw(LibraryError, "Botan error: " << exc.what()); + } + } + + /// @brief Destructor + ~HMACImpl() { + } + + /// @brief Returns the HashAlgorithm of the object + HashAlgorithm getHashAlgorithm() const { + return (hash_algorithm_); + } + + /// @brief Returns the output size of the digest + /// + /// @return output size of the digest + size_t getOutputLength() const { + return (hmac_->output_length()); + } + + /// @brief Add data to digest + /// + /// See @ref isc::cryptolink::HMAC::update() for details. + void update(const void* data, const size_t len) { + try { + hmac_->update(static_cast<const Botan::byte*>(data), len); + } catch (const Botan::Exception& exc) { + isc_throw(LibraryError, "Botan error: " << exc.what()); + } + } + + /// @brief Calculate the final signature + /// + /// See @ref isc::cryptolink::HMAC::sign() for details. + void sign(isc::util::OutputBuffer& result, size_t len) { + try { + Botan::secure_vector<Botan::byte> b_result(hmac_->final()); + + if (len > b_result.size()) { + len = b_result.size(); + } + result.writeData(&b_result[0], len); + } catch (const Botan::Exception& exc) { + isc_throw(LibraryError, "Botan error: " << exc.what()); + } + } + + /// @brief Calculate the final signature + /// + /// See @ref isc::cryptolink::HMAC::sign() for details. + void sign(void* result, size_t len) { + try { + Botan::secure_vector<Botan::byte> b_result(hmac_->final()); + size_t output_size = getOutputLength(); + if (output_size > len) { + output_size = len; + } + std::memcpy(result, &b_result[0], output_size); + } catch (const Botan::Exception& exc) { + isc_throw(LibraryError, "Botan error: " << exc.what()); + } + } + + /// @brief Calculate the final signature + /// + /// See @ref isc::cryptolink::HMAC::sign() for details. + std::vector<uint8_t> sign(size_t len) { + try { + Botan::secure_vector<Botan::byte> b_result(hmac_->final()); + if (len > b_result.size()) { + len = b_result.size(); + } + // Return vector with content. Construct &b_result[len] attempts + // to get an address of one element beyond the b_result. Replaced + // with the address of first element + len + return (std::vector<uint8_t>(&b_result[0], &b_result[0]+len)); + } catch (const Botan::Exception& exc) { + isc_throw(LibraryError, "Botan error: " << exc.what()); + } + } + + + /// @brief Verify an existing signature + /// + /// See @ref isc::cryptolink::HMAC::verify() for details. + bool verify(const void* sig, size_t len) { + // Botan's verify_mac checks if len matches the output_length, + // which causes it to fail for truncated signatures, so we do + // the check ourselves + try { + size_t size = getOutputLength(); + if (len < 10 || len < size / 2) { + return (false); + } + if (len > size) { + len = size; + } + if (digest_.size() == 0) { + digest_ = hmac_->final(); + } + return (Botan::same_mem(&digest_[0], + static_cast<const unsigned char*>(sig), + len)); + } catch (const Botan::Exception& exc) { + isc_throw(LibraryError, "Botan error: " << exc.what()); + } + } + +private: + /// @brief The hash algorithm + HashAlgorithm hash_algorithm_; + + /// @brief The protected pointer to the Botan HMAC object + boost::scoped_ptr<Botan::HMAC> hmac_; + + /// @brief The digest cache for multiple verify + Botan::secure_vector<Botan::byte> digest_; +}; + +HMAC::HMAC(const void* secret, size_t secret_length, + const HashAlgorithm hash_algorithm) +{ + impl_ = new HMACImpl(secret, secret_length, hash_algorithm); +} + +HMAC::~HMAC() { + delete impl_; +} + +HashAlgorithm +HMAC::getHashAlgorithm() const { + return (impl_->getHashAlgorithm()); +} + +size_t +HMAC::getOutputLength() const { + return (impl_->getOutputLength()); +} + +void +HMAC::update(const void* data, const size_t len) { + impl_->update(data, len); +} + +void +HMAC::sign(isc::util::OutputBuffer& result, size_t len) { + impl_->sign(result, len); +} + +void +HMAC::sign(void* result, size_t len) { + impl_->sign(result, len); +} + +std::vector<uint8_t> +HMAC::sign(size_t len) { + return impl_->sign(len); +} + +bool +HMAC::verify(const void* sig, const size_t len) { + return (impl_->verify(sig, len)); +} + +} // namespace cryptolink +} // namespace isc diff --git a/src/lib/cryptolink/botan_link.cc b/src/lib/cryptolink/botan_link.cc new file mode 100644 index 0000000..5eb0e34 --- /dev/null +++ b/src/lib/cryptolink/botan_link.cc @@ -0,0 +1,84 @@ +// Copyright (C) 2011-2022 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#include <config.h> + +#include <cryptolink/cryptolink.h> +#include <cryptolink/crypto_hash.h> +#include <cryptolink/crypto_hmac.h> +#include <cryptolink/crypto_rng.h> + +#include <botan/exceptn.h> +#include <botan/version.h> +#include <botan/auto_rng.h> + +namespace isc { +namespace cryptolink { + +// For Botan, we use the CryptoLink class object in RAII style +class CryptoLinkImpl { + // empty class +}; + +CryptoLink::~CryptoLink() { +} + +/// \brief Botan implementation of RNG. +class RNGImpl : public RNG { +public: + RNGImpl() { + rng.reset(new Botan::AutoSeeded_RNG()); + } + + ~RNGImpl() { + } + +private: + std::vector<uint8_t> random(size_t len) { + std::vector<uint8_t> data; + if (len > 0) { + data.resize(len); + try { + rng->randomize(&data[0], len); + } catch (const Botan::Exception& ex) { + isc_throw(isc::cryptolink::LibraryError, + "Botan error: " << ex.what()); + } + } + return (data); + } + + boost::shared_ptr<Botan::RandomNumberGenerator> rng; +}; + +void +CryptoLink::initialize(CryptoLink& c) { + if (!c.impl_) { + try { + c.impl_.reset(new CryptoLinkImpl()); + } catch (const Botan::Exception& ex) { + isc_throw(InitializationError, "Botan error: " << ex.what()); + } + } + if (!c.rng_) { + try { + c.rng_.reset(new RNGImpl()); + } catch (const Botan::Exception& ex) { + isc_throw(InitializationError, "Botan error: " << ex.what()); + } + } + // A not yet fixed bug makes RNG to be destroyed after memory pool... + atexit([]{ getCryptoLink().getRNG().reset(); }); +} + +std::string +CryptoLink::getVersion() { + return (Botan::version_string()); +} + +} // namespace cryptolink +} // namespace isc + diff --git a/src/lib/cryptolink/crypto_hash.cc b/src/lib/cryptolink/crypto_hash.cc new file mode 100644 index 0000000..524ee22 --- /dev/null +++ b/src/lib/cryptolink/crypto_hash.cc @@ -0,0 +1,39 @@ +// Copyright (C) 2014-2015 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#include <config.h> + +#include <cryptolink.h> +#include <cryptolink/crypto_hash.h> + +#include <boost/scoped_ptr.hpp> + +#include <cstring> + +namespace isc { +namespace cryptolink { + +void +digest(const void* data, const size_t data_len, + const HashAlgorithm hash_algorithm, + isc::util::OutputBuffer& result, size_t len) +{ + boost::scoped_ptr<Hash> hash( + CryptoLink::getCryptoLink().createHash(hash_algorithm)); + hash->update(data, data_len); + if (len == 0) { + len = hash->getOutputLength(); + } + hash->final(result, len); +} + +void +deleteHash(Hash* hash) { + delete hash; +} + +} // namespace cryptolink +} // namespace isc diff --git a/src/lib/cryptolink/crypto_hash.h b/src/lib/cryptolink/crypto_hash.h new file mode 100644 index 0000000..f5ea3fa --- /dev/null +++ b/src/lib/cryptolink/crypto_hash.h @@ -0,0 +1,144 @@ +// Copyright (C) 2014-2017 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#include <util/buffer.h> + +#include <boost/noncopyable.hpp> + +#include <cryptolink/cryptolink.h> + +#ifndef ISC_CRYPTO_HASH_H +#define ISC_CRYPTO_HASH_H + +namespace isc { +namespace cryptolink { + +/// Forward declaration, pimpl style +class HashImpl; + +/// \brief Hash support +/// +/// This class is used to create Hash digests. Instances +/// can be created with CryptoLink::createHash() +/// +class Hash : private boost::noncopyable { +private: + /// \brief Constructor from a hash algorithm + /// + /// \exception UnsupportedAlgorithmException if the given algorithm + /// is unknown or not supported by the underlying library + /// \exception LibraryError if there was any unexpected exception + /// in the underlying library + /// + /// \param hash_algorithm The hash algorithm + Hash(const HashAlgorithm hash_algorithm); + + friend Hash* CryptoLink::createHash(const HashAlgorithm); + +public: + /// \brief Destructor + ~Hash(); + + /// \brief Returns the HashAlgorithm of the object + /// + /// \return hash algorithm + HashAlgorithm getHashAlgorithm() const; + + /// \brief Returns the output size of the digest + /// + /// \return output size of the digest + size_t getOutputLength() const; + + /// \brief Add data to digest + /// + /// \exception LibraryError if there was any unexpected exception + /// in the underlying library + /// + /// \param data The data to add + /// \param len The size of the data + void update(const void* data, const size_t len); + + /// \brief Calculate the final digest + /// + /// The result will be appended to the given outputbuffer + /// + /// \exception LibraryError if there was any unexpected exception + /// in the underlying library + /// + /// \param result The OutputBuffer to append the result to + /// \param len The number of bytes from the result to copy. If this + /// value is smaller than the algorithms output size, the + /// result will be truncated. If this value is larger, + /// only output size bytes will be copied + void final(isc::util::OutputBuffer& result, size_t len); + + /// \brief Calculate the final digest + /// + /// len bytes of data from the result will be copied to *result + /// If len is larger than the output size, only output_size bytes + /// will be copied. If it is smaller, the output will be truncated + /// + /// \exception LibraryError if there was any unexpected exception + /// in the underlying library + /// + /// At least len bytes of data must be available for writing at + /// result. + /// + /// \param result The memory location the digest will be written to + /// \param len Specifies the size of the result location available + void final(void* result, size_t len); + + /// \brief Calculate the final digest + /// + /// The result will be returned as a std::vector<uint8_t> + /// + /// \exception LibraryError if there was any unexpected exception + /// in the underlying library + /// + /// \param len The number of bytes from the result to copy. If this + /// value is smaller than the algorithms output size, the + /// result will be truncated. If this value is larger, + /// only output size bytes will be copied + /// \return a vector containing the signature + std::vector<uint8_t> final(size_t len); + +private: + HashImpl* impl_; +}; + +/// \brief Create an Hash digest for the given data +/// +/// This is a convenience function that calculates the hash digest, +/// given a fixed amount of data. Internally it does the same as +/// creating an Hash object, feeding it the data, and calculating the +/// resulting digest. +/// +/// \exception UnsupportedAlgorithm if the given algorithm is unknown +/// or not supported by the underlying library +/// \exception LibraryError if there was any unexpected exception +/// in the underlying library +/// +/// \param data The data to digest +/// \param data_len The length of the data +/// \param hash_algorithm The hash algorithm +/// \param result The digest will be appended to this buffer +/// \param len If this is non-zero and less than the output size, the result +/// will be truncated to len bytes. If greater than output size +/// (or equal to zero) only output size bytes are written +void digest(const void* data, + const size_t data_len, + const HashAlgorithm hash_algorithm, + isc::util::OutputBuffer& result, + size_t len = 0); + +/// \brief Delete an Hash object +void deleteHash(Hash* hash); + +} // namespace cryptolink +} // namespace isc + +#endif // ISC_CRYPTO_HASH_H + diff --git a/src/lib/cryptolink/crypto_hmac.cc b/src/lib/cryptolink/crypto_hmac.cc new file mode 100644 index 0000000..23ce242 --- /dev/null +++ b/src/lib/cryptolink/crypto_hmac.cc @@ -0,0 +1,59 @@ +// Copyright (C) 2011-2015 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#include <config.h> + +#include <cryptolink.h> +#include <cryptolink/crypto_hmac.h> + +#include <boost/scoped_ptr.hpp> + +#include <cstring> + +namespace isc { +namespace cryptolink { + +void +signHMAC(const void* data, const size_t data_len, const void* secret, + size_t secret_len, const HashAlgorithm hash_algorithm, + isc::util::OutputBuffer& result, size_t len) +{ + boost::scoped_ptr<HMAC> hmac( + CryptoLink::getCryptoLink().createHMAC(secret, + secret_len, + hash_algorithm)); + hmac->update(data, data_len); + if (len == 0) { + len = hmac->getOutputLength(); + } + hmac->sign(result, len); +} + + +bool +verifyHMAC(const void* data, const size_t data_len, const void* secret, + size_t secret_len, const HashAlgorithm hash_algorithm, + const void* sig, const size_t sig_len) +{ + boost::scoped_ptr<HMAC> hmac( + CryptoLink::getCryptoLink().createHMAC(secret, + secret_len, + hash_algorithm)); + hmac->update(data, data_len); + size_t len = sig_len; + if (len == 0) { + len = hmac->getOutputLength(); + } + return (hmac->verify(sig, len)); +} + +void +deleteHMAC(HMAC* hmac) { + delete hmac; +} + +} // namespace cryptolink +} // namespace isc diff --git a/src/lib/cryptolink/crypto_hmac.h b/src/lib/cryptolink/crypto_hmac.h new file mode 100644 index 0000000..5c7bffe --- /dev/null +++ b/src/lib/cryptolink/crypto_hmac.h @@ -0,0 +1,213 @@ +// Copyright (C) 2011-2017 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#include <util/buffer.h> + +#include <boost/noncopyable.hpp> + +#include <cryptolink/cryptolink.h> + +#ifndef ISC_CRYPTO_HMAC_H +#define ISC_CRYPTO_HMAC_H + +namespace isc { +namespace cryptolink { + +/// Forward declaration, pimpl style +class HMACImpl; + +/// \brief HMAC support +/// +/// This class is used to create and verify HMAC signatures. Instances +/// can be created with CryptoLink::createHMAC() +/// +class HMAC : private boost::noncopyable { +private: + /// \brief Constructor from a secret and a hash algorithm + /// + /// \exception UnsupportedAlgorithmException if the given algorithm + /// is unknown or not supported by the underlying library + /// \exception InvalidKeyLength if the given key secret_len is bad + /// \exception LibraryError if there was any unexpected exception + /// in the underlying library + /// + /// Notes: if the secret is longer than the block size of its + /// algorithm, the constructor will run it through the hash + /// algorithm, and use the digest as the secret for this HMAC + /// operation + /// + /// \param secret The secret to sign with + /// \param len The length of the secret + /// \param hash_algorithm The hash algorithm + HMAC(const void* secret, size_t secret_len, + const HashAlgorithm hash_algorithm); + + friend HMAC* CryptoLink::createHMAC(const void*, size_t, + const HashAlgorithm); + +public: + /// \brief Destructor + ~HMAC(); + + /// \brief Returns the HashAlgorithm of the object + /// + /// \return hash algorithm + HashAlgorithm getHashAlgorithm() const; + + /// \brief Returns the output size of the digest + /// + /// \return output size of the digest + size_t getOutputLength() const; + + /// \brief Add data to digest + /// + /// \exception LibraryError if there was any unexpected exception + /// in the underlying library + /// + /// \param data The data to add + /// \param len The size of the data + void