[trac781] catch all (unexpected) Botan errors and rethrow them as LibraryError

author: Jelte Jansen <jelte@isc.org> 2011-04-20 16:45:28 +0200
committer: Jelte Jansen <jelte@isc.org> 2011-04-20 16:45:28 +0200
commit: 246e56b3bb7792789b3aa891e21e580976d9e7be (patch)
tree: 259400d203c46d47068c4ed9721c607732985059 /src/lib/cryptolink/crypto_hmac.cc
parent: [trac781] move signHMAC and verifyHMAC to hmac files (diff)
download: kea-246e56b3bb7792789b3aa891e21e580976d9e7be.tar.xz
kea-246e56b3bb7792789b3aa891e21e580976d9e7be.zip
1 files changed, 46 insertions, 22 deletions
diff --git a/src/lib/cryptolink/crypto_hmac.cc b/src/lib/cryptolink/crypto_hmac.cc
index 564ad09ac8..dea85714bb 100644
--- a/src/lib/cryptolink/crypto_hmac.cc
+++ b/src/lib/cryptolink/crypto_hmac.cc
@@ -47,6 +47,8 @@ public:
         } catch (const Botan::Algorithm_Not_Found&) {
             isc_throw(isc::cryptolink::UnsupportedAlgorithm,
                       "Unknown hash algorithm: " + hash_algorithm);
+        } catch (const Botan::Exception& exc) {
+            isc_throw(isc::cryptolink::LibraryError, exc.what());
         }
 
         hmac_.reset(new Botan::HMAC::HMAC(hash));
@@ -65,6 +67,8 @@ public:
             }
         } catch (const Botan::Invalid_Key_Length& ikl) {
             isc_throw(BadKey, ikl.what());
+        } catch (const Botan::Exception& exc) {
+            isc_throw(isc::cryptolink::LibraryError, exc.what());
         }
     }
 
@@ -75,33 +79,49 @@ public:
     }
 
     void update(const void* data, const size_t len) {
-        hmac_->update(static_cast<const Botan::byte*>(data), len);
+        try {
+            hmac_->update(static_cast<const Botan::byte*>(data), len);
+        } catch (const Botan::Exception& exc) {
+            isc_throw(isc::cryptolink::LibraryError, exc.what());
+        }
     }
 
     void sign(isc::dns::OutputBuffer& result, size_t len) {
-        Botan::SecureVector<Botan::byte> b_result(hmac_->final());
-
-        if (len == 0 || len > b_result.size()) {
-            len = b_result.size();
+        try {
+            Botan::SecureVector<Botan::byte> b_result(hmac_->final());
+    
+            if (len == 0 || len > b_result.size()) {
+                len = b_result.size();
+            }
+            result.writeData(b_result.begin(), len);
+        } catch (const Botan::Exception& exc) {
+            isc_throw(isc::cryptolink::LibraryError, exc.what());
         }
-        result.writeData(b_result.begin(), len);
     }
 
     void sign(void* result, size_t len) {
-        Botan::SecureVector<Botan::byte> b_result(hmac_->final());
-        size_t output_size = getOutputLength();
-        if (output_size > len) {
-            output_size = len;
+        try {
+            Botan::SecureVector<Botan::byte> b_result(hmac_->final());
+            size_t output_size = getOutputLength();
+            if (output_size > len) {
+                output_size = len;
+            }
+            memcpy(result, b_result.begin(), output_size);
+        } catch (const Botan::Exception& exc) {
+            isc_throw(isc::cryptolink::LibraryError, exc.what());
         }
-        memcpy(result, b_result.begin(), output_size);
     }
 
     std::vector<uint8_t> sign(size_t len) {
-        Botan::SecureVector<Botan::byte> b_result(hmac_->final());
-        if (len == 0 || len > b_result.size()) {
-            return (std::vector<uint8_t>(b_result.begin(), b_result.end()));
-        } else {
-            return (std::vector<uint8_t>(b_result.begin(), &b_result[len]));
+        try {
+            Botan::SecureVector<Botan::byte> b_result(hmac_->final());
+            if (len == 0 || len > b_result.size()) {
+                return (std::vector<uint8_t>(b_result.begin(), b_result.end()));
+            } else {
+                return (std::vector<uint8_t>(b_result.begin(), &b_result[len]));
+            }
+        } catch (const Botan::Exception& exc) {
+            isc_throw(isc::cryptolink::LibraryError, exc.what());
         }
     }
 
@@ -110,13 +130,17 @@ public:
         // Botan's verify_mac checks if len matches the output_length,
         // which causes it to fail for truncated signatures, so we do
         // the check ourselves
-        Botan::SecureVector<Botan::byte> our_mac = hmac_->final();
-        if (len == 0 || len > getOutputLength()) {
-            len = getOutputLength();
+        try {
+            Botan::SecureVector<Botan::byte> our_mac = hmac_->final();
+            if (len == 0 || len > getOutputLength()) {
+                len = getOutputLength();
+            }
+            return (Botan::same_mem(&our_mac[0],
+                                    static_cast<const unsigned char*>(sig),
+                                    len));
+        } catch (const Botan::Exception& exc) {
+            isc_throw(isc::cryptolink::LibraryError, exc.what());
         }
-        return (Botan::same_mem(&our_mac[0],
-                                static_cast<const unsigned char*>(sig),
-                                len));
     }
 
 private:
author	Jelte Jansen <jelte@isc.org>	2011-04-20 16:45:28 +0200
committer	Jelte Jansen <jelte@isc.org>	2011-04-20 16:45:28 +0200
commit	246e56b3bb7792789b3aa891e21e580976d9e7be (patch)
tree	259400d203c46d47068c4ed9721c607732985059 /src/lib/cryptolink/crypto_hmac.cc
parent	[trac781] move signHMAC and verifyHMAC to hmac files (diff)
download	kea-246e56b3bb7792789b3aa891e21e580976d9e7be.tar.xz kea-246e56b3bb7792789b3aa891e21e580976d9e7be.zip