]>
Commit | Line | Data |
---|---|---|
ac5298aa PL |
1 | /* |
2 | * This file is part of PowerDNS or dnsdist. | |
3 | * Copyright -- PowerDNS.COM B.V. and its contributors | |
4 | * | |
5 | * This program is free software; you can redistribute it and/or modify | |
6 | * it under the terms of version 2 of the GNU General Public License as | |
7 | * published by the Free Software Foundation. | |
8 | * | |
9 | * In addition, for the avoidance of any doubt, permission is granted to | |
10 | * link this program with OpenSSL and to (re)distribute the binaries | |
11 | * produced as the result of such linking. | |
12 | * | |
13 | * This program is distributed in the hope that it will be useful, | |
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
16 | * GNU General Public License for more details. | |
17 | * | |
18 | * You should have received a copy of the GNU General Public License | |
19 | * along with this program; if not, write to the Free Software | |
20 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
21 | */ | |
22 | ||
23 | #include "dnsname.hh" | |
24 | #include "base64.hh" | |
25 | #include "dns_random.hh" | |
26 | #include "misc.hh" | |
27 | #include "pdnsexception.hh" | |
050e6877 | 28 | #include "tsigutils.hh" |
ac5298aa PL |
29 | #include <string> |
30 | ||
31 | /* | |
32 | * Returns a generated Base64'd TSIG key | |
33 | * | |
34 | * Will raise a PDNSException() if algorithm is invalid | |
35 | */ | |
36 | std::string makeTSIGKey(const DNSName& algorithm) { | |
37 | TSIGHashEnum tsigHashEnum; | |
38 | if (!getTSIGHashEnum(algorithm, tsigHashEnum)) { | |
39 | throw PDNSException("Invalid TSIG algorithm: " + algorithm.toStringNoDot()); | |
40 | } | |
41 | ||
42 | size_t klen = 64; | |
43 | if (tsigHashEnum == TSIG_MD5 | |
44 | || tsigHashEnum == TSIG_SHA1 | |
45 | || tsigHashEnum == TSIG_SHA224) { | |
46 | klen = 32; | |
47 | } | |
48 | ||
a49c8752 PL |
49 | string tmpkey; |
50 | tmpkey.resize(klen); | |
51 | ||
17a1a693 PL |
52 | // Fill out the key |
53 | for (size_t i = 0; i < klen; i += sizeof(uint32_t)) { | |
54 | uint32_t t = dns_random(std::numeric_limits<uint32_t>::max()); | |
55 | memcpy(&tmpkey.at(i), &t, sizeof(uint32_t)); | |
ac5298aa | 56 | } |
17a1a693 | 57 | |
a49c8752 | 58 | return Base64Encode(tmpkey); |
ac5298aa | 59 | } |