update(const void* data, const size_t len); + + /// \brief Calculate the final signature + /// + /// The result will be appended to the given outputbuffer + /// + /// \exception LibraryError if there was any unexpected exception + /// in the underlying library + /// + /// \param result The OutputBuffer to append the result to + /// \param len The number of bytes from the result to copy. If this + /// value is smaller than the algorithms output size, the + /// result will be truncated. If this value is larger, + /// only output size bytes will be copied + void sign(isc::util::OutputBuffer& result, size_t len); + + /// \brief Calculate the final signature + /// + /// len bytes of data from the result will be copied to *result + /// If len is larger than the output size, only output_size bytes + /// will be copied. If it is smaller, the output will be truncated + /// + /// \exception LibraryError if there was any unexpected exception + /// in the underlying library + /// + /// At least len bytes of data must be available for writing at + /// result + void sign(void* result, size_t len); + + /// \brief Calculate the final signature + /// + /// The result will be returned as a std::vector<uint8_t> + /// + /// \exception LibraryError if there was any unexpected exception + /// in the underlying library + /// + /// \param len The number of bytes from the result to copy. If this + /// value is smaller than the algorithms output size, the + /// result will be truncated. If this value is larger, + /// only output size bytes will be copied + /// \return a vector containing the signature + std::vector<uint8_t> sign(size_t len); + + /// \brief Verify an existing signature + /// + /// \exception LibraryError if there was any unexpected exception + /// in the underlying library + /// + /// \param sig The signature to verify + /// \param len The length of the signature. If this is smaller + /// than the output length of the algorithm, + /// only len bytes will be checked. If this is + /// larger than the output length of the algorithm, + /// only output size bytes will be checked + /// \return true if the signature is correct, false otherwise + /// + /// \note verify() does not destroy its context so it can be + /// called multiple times with different signatures. + bool verify(const void* sig, size_t len); + +private: + HMACImpl* impl_; +}; + +/// \brief Create an HMAC signature for the given data +/// +/// This is a convenience function that calculates the HMAC signature, +/// given a fixed amount of data. Internally it does the same as +/// creating an HMAC object, feeding it the data, and calculating the +/// resulting signature. +/// +/// \exception UnsupportedAlgorithm if the given algorithm is unknown +/// or not supported by the underlying library +/// \exception BadKey if the given key secret_len is bad +/// \exception LibraryError if there was any unexpected exception +/// in the underlying library +/// +/// Notes: if the secret is longer than the block size of its +/// algorithm, the constructor will run it through the hash +/// algorithm, and use the digest as the secret for this HMAC +/// operation +/// +/// \param data The data to sign +/// \param data_len The length of the data +/// \param secret The secret to sign with +/// \param secret_len The length of the secret +/// \param hash_algorithm The hash algorithm +/// \param result The signature will be appended to this buffer +/// \param len If this is non-zero and less than the output size, the result +/// will be truncated to len bytes. If greater than output size +/// (or equal to zero) only output size bytes are written +void signHMAC(const void* data, + const size_t data_len, + const void* secret, + size_t secret_len, + const HashAlgorithm hash_algorithm, + isc::util::OutputBuffer& result, + size_t len = 0); + +/// \brief Verify an HMAC signature for the given data +/// +/// This is a convenience function that verifies an hmac signature, +/// given a fixed amount of data. Internally it does the same as +/// creating an HMAC object, feeding it the data, and checking the +/// resulting signature at the exception a zero sig_len is +/// internally replaced by the output size. +/// +/// \exception UnsupportedAlgorithm if the given algorithm is unknown +/// or not supported by the underlying library +/// \exception BadKey if the given key secret_len is bad +/// \exception LibraryError if there was any unexpected exception +/// in the underlying library +/// +/// Notes: if the secret is longer than the block size of its +/// algorithm, the constructor will run it through the hash +/// algorithm, and use the digest as the secret for this HMAC +/// operation +/// +/// \param data The data to verify +/// \param data_len The length of the data +/// \param secret The secret to sign with +/// \param secret_len The length of the secret +/// \param hash_algorithm The hash algorithm +/// \param sig The signature to verify +/// \param sig_len The length of the signature +/// \return True if the signature verifies, false if not +bool verifyHMAC(const void* data, + const size_t data_len, + const void* secret, + size_t secret_len, + const HashAlgorithm hash_algorithm, + const void* sig, + const size_t sig_len); + +/// \brief Delete an HMAC object +void deleteHMAC(HMAC* hmac); + +} // namespace cryptolink +} // namespace isc + +#endif // ISC_CRYPTO_HMAC_H + diff --git a/src/lib/cryptolink/crypto_rng.cc b/src/lib/cryptolink/crypto_rng.cc new file mode 100644 index 0000000..54dacce --- /dev/null +++ b/src/lib/cryptolink/crypto_rng.cc @@ -0,0 +1,33 @@ +// Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#include <config.h> + +#include <cryptolink.h> +#include <cryptolink/crypto_rng.h> + +#include <boost/scoped_ptr.hpp> + +#include <cstring> + +namespace isc { +namespace cryptolink { + +RNG::RNG() { +} + +RNG::~RNG() { +} + +std::vector<uint8_t> +random(size_t len) +{ + RNGPtr rng(CryptoLink::getCryptoLink().getRNG()); + return (rng->random(len)); +} + +} // namespace cryptolink +} // namespace isc diff --git a/src/lib/cryptolink/crypto_rng.h b/src/lib/cryptolink/crypto_rng.h new file mode 100644 index 0000000..916321e --- /dev/null +++ b/src/lib/cryptolink/crypto_rng.h @@ -0,0 +1,64 @@ +// Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#include <boost/noncopyable.hpp> + +#include <cryptolink/cryptolink.h> + +#ifndef ISC_CRYPTO_RNG_H +#define ISC_CRYPTO_RNG_H + +namespace isc { +namespace cryptolink { + +/// \brief RNG support +/// +/// This class is used to get the RNG. +/// The global instance can be get with CryptoLink::getRNG() +/// +class RNG : private boost::noncopyable { +public: + /// \brief Constructor from a Random Number Generator + /// + /// \exception LibraryError if there was any unexpected exception + /// in the underlying library + RNG(); + + /// \brief Destructor + virtual ~RNG(); + + /// \brief Generate random value. + /// + /// The result will be returned as a std::vector<uint8_t> + /// + /// \exception LibraryError if there was any unexpected exception + /// in the underlying library + /// + /// \param len The number of bytes from the result to generate. + /// \return a vector containing random value. + virtual std::vector<uint8_t> random(size_t len) = 0; + +private: + friend RNGPtr& CryptoLink::getRNG(); +}; + +/// \brief Generate random value. +/// +/// This is a convenience function that generate random data +/// given a fixed amount of data. Internally it does the same as +/// creating an RNG object and generating the resulting value. +/// +/// \exception LibraryError if there was any unexpected exception +/// in the underlying library +/// +/// \param len The length of the data +std::vector<uint8_t> random(size_t len); + +} // namespace cryptolink +} // namespace isc + +#endif // ISC_CRYPTO_RNG_H + diff --git a/src/lib/cryptolink/cryptolink.cc b/src/lib/cryptolink/cryptolink.cc new file mode 100644 index 0000000..3e238b2 --- /dev/null +++ b/src/lib/cryptolink/cryptolink.cc @@ -0,0 +1,40 @@ +// Copyright (C) 2011-2022 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#include <config.h> + +#include <cryptolink/cryptolink.h> +#include <cryptolink/crypto_hash.h> +#include <cryptolink/crypto_hmac.h> + +namespace isc { +namespace cryptolink { + +CryptoLink& +CryptoLink::getCryptoLink() { + static CryptoLink instance; + return (instance); +} + +Hash* +CryptoLink::createHash(const HashAlgorithm hash_algorithm) { + return (new Hash(hash_algorithm)); +} + +HMAC* +CryptoLink::createHMAC(const void* secret, size_t secret_len, + const HashAlgorithm hash_algorithm) { + return (new HMAC(secret, secret_len, hash_algorithm)); +} + +RNGPtr& +CryptoLink::getRNG() { + return (rng_); +} + +} // namespace cryptolink +} // namespace isc + diff --git a/src/lib/cryptolink/cryptolink.h b/src/lib/cryptolink/cryptolink.h new file mode 100644 index 0000000..366fa5b --- /dev/null +++ b/src/lib/cryptolink/cryptolink.h @@ -0,0 +1,248 @@ +// Copyright (C) 2011-2022 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#ifndef ISC_CRYPTO_H +#define ISC_CRYPTO_H + +#include <string> +#include <util/buffer.h> +#include <exceptions/exceptions.h> + +#include <boost/noncopyable.hpp> +#include <boost/shared_ptr.hpp> + +#include <memory> + +namespace isc { +namespace cryptolink { + +/// \brief Hash algorithm identifiers +enum HashAlgorithm { + UNKNOWN_HASH = 0, ///< This value can be used in conversion + /// functions, to be returned when the + /// input is unknown (but a value MUST be + /// returned), for instance when the input + /// is a Name or a string, and the return + /// value is a HashAlgorithm. + MD5 = 1, ///< MD5 + SHA1 = 2, ///< SHA-1 + SHA256 = 3, ///< SHA-256 + SHA224 = 4, ///< SHA-224 + SHA384 = 5, ///< SHA-384 + SHA512 = 6 ///< SHA-512 + +}; + +/// \brief Forward declaration for createHash() +class Hash; + +/// \brief Forward declaration for createHMAC() +class HMAC; + +/// \brief Forward declaration for getRNG() +class RNG; + +/// \brief Type representing the pointer to the RNG. +typedef boost::shared_ptr<RNG> RNGPtr; + +/// General exception class that is the base for all crypto-related +/// exceptions +class CryptoLinkError : public Exception { +public: + CryptoLinkError(const char* file, size_t line, const char* what) : + isc::Exception(file, line, what) {} +}; + +/// This exception is thrown if there was a problem initializing the +/// crypto library +class InitializationError : public CryptoLinkError { +public: + InitializationError(const char* file, size_t line, const char* what) : + CryptoLinkError(file, line, what) {} +}; + +/// This exception is thrown when a cryptographic action is requested +/// for an algorithm that is not supported by the underlying library. +class UnsupportedAlgorithm : public CryptoLinkError { +public: + UnsupportedAlgorithm(const char* file, size_t line, const char* what) : + CryptoLinkError(file, line, what) {} +}; + +/// This exception is thrown when the underlying library could not +/// handle the key data. +class BadKey : public CryptoLinkError { +public: + BadKey(const char* file, size_t line, const char* what) : + CryptoLinkError(file, line, what) {} +}; + +/// This exception is raised when a general error that was not +/// specifically caught is thrown by the underlying library. It +/// is replaced by this one so as not have 'external' exceptions +/// bubbling up +class LibraryError : public CryptoLinkError { +public: + LibraryError(const char* file, size_t line, const char* what) : + CryptoLinkError(file, line, what) {} +}; + +/// \brief Forward declarations for CryptoLink pimpl. +class CryptoLinkImpl; + +/// \brief Type representing the pointer to the CryptoLinkImpl. +typedef boost::shared_ptr<CryptoLinkImpl> CryptoLinkImplPtr; + +/// \brief Forward declarations for RNG pimpl. +class RNGImpl; + +/// \brief Singleton entry point and factory class +/// +/// This is a singleton class that serves as the entry point to +/// the underlying cryptography library, and as a factory for objects +/// within the cryptolink library. +/// +/// There is only one way to access it, through getCryptoLink(), which +/// returns a reference to the initialized library. On the first call, +/// it will be initialized automatically. +/// +/// In order for the CryptoLink library to be sure that the underlying +/// library has been initialized, and because we do not want to add +/// such a check to every class and function within it, we have made +/// the constructors of all classes within cryptolink private. This way +/// a caller cannot instantiate an object before the library is +/// initialized, but must use CryptoLink's create method (e.g. +/// createHMAC()), which enforces (automatic) initialization. +/// +/// In order for the CryptoLink class to be able to create objects that +/// have private constructors, it is declared a friend class of these +/// classes. +/// +/// Since these factory functions return bare pointers, we also provide +/// deleter functions for them (e.g. deleteHMAC()), so that a caller +/// can use that to make sure it uses the correct delete operator (the +/// one defined at compilation time of this library). A way to make +/// sure you do not forget this, is to place the result of the create +/// functions in a shared_ptr with the corresponding deleter function. +/// +/// \note All other classes within cryptolink should have private +/// constructors as well, and should have a factory function from +/// CryptoLink, and a deleter function. +/// +// Internal note: we can use this class later to initialize and manage +// dynamic (PKCS#11) libs +class CryptoLink : private boost::noncopyable { +public: + /// \brief Returns a reference to the singleton instance + /// + /// If the library has not been initialized yet, it will be + /// initialized with some default values. + /// + /// Since this class is noncopyable, you must use the return + /// value directly, or store it in a reference variable. + /// + /// \exception InitializationError if initialization fails + /// + /// \return Reference to the singleton instance + static CryptoLink& getCryptoLink(); + + /// \brief Get version string + static std::string getVersion(); + + /// \brief Factory function for Hash objects + /// + /// CryptoLink objects cannot be constructed directly. This + /// function creates a new Hash object usable for signing or + /// verification. + /// + /// The caller is responsible for deleting the object, and it is + /// therefore highly recommended to place the return value of this + /// function in a scoped_ptr or shared_ptr. + /// + /// If you want to safely delete objects created with this method, + /// you can use the function deleteHash() as defined in + /// crypto_hash.h + /// + /// \exception UnsupportedAlgorithmException if the given algorithm + /// is unknown or not supported by the underlying library + /// \exception LibraryError if there was any unexpected exception + /// in the underlying library + /// + /// \param hash_algorithm The hash algorithm + Hash* createHash(const HashAlgorithm hash_algorithm); + + /// \brief Factory function for HMAC objects + /// + /// CryptoLink objects cannot be constructed directly. This + /// function creates a new HMAC object usable for signing or + /// verification. + /// + /// The caller is responsible