Standards-Version: 3.9.8
Maintainer: PowerDNS Autobuilder <powerdns.support@powerdns.com>
Origin: PowerDNS
-Build-Depends: debhelper (>= 9~), dh-autoreconf, dh-systemd, po-debconf, libtool, flex, bison, libmysqlclient-dev, libpq-dev, libssl-dev, libgdbm-dev, libldap2-dev, libsqlite3-dev, dpkg-dev (>= 1.17.0~), libboost-dev, libboost-serialization-dev, libboost-program-options-dev, libboost-test-dev, autotools-dev, automake, autoconf, liblua5.2-dev, pkg-config, ragel, libgmp-dev, libbotan1.10-dev, libcurl4-openssl-dev, libzmq-dev, libyaml-cpp-dev (>= 0.5), libgeoip-dev, libopendbx1-dev, libcdb-dev, unixodbc-dev (>= 2.3.1), libprotobuf-dev, protobuf-compiler @LIBSYSTEMDDEV@
+Build-Depends: debhelper (>= 9~), dh-autoreconf, dh-systemd, po-debconf, libtool, flex, bison, libmysqlclient-dev, libpq-dev, libssl-dev, libgdbm-dev, libldap2-dev, libsqlite3-dev, dpkg-dev (>= 1.17.0~), libboost-dev, libboost-serialization-dev, libboost-program-options-dev, libboost-test-dev, autotools-dev, automake, autoconf, liblua5.2-dev, pkg-config, ragel, libgmp-dev, libcurl4-openssl-dev, libzmq-dev, libyaml-cpp-dev (>= 0.5), libgeoip-dev, libopendbx1-dev, libcdb-dev, unixodbc-dev (>= 2.3.1), libprotobuf-dev, protobuf-compiler @LIBSYSTEMDDEV@
Homepage: http://www.powerdns.com/
Package: pdns-server
AC_DEFUN([PDNS_ENABLE_BOTAN],[
- AC_MSG_CHECKING([whether we will be linking in Botan])
+ AC_MSG_CHECKING([whether we will be linking in Botan 2.x])
AC_ARG_ENABLE([botan],
[AS_HELP_STRING([--enable-botan],[use Botan @<:@default=no@:>@])],
[enable_botan=$enableval],
AM_CONDITIONAL(BOTAN, [test "x$enable_botan" != "xno"])
AS_IF([test "x$enable_botan" != "xno"], [
- PKG_CHECK_MODULES([BOTAN], [botan-1.10],
+ PKG_CHECK_MODULES([BOTAN], [botan-2],
[AC_DEFINE([HAVE_BOTAN],[1],[Define to 1 if you have botan])],
- [
- PKG_CHECK_MODULES([BOTAN], [botan-2],
- [AC_DEFINE([HAVE_BOTAN],[1],[Define to 1 if you have botan])],
- [AC_MSG_ERROR([Could not find botan])]
- )
- ]
+ [AC_MSG_ERROR([Could not find botan])]
)]
)
])
explicit GOSTDNSCryptoKeyEngine(unsigned int algorithm) : DNSCryptoKeyEngine(algorithm) {}
~GOSTDNSCryptoKeyEngine(){}
void create(unsigned int bits) override;
-#if BOTAN_VERSION_MAJOR < 2
- string getName() const override { return "Botan 1.10 GOST"; }
-#else
string getName() const override { return "Botan 2 GOST"; }
-#endif
storvector_t convertToISCVector() const override;
std::string getPubKeyHash() const override;
std::string sign(const std::string& msg) const override;
}
private:
-#if BOTAN_VERSION_MAJOR < 2
- static EC_Domain_Params getParams()
- {
- return EC_Domain_Params("1.2.643.2.2.35.1");
- }
-#else
static EC_Group getParams()
{
return EC_Group("gost_256A");
}
-#endif
shared_ptr<GOST_3410_PrivateKey> d_key;
shared_ptr<GOST_3410_PublicKey> d_pubkey;
BigInt decode_le(const byte msg[], size_t msg_len)
