Introduce DNSCryptoKeyEngine::makeFromPEMString

diff --git a/pdns/dnssecinfra.cc b/pdns/dnssecinfra.cc
index 9dddd17f056777dcbbbac39a7055416f00518b1d..50479d5ee788d6a956b24fa6e81041ae12662848 100644 (file)
--- a/pdns/dnssecinfra.cc
+++ b/pdns/dnssecinfra.cc
@@ -177,6 +177,13 @@ std::unique_ptr<DNSCryptoKeyEngine> DNSCryptoKeyEngine::makeFromPEMFile(DNSKEYRe
   return maker;
 }
 
+std::unique_ptr<DNSCryptoKeyEngine> DNSCryptoKeyEngine::makeFromPEMString(DNSKEYRecordContent& drc, uint8_t algorithm, const std::string& contents)
+{
+  auto maker = DNSCryptoKeyEngine::make(algorithm);
+  maker->createFromPEMString(drc, contents);
+  return maker;
+}
+
 std::string DNSCryptoKeyEngine::convertToISC() const
 {
   storvector_t storvector = this->convertToISCVector();

diff --git a/pdns/dnssecinfra.hh b/pdns/dnssecinfra.hh
index 1169ee7c28bbf59d44e3ecfd4da5026d366f54e6..b0f80af2464b18cf890e46e1878d0e94724a21a3 100644 (file)
--- a/pdns/dnssecinfra.hh
+++ b/pdns/dnssecinfra.hh
@@ -52,6 +52,24 @@ class DNSCryptoKeyEngine
       throw std::runtime_error("Can't create key from PEM contents");
     }
 
+    /**
+     * \brief Creates a key engine from a PEM string.
+     *
+     * Receives PEM contents and creates a key engine.
+     *
+     * \param[in