for deleting the object, and it is + /// therefore highly recommended to place the return value of this + /// function in a scoped_ptr or shared_ptr. + /// + /// Notes: if the secret is longer than the block size of its + /// algorithm, the constructor will run it through the hash + /// algorithm, and use the digest as the secret for this HMAC + /// operation + /// + /// If you want to safely delete objects created with this method, + /// you can use the function deleteHMAC() as defined in + /// crypto_hmac.h + /// + /// \exception UnsupportedAlgorithmException if the given algorithm + /// is unknown or not supported by the underlying library + /// \exception InvalidKeyLength if the given key secret_len is bad + /// \exception LibraryError if there was any unexpected exception + /// in the underlying library + /// + /// \param secret The secret to sign with + /// \param secret_len The length of the secret + /// \param hash_algorithm The hash algorithm + HMAC* createHMAC(const void* secret, size_t secret_len, + const HashAlgorithm hash_algorithm); + + /// \brief Get the global RNG + /// + /// \exception NotImplemented if the method was not implemented + /// in a derived class + /// \exception LibraryError if there was any unexpected exception + /// in the underlying library + virtual RNGPtr& getRNG(); + +private: + /// \brief Initialize the library + /// + /// If the library has already been initialized (either by a call + /// to initialize() or automatically in getCryptoLink()), this + /// function does nothing. + /// + /// \note A call to initialize() is not strictly necessary with + /// the current implementation. + /// + /// \exception InitializationError if initialization fails + /// + /// \param c the CryptoLink singleton instance which is being initialized. + void initialize(CryptoLink& c); + + // To prevent people constructing their own, we make the constructor + // private too. + CryptoLink() { + initialize(*this); + } + ~CryptoLink(); + + /// \brief Smart pointer holding the implementation. + CryptoLinkImplPtr impl_; + + /// \brief Smart pointer holding the RNG. + RNGPtr rng_; +}; + +} // namespace cryptolink +} // namespace isc + +#endif // ISC_CRYPTO_H diff --git a/src/lib/cryptolink/openssl_common.h b/src/lib/cryptolink/openssl_common.h new file mode 100644 index 0000000..8a6381c --- /dev/null +++ b/src/lib/cryptolink/openssl_common.h @@ -0,0 +1,109 @@ +// Copyright (C) 2014-2022 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +namespace isc { +namespace cryptolink { +namespace ossl { + +/// @brief Decode the HashAlgorithm enum into an EVP_MD pointer (or 0) +/// +/// EVP_MD pointer is a OpenSSL's way of identifying hash algorithms +/// @param algorithm algorithm to be converted +/// @return pointer to a static EVP_MD which identifies the algorithm +const EVP_MD* +getHashAlgorithm(isc::cryptolink::HashAlgorithm algorithm); + +/// Secure Buffers which are wiped out when released. +/// Subset of the std::vector interface but not derived from +/// to avoid unwanted inheritance. +template<typename T> +class SecBuf { +public: + typedef typename std::vector<T>::iterator iterator; + + typedef typename std::vector<T>::const_iterator const_iterator; + + explicit SecBuf() : vec_() {} + + explicit SecBuf(size_t n, const T& value = T()) : vec_(n, value) {} + + SecBuf(iterator first, iterator last) : vec_(first, last) {} + + SecBuf(const_iterator first, const_iterator last) : vec_(first, last) {} + + SecBuf(const std::vector<T>& x) : vec_(x) {} + + ~SecBuf() { + // Resize to its largest capacity and fill the whole memory with zeros. + vec_.resize(vec_.capacity()); + std::fill(vec_.begin(), vec_.end(), 0); + }; + + iterator begin() { + return (vec_.begin()); + }; + + const_iterator begin() const { + return (vec_.begin()); + }; + + iterator end() { + return (vec_.end()); + }; + + const_iterator end() const { + return (vec_.end()); + }; + + size_t size() const { + return (vec_.size()); + }; + + void resize(size_t sz) { + vec_.resize(sz); + }; + + void clear() { + // Resize to its largest capacity and fill the whole memory with zeros. + vec_.resize(vec_.capacity()); + std::fill(vec_.begin(), vec_.end(), 0); + + // Remove all elements. + vec_.clear(); + } + + SecBuf& operator=(const SecBuf& x) { + if (&x != *this) { + vec_ = x.vec_; + } + return (*this); + }; + + T& operator[](size_t n) { + return (vec_[n]); + }; + + const T& operator[](size_t n) const { + return (vec_[n]); + }; + + // constant time comparison against timing attacks + // (same type than XXX::verify() so const void* (vs. const T*) x) + bool same(const void* x, size_t len) const { + bool ret = true; + const T* p = static_cast<const T*>(x); + for (size_t i = 0; i < len; ++i) + ret = ret && (vec_[i] == p[i]); + return ret; + }; + +private: + std::vector<T> vec_; +}; + +} // namespace ossl +} // namespace cryptolink +} // namespace isc diff --git a/src/lib/cryptolink/openssl_compat.h b/src/lib/cryptolink/openssl_compat.h new file mode 100644 index 0000000..33b85e1 --- /dev/null +++ b/src/lib/cryptolink/openssl_compat.h @@ -0,0 +1,61 @@ +// Copyright (C) 2016-2022 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +// This file is included by hash and hmac codes so KEA_H* macros +// avoid to define unused inlines. + +#ifdef KEA_HASH + +#ifndef HAVE_EVP_MD_CTX_NEW +#ifdef HAVE_EVP_MD_CTX_CREATE + +// EVP_MD_CTX_new() is EVP_MD_CTX_create() in old OpenSSL + +inline EVP_MD_CTX* EVP_MD_CTX_new() { + return (EVP_MD_CTX_create()); +} + +#else +#error have no EVP_MD_CTX_new() nor EVP_MD_CTX_create() +#endif +#endif + +#ifndef HAVE_EVP_MD_CTX_FREE +#ifdef HAVE_EVP_MD_CTX_DESTROY + +// EVP_MD_CTX_free(ctx) is EVP_MD_CTX_destroy(ctx) in old OpenSSL + +inline void EVP_MD_CTX_free(EVP_MD_CTX* ctx) { + EVP_MD_CTX_destroy(ctx); +} + +#else +#error have no EVP_MD_CTX_free() nor EVP_MD_CTX_destroy() +#endif +#endif + +#endif + +#ifdef KEA_HMAC + +#ifndef HAVE_EVP_PKEY_NEW_RAW_PRIVATE_KEY +#ifdef HAVE_EVP_PKEY_NEW_MAC_KEY + +// EVP_PKEY_new_raw_private_key(type, e, key, keylen) is +// EVP_PKEY_new_mac_key(type, e, key, (int)keylen) in old OpenSSL + +inline EVP_PKEY* EVP_PKEY_new_raw_private_key(int type, ENGINE* e, + const unsigned char *key, + size_t keylen) { + return (EVP_PKEY_new_mac_key(type, e, key, static_cast<int>(keylen))); +} + +#else +#error have no EVP_PKEY_new_raw_private_key() nor EVP_PKEY_new_mac_key() +#endif +#endif + +#endif diff --git a/src/lib/cryptolink/openssl_hash.cc b/src/lib/cryptolink/openssl_hash.cc new file mode 100644 index 0000000..68f2285 --- /dev/null +++ b/src/lib/cryptolink/openssl_hash.cc @@ -0,0 +1,188 @@ +// Copyright (C) 2014-2020 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#include <config.h> + +#include <cryptolink.h> +#include <cryptolink/crypto_hash.h> + +#include <boost/scoped_ptr.hpp> + +#include <openssl/evp.h> + +#include <cryptolink/openssl_common.h> +#define KEA_HASH +#include <cryptolink/openssl_compat.h> + +#include <cstring> + +namespace isc { +namespace cryptolink { + +const EVP_MD* +ossl::getHashAlgorithm(HashAlgorithm algorithm) { + switch (algorithm) { + case isc::cryptolink::MD5: + return (EVP_md5()); + case isc::cryptolink::SHA1: + return (EVP_sha1()); + case isc::cryptolink::SHA256: + return (EVP_sha256()); + case isc::cryptolink::SHA224: + return (EVP_sha224()); + case isc::cryptolink::SHA384: + return (EVP_sha384()); + case isc::cryptolink::SHA512: + return (EVP_sha512()); + case isc::cryptolink::UNKNOWN_HASH: + return (0); + } + // compiler should have prevented us to reach this, since we have + // no default. But we need a return value anyway + return (0); +} + +/// \brief OpenSSL implementation of Hash. Each method is the counterpart +/// of the Hash corresponding method. +class HashImpl { +public: + + /// @brief Constructor for specific hash algorithm + /// + /// @param hash_algorithm The hash algorithm + explicit HashImpl(const HashAlgorithm hash_algorithm) + : hash_algorithm_(hash_algorithm), md_(0) { + const EVP_MD* algo = ossl::getHashAlgorithm(hash_algorithm); + if (algo == 0) { + isc_throw(isc::cryptolink::UnsupportedAlgorithm, + "Unknown hash algorithm: " << + static_cast<int>(hash_algorithm)); + } + + md_ = EVP_MD_CTX_new(); + if (md_ == 0) { + isc_throw(isc::cryptolink::LibraryError, + "OpenSSL EVP_MD_CTX_new() failed"); + } + + EVP_DigestInit_ex(md_, algo, NULL); + } + + /// @brief Destructor + ~HashImpl() { + if (md_) { + EVP_MD_CTX_free(md_); + } + md_ = 0; + } + + /// @brief Returns the HashAlgorithm of the object + HashAlgorithm getHashAlgorithm() const { + return (hash_algorithm_); + } + + /// @brief Returns the output size of the digest + /// + /// @return output size of the digest + size_t getOutputLength() const { + return (EVP_MD_CTX_size(md_)); + } + + /// @brief Adds data to the digest + /// + /// See @ref isc::cryptolink::Hash::update() for details. + void update(const void* data, const size_t len) { + EVP_DigestUpdate(md_, data, len); + } + + /// @brief Calculate the final digest + /// + /// See @ref isc::cryptolink::Hash::final() for details. + void final(isc::util::OutputBuffer& result, size_t len) { + size_t size = getOutputLength(); + std::vector<unsigned char> digest(size); + EVP_DigestFinal_ex(md_, &digest[0], NULL); + if (len > size) { + len = size; + } + result.writeData(&digest[0], len); + } + + /// @brief Calculate the final digest + /// + /// See @ref isc::cryptolink::Hash::final() for details. + void final(void* result, size_t len) { + size_t size = getOutputLength(); + std::vector<unsigned char> digest(size); + EVP_DigestFinal_ex(md_, &digest[0], NULL); + if (len > size) { + len = size; + } + std::memcpy(result, &digest[0], len); + } + + /// @brief Calculate the final digest + /// + /// See @ref isc::cryptolink::Hash::final() for details. + std::vector<uint8_t> final(size_t len) { + size_t size = getOutputLength(); + std::vector<unsigned char> digest(size); + EVP_DigestFinal_ex(md_, &digest[0], NULL); + if (len < size) { + digest.resize(len); + } + return (std::vector<uint8_t>(digest.begin(), digest.end())); + } + +private: + /// @brief The hash algorithm + HashAlgorithm hash_algorithm_; + + /// @brief The pointer to the OpenSSL EVP_MD_CTX structure + EVP_MD_CTX* md_; +}; + +Hash::Hash(const HashAlgorithm hash_algorithm) +{ + impl_ = new HashImpl(hash_algorithm); +} + +Hash::~Hash() { + delete impl_; +} + +HashAlgorithm +Hash::getHashAlgorithm() const { + return (impl_->getHashAlgorithm()); +} + +size_t +Hash::getOutputLength() const { + return (impl_->getOutputLength()); +} + +void +Hash::update(const void* data, const size_t len) { + impl_->update(data, len); +} + +void +Hash::final(isc::util::OutputBuffer& result, size_t len) { + impl_->final(result, len); +} + +void +Hash::final(void* result, size_t len) { + impl_->final(result, len); +} + +std::vector<uint8_t> +Hash::final(size_t len) { + return impl_->final(len); +} + +} // namespace cryptolink +} // namespace isc diff --git a/src/lib/cryptolink/openssl_hmac.cc b/src/lib/cryptolink/openssl_hmac.cc new file mode 100644 index 0000000..de609fe --- /dev/null +++ b/src/lib/cryptolink/openssl_hmac.cc @@ -0,0 +1,245 @@ +// Copyright (C) 2014-2022 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#include <config.h> + +#include <cryptolink.h> +#include <cryptolink/crypto_hmac.h> + +#include <boost/scoped_ptr.hpp> + +#include <openssl/evp.h> + +#include <cryptolink/openssl_common.h> +#define KEA_HASH +#define KEA_HMAC +#include <cryptolink/openssl_compat.h> + +#include <cstring> + +namespace isc { +namespace cryptolink { + +/// @brief OpenSSL implementation of HMAC. Each method is the counterpart +/// of the HMAC corresponding method. +class HMACImpl { +public: + /// @brief Constructor from a secret and a hash algorithm + /// + /// See constructor of the @ref isc::cryptolink::HMAC class for details. + /// + /// @param secret The secret to sign with + /// @param secret_len The length of the secret + /// @param hash_algorithm The hash algorithm + explicit HMACImpl(const void* secret, size_t secret_len, + const HashAlgorithm hash_algorithm) + : hash_algorithm_(hash_algorithm), md_(), digest_() { + const EVP_MD* algo = ossl::getHashAlgorithm(hash_algorithm); + if (algo == 0) { + isc_throw(UnsupportedAlgorithm, + "Unknown hash algorithm: " << + static_cast<int>(hash_algorithm)); + } + if (secret_len == 0) { + isc_throw(BadKey, "Bad HMAC secret length: 0"); + } + + md_ = EVP_MD_CTX_new(); + if (md_ == 0) { + isc_throw(LibraryError, "OpenSSL EVP_MD_CTX_new() failed"); + } + + EVP_PKEY* pkey = + EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, + reinterpret_cast<const unsigned char*>(secret), + secret_len); + + if (pkey == 0) { + isc_throw(LibraryError, + "OpenSSL EVP_PKEY_new_raw_private_key() failed"); + } + + if (!EVP_DigestSignInit(md_, NULL, algo, NULL, pkey)) { + EVP_PKEY_free(pkey); + isc_throw(LibraryError, "OpenSSL EVP_DigestSignInit() failed"); + } + + EVP_PKEY_free(pkey); + } + + /// @brief Destructor + ~HMACImpl() { + if (md_) { + EVP_MD_CTX_free(md_); + } + md_ = 0; + } + + /// @brief Returns the HashAlgorithm of the object + HashAlgorithm getHashAlgorithm() const { + return (hash_algorithm_); + } + + /// @brief Returns the output size of the digest + /// + /// @return output size of the digest + size_t getOutputLength() const { + return (EVP_MD_CTX_size(md_)); + } + + /// @brief Add data to digest + /// + /// See @ref isc::cryptolink::HMAC::update() for details. + void update(const void* data, const size_t len) { + if (len == 0) { + return; + } + + if (!EVP_DigestSignUpdate(md_, data, len)) { + isc_throw(LibraryError, "OpenSSL EVP_DigestSignUpdate() failed"); + } + } + + /// @brief Calculate the final signature + /// + /// See @ref isc::cryptolink::HMAC::sign() for details. + void sign(isc::util::OutputBuffer& result, size_t len) { + size_t size = getOutputLength(); + ossl::SecBuf<unsigned char> digest(size); + size_t digest_len = size; + if (!EVP_DigestSignFinal(md_, &digest[0], &digest_len)) { + isc_throw(LibraryError, "OpenSSL EVP_DigestSignFinal() failed"); + } + if (digest_len != size) { + isc_throw(LibraryError, "OpenSSL partial EVP_DigestSignFinal()"); + } + if (len > size) { + len = size; + } + result.writeData(&digest[0], len); + } + + /// @brief Calculate the final signature + /// + /// See @ref isc::cryptolink::HMAC::sign() for details. + void sign(void* result, size_t len) { + size_t size = getOutputLength(); + ossl::SecBuf<unsigned char> digest(size); + size_t digest_len = size; + if (!EVP_DigestSignFinal(md_, &digest[0], &digest_len)) { + isc_throw(LibraryError, "OpenSSL EVP_DigestSignFinal() failed"); + } + if (digest_len != size) { + isc_throw(LibraryError, "OpenSSL partial EVP_DigestSignFinal()"); + } + if (len > size) { + len = size; + } + std::memcpy(result, &digest[0], len); + } + + /// @brief Calculate the final signature + /// + /// See @ref isc::cryptolink::HMAC::sign() for details. + std::vector<uint8_t> sign(size_t len) { + size_t size = getOutputLength(); + ossl::SecBuf<unsigned char> digest(size); + size_t digest_len = size; + if (!EVP_DigestSignFinal(md_, &digest[0], &digest_len)) { + isc_throw(LibraryError, "OpenSSL EVP_DigestSignFinal() failed"); + } + if (digest_len != size) { + isc_throw(LibraryError, "OpenSSL partial EVP_DigestSignFinal()"); + } + if (len < size) { + digest.resize(len); + } + return (std::vector<uint8_t>(digest.begin(), digest.end())); + } + + /// @brief Verify an existing signature + /// + /// See @ref isc::cryptolink::HMAC::verify() for details. + bool verify(const void* sig, size_t len) { + // Check the length + size_t size = getOutputLength(); + if (len < 10 || len < size / 2) { + return (false); + } + if (digest_.size() == 0) { + digest_.resize(size); + size_t digest_len = size; + if (!EVP_DigestSignFinal(md_, &digest_[0], &digest_len)) { + isc_throw(LibraryError, "OpenSSL EVP_DigestSignFinal() failed"); + } + if (digest_len != size) { + isc_throw(LibraryError, "OpenSSL partial EVP_DigestSignFinal()"); + } + } + if (len > size) { + len = size; + } + return (digest_.same(sig, len)); + } + +private: + /// @brief The hash algorithm + HashAlgorithm hash_algorithm_; + + /// @brief The protected pointer to the OpenSSL EVP_MD_CTX structure + EVP_MD_CTX* md_; + + /// @brief The digest cache for multiple verify + ossl::SecBuf<unsigned char> digest_; +}; + +HMAC::HMAC(const void* secret, size_t secret_length, + const HashAlgorithm hash_algorithm) +{ + impl_ = new HMACImpl(secret, secret_length, hash_algorithm); +} + +HMAC::~HMAC() { + delete impl_; +} + +HashAlgorithm +HMAC::getHashAlgorithm() const { + return (impl_->getHashAlgorithm()); +} + +size_t +HMAC::getOutputLength() const { + return (impl_->getOutputLength()); +} + +void +HMAC::update(const void* data, const size_t len) { + impl_->update(data, len); +} + +void +HMAC::sign(isc::util::OutputBuffer& result, size_t len) { + impl_->sign(result, len); +} + +void +HMAC::sign(void* result, size_t len) { + impl_->sign(result, len); +} + +std::vector<uint8_t> +HMAC::sign(size_t len) { + return impl_->sign(len); +} + +bool +HMAC::verify(const void* sig, const size_t len) { + return (impl_->verify(sig, len)); +} + +} // namespace cryptolink +} // namespace isc diff --git a/src/lib/cryptolink/openssl_link.cc b/src/lib/cryptolink/openssl_link.cc new file mode 100644 index 0000000..4bceb8f --- /dev/null +++ b/src/lib/cryptolink/openssl_link.cc @@ -0,0 +1,84 @@ +// Copyright (C) 2014-2022 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#include <config.h> + +#include <cryptolink/cryptolink.h> +#include <cryptolink/crypto_rng.h> +#include <cryptolink/crypto_hash.h> +#include <cryptolink/crypto_hmac.h> + +#include <openssl/crypto.h> +#include <openssl/rand.h> + +namespace isc { +namespace cryptolink { + +// For OpenSSL, we use the CryptoLink class object in RAII style +class CryptoLinkImpl { +}; + +CryptoLink::~CryptoLink() { +} + +/// \brief OpenSSL implementation of RNG. +class RNGImpl : public RNG { +public: + RNGImpl() { } + + ~RNGImpl() { } + +private: + std::vector<uint8_t> random(size_t len) { + std::vector<uint8_t> data; + if (len > 0) { + data.resize(len); + if (RAND_bytes(&data[0], len) != 1) { + isc_throw(isc::cryptolink::LibraryError, + "OpenSSL RAND_bytes() failed"); + } + } + return (data); + } +}; + +void +CryptoLink::initialize(CryptoLink& c) { + if (!c.impl_) { + try { + c.impl_.reset(new CryptoLinkImpl()); + } catch (const std::exception &ex) { + // Should never happen + isc_throw(InitializationError, + "Error during OpenSSL initialization:" << ex.what()); + } catch (...) { + // Should never happen + isc_throw(InitializationError, + "Error during OpenSSL initialization"); + } + } + if (!c.rng_) { + try { + c.rng_.reset(new RNGImpl()); + } catch (const std::exception &ex) { + // Should never happen + isc_throw(InitializationError, + "Error during OpenSSL RNG initialization:" << ex.what()); + } catch (...) { + // Should never happen + isc_throw(InitializationError, + "Error during OpenSSL RNG initialization"); + } + } +} + +std::string +CryptoLink::getVersion() { + return (SSLeay_version(SSLEAY_VERSION)); +} + +} // namespace cryptolink +} // namespace isc diff --git a/src/lib/cryptolink/tests/Makefile.am b/src/lib/cryptolink/tests/Makefile.am new file mode 100644 index 0000000..a8bbb47 --- /dev/null +++ b/src/lib/cryptolink/tests/Makefile.am @@ -0,0 +1,32 @@ +SUBDIRS = . + +AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib +AM_CPPFLAGS += $(BOOST_INCLUDES) +AM_CXXFLAGS = $(KEA_CXXFLAGS) + +if USE_STATIC_LINK +AM_LDFLAGS = -static +endif + +CLEANFILES = *.gcno *.gcda + +TESTS_ENVIRONMENT = $(LIBTOOL) --mode=execute $(VALGRIND_COMMAND) + +TESTS = +if HAVE_GTEST +TESTS += run_unittests +run_unittests_SOURCES = run_unittests.cc +run_unittests_SOURCES += crypto_unittests.cc +run_unittests_SOURCES += hash_unittests.cc +run_unittests_SOURCES += hmac_unittests.cc +run_unittests_CPPFLAGS = $(AM_CPPFLAGS) $(GTEST_INCLUDES) +run_unittests_LDFLAGS = $(AM_LDFLAGS) $(CRYPTO_LDFLAGS) $(GTEST_LDFLAGS) +run_unittests_LDADD = $(top_builddir)/src/lib/cryptolink/libkea-cryptolink.la +run_unittests_LDADD += $(top_builddir)/src/lib/log/libkea-log.la +run_unittests_LDADD += $(top_builddir)/src/lib/util/unittests/libutil_unittests.la +run_unittests_LDADD += $(top_builddir)/src/lib/util/libkea-util.la +run_unittests_LDADD += $(top_builddir)/src/lib/exceptions/libkea-exceptions.la +run_unittests_LDADD += $(CRYPTO_LIBS) $(GTEST_LDADD) +endif + +noinst_PROGRAMS = $(TESTS) diff --git a/src/lib/cryptolink/tests/Makefile.in b/src/lib/cryptolink/tests/Makefile.in new file mode 100644 index 0000000..1f90600 --- /dev/null +++ b/src/lib/cryptolink/tests/Makefile.in @@ -0,0 +1,1039 @@ +# Makefile.in generated by automake 1.16.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2018 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +VPATH = @srcdir@ +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +TESTS = $(am__EXEEXT_1) +@HAVE_GTEST_TRUE@am__append_1 = run_unittests +noinst_PROGRAMS = $(am__EXEEXT_2) +subdir = src/lib/cryptolink/tests +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4macros/ax_boost_for_kea.m4 \ + $(top_srcdir)/m4macros/ax_cpp11.m4 \ + $(top_srcdir)/m4macros/ax_cpp20.m4 \ + $(top_srcdir)/m4macros/ax_crypto.m4 \ + $(top_srcdir)/m4macros/ax_find_library.m4 \ + $(top_srcdir)/m4macros/ax_gssapi.m4 \ + $(top_srcdir)/m4macros/ax_gtest.m4 \ + $(top_srcdir)/m4macros/ax_isc_rpath.m4 \ + $(top_srcdir)/m4macros/ax_netconf.m4 \ + $(top_srcdir)/m4macros/libtool.m4 \ + $(top_srcdir)/m4macros/ltoptions.m4 \ + $(top_srcdir)/m4macros/ltsugar.m4 \ + $(top_srcdir)/m4macros/ltversion.m4 \ + $(top_srcdir)/m4macros/lt~obsolete.m4 \ + $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +@HAVE_GTEST_TRUE@am__EXEEXT_1 = run_unittests$(EXEEXT) +am__EXEEXT_2 = $(am__EXEEXT_1) +PROGRAMS = $(noinst_PROGRAMS) +am__run_unittests_SOURCES_DIST = run_unittests.cc crypto_unittests.cc \ + hash_unittests.cc hmac_unittests.cc +@HAVE_GTEST_TRUE@am_run_unittests_OBJECTS = \ +@HAVE_GTEST_TRUE@ run_unittests-run_unittests.$(OBJEXT) \ +@HAVE_GTEST_TRUE@ run_unittests-crypto_unittests.$(OBJEXT) \ +@HAVE_GTEST_TRUE@ run_unittests-hash_unittests.$(OBJEXT) \ +@HAVE_GTEST_TRUE@ run_unittests-hmac_unittests.$(OBJEXT) +run_unittests_OBJECTS = $(am_run_unittests_OBJECTS) +am__DEPENDENCIES_1 = +@HAVE_GTEST_TRUE@run_unittests_DEPENDENCIES = $(top_builddir)/src/lib/cryptolink/libkea-cryptolink.la \ +@HAVE_GTEST_TRUE@ $(top_builddir)/src/lib/log/libkea-log.la \ +@HAVE_GTEST_TRUE@ $(top_builddir)/src/lib/util/unittests/libutil_unittests.la \ +@HAVE_GTEST_TRUE@ $(top_builddir)/src/lib/util/libkea-util.la \ +@HAVE_GTEST_TRUE@ $(top_builddir)/src/lib/exceptions/libkea-exceptions.la \ +@HAVE_GTEST_TRUE@ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) +AM_V_lt = $(am__v_lt_@AM_V@) +am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) +am__v_lt_0 = --silent +am__v_lt_1 = +run_unittests_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CXX \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CXXLD) \ + $(AM_CXXFLAGS) $(CXXFLAGS) $(run_unittests_LDFLAGS) $(LDFLAGS) \ + -o $@ +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__maybe_remake_depfiles = depfiles +am__depfiles_remade = ./$(DEPDIR)/run_unittests-crypto_unittests.Po \ + ./$(DEPDIR)/run_unittests-hash_unittests.Po \ + ./$(DEPDIR)/run_unittests-hmac_unittests.Po \ + ./$(DEPDIR)/run_unittests-run_unittests.Po +am__mv = mv -f +CXXCOMPILE = $(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) +LTCXXCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CXX $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(CXX) $(DEFS) \ + $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ + $(AM_CXXFLAGS) $(CXXFLAGS) +AM_V_CXX = $(am__v_CXX_@AM_V@) +am__v_CXX_ = $(am__v_CXX_@AM_DEFAULT_V@) +am__v_CXX_0 = @echo " CXX " $@; +am__v_CXX_1 = +CXXLD = $(CXX) +CXXLINK = $(LIBTOOL) $(AM_V_lt) --tag=CXX $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CXXLD) $(AM_CXXFLAGS) \ + $(CXXFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CXXLD = $(am__v_CXXLD_@AM_V@) +am__v_CXXLD_ = $(am__v_CXXLD_@AM_DEFAULT_V@) +am__v_CXXLD_0 = @echo " CXXLD " $@; +am__v_CXXLD_1 = +SOURCES = $(run_unittests_SOURCES) +DIST_SOURCES = $(am__run_unittests_SOURCES_DIST) +RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \ + ctags-recursive dvi-recursive html-recursive info-recursive \ + install-data-recursive install-dvi-recursive \ + install-exec-recursive install-html-recursive \ + install-info-recursive install-pdf-recursive \ + install-ps-recursive install-recursive installcheck-recursive \ + installdirs-recursive pdf-recursive ps-recursive \ + tags-recursive uninstall-recursive +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ + distclean-recursive maintainer-clean-recursive +am__recursive_targets = \ + $(RECURSIVE_TARGETS) \ + $(RECURSIVE_CLEAN_TARGETS) \ + $(am__extra_recursive_targets) +AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \ + distdir distdir-am +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +am__tty_colors_dummy = \ + mgn= red= grn= lgn= blu= brg= std=; \ + am__color_tests=no +am__tty_colors = { \ + $(am__tty_colors_dummy); \ + if test "X$(AM_COLOR_TESTS)" = Xno; then \ + am__color_tests=no; \ + elif test "X$(AM_COLOR_TESTS)" = Xalways; then \ + am__color_tests=yes; \ + elif test "X$$TERM" != Xdumb && { test -t 1; } 2>/dev/null; then \ + am__color_tests=yes; \ + fi; \ + if test $$am__color_tests = yes; then \ + red='[0;31m'; \ + grn='[0;32m'; \ + lgn='[1;32m'; \ + blu='[1;34m'; \ + mgn='[0;35m'; \ + brg='[1m'; \ + std='[m'; \ + fi; \ +} +DIST_SUBDIRS = $(SUBDIRS) +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +am__relativize = \ + dir0=`pwd`; \ + sed_first='s,^\([^/]*\)/.*$$,\1,'; \ + sed_rest='s,^[^/]*/*,,'; \ + sed_last='s,^.*/\([^/]*\)$$,\1,'; \ + sed_butlast='s,/*[^/]*$$,,'; \ + while test -n "$$dir1"; do \ + first=`echo "$$dir1" | sed -e "$$sed_first"`; \ + if test "$$first" != "."; then \ + if test "$$first" = ".."; then \ + dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ + dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ + else \ + first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ + if test "$$first2" = "$$first"; then \ + dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ + else \ + dir2="../$$dir2"; \ + fi; \ + dir0="$$dir0"/"$$first"; \ + fi; \ + fi; \ + dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ + done; \ + reldir="$$dir2" +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +ASCIIDOC = @ASCIIDOC@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +BOOST_INCLUDES = @BOOST_INCLUDES@ +BOOST_LIBS = @BOOST_LIBS@ +BOTAN_TOOL = @BOTAN_TOOL@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CONTRIB_DIR = @CONTRIB_DIR@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CRYPTO_CFLAGS = @CRYPTO_CFLAGS@ +CRYPTO_INCLUDES = @CRYPTO_INCLUDES@ +CRYPTO_LDFLAGS = @CRYPTO_LDFLAGS@ +CRYPTO_LIBS = @CRYPTO_LIBS@ +CRYPTO_PACKAGE = @CRYPTO_PACKAGE@ +CRYPTO_RPATH = @CRYPTO_RPATH@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ +CXXDEPMODE = @CXXDEPMODE@ +CXXFLAGS = @CXXFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DISTCHECK_BOOST_CONFIGURE_FLAG = @DISTCHECK_BOOST_CONFIGURE_FLAG@ +DISTCHECK_CONTRIB_CONFIGURE_FLAG = @DISTCHECK_CONTRIB_CONFIGURE_FLAG@ +DISTCHECK_CRYPTO_CONFIGURE_FLAG = @DISTCHECK_CRYPTO_CONFIGURE_FLAG@ +DISTCHECK_GSSAPI_CONFIGURE_FLAG = @DISTCHECK_GSSAPI_CONFIGURE_FLAG@ +DISTCHECK_GTEST_CONFIGURE_FLAG = @DISTCHECK_GTEST_CONFIGURE_FLAG@ +DISTCHECK_KEA_SHELL_CONFIGURE_FLAG = @DISTCHECK_KEA_SHELL_CONFIGURE_FLAG@ +DISTCHECK_LIBYANGCPP_CONFIGURE_FLAG = @DISTCHECK_LIBYANGCPP_CONFIGURE_FLAG@ +DISTCHECK_LIBYANG_CONFIGURE_FLAG = @DISTCHECK_LIBYANG_CONFIGURE_FLAG@ +DISTCHECK_LOG4CPLUS_CONFIGURE_FLAG = @DISTCHECK_LOG4CPLUS_CONFIGURE_FLAG@ +DISTCHECK_MYSQL_CONFIGURE_FLAG = @DISTCHECK_MYSQL_CONFIGURE_FLAG@ +DISTCHECK_PERFDHCP_CONFIGURE_FLAG = @DISTCHECK_PERFDHCP_CONFIGURE_FLAG@ +DISTCHECK_PGSQL_CONFIGURE_FLAG = @DISTCHECK_PGSQL_CONFIGURE_FLAG@ +DISTCHECK_PREMIUM_CONFIGURE_FLAG = @DISTCHECK_PREMIUM_CONFIGURE_FLAG@ +DISTCHECK_SYSREPOCPP_CONFIGURE_FLAG = @DISTCHECK_SYSREPOCPP_CONFIGURE_FLAG@ +DISTCHECK_SYSREPO_CONFIGURE_FLAG = @DISTCHECK_SYSREPO_CONFIGURE_FLAG@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GENHTML = @GENHTML@ +GREP = @GREP@ +GSSAPI_CFLAGS = @GSSAPI_CFLAGS@ +GSSAPI_LIBS = @GSSAPI_LIBS@ +GTEST_CONFIG = @GTEST_CONFIG@ +GTEST_INCLUDES = @GTEST_INCLUDES@ +GTEST_LDADD = @GTEST_LDADD@ +GTEST_LDFLAGS = @GTEST_LDFLAGS@ +GTEST_SOURCE = @GTEST_SOURCE@ +HAVE_NETCONF = @HAVE_NETCONF@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +KEA_CXXFLAGS = @KEA_CXXFLAGS@ +KEA_SRCID = @KEA_SRCID@ +KRB5_CONFIG = @KRB5_CONFIG@ +LCOV = @LCOV@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIBYANGCPP_CPPFLAGS = @LIBYANGCPP_CPPFLAGS@ +LIBYANGCPP_INCLUDEDIR = @LIBYANGCPP_INCLUDEDIR@ +LIBYANGCPP_LIBS = @LIBYANGCPP_LIBS@ +LIBYANGCPP_PREFIX = @LIBYANGCPP_PREFIX@ +LIBYANGCPP_VERSION = @LIBYANGCPP_VERSION@ +LIBYANG_CPPFLAGS = @LIBYANG_CPPFLAGS@ +LIBYANG_INCLUDEDIR = @LIBYANG_INCLUDEDIR@ +LIBYANG_LIBS = @LIBYANG_LIBS@ +LIBYANG_PREFIX = @LIBYANG_PREFIX@ +LIBYANG_VERSION = @LIBYANG_VERSION@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LOG4CPLUS_INCLUDES = @LOG4CPLUS_INCLUDES@ +LOG4CPLUS_LIBS = @LOG4CPLUS_LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +MYSQL_CPPFLAGS = @MYSQL_CPPFLAGS@ +MYSQL_LIBS = @MYSQL_LIBS@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PACKAGE_VERSION_TYPE = @PACKAGE_VERSION_TYPE@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PDFLATEX = @PDFLATEX@ +PERL = @PERL@ +PGSQL_CPPFLAGS = @PGSQL_CPPFLAGS@ +PGSQL_LIBS = @PGSQL_LIBS@ +PKGPYTHONDIR = @PKGPYTHONDIR@ +PKG_CONFIG = @PKG_CONFIG@ +PLANTUML = @PLANTUML@ +PREMIUM_DIR = @PREMIUM_DIR@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +RANLIB = @RANLIB@ +SED = @SED@ +SEP = @SEP@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SPHINXBUILD = @SPHINXBUILD@ +SRPD_PLUGINS_PATH = @SRPD_PLUGINS_PATH@ +SR_PLUGINS_PATH = @SR_PLUGINS_PATH@ +SR_REPO_PATH = @SR_REPO_PATH@ +STRIP = @STRIP@ +SYSREPOCPP_CPPFLAGS = @SYSREPOCPP_CPPFLAGS@ +SYSREPOCPP_INCLUDEDIR = @SYSREPOCPP_INCLUDEDIR@ +SYSREPOCPP_LIBS = @SYSREPOCPP_LIBS@ +SYSREPOCPP_PREFIX = @SYSREPOCPP_PREFIX@ +SYSREPOCPP_VERSION = @SYSREPOCPP_VERSION@ +SYSREPO_CPPFLAGS = @SYSREPO_CPPFLAGS@ +SYSREPO_INCLUDEDIR = @SYSREPO_INCLUDEDIR@ +SYSREPO_LIBS = @SYSREPO_LIBS@ +SYSREPO_PREFIX = @SYSREPO_PREFIX@ +SYSREPO_VERSION = @SYSREPO_VERSION@ +USE_LCOV = @USE_LCOV@ +VALGRIND = @VALGRIND@ +VERSION = @VERSION@ +WARNING_GCC_44_STRICT_ALIASING_CFLAG = @WARNING_GCC_44_STRICT_ALIASING_CFLAG@ +YACC = @YACC@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_CXX = @ac_ct_CXX@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +runstatedir = @runstatedir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +SUBDIRS = . +AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib \ + $(BOOST_INCLUDES) +AM_CXXFLAGS = $(KEA_CXXFLAGS) +@USE_STATIC_LINK_TRUE@AM_LDFLAGS = -static +CLEANFILES = *.gcno *.gcda +TESTS_ENVIRONMENT = $(LIBTOOL) --mode=execute $(VALGRIND_COMMAND) +@HAVE_GTEST_TRUE@run_unittests_SOURCES = run_unittests.cc \ +@HAVE_GTEST_TRUE@ crypto_unittests.cc hash_unittests.cc \ +@HAVE_GTEST_TRUE@ hmac_unittests.cc +@HAVE_GTEST_TRUE@run_unittests_CPPFLAGS = $(AM_CPPFLAGS) $(GTEST_INCLUDES) +@HAVE_GTEST_TRUE@run_unittests_LDFLAGS = $(AM_LDFLAGS) $(CRYPTO_LDFLAGS) $(GTEST_LDFLAGS) +@HAVE_GTEST_TRUE@run_unittests_LDADD = $(top_builddir)/src/lib/cryptolink/libkea-cryptolink.la \ +@HAVE_GTEST_TRUE@ $(top_builddir)/src/lib/log/libkea-log.la \ +@HAVE_GTEST_TRUE@ $(top_builddir)/src/lib/util/unittests/libutil_unittests.la \ +@HAVE_GTEST_TRUE@ $(top_builddir)/src/lib/util/libkea-util.la \ +@HAVE_GTEST_TRUE@ $(top_builddir)/src/lib/exceptions/libkea-exceptions.la \ +@HAVE_GTEST_TRUE@ $(CRYPTO_LIBS) $(GTEST_LDADD) +all: all-recursive + +.SUFFIXES: +.SUFFIXES: .cc .