{
-#if BOTAN_VERSION_MAJOR < 2
- SecureVector<byte> msg_le(msg, msg_len);
-#else
Botan::secure_vector<byte> msg_le(msg, msg + msg_len);
-#endif
for(size_t i = 0; i != msg_le.size() / 2; ++i)
std::swap(msg_le[i], msg_le[msg_le.size()-1-i]);
size_t part_size = std::max(x.bytes(), y.bytes());
-#if BOTAN_VERSION_MAJOR < 2
- MemoryVector<byte> bits(2*part_size);
-#else
std::vector<byte> bits(2*part_size);
-#endif
x.binary_encode(&bits[part_size - x.bytes()]);
y.binary_encode(&bits[2*part_size - y.bytes()]);
std::string GOSTDNSCryptoKeyEngine::sign(const std::string& msg) const
{
AutoSeeded_RNG rng;
-#if BOTAN_VERSION_MAJOR < 2
- GOST_3410_Signature_Operation ops(*d_key);
-
- string hash= this->hash(msg);
- SecureVector<byte> signature=ops.sign((byte*)hash.c_str(), hash.length(), rng);
-
-#if BOTAN_VERSION_CODE <= BOTAN_VERSION_CODE_FOR(1,9,12) // see http://bit.ly/gTytUf
- string reversed((const char*)signature.begin()+ signature.size()/2, signature.size()/2);
- reversed.append((const char*)signature.begin(), signature.size()/2);
- return reversed;
-#else
- return string((const char*)signature.begin(), (const char*) signature.end());
-#endif
-
-#else /* BOTAN_VERSION_MAJOR < 2 */
PK_Signer signer(*d_key, rng, "Raw");
signer.update(hash(msg));
auto signature = signer.signature(rng);
return string(signature.begin(), signature.end());
-#endif /* BOTAN_VERSION_MAJOR < 2*/
}
std::string GOSTDNSCryptoKeyEngine::hash(const std::string& orig) const
bool GOSTDNSCryptoKeyEngine::verify(const std::string& message, const std::string& signature) const
{
std::shared_ptr<GOST_3410_PublicKey> pk = d_pubkey ? d_pubkey : d_key;
-#if BOTAN_VERSION_MAJOR < 2
- string hash = this->hash(message);
-
- GOST_3410_Verification_Operation ops(*pk);
-#if BOTAN_VERSION_CODE <= BOTAN_VERSION_CODE_FOR(1,9,12) // see http://bit.ly/gTytUf
- string rsignature(signature.substr(32));
- rsignature.append(signature.substr(0,32));
- return ops.verify ((byte*)hash.c_str(), hash.length(), (byte*)rsignature.c_str(), rsignature.length());
-#else
- return ops.verify ((byte*)hash.c_str(), hash.length(), (byte*)signature.c_str(), signature.length());
-#endif
-
-#else /* BOTAN_VERSION_MAJOR < 2 */
PK_Verifier verifier(*pk, "Raw");
verifier.update(hash(message));
return verifier.check_signature(reinterpret_cast<const uint8_t*>(signature.c_str()), signature.size());
-#endif /* BOTAN_VERSION_MAJOR < 2*/
}
/*
{
LoaderStruct()
{
-#if BOTAN_VERSION_MAJOR < 2
- new Botan::LibraryInitializer("thread_safe=true");
- // this leaks, but is fine
- Botan::global_state().set_default_allocator("malloc"); // the other Botan allocator slows down for us
-#endif /* BOTAN_VERSION_MAJOR < 2*/
-
DNSCryptoKeyEngine::report(12, &GOSTDNSCryptoKeyEngine::maker);
}
-} loaderBotan110;
+} loaderBotan2;
}
projects / pdns / commitdiff