il y a 14 ans · c374a5c5a3
--- a/src/lib/crypto/crypto.cc
+++ b/src/lib/crypto/crypto.cc
@@ -138,11 +138,11 @@ signHMAC(const void* data, size_t data_len, TSIGKey key,
 
																 bool
															
 
																 verifyHMAC(const void* data, size_t data_len, TSIGKey key,
															
 
																-           const isc::dns::OutputBuffer& result)
															
 
																+           const void* sig, size_t sig_len)
															
 
																 {
															
 
																     HMAC hmac(key);
															
 
																     hmac.update(data, data_len);
															
 
																-    return (hmac.verify(result.getData(), result.getLength()));
															
 
																+    return (hmac.verify(sig, sig_len));
															
 
																 }
															
 
																 } // namespace crypto
															
--- a/src/lib/crypto/crypto.h
+++ b/src/lib/crypto/crypto.h
@@ -138,7 +138,8 @@ void signHMAC(const void* data,
 
																 bool verifyHMAC(const void* data,
															
 
																                 size_t data_len,
															
 
																                 isc::dns::TSIGKey key,
															
 
																-                const isc::dns::OutputBuffer& mac);
															
 
																+                const void* sig,
															
 
																+                size_t sig_len);
															
 
																 } // namespace crypto
															
 
																 } // namespace isc
															
--- a/src/lib/crypto/tests/crypto_unittests.cc
+++ b/src/lib/crypto/tests/crypto_unittests.cc
@@ -49,13 +49,15 @@ namespace {
 
																         // Check whether we can verify it ourselves
															
 
																         EXPECT_TRUE(verifyHMAC(data_buf.getData(), data_buf.getLength(),
															
 
																-                               key, hmac_sig));
															
 
																+                               key, hmac_sig.getData(),
															
 
																+                               hmac_sig.getLength()));
															
 
																         // Change the sig by flipping the first octet, and check
															
 
																         // whether verification fails then
															
 
																         hmac_sig.writeUint8At(~hmac_sig[0], 0);
															
 
																         EXPECT_FALSE(verifyHMAC(data_buf.getData(), data_buf.getLength(),
															
 
																-                               key, hmac_sig));
															
 
																+                               key, hmac_sig.getData(),
															
 
																+                               hmac_sig.getLength()));
															
 
																     }
															
 
																 }
															
@@ -291,5 +293,6 @@ TEST(CryptoTest, BadKey) {
 
																     EXPECT_THROW(signHMAC(data_buf.getData(), data_buf.getLength(),
															
 
																                           bad_key, hmac_sig), BadKey);
															
 
																     EXPECT_THROW(verifyHMAC(data_buf.getData(), data_buf.getLength(),
															
 
																-                            bad_key, hmac_sig), BadKey);
															
 
																+                            bad_key, hmac_sig.getData(),
															
 
																+                            hmac_sig.getLength()), BadKey);
															
 
																 }