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/lib/cryptolink/tests/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign src/lib/cryptolink/tests/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +clean-noinstPROGRAMS: + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list + +run_unittests$(EXEEXT): $(run_unittests_OBJECTS) $(run_unittests_DEPENDENCIES) $(EXTRA_run_unittests_DEPENDENCIES) + @rm -f run_unittests$(EXEEXT) + $(AM_V_CXXLD)$(run_unittests_LINK) $(run_unittests_OBJECTS) $(run_unittests_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/run_unittests-crypto_unittests.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/run_unittests-hash_unittests.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/run_unittests-hmac_unittests.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/run_unittests-run_unittests.Po@am__quote@ # am--include-marker + +$(am__depfiles_remade): + @$(MKDIR_P) $(@D) + @echo '# dummy' >$@-t && $(am__mv) $@-t $@ + +am--depfiles: $(am__depfiles_remade) + +.cc.o: +@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXXCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCXX_FALSE@ $(AM_V_CXX@am__nodep@)$(CXXCOMPILE) -c -o $@ $< + +.cc.obj: +@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXXCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCXX_FALSE@ $(AM_V_CXX@am__nodep@)$(CXXCOMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +.cc.lo: +@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(LTCXXCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCXX_FALSE@ $(AM_V_CXX@am__nodep@)$(LTCXXCOMPILE) -c -o $@ $< + +run_unittests-run_unittests.o: run_unittests.cc +@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(run_unittests_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -MT run_unittests-run_unittests.o -MD -MP -MF $(DEPDIR)/run_unittests-run_unittests.Tpo -c -o run_unittests-run_unittests.o `test -f 'run_unittests.cc' || echo '$(srcdir)/'`run_unittests.cc +@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/run_unittests-run_unittests.Tpo $(DEPDIR)/run_unittests-run_unittests.Po +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='run_unittests.cc' object='run_unittests-run_unittests.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCXX_FALSE@ $(AM_V_CXX@am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(run_unittests_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -c -o run_unittests-run_unittests.o `test -f 'run_unittests.cc' || echo '$(srcdir)/'`run_unittests.cc + +run_unittests-run_unittests.obj: run_unittests.cc +@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(run_unittests_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -MT run_unittests-run_unittests.obj -MD -MP -MF $(DEPDIR)/run_unittests-run_unittests.Tpo -c -o run_unittests-run_unittests.obj `if test -f 'run_unittests.cc'; then $(CYGPATH_W) 'run_unittests.cc'; else $(CYGPATH_W) '$(srcdir)/run_unittests.cc'; fi` +@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/run_unittests-run_unittests.Tpo $(DEPDIR)/run_unittests-run_unittests.Po +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='run_unittests.cc' object='run_unittests-run_unittests.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCXX_FALSE@ $(AM_V_CXX@am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(run_unittests_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -c -o run_unittests-run_unittests.obj `if test -f 'run_unittests.cc'; then $(CYGPATH_W) 'run_unittests.cc'; else $(CYGPATH_W) '$(srcdir)/run_unittests.cc'; fi` + +run_unittests-crypto_unittests.o: crypto_unittests.cc +@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(run_unittests_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -MT run_unittests-crypto_unittests.o -MD -MP -MF $(DEPDIR)/run_unittests-crypto_unittests.Tpo -c -o run_unittests-crypto_unittests.o `test -f 'crypto_unittests.cc' || echo '$(srcdir)/'`crypto_unittests.cc +@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/run_unittests-crypto_unittests.Tpo $(DEPDIR)/run_unittests-crypto_unittests.Po +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='crypto_unittests.cc' object='run_unittests-crypto_unittests.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCXX_FALSE@ $(AM_V_CXX@am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(run_unittests_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -c -o run_unittests-crypto_unittests.o `test -f 'crypto_unittests.cc' || echo '$(srcdir)/'`crypto_unittests.cc + +run_unittests-crypto_unittests.obj: crypto_unittests.cc +@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(run_unittests_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -MT run_unittests-crypto_unittests.obj -MD -MP -MF $(DEPDIR)/run_unittests-crypto_unittests.Tpo -c -o run_unittests-crypto_unittests.obj `if test -f 'crypto_unittests.cc'; then $(CYGPATH_W) 'crypto_unittests.cc'; else $(CYGPATH_W) '$(srcdir)/crypto_unittests.cc'; fi` +@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/run_unittests-crypto_unittests.Tpo $(DEPDIR)/run_unittests-crypto_unittests.Po +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='crypto_unittests.cc' object='run_unittests-crypto_unittests.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCXX_FALSE@ $(AM_V_CXX@am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(run_unittests_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -c -o run_unittests-crypto_unittests.obj `if test -f 'crypto_unittests.cc'; then $(CYGPATH_W) 'crypto_unittests.cc'; else $(CYGPATH_W) '$(srcdir)/crypto_unittests.cc'; fi` + +run_unittests-hash_unittests.o: hash_unittests.cc +@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(run_unittests_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -MT run_unittests-hash_unittests.o -MD -MP -MF $(DEPDIR)/run_unittests-hash_unittests.Tpo -c -o run_unittests-hash_unittests.o `test -f 'hash_unittests.cc' || echo '$(srcdir)/'`hash_unittests.cc +@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/run_unittests-hash_unittests.Tpo $(DEPDIR)/run_unittests-hash_unittests.Po +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='hash_unittests.cc' object='run_unittests-hash_unittests.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCXX_FALSE@ $(AM_V_CXX@am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(run_unittests_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -c -o run_unittests-hash_unittests.o `test -f 'hash_unittests.cc' || echo '$(srcdir)/'`hash_unittests.cc + +run_unittests-hash_unittests.obj: hash_unittests.cc +@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(run_unittests_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -MT run_unittests-hash_unittests.obj -MD -MP -MF $(DEPDIR)/run_unittests-hash_unittests.Tpo -c -o run_unittests-hash_unittests.obj `if test -f 'hash_unittests.cc'; then $(CYGPATH_W) 'hash_unittests.cc'; else $(CYGPATH_W) '$(srcdir)/hash_unittests.cc'; fi` +@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/run_unittests-hash_unittests.Tpo $(DEPDIR)/run_unittests-hash_unittests.Po +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='hash_unittests.cc' object='run_unittests-hash_unittests.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCXX_FALSE@ $(AM_V_CXX@am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(run_unittests_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -c -o run_unittests-hash_unittests.obj `if test -f 'hash_unittests.cc'; then $(CYGPATH_W) 'hash_unittests.cc'; else $(CYGPATH_W) '$(srcdir)/hash_unittests.cc'; fi` + +run_unittests-hmac_unittests.o: hmac_unittests.cc +@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(run_unittests_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -MT run_unittests-hmac_unittests.o -MD -MP -MF $(DEPDIR)/run_unittests-hmac_unittests.Tpo -c -o run_unittests-hmac_unittests.o `test -f 'hmac_unittests.cc' || echo '$(srcdir)/'`hmac_unittests.cc +@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/run_unittests-hmac_unittests.Tpo $(DEPDIR)/run_unittests-hmac_unittests.Po +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='hmac_unittests.cc' object='run_unittests-hmac_unittests.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCXX_FALSE@ $(AM_V_CXX@am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(run_unittests_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -c -o run_unittests-hmac_unittests.o `test -f 'hmac_unittests.cc' || echo '$(srcdir)/'`hmac_unittests.cc + +run_unittests-hmac_unittests.obj: hmac_unittests.cc +@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(run_unittests_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -MT run_unittests-hmac_unittests.obj -MD -MP -MF $(DEPDIR)/run_unittests-hmac_unittests.Tpo -c -o run_unittests-hmac_unittests.obj `if test -f 'hmac_unittests.cc'; then $(CYGPATH_W) 'hmac_unittests.cc'; else $(CYGPATH_W) '$(srcdir)/hmac_unittests.cc'; fi` +@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/run_unittests-hmac_unittests.Tpo $(DEPDIR)/run_unittests-hmac_unittests.Po +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='hmac_unittests.cc' object='run_unittests-hmac_unittests.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCXX_FALSE@ $(AM_V_CXX@am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(run_unittests_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -c -o run_unittests-hmac_unittests.obj `if test -f 'hmac_unittests.cc'; then $(CYGPATH_W) 'hmac_unittests.cc'; else $(CYGPATH_W) '$(srcdir)/hmac_unittests.cc'; fi` + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +# This directory's subdirectories are mostly independent; you can cd +# into them and run 'make' without going through this Makefile. +# To change the values of 'make' variables: instead of editing Makefiles, +# (1) if the variable is set in 'config.status', edit 'config.status' +# (which will cause the Makefiles to be regenerated when you run 'make'); +# (2) otherwise, pass the desired values on the 'make' command line. +$(am__recursive_targets): + @fail=; \ + if $(am__make_keepgoing); then \ + failcom='fail=yes'; \ + else \ + failcom='exit 1'; \ + fi; \ + dot_seen=no; \ + target=`echo $@ | sed s/-recursive//`; \ + case "$@" in \ + distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ + *) list='$(SUBDIRS)' ;; \ + esac; \ + for subdir in $$list; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + dot_seen=yes; \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || eval $$failcom; \ + done; \ + if test "$$dot_seen" = "no"; then \ + $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ + fi; test -z "$$fail" + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-recursive +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ + include_option=--etags-include; \ + empty_fix=.; \ + else \ + include_option=--include; \ + empty_fix=; \ + fi; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + test ! -f $$subdir/TAGS || \ + set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ + fi; \ + done; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-recursive + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-recursive + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +check-TESTS: $(TESTS) + @failed=0; all=0; xfail=0; xpass=0; skip=0; \ + srcdir=$(srcdir); export srcdir; \ + list=' $(TESTS) '; \ + $(am__tty_colors); \ + if test -n "$$list"; then \ + for tst in $$list; do \ + if test -f ./$$tst; then dir=./; \ + elif test -f $$tst; then dir=; \ + else dir="$(srcdir)/"; fi; \ + if $(TESTS_ENVIRONMENT) $${dir}$$tst $(AM_TESTS_FD_REDIRECT); then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *[\ \ ]$$tst[\ \ ]*) \ + xpass=`expr $$xpass + 1`; \ + failed=`expr $$failed + 1`; \ + col=$$red; res=XPASS; \ + ;; \ + *) \ + col=$$grn; res=PASS; \ + ;; \ + esac; \ + elif test $$? -ne 77; then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *[\ \ ]$$tst[\ \ ]*) \ + xfail=`expr $$xfail + 1`; \ + col=$$lgn; res=XFAIL; \ + ;; \ + *) \ + failed=`expr $$failed + 1`; \ + col=$$red; res=FAIL; \ + ;; \ + esac; \ + else \ + skip=`expr $$skip + 1`; \ + col=$$blu; res=SKIP; \ + fi; \ + echo "$${col}$$res$${std}: $$tst"; \ + done; \ + if test "$$all" -eq 1; then \ + tests="test"; \ + All=""; \ + else \ + tests="tests"; \ + All="All "; \ + fi; \ + if test "$$failed" -eq 0; then \ + if test "$$xfail" -eq 0; then \ + banner="$$All$$all $$tests passed"; \ + else \ + if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \ + banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \ + fi; \ + else \ + if test "$$xpass" -eq 0; then \ + banner="$$failed of $$all $$tests failed"; \ + else \ + if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \ + banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \ + fi; \ + fi; \ + dashes="$$banner"; \ + skipped=""; \ + if test "$$skip" -ne 0; then \ + if test "$$skip" -eq 1; then \ + skipped="($$skip test was not run)"; \ + else \ + skipped="($$skip tests were not run)"; \ + fi; \ + test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ + dashes="$$skipped"; \ + fi; \ + report=""; \ + if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ + report="Please report to $(PACKAGE_BUGREPORT)"; \ + test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ + dashes="$$report"; \ + fi; \ + dashes=`echo "$$dashes" | sed s/./=/g`; \ + if test "$$failed" -eq 0; then \ + col="$$grn"; \ + else \ + col="$$red"; \ + fi; \ + echo "$${col}$$dashes$${std}"; \ + echo "$${col}$$banner$${std}"; \ + test -z "$$skipped" || echo "$${col}$$skipped$${std}"; \ + test -z "$$report" || echo "$${col}$$report$${std}"; \ + echo "$${col}$$dashes$${std}"; \ + test "$$failed" -eq 0; \ + else :; fi + +distdir: $(BUILT_SOURCES) + $(MAKE) $(AM_MAKEFLAGS) distdir-am + +distdir-am: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + $(am__make_dryrun) \ + || test -d "$(distdir)/$$subdir" \ + || $(MKDIR_P) "$(distdir)/$$subdir" \ + || exit 1; \ + dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ + $(am__relativize); \ + new_distdir=$$reldir; \ + dir1=$$subdir; dir2="$(top_distdir)"; \ + $(am__relativize); \ + new_top_distdir=$$reldir; \ + echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ + echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ + ($(am__cd) $$subdir && \ + $(MAKE) $(AM_MAKEFLAGS) \ + top_distdir="$$new_top_distdir" \ + distdir="$$new_distdir" \ + am__remove_distdir=: \ + am__skip_length_check=: \ + am__skip_mode_fix=: \ + distdir) \ + || exit 1; \ + fi; \ + done +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-TESTS +check: check-recursive +all-am: Makefile $(PROGRAMS) +installdirs: installdirs-recursive +installdirs-am: +install: install-recursive +install-exec: install-exec-recursive +install-data: install-data-recursive +uninstall: uninstall-recursive + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-recursive +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-recursive + +clean-am: clean-generic clean-libtool clean-noinstPROGRAMS \ + mostlyclean-am + +distclean: distclean-recursive + -rm -f ./$(DEPDIR)/run_unittests-crypto_unittests.Po + -rm -f ./$(DEPDIR)/run_unittests-hash_unittests.Po + -rm -f ./$(DEPDIR)/run_unittests-hmac_unittests.Po + -rm -f ./$(DEPDIR)/run_unittests-run_unittests.Po + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-recursive + +dvi-am: + +html: html-recursive + +html-am: + +info: info-recursive + +info-am: + +install-data-am: + +install-dvi: install-dvi-recursive + +install-dvi-am: + +install-exec-am: + +install-html: install-html-recursive + +install-html-am: + +install-info: install-info-recursive + +install-info-am: + +install-man: + +install-pdf: install-pdf-recursive + +install-pdf-am: + +install-ps: install-ps-recursive + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-recursive + -rm -f ./$(DEPDIR)/run_unittests-crypto_unittests.Po + -rm -f ./$(DEPDIR)/run_unittests-hash_unittests.Po + -rm -f ./$(DEPDIR)/run_unittests-hmac_unittests.Po + -rm -f ./$(DEPDIR)/run_unittests-run_unittests.Po + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-recursive + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-recursive + +pdf-am: + +ps: ps-recursive + +ps-am: + +uninstall-am: + +.MAKE: $(am__recursive_targets) check-am install-am install-strip + +.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am \ + am--depfiles check check-TESTS check-am clean clean-generic \ + clean-libtool clean-noinstPROGRAMS cscopelist-am ctags \ + ctags-am distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-ps install-ps-am install-strip installcheck \ + installcheck-am installdirs installdirs-am maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ + tags tags-am uninstall uninstall-am + +.PRECIOUS: Makefile + + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/src/lib/cryptolink/tests/crypto_unittests.cc b/src/lib/cryptolink/tests/crypto_unittests.cc new file mode 100644 index 0000000..9edb52d --- /dev/null +++ b/src/lib/cryptolink/tests/crypto_unittests.cc @@ -0,0 +1,55 @@ +// Copyright (C) 2011-2018 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#include <config.h> + +#include <gtest/gtest.h> + +#include <util/encode/hex.h> + +#include <cryptolink/cryptolink.h> +#include <cryptolink/crypto_rng.h> + +using namespace std; +using namespace isc::cryptolink; + +// Test get version +TEST(CryptoLinkTest, Version) { + EXPECT_NO_THROW(CryptoLink::getVersion()); +} + +// Tests whether getCryptoLink() returns a singleton instance +TEST(CryptoLinkTest, Singleton) { + const CryptoLink& c1 = CryptoLink::getCryptoLink(); + const CryptoLink& c2 = CryptoLink::getCryptoLink(); + ASSERT_EQ(&c1, &c2); +} + +// Tests whether getRNG() returns a global value +TEST(CryptoLinkTest, GlobalRNG) { + CryptoLink& c = CryptoLink::getCryptoLink(); + RNGPtr rng1 = c.getRNG(); + RNGPtr rng2 = c.getRNG(); + ASSERT_EQ(rng1, rng2); +} + +// Tests whether RNG works +TEST(CryptoLinkTest, RNG) { + RNGPtr rng = CryptoLink::getCryptoLink().getRNG(); + vector<uint8_t> data; + ASSERT_NO_THROW(data = rng->random(16)); + ASSERT_EQ(16, data.size()); + vector<uint8_t> zero; + zero.resize(16); + EXPECT_NE(0, memcmp(&zero[0], &data[0], zero.size())); + + // Retry with the function (vs method) + vector<uint8_t> dataf; + ASSERT_NO_THROW(dataf = random(16)); + ASSERT_EQ(16, dataf.size()); + EXPECT_NE(0, memcmp(&zero[0], &dataf[0], zero.size())); + EXPECT_NE(0, memcmp(&data[0], &dataf[0], zero.size())); +} diff --git a/src/lib/cryptolink/tests/hash_unittests.cc b/src/lib/cryptolink/tests/hash_unittests.cc new file mode 100644 index 0000000..d2e9396 --- /dev/null +++ b/src/lib/cryptolink/tests/hash_unittests.cc @@ -0,0 +1,608 @@ +// Copyright (C) 2014-2016 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#include <config.h> + +#include <string> +#include <vector> + +#include <boost/lexical_cast.hpp> + +#include <gtest/gtest.h> + +#include <util/encode/hex.h> + +#include <cryptolink/cryptolink.h> +#include <cryptolink/crypto_hash.h> + +#include <util/buffer.h> +#include <exceptions/exceptions.h> + +#include <boost/scoped_array.hpp> +#include <boost/shared_ptr.hpp> + +using boost::lexical_cast; +using namespace isc::util; +using namespace isc::util::encode; +using namespace isc::cryptolink; + +namespace { + /// @brief Compare data with expected value + /// @param data Value to compare + /// @param expected Expected value + /// @param len Length of the expected value + void checkData(const uint8_t* data, const uint8_t* expected, + size_t len) { + for (size_t i = 0; i < len; ++i) { + ASSERT_EQ(expected[i], data[i]); + } + } + + /// @brief Compare OutputBuffer with expected value + /// encapsulated checkData() + /// @param buf buffer to compare + /// @param expected Expected value + /// @param len Length of the expected value + void checkBuffer(const OutputBuffer& buf, const uint8_t* expected, + size_t len) + { + ASSERT_EQ(len, buf.getLength()); + checkData(static_cast<const uint8_t*>(buf.getData()), expected, + len); + } + + /// @brief Hash with the convenience functions + /// See @ref doHashTest for parameters + void doHashTestConv(const std::string& data, + const HashAlgorithm hash_algorithm, + const uint8_t* expected_hash, + size_t hash_len) { + OutputBuffer data_buf(data.size()); + data_buf.writeData(data.c_str(), data.size()); + OutputBuffer hash_digest(0); + + // Sign it + digest(data_buf.getData(), data_buf.getLength(), + hash_algorithm, hash_digest, hash_len); + + // Check if the signature is what we expect + checkBuffer(hash_digest, expected_hash, hash_len); + } + + /// @brief Hash with an instantiation of a Hash object + /// See @ref doHashTest for parameters + void doHashTestDirect(const std::string& data, + const HashAlgorithm hash_algorithm, + const uint8_t* expected_hash, + size_t hash_len) { + OutputBuffer data_buf(data.size()); + data_buf.writeData(data.c_str(), data.size()); + OutputBuffer result(1); + CryptoLink& crypto = CryptoLink::getCryptoLink(); + + // Do it + boost::shared_ptr<Hash> hash_digest(crypto.createHash(hash_algorithm), + deleteHash); + hash_digest->update(data_buf.getData(), data_buf.getLength()); + hash_digest->final(result, hash_len); + + // Check if the digest is what we expect + checkBuffer(result, expected_hash, hash_len); + } + + /// @brief Hash with a vector representation + /// See @ref doHashTest for parameters + void doHashTestVector(const std::string& data, + const HashAlgorithm hash_algorithm, + const uint8_t* expected_hash, + size_t hash_len) { + CryptoLink& crypto = CryptoLink::getCryptoLink(); + boost::shared_ptr<Hash> hash_digest(crypto.createHash(hash_algorithm), + deleteHash); + hash_digest->update(data.c_str(), data.size()); + std::vector<uint8_t> result = hash_digest->final(hash_len); + ASSERT_EQ(hash_len, result.size()); + checkData(&result[0], expected_hash, hash_len); + } + + /// @brief Hash with an array representation + /// See @ref doHashTest for parameters + void doHashTestArray(const std::string& data, + const HashAlgorithm hash_algorithm, + const uint8_t* expected_hash, + size_t hash_len) { + CryptoLink& crypto = CryptoLink::getCryptoLink(); + boost::shared_ptr<Hash> hash_digest(crypto.createHash(hash_algorithm), + deleteHash); + hash_digest->update(data.c_str(), data.size()); + + // note: this is not exception-safe, and can leak, but + // if there is an unexpected exception in the code below we + // have more important things to fix. + boost::scoped_array<uint8_t> result(new uint8_t[hash_len]); + + hash_digest->final(result.get(), hash_len); + checkData(result.get(), expected_hash, hash_len); + } + + /// @brief Hash using all variants + /// @param data Input value + /// @param hash_algorithm Hash algorithm enum + /// @param expected_hash Expected value + /// @param hash_len Expected value length + void doHashTest(const std::string& data, + const HashAlgorithm hash_algorithm, + const uint8_t* expected_hash, + size_t hash_len) { + doHashTestConv(data, hash_algorithm, expected_hash, hash_len); + doHashTestDirect(data, hash_algorithm, expected_hash, hash_len); + doHashTestVector(data, hash_algorithm, expected_hash, hash_len); + doHashTestArray(data, hash_algorithm, expected_hash, hash_len); + } +} + +// +// Test values taken from RFC 1321 +// +TEST(HashTest, MD5_RFC1321) { + const uint8_t hash_expected[] = { 0xd4, 0x1d, 0x8c, 0xd9, 0x8f, + 0x00, 0xb2, 0x04, 0xe9, 0x80, + 0x09, 0x98, 0xec, 0xf8, 0x42, + 0x7e }; + doHashTest("", MD5, hash_expected, 16); + + const uint8_t hash_expected2[] = { 0x0c, 0xc1, 0x75, 0xb9, 0xc0, + 0xf1, 0xb6, 0xa8, 0x31, 0xc3, + 0x99, 0xe2, 0x69, 0x77, 0x26, + 0x61 }; + doHashTest("a", MD5, hash_expected2, 16); + + const uint8_t hash_expected3[] = { 0x90, 0x01, 0x50, 0x98, 0x3c, + 0xd2, 0x4f, 0xb0, 0xd6, 0x96, + 0x3f, 0x7d, 0x28, 0xe1, 0x7f, + 0x72 }; + doHashTest("abc", MD5, hash_expected3, 16); + + const uint8_t hash_expected4[] = { 0xf9, 0x6b, 0x69, 0x7d, 0x7c, + 0xb7, 0x93, 0x8d, 0x52, 0x5a, + 0x2f, 0x31, 0xaa, 0xf1, 0x61, + 0xd0 }; + doHashTest("message digest", MD5, hash_expected4, 16); + + const uint8_t hash_expected6[] = { 0xc3, 0xfc, 0xd3, 0xd7, 0x61, + 0x92, 0xe4, 0x00, 0x7d, 0xfb, + 0x49, 0x6c, 0xca, 0x67, 0xe1, + 0x3b }; + doHashTest("abcdefghijklmnopqrstuvwxyz", MD5, hash_expected6, 16); + + const uint8_t hash_expected7[] = { 0xd1, 0x74, 0xab, 0x98, 0xd2, + 0x77, 0xd9, 0xf5, 0xa5, 0x61, + 0x1c, 0x2c, 0x9f, 0x41, 0x9d, + 0x9f }; + doHashTest("ABCDEFGHIJKLMNOPQRSTUVWXYZabcd" + "efghijklmnopqrstuvwxyz0123456789", + MD5, hash_expected7, 16); + + const uint8_t hash_expected8[] = { 0x57, 0xed, 0xf4, 0xa2, 0x2b, + 0xe3, 0xc9, 0x55, 0xac, 0x49, + 0xda, 0x2e, 0x21, 0x07, 0xb6, + 0x7a }; + doHashTest("1234567890123456789012345678901234567890" + "1234567890123456789012345678901234567890", + MD5, hash_expected8, 16); +} + +// +// Test values taken from RFC 3174 +// +TEST(HashTest, SHA1_RFC3174) { + const uint8_t hash_expected[] = { 0xa9, 0x99, 0x3e, 0x36, 0x47, + 0x06, 0x81, 0x6a, 0xba, 0x3e, + 0x25, 0x71, 0x78, 0x50, 0xc2, + 0x6c, 0x9c, 0xd0, 0xd8, 0x9d }; + doHashTest("abc", SHA1, hash_expected, 20); + + const uint8_t hash_expected2[] = { 0x84, 0x98, 0x3e, 0x44, 0x1c, + 0x3b, 0xd2, 0x6e, 0xba, 0xae, + 0x4a, 0xa1, 0xf9, 0x51, 0x29, + 0xe5, 0xe5, 0x46, 0x70, 0xf1 }; + doHashTest("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", + SHA1, hash_expected2, 20); + + const uint8_t hash_expected3[] = { 0x34, 0xaa, 0x97, 0x3c, 0xd4, + 0xc4, 0xda, 0xa4, 0xf6, 0x1e, + 0xeb, 0x2b, 0xdb, 0xad, 0x27, + 0x31, 0x65, 0x34, 0x01, 0x6f }; + doHashTest(std::string(1000000, 0x61), SHA1, hash_expected3, 20); + + const uint8_t hash_expected4[] = { 0xde, 0xa3, 0x56, 0xa2, 0xcd, + 0xdd, 0x90, 0xc7, 0xa7, 0xec, + 0xed, 0xc5, 0xeb, 0xb5, 0x63, + 0x93, 0x4f, 0x46, 0x04, 0x52 }; + doHashTest("01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567", + SHA1, hash_expected4, 20); +} + +// +// Test values taken from RFC 6234 +// +TEST(HashTest, SHA224_RFC6234) { + const uint8_t hash_expected[] = { 0x23, 0x09, 0x7d, 0x22, 0x34, + 0x05, 0xd8, 0x22, 0x86, 0x42, + 0xa4, 0x77, 0xbd, 0xa2, 0x55, + 0xb3, 0x2a, 0xad, 0xbc, 0xe4, + 0xbd, 0xa0, 0xb3, 0xf7, 0xe3, + 0x6c, 0x9d, 0xa7 }; + doHashTest("abc", SHA224, hash_expected, 28); + + const uint8_t hash_expected2[] = { 0x75, 0x38, 0x8b, 0x16, 0x51, + 0x27, 0x76, 0xcc, 0x5d, 0xba, + 0x5d, 0xa1, 0xfd, 0x89, 0x01, + 0x50, 0xb0, 0xc6, 0x45, 0x5c, + 0xb4, 0xf5, 0x8b, 0x19, 0x52, + 0x52, 0x25, 0x25 }; + doHashTest("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", + SHA224, hash_expected2, 28); + + const uint8_t hash_expected3[] = { 0x20, 0x79, 0x46, 0x55, 0x98, + 0x0c, 0x91, 0xd8, 0xbb, 0xb4, + 0xc1, 0xea, 0x97, 0x61, 0x8a, + 0x4b, 0xf0, 0x3f, 0x42, 0x58, + 0x19, 0x48, 0xb2, 0xee, 0x4e, + 0xe7, 0xad, 0x67 }; + doHashTest(std::string(1000000, 0x61), SHA224, hash_expected3, 28); + + const uint8_t hash_expected4[] = { 0x56, 0x7f, 0x69, 0xf1, 0x68, + 0xcd, 0x78, 0x44, 0xe6, 0x52, + 0x59, 0xce, 0x65, 0x8f, 0xe7, + 0xaa, 0xdf, 0xa2, 0x52, 0x16, + 0xe6, 0x8e, 0xca, 0x0e, 0xb7, + 0xab, 0x82, 0x62 }; + doHashTest("01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567", + SHA224, hash_expected4, 28); +} + +TEST(HashTest, SHA256_RFC6234) { + const uint8_t hash_expected[] = { 0xba, 0x78, 0x16, 0xbf, 0x8f, + 0x01, 0xcf, 0xea, 0x41, 0x41, + 0x40, 0xde, 0x5d, 0xae, 0x22, + 0x23, 0xb0, 0x03, 0x61, 0xa3, + 0x96, 0x17, 0x7a, 0x9c, 0xb4, + 0x10, 0xff, 0x61, 0xf2, 0x00, + 0x15, 0xad }; + doHashTest("abc", SHA256, hash_expected, 32); + + const uint8_t hash_expected2[] = { 0x24, 0x8d, 0x6a, 0x61, 0xd2, + 0x06, 0x38, 0xb8, 0xe5, 0xc0, + 0x26, 0x93, 0x0c, 0x3e, 0x60, + 0x39, 0xa3, 0x3c, 0xe4, 0x59, + 0x64, 0xff, 0x21, 0x67, 0xf6, + 0xec, 0xed, 0xd4, 0x19, 0xdb, + 0x06, 0xc1 }; + doHashTest("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", + SHA256, hash_expected2, 32); + + const uint8_t hash_expected3[] = { 0xcd, 0xc7, 0x6e, 0x5c, 0x99, + 0x14, 0xfb, 0x92, 0x81, 0xa1, + 0xc7, 0xe2, 0x84, 0xd7, 0x3e, + 0x67, 0xf1, 0x80, 0x9a, 0x48, + 0xa4, 0x97, 0x20, 0x0e, 0x04, + 0x6d, 0x39, 0xcc, 0xc7, 0x11, + 0x2c, 0xd0 }; + doHashTest(std::string(1000000, 0x61), SHA256, hash_expected3, 32); + + const uint8_t hash_expected4[] = { 0x59, 0x48, 0x47, 0x32, 0x84, + 0x51, 0xbd, 0xfa, 0x85, 0x05, + 0x62, 0x25, 0x46, 0x2c, 0xc1, + 0xd8, 0x67, 0xd8, 0x77, 0xfb, + 0x38, 0x8d, 0xf0, 0xce, 0x35, + 0xf2, 0x5a, 0xb5, 0x56, 0x2b, + 0xfb, 0xb5 }; + doHashTest("01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567", + SHA256, hash_expected4, 32); +} + +TEST(HashTest, SHA384_RFC6234) { + const uint8_t hash_expected[] = { 0xcb, 0x00, 0x75, 0x3f, 0x45, + 0xa3, 0x5e, 0x8b, 0xb5, 0xa0, + 0x3d, 0x69, 0x9a, 0xc6, 0x50, + 0x07, 0x27, 0x2c, 0x32, 0xab, + 0x0e, 0xde, 0xd1, 0x63, 0x1a, + 0x8b, 0x60, 0x5a, 0x43, 0xff, + 0x5b, 0xed, 0x80, 0x86, 0x07, + 0x2b, 0xa1, 0xe7, 0xcc, 0x23, + 0x58, 0xba, 0xec, 0xa1, 0x34, + 0xc8, 0x25, 0xa7 }; + doHashTest("abc", SHA384, hash_expected, 48); + + const uint8_t hash_expected2[] = { 0x09, 0x33, 0x0c, 0x33, 0xf7, + 0x11, 0x47, 0xe8, 0x3d, 0x19, + 0x2f, 0xc7, 0x82, 0xcd, 0x1b, + 0x47, 0x53, 0x11, 0x1b, 0x17, + 0x3b, 0x3b, 0x05, 0xd2, 0x2f, + 0xa0, 0x80, 0x86, 0xe3, 0xb0, + 0xf7, 0x12, 0xfc, 0xc7, 0xc7, + 0x1a, 0x55, 0x7e, 0x2d, 0xb9, + 0x66, 0xc3, 0xe9, 0xfa, 0x91, + 0x74, 0x60, 0x39 }; + doHashTest("abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn" + "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", + SHA384, hash_expected2, 48); + + const uint8_t hash_expected3[] = { 0x9d, 0x0e, 0x18, 0x09, 0x71, + 0x64, 0x74, 0xcb, 0x08, 0x6e, + 0x83, 0x4e, 0x31, 0x0a, 0x4a, + 0x1c, 0xed, 0x14, 0x9e, 0x9c, + 0x00, 0xf2, 0x48, 0x52, 0x79, + 0x72, 0xce, 0xc5, 0x70, 0x4c, + 0x2a, 0x5b, 0x07, 0xb8, 0xb3, + 0xdc, 0x38, 0xec, 0xc4, 0xeb, + 0xae, 0x97, 0xdd, 0xd8, 0x7f, + 0x3d, 0x89, 0x85 }; + doHashTest(std::string(1000000, 0x61), SHA384, hash_expected3, 48); + + const uint8_t hash_expected4[] = { 0x2f, 0xc6, 0x4a, 0x4f, 0x50, + 0x0d, 0xdb, 0x68, 0x28, 0xf6, + 0xa3, 0x43, 0x0b, 0x8d, 0xd7, + 0x2a, 0x36, 0x8e, 0xb7, 0xf3, + 0xa8, 0x32, 0x2a, 0x70, 0xbc, + 0x84, 0x27, 0x5b, 0x9c, 0x0b, + 0x3a, 0xb0, 0x0d, 0x27, 0xa5, + 0xcc, 0x3c, 0x2d, 0x22, 0x4a, + 0xa6, 0xb6, 0x1a, 0x0d, 0x79, + 0xfb, 0x45, 0x96 }; + doHashTest("01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567", + SHA384, hash_expected4, 48); +} + +TEST(HashTest, SHA512_RFC6234) { + const uint8_t hash_expected[] = { 0xdd, 0xaf, 0x35, 0xa1, 0x93, + 0x61, 0x7a, 0xba, 0xcc, 0x41, + 0x73, 0x49, 0xae, 0x20, 0x41, + 0x31, 0x12, 0xe6, 0xfa, 0x4e, + 0x89, 0xa9, 0x7e, 0xa2, 0x0a, + 0x9e, 0xee, 0xe6, 0x4b, 0x55, + 0xd3, 0x9a, 0x21, 0x92, 0x99, + 0x2a, 0x27, 0x4f, 0xc1, 0xa8, + 0x36, 0xba, 0x3c, 0x23, 0xa3, + 0xfe, 0xeb, 0xbd, 0x45, 0x4d, + 0x44, 0x23, 0x64, 0x3c, 0xe8, + 0x0e, 0x2a, 0x9a, 0xc9, 0x4f, + 0xa5, 0x4c, 0xa4, 0x9f }; + doHashTest("abc", SHA512, hash_expected, 64); + + const uint8_t hash_expected2[] = { 0x8e, 0x95, 0x9b, 0x75, 0xda, + 0xe3, 0x13, 0xda, 0x8c, 0xf4, + 0xf7, 0x28, 0x14, 0xfc, 0x14, + 0x3f, 0x8f, 0x77, 0x79, 0xc6, + 0xeb, 0x9f, 0x7f, 0xa1, 0x72, + 0x99, 0xae, 0xad, 0xb6, 0x88, + 0x90, 0x18, 0x50, 0x1d, 0x28, + 0x9e, 0x49, 0x00, 0xf7, 0xe4, + 0x33, 0x1b, 0x99, 0xde, 0xc4, + 0xb5, 0x43, 0x3a, 0xc7, 0xd3, + 0x29, 0xee, 0xb6, 0xdd, 0x26, + 0x54, 0x5e, 0x96, 0xe5, 0x5b, + 0x87, 0x4b, 0xe9, 0x09 }; + doHashTest("abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn" + "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", + SHA512, hash_expected2, 64); + + const uint8_t hash_expected3[] = { 0xe7, 0x18, 0x48, 0x3d, 0x0c, + 0xe7, 0x69, 0x64, 0x4e, 0x2e, + 0x42, 0xc7, 0xbc, 0x15, 0xb4, + 0x63, 0x8e, 0x1f, 0x98, 0xb1, + 0x3b, 0x20, 0x44, 0x28, 0x56, + 0x32, 0xa8, 0x03, 0xaf, 0xa9, + 0x73, 0xeb, 0xde, 0x0f, 0xf2, + 0x44, 0x87, 0x7e, 0xa6, 0x0a, + 0x4c, 0xb0, 0x43, 0x2c, 0xe5, + 0x77, 0xc3, 0x1b, 0xeb, 0x00, + 0x9c, 0x5c, 0x2c, 0x49, 0xaa, + 0x2e, 0x4e, 0xad, 0xb2, 0x17, + 0xad, 0x8c, 0xc0, 0x9b }; + doHashTest(std::string(1000000, 0x61), SHA512, hash_expected3, 64); + + const uint8_t hash_expected4[] = { 0x89, 0xd0, 0x5b, 0xa6, 0x32, + 0xc6, 0x99, 0xc3, 0x12, 0x31, + 0xde, 0xd4, 0xff, 0xc1, 0x27, + 0xd5, 0xa8, 0x94, 0xda, 0xd4, + 0x12, 0xc0, 0xe0, 0x24, 0xdb, + 0x87, 0x2d, 0x1a, 0xbd, 0x2b, + 0xa8, 0x14, 0x1a, 0x0f, 0x85, + 0x07, 0x2a, 0x9b, 0xe1, 0xe2, + 0xaa, 0x04, 0xcf, 0x33, 0xc7, + 0x65, 0xcb, 0x51, 0x08, 0x13, + 0xa3, 0x9c, 0xd5, 0xa8, 0x4c, + 0x4a, 0xca, 0xa6, 0x4d, 0x3f, + 0x3f, 0xb7, 0xba, 0xe9 }; + doHashTest("01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567" + "01234567012345670123456701234567", + SHA512, hash_expected4, 64); +} + +namespace { + /// @brief Get the hash algorithm + /// @param alg Hash algorithm enum + /// @return Hash algorithm enum + HashAlgorithm + digestHashAlgorithm(HashAlgorithm alg) { + boost::shared_ptr<Hash> hash_digest( + CryptoLink::getCryptoLink().createHash(alg), + deleteHash); + return (hash_digest->getHashAlgorithm()); + } +} + +TEST(HashTest, HashAlgorithm) { + EXPECT_EQ(MD5, digestHashAlgorithm(MD5)); + EXPECT_EQ(SHA1, digestHashAlgorithm(SHA1)); + EXPECT_EQ(SHA256, digestHashAlgorithm(SHA256)); + EXPECT_EQ(SHA224, digestHashAlgorithm(SHA224)); + EXPECT_EQ(SHA384, digestHashAlgorithm(SHA384)); + EXPECT_EQ(SHA512, digestHashAlgorithm(SHA512)); +} + +namespace { + /// @brief Compute the vector digest length + /// @param alg Hash algorithm enum + /// @param len Wanted length + /// @return Effective length + size_t + digestVectorLength(HashAlgorithm alg, size_t len) { + boost::shared_ptr<Hash> hash_digest( + CryptoLink::getCryptoLink().createHash(alg), + deleteHash); + hash_digest->update("asdf", 4); + const std::vector<uint8_t> result = hash_digest->final(len); + return (result.size()); + } + + /// @brief Compute the buffer digest length + /// @param alg Hash algorithm enum + /// @param len Wanted length + /// @return Effective length + size_t + digestBufferLength(HashAlgorithm alg, size_t len) { + boost::shared_ptr<Hash> hash_digest( + CryptoLink::getCryptoLink().createHash(alg), + deleteHash); + hash_digest->update("asdf", 4); + OutputBuffer result(0); + hash_digest->final(result, len); + return (result.getLength()); + } + // There is no equivalent for array digest because it is copied + // in place +} + +TEST(HashTest, HashLength) { + EXPECT_EQ(8, digestVectorLength(MD5, 8)); + EXPECT_EQ(16, digestVectorLength(MD5, 16)); + EXPECT_EQ(16, digestVectorLength(MD5, 40)); + EXPECT_EQ(16, digestVectorLength(MD5, 2000)); + + EXPECT_EQ(8, digestBufferLength(SHA1, 8)); + EXPECT_EQ(20, digestBufferLength(SHA1, 20)); + EXPECT_EQ(20, digestBufferLength(SHA1, 40)); + EXPECT_EQ(20, digestBufferLength(SHA1, 2000)); + + EXPECT_EQ(8, digestBufferLength(SHA256, 8)); + EXPECT_EQ(32, digestBufferLength(SHA256, 32)); + EXPECT_EQ(32, digestBufferLength(SHA256, 40)); + EXPECT_EQ(32, digestBufferLength(SHA256, 3200)); + + EXPECT_EQ(8, digestBufferLength(MD5, 8)); + EXPECT_EQ(16, digestBufferLength(MD5, 16)); + EXPECT_EQ(16, digestBufferLength(MD5, 40)); + EXPECT_EQ(16, digestBufferLength(MD5, 2000)); + + EXPECT_EQ(8, digestBufferLength(SHA1, 8)); + EXPECT_EQ(20, digestBufferLength(SHA1, 20)); + EXPECT_EQ(20, digestBufferLength(SHA1, 40)); + EXPECT_EQ(20, digestBufferLength(SHA1, 2000)); + + EXPECT_EQ(8, digestBufferLength(SHA256, 8)); + EXPECT_EQ(32, digestBufferLength(SHA256, 32)); + EXPECT_EQ(32, digestBufferLength(SHA256, 40)); + EXPECT_EQ(32, digestBufferLength(SHA256, 3200)); +} + +// @todo Error cases? diff --git a/src/lib/cryptolink/tests/hmac_unittests.cc b/src/lib/cryptolink/tests/hmac_unittests.cc new file mode 100644 index 0000000..d0c5cd9 --- /dev/null +++ b/src/lib/cryptolink/tests/hmac_unittests.cc @@ -0,0 +1,717 @@ +// Copyright (C) 2011-2022 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#include <config.h> + +#include <string> +#include <vector> + +#include <boost/lexical_cast.hpp> + +#include <gtest/gtest.h> + +#include <util/encode/hex.h> + +#include <cryptolink/cryptolink.h> +#include <cryptolink/crypto_hmac.h> + +#include <util/buffer.h> +#include <exceptions/exceptions.h> + +#include <boost/shared_ptr.hpp> + +using boost::lexical_cast; +using namespace isc::util; +using namespace isc::util::encode; +using namespace isc::cryptolink; + +namespace { + /// @brief Fill a string with copies of an out of char range value + /// @param data String to fill + /// @param len Number of copies + /// @param val Value + void fillString(std::string& data, size_t len, int val) { + data.resize(len); + if (len != 0) { + std::memset(&data[0], val, len); + } + } + + /// @brief Compare data with expected value + /// @param data Value to compare + /// @param expected Expected value + /// @param len Length of the expected value + void checkData(const uint8_t* data, const uint8_t* expected, + size_t len) { + for (size_t i = 0; i < len; ++i) { + ASSERT_EQ(expected[i], data[i]); + } + } + + /// @brief Compare OutputBuffer with expected value + /// encapsulated checkData() + /// @param buf buffer to compare + /// @param expected Expected value + /// @param len Length of the expected value + void checkBuffer(const OutputBuffer& buf, const uint8_t* expected, + size_t len) + { + ASSERT_EQ(len, buf.getLength()); + checkData(static_cast<const uint8_t*>(buf.getData()), expected, + len); + } + + /// @brief Sign and verify with the convenience functions + /// See @ref doHMACTest for parameters + void doHMACTestConv(const std::string& data, + const void* secret, + size_t secret_len, + const HashAlgorithm hash_algorithm, + const uint8_t* expected_hmac, + size_t hmac_len) { + OutputBuffer data_buf(data.size()); + data_buf.writeData(data.c_str(), data.size()); + OutputBuffer hmac_sig(0); + + // Sign it + signHMAC(data_buf.getData(), data_buf.getLength(), + secret, secret_len, hash_algorithm, hmac_sig, hmac_len); + + // Check if the signature is what we expect + checkBuffer(hmac_sig, expected_hmac, hmac_len); + + // Check whether we can verify it ourselves + EXPECT_TRUE(verifyHMAC(data_buf.getData(), data_buf.getLength(), + secret, secret_len, hash_algorithm, + hmac_sig.getData(), + hmac_sig.getLength())); + + // Change the sig by flipping the first octet, and check + // whether verification fails then + hmac_sig.writeUint8At(~hmac_sig[0], 0); + EXPECT_FALSE(verifyHMAC(data_buf.getData(), data_buf.getLength(), + secret, secret_len, hash_algorithm, + hmac_sig.getData(), + hmac_sig.getLength())); + } + + /// @brief Sign and verify with an instantiation of an HMAC object + /// See @ref doHMACTest for parameters + void doHMACTestDirect(const std::string& data, + const void* secret, + size_t secret_len, + const HashAlgorithm hash_algorithm, + const uint8_t* expected_hmac, + size_t hmac_len) { + OutputBuffer data_buf(data.size()); + data_buf.writeData(data.c_str(), data.size()); + OutputBuffer hmac_sig(1); + CryptoLink& crypto = CryptoLink::getCryptoLink(); + + // Sign it + boost::shared_ptr<HMAC> hmac_sign(crypto.createHMAC(secret, + secret_len, + hash_algorithm), + deleteHMAC); + hmac_sign->update(data_buf.getData(), data_buf.getLength()); + hmac_sign->sign(hmac_sig, hmac_len); + + // Check if the signature is what we expect + checkBuffer(hmac_sig, expected_hmac, hmac_len); + + // Check whether we can verify it ourselves + boost::shared_ptr<HMAC> hmac_verify(crypto.createHMAC(secret, + secret_len, + hash_algorithm), + deleteHMAC); + hmac_verify->update(data_buf.getData(), data_buf.getLength()); + EXPECT_TRUE(hmac_verify->verify(hmac_sig.getData(), + hmac_sig.getLength())); + + // Change the sig by flipping the first octet, and check + // whether verification fails then + hmac_sig.writeUint8At(~hmac_sig[0], 0); + EXPECT_FALSE(hmac_verify->verify(hmac_sig.getData(), + hmac_sig.getLength())); + + // Restore the sig by flipping the first octet, and check + // whether verification succeeds then + hmac_sig.writeUint8At(~hmac_sig[0], 0); + EXPECT_TRUE(hmac_verify->verify(hmac_sig.getData(), + hmac_sig.getLength())); + } + + /// @brief Sign and verify with vector representation of signature + /// See @ref doHMACTest for parameters + void doHMACTestVector(const std::string& data, + const void* secret, + size_t secret_len, + const HashAlgorithm hash_algorithm, + const uint8_t* expected_hmac, + size_t hmac_len) { + CryptoLink& crypto = CryptoLink::getCryptoLink(); + boost::shared_ptr<HMAC> hmac_sign(crypto.createHMAC(secret, + secret_len, + hash_algorithm), + deleteHMAC); + hmac_sign->update(data.c_str(), data.size()); + std::vector<uint8_t> sig = hmac_sign->sign(hmac_len); + ASSERT_EQ(hmac_len, sig.size()); + checkData(&sig[0], expected_hmac, hmac_len); + + boost::shared_ptr<HMAC> hmac_verify(crypto.createHMAC(secret, + secret_len, + hash_algorithm), + deleteHMAC); + hmac_verify->update(data.c_str(), data.size()); + EXPECT_TRUE(hmac_verify->verify(&sig[0], sig.size())); + + sig[0] = ~sig[0]; + EXPECT_FALSE(hmac_verify->verify(&sig[0], sig.size())); + } + + /// @brief Sign and verify with array representation of signature + /// See @ref doHMACTest for parameters + void doHMACTestArray(const std::string& data, + const void* secret, + size_t secret_len, + const HashAlgorithm hash_algorithm, + const uint8_t* expected_hmac, + size_t hmac_len) { + CryptoLink& crypto = CryptoLink::getCryptoLink(); + boost::shared_ptr<HMAC> hmac_sign(crypto.createHMAC(secret, + secret_len, + hash_algorithm), + deleteHMAC); + hmac_sign->update(data.c_str(), data.size()); + + // note: this is not exception-safe, and can leak, but + // if there is an unexpected exception in the code below we + // have more important things to fix. + uint8_t* sig = new uint8_t[hmac_len]; + + hmac_sign->sign(sig, hmac_len); + checkData(sig, expected_hmac, hmac_len); + + boost::shared_ptr<HMAC> hmac_verify(crypto.createHMAC(secret, + secret_len, + hash_algorithm), + deleteHMAC); + hmac_verify->update(data.c_str(), data.size()); + EXPECT_TRUE(hmac_verify->verify(sig, hmac_len)); + + sig[0] = ~sig[0]; + EXPECT_FALSE(hmac_verify->verify(sig, hmac_len)); + + sig[0] = ~sig[0]; + EXPECT_TRUE(hmac_verify->verify(sig, hmac_len)); + + delete[] sig; + } + + /// @brief Sign and verify using all variants + /// @param data Input value + /// @param secret Secret value + /// @param secret_len Secret value length + /// @param hash_algorithm Hash algorithm enum + /// @param expected_hmac Expected value + /// @param hmac_len Expected value length + void doHMACTest(const std::string& data, + const void* secret, + size_t secret_len, + const HashAlgorithm hash_algorithm, + const uint8_t* expected_hmac, + size_t hmac_len) { + doHMACTestConv(data, secret, secret_len, hash_algorithm, + expected_hmac, hmac_len); + doHMACTestDirect(data, secret, secret_len, hash_algorithm, + expected_hmac, hmac_len); + doHMACTestVector(data, secret, secret_len, hash_algorithm, + expected_hmac, hmac_len); + doHMACTestArray(data, secret, secret_len, hash_algorithm, + expected_hmac, hmac_len); + } +} + +// +// Test values taken from RFC 2202 +// +TEST(HMACTest, HMAC_MD5_RFC2202_SIGN) { + const uint8_t secret[] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b }; + const uint8_t hmac_expected[] = { 0x92, 0x94, 0x72, 0x7a, 0x36, + 0x38, 0xbb, 0x1c, 0x13, 0xf4, + 0x8e, 0xf8, 0x15, 0x8b, 0xfc, + 0x9d }; + doHMACTest("Hi There", secret, 16, MD5, hmac_expected, 16); + + const uint8_t hmac_expected2[] = { 0x75, 0x0c, 0x78, 0x3e, 0x6a, + 0xb0, 0xb5, 0x03, 0xea, 0xa8, + 0x6e, 0x31, 0x0a, 0x5d, 0xb7, + 0x38 }; + doHMACTest("what do ya want for nothing?", "Jefe", 4, MD5, + hmac_expected2, 16); + + std::string data3; + fillString(data3, 50, 0xdd); + const uint8_t secret3[] = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa }; + const uint8_t hmac_expected3[] = { 0x56, 0xbe, 0x34, 0x52, 0x1d, + 0x14, 0x4c, 0x88, 0xdb, 0xb8, + 0xc7, 0x33, 0xf0, 0xe8, 0xb3, + 0xf6}; + doHMACTest(data3, secret3, 16, MD5, hmac_expected3, 16); + + std::string data4; + fillString(data4, 50, 0xcd); + const uint8_t secret4[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, + 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, + 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, + 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19 }; + const uint8_t hmac_expected4[] = { 0x69, 0x7e, 0xaf, 0x0a, 0xca, + 0x3a, 0x3a, 0xea, 0x3a, 0x75, + 0x16, 0x47, 0x46, 0xff, 0xaa, + 0x79 }; + doHMACTest(data4, secret4, 25, MD5, hmac_expected4, 16); + + const uint8_t secret5[] = { 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c }; + const uint8_t hmac_expected5[] = { 0x56, 0x46, 0x1e, 0xf2, 0x34, + 0x2e, 0xdc, 0x00, 0xf9, 0xba, + 0xb9, 0x95, 0x69, 0x0e, 0xfd, + 0x4c }; + doHMACTest("Test With Truncation", secret5, 16, MD5, + hmac_expected5, 16); + doHMACTest("Test With Truncation", secret5, 16, MD5, + hmac_expected5, 12); + + std::string secret6; + fillString(secret6, 80, 0xaa); + const uint8_t hmac_expected6[] = { 0x6b, 0x1a, 0xb7, 0xfe, 0x4b, + 0xd7, 0xbf, 0x8f, 0x0b, 0x62, + 0xe6, 0xce, 0x61, 0xb9, 0xd0, + 0xcd }; + doHMACTest("Test Using Larger Than Block-Size Key - Hash Key First", + secret6.c_str(), 80, MD5, hmac_expected6, 16); + + std::string secret7; + fillString(secret7, 80, 0xaa); + const uint8_t hmac_expected7[] = { 0x6f, 0x63, 0x0f, 0xad, 0x67, + 0xcd, 0xa0, 0xee, 0x1f, 0xb1, + 0xf5, 0x62, 0xdb, 0x3a, 0xa5, + 0x3e }; + doHMACTest("Test Using Larger Than Block-Size Key and Larger Than " + "One Block-Size Data", + secret7.c_str(), 80, MD5, hmac_expected7, 16); +} + +// Temporarily disabled +TEST(HMACTest, HMAC_MD5_RFC2202_SIGN_TRUNCATED) { + const uint8_t secret5[] = { 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c }; + const uint8_t hmac_expected5[] = { 0x56, 0x46, 0x1e, 0xf2, 0x34, + 0x2e, 0xdc, 0x00, 0xf9, 0xba, + 0xb9, 0x95, 0x69, 0x0e, 0xfd, + 0x4c }; + doHMACTest("Test With Truncation", secret5, 16, MD5, + hmac_expected5, 16); + doHMACTest("Test With Truncation", secret5, 16, MD5, + hmac_expected5, 12); +} + +// +// Test values taken from RFC 2202 +// +TEST(HMACTest, HMAC_SHA1_RFC2202_SIGN) { + const uint8_t secret[] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; + const uint8_t hmac_expected[] = { 0xb6, 0x17, 0x31, 0x86, 0x55, + 0x05, 0x72, 0x64, 0xe2, 0x8b, + 0xc0, 0xb6, 0xfb, 0x37, 0x8c, + 0x8e, 0xf1, 0x46, 0xbe, 0x00 }; + doHMACTest("Hi There", secret, 20, SHA1, hmac_expected, 20); + + const uint8_t hmac_expected2[] = { 0xef, 0xfc, 0xdf, 0x6a, 0xe5, + 0xeb, 0x2f, 0xa2, 0xd2, 0x74, + 0x16, 0xd5, 0xf1, 0x84, 0xdf, + 0x9c, 0x25, 0x9a, 0x7c, 0x79 }; + doHMACTest("what do ya want for nothing?", "Jefe", 4, SHA1, + hmac_expected2, 20); + + std::string data3; + fillString(data3, 50, 0xdd); + const uint8_t secret3[] = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa }; + const uint8_t hmac_expected3[] = { 0x12, 0x5d, 0x73, 0x42, 0xb9, + 0xac, 0x11, 0xcd, 0x91, 0xa3, + 0x9a, 0xf4, 0x8a, 0xa1, 0x7b, + 0x4f, 0x63, 0xf1, 0x75, 0xd3 }; + doHMACTest(data3, secret3, 20, SHA1, hmac_expected3, 20); + + std::string data4; + fillString(data4, 50, 0xcd); + const uint8_t secret4[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, + 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, + 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, + 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19 }; + const uint8_t hmac_expected4[] = { 0x4c, 0x90, 0x07, 0xf4, 0x02, + 0x62, 0x50, 0xc6, 0xbc, 0x84, + 0x14, 0xf9, 0xbf, 0x50, 0xc8, + 0x6c, 0x2d, 0x72, 0x35, 0xda }; + doHMACTest(data4, secret4, 25, SHA1, hmac_expected4, 20); + + const uint8_t secret5[] = { 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c }; + const uint8_t hmac_expected5[] = { 0x4c, 0x1a, 0x03, 0x42, 0x4b, + 0x55, 0xe0, 0x7f, 0xe7, 0xf2, + 0x7b, 0xe1, 0xd5, 0x8b, 0xb9, + 0x32, 0x4a, 0x9a, 0x5a, 0x04 }; + doHMACTest("Test With Truncation", secret5, 20, SHA1, + hmac_expected5, 20); + doHMACTest("Test With Truncation", secret5, 20, SHA1, + hmac_expected5, 12); + + std::string secret6; + fillString(secret6, 80, 0xaa); + const uint8_t hmac_expected6[] = { 0xaa, 0x4a, 0xe5, 0xe1, 0x52, + 0x72, 0xd0, 0x0e, 0x95, 0x70, + 0x56, 0x37, 0xce, 0x8a, 0x3b, + 0x55, 0xed, 0x40, 0x21, 0x12 }; + doHMACTest("Test Using Larger Than Block-Size Key - Hash Key First", + secret6.c_str(), 80, SHA1, hmac_expected6, 20); + + std::string secret7; + fillString(secret7, 80, 0xaa); + const uint8_t hmac_expected7[] = { 0xe8, 0xe9, 0x9d, 0x0f, 0x45, + 0x23, 0x7d, 0x78, 0x6d, 0x6b, + 0xba, 0xa7, 0x96, 0x5c, 0x78, + 0x08, 0xbb, 0xff, 0x1a, 0x91 }; + doHMACTest("Test Using Larger Than Block-Size Key and Larger Than " + "One Block-Size Data", + secret7.c_str(), 80, SHA1, hmac_expected7, 20); +} + +// Temporarily disabled +TEST(HMACTest, HMAC_SHA1_RFC2202_SIGN_TRUNCATED) { + const uint8_t secret5[] = { 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c }; + const uint8_t hmac_expected5[] = { 0x4c, 0x1a, 0x03, 0x42, 0x4b, + 0x55, 0xe0, 0x7f, 0xe7, 0xf2, + 0x7b, 0xe1, 0xd5, 0x8b, 0xb9, + 0x32, 0x4a, 0x9a, 0x5a, 0x04 }; + doHMACTest("Test With Truncation", secret5, 20, SHA1, + hmac_expected5, 20); + doHMACTest("Test With Truncation", secret5, 20, SHA1, + hmac_expected5, 12); +} + +// +// Test values taken from RFC 4231 +// +// Test data from RFC4231, including secret key +// and source data, they are common for sha224/256/384/512 +// so put them together within the separate function. +void +doRFC4231Tests(HashAlgorithm hash_algorithm, + const std::vector<std::vector<uint8_t> >& hmac_list) +{ + std::vector<std::string> data_list; + std::vector<std::string> secret_list; + + data_list.push_back("Hi There"); + data_list.push_back("what do ya want for nothing?"); + std::string fiftydd; + fillString(fiftydd, 50, 0xdd); + data_list.push_back(fiftydd); + std::string fiftycd; + fillString(fiftycd, 50, 0xcd); + data_list.push_back(fiftycd); + data_list.push_back("Test With Truncation"); + data_list.push_back("Test Using Larger Than Block-Size Key - " + "Hash Key First"); + data_list.push_back("This is a test using a larger than block-size " + "key and a larger than block-size data. The key " + "needs to be hashed before being used by the HMAC " + "algorithm."); + + std::string twenty0b; + fillString(twenty0b, 20, 0x0b); + secret_list.push_back(twenty0b); + secret_list.push_back("Jefe"); + std::string twentyaa; + fillString(twentyaa, 20, 0xaa); + secret_list.push_back(twentyaa); + const uint8_t secret_array[] = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, + 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, + 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, + 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19 + }; + secret_list.push_back(std::string(secret_array, + secret_array + sizeof(secret_array))); + std::string twenty0c; + fillString(twenty0c, 20, 0x0c); + secret_list.push_back(twenty0c); + std::string alotofaa; + fillString(alotofaa, 131, 0xaa); + secret_list.push_back(alotofaa); + secret_list.push_back(alotofaa); + + // Make sure we provide a consistent size of test data + ASSERT_EQ(secret_list.size(), data_list.size()); + ASSERT_EQ(secret_list.size(), hmac_list.size()); + + for (std::vector<std::string>::size_type i = 0; + i < data_list.size(); ++i) { + SCOPED_TRACE("RFC4231 HMAC test for algorithm ID: " + + lexical_cast<std::string>(hash_algorithm) + + ", data ID: " + lexical_cast<std::string>(i)); + // Until #920 is resolved we have to skip truncation cases. + if (data_list[i] == "Test With Truncation") { + continue; + } + doHMACTest(data_list[i], secret_list[i].c_str(), secret_list[i].size(), + hash_algorithm, &hmac_list[i][0], hmac_list[i].size()); + } +} + +TEST(HMACTest, HMAC_SHA256_RFC4231_SIGN) { + std::vector<std::vector<uint8_t> > hmac_expected_list(7); + + int i = 0; + decodeHex( + "b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7", + hmac_expected_list[i++]); + decodeHex( + "5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843", + hmac_expected_list[i++]); + decodeHex( + "773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe", + hmac_expected_list[i++]); + decodeHex( + "82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b", + hmac_expected_list[i++]); + decodeHex("a3b6167473100ee06e0c796c2955552b", hmac_expected_list[i++]); + decodeHex( + "60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54", + hmac_expected_list[i++]); + decodeHex( + "9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2", + hmac_expected_list[i++]); + + doRFC4231Tests(SHA256, hmac_expected_list); +} + +// +// Test values taken from RFC 4231, test optional algorithm 224,384,512 +// +TEST(HMACTest, HMAC_SHA224_RFC4231_SIGN) { + std::vector<std::vector<uint8_t> > hmac_expected_list(7); + + int i = 0; + decodeHex("896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22", + hmac_expected_list[i++]); + decodeHex("a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44", + hmac_expected_list[i++]); + decodeHex("7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea", + hmac_expected_list[i++]); + decodeHex("6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a", + hmac_expected_list[i++]); + decodeHex("0e2aea68a90c8d37c988bcdb9fca6fa8", hmac_expected_list[i++]); + decodeHex("95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e", + hmac_expected_list[i++]); + decodeHex("3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1", + hmac_expected_list[i++]); + + doRFC4231Tests(SHA224, hmac_expected_list); +} + +TEST(HMACTest, HMAC_SHA384_RFC4231_SIGN) { + std::vector<std::vector<uint8_t> > hmac_expected_list(7); + + int i = 0; + decodeHex("afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc5" + "9cfaea9ea9076ede7f4af152e8b2fa9cb6", hmac_expected_list[i++]); + decodeHex("af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec373632244" + "5e8e2240ca5e69e2c78b3239ecfab21649", hmac_expected_list[i++]); + decodeHex("88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e5596614" + "4b2a5ab39dc13814b94e3ab6e101a34f27", hmac_expected_list[i++]); + decodeHex("3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b" + "4e6801dd23c4a7d679ccf8a386c674cffb", hmac_expected_list[i++]); + decodeHex("3abf34c3503b2a23a46efc619baef897", hmac_expected_list[i++]); + decodeHex("4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4" + "c60c2ef6ab4030fe8296248df163f44952", hmac_expected_list[i++]); + decodeHex("6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99" + "c5a678cc31e799176d3860e6110c46523e", hmac_expected_list[i++]); + + doRFC4231Tests(SHA384, hmac_expected_list); +} + +TEST(HMACTest, HMAC_SHA512_RFC4231_SIGN) { + std::vector<std::vector<uint8_t> > hmac_expected_list(7); + + int i = 0; + decodeHex("87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17c" + "dedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a12" + "6854", hmac_expected_list[i++]); + decodeHex("164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505" + "549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bc" + "e737", hmac_expected_list[i++]); + decodeHex("fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d" + "39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e132" + "92fb", hmac_expected_list[i++]); + decodeHex("b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3" + "dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a2" + "98dd", hmac_expected_list[i++]); + decodeHex("415fad6271580a531d4179bc891d87a6", hmac_expected_list[i++]); + decodeHex("80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3" + "526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d78" + "6598", hmac_expected_list[i++]); + decodeHex("e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc9" + "44b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c" + "6a58", hmac_expected_list[i++]); + + doRFC4231Tests(SHA512, hmac_expected_list); +} + +TEST(HMACTest, HMAC_SHA256_RFC2202_SIGN_TRUNCATED) { + const uint8_t secret5[] = { 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c }; + const uint8_t hmac_expected5[] = { 0xa3, 0xb6, 0x16, 0x74, 0x73, + 0x10, 0x0e, 0xe0, 0x6e, 0x0c, + 0x79, 0x6c, 0x29, 0x55, 0x55, + 0x2b }; + doHMACTest("Test With Truncation", secret5, 20, SHA256, + hmac_expected5, 16); +} + +namespace { + /// @brief Get the hash algorithm + /// @param alg Hash algorithm enum + /// @return Hash algorithm enum + HashAlgorithm + signHashAlgorithm(HashAlgorithm alg) { + boost::shared_ptr<HMAC> hmac_sign( + CryptoLink::getCryptoLink().createHMAC("asdf", 4, alg), + deleteHMAC); + return (hmac_sign->getHashAlgorithm()); + } +} + +TEST(HMACTest, HashAlgorithm) { + EXPECT_EQ(MD5, signHashAlgorithm(MD5)); + EXPECT_EQ(SHA1, signHashAlgorithm(SHA1)); + EXPECT_EQ(SHA256, signHashAlgorithm(SHA256)); + EXPECT_EQ(SHA224, signHashAlgorithm(SHA224)); + EXPECT_EQ(SHA384, signHashAlgorithm(SHA384)); + EXPECT_EQ(SHA512, signHashAlgorithm(SHA512)); +} + +namespace { + /// @brief Compute the vector signature length + /// @param alg Hash algorithm enum + /// @param len Wanted length + /// @return Effective length + size_t + sigVectorLength(HashAlgorithm alg, size_t len) { + boost::shared_ptr<HMAC> hmac_sign( + CryptoLink::getCryptoLink().createHMAC("asdf", 4, alg), + deleteHMAC); + hmac_sign->update("asdf", 4); + const std::vector<uint8_t> sig = hmac_sign->sign(len); + return (sig.size()); + } + + /// @brief Compute the buffer signature length + /// @param alg Hash algorithm enum + /// @param len Wanted length + /// @return Effective length + size_t + sigBufferLength(HashAlgorithm alg, size_t len) { + boost::shared_ptr<HMAC> hmac_sign( + CryptoLink::getCryptoLink().createHMAC("asdf", 4, alg), + deleteHMAC); + hmac_sign->update("asdf", 4); + OutputBuffer sig(0); + hmac_sign->sign(sig, len); + return (sig.getLength()); + } + + // There is no equivalent for array signature because it is copied + // in place +} + +TEST(HMACTest, HMACSigLengthArgument) { + EXPECT_EQ(8, sigVectorLength(MD5, 8)); + EXPECT_EQ(16, sigVectorLength(MD5, 16)); + EXPECT_EQ(16, sigVectorLength(MD5, 40)); + EXPECT_EQ(16, sigVectorLength(MD5, 2000)); + + EXPECT_EQ(8, sigBufferLength(SHA1, 8)); + EXPECT_EQ(20, sigBufferLength(SHA1, 20)); + EXPECT_EQ(20, sigBufferLength(SHA1, 40)); + EXPECT_EQ(20, sigBufferLength(SHA1, 2000)); + + EXPECT_EQ(8, sigBufferLength(SHA256, 8)); + EXPECT_EQ(32, sigBufferLength(SHA256, 32)); + EXPECT_EQ(32, sigBufferLength(SHA256, 40)); + EXPECT_EQ(32, sigBufferLength(SHA256, 3200)); + + EXPECT_EQ(8, sigBufferLength(MD5, 8)); + EXPECT_EQ(16, sigBufferLength(MD5, 16)); + EXPECT_EQ(16, sigBufferLength(MD5, 40)); + EXPECT_EQ(16, sigBufferLength(MD5, 2000)); + + EXPECT_EQ(8, sigBufferLength(SHA1, 8)); + EXPECT_EQ(20, sigBufferLength(SHA1, 20)); + EXPECT_EQ(20, sigBufferLength(SHA1, 40)); + EXPECT_EQ(20, sigBufferLength(SHA1, 2000)); + + EXPECT_EQ(8, sigBufferLength(SHA256, 8)); + EXPECT_EQ(32, sigBufferLength(SHA256, 32)); + EXPECT_EQ(32, sigBufferLength(SHA256, 40)); + EXPECT_EQ(32, sigBufferLength(SHA256, 3200)); +} + +// Error cases (not only BadKey) +TEST(HMACTest, BadKey) { + OutputBuffer data_buf(0); + OutputBuffer hmac_sig(0); + CryptoLink& crypto = CryptoLink::getCryptoLink(); + + EXPECT_THROW(crypto.createHMAC(NULL, 0, MD5), BadKey); + EXPECT_THROW(crypto.createHMAC(NULL, 0, UNKNOWN_HASH), UnsupportedAlgorithm); + + EXPECT_THROW(signHMAC(data_buf.getData(), data_buf.getLength(), + NULL, 0, MD5, hmac_sig), BadKey); + EXPECT_THROW(signHMAC(data_buf.getData(), data_buf.getLength(), + NULL, 0, UNKNOWN_HASH, hmac_sig), + UnsupportedAlgorithm); + + EXPECT_THROW(verifyHMAC(data_buf.getData(), data_buf.getLength(), + NULL, 0, MD5, hmac_sig.getData(), + hmac_sig.getLength()), BadKey); + EXPECT_THROW(verifyHMAC(data_buf.getData(), data_buf.getLength(), + NULL, 0, UNKNOWN_HASH, hmac_sig.getData(), + hmac_sig.getLength()), + UnsupportedAlgorithm); +} diff --git a/src/lib/cryptolink/tests/run_unittests.cc b/src/lib/cryptolink/tests/run_unittests.cc new file mode 100644 index 0000000..b2e8e4f --- /dev/null +++ b/src/lib/cryptolink/tests/run_unittests.cc @@ -0,0 +1,18 @@ +// Copyright (C) 2011-2016 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +#include <config.h> +#include <gtest/gtest.h> + +#include <log/logger_support.h> +#include <util/unittests/run_all.h> + +int +main(int argc, char* argv[]) { + ::testing::InitGoogleTest(&argc, argv); + isc::log::initLogger(); + return (isc::util::unittests::run_all()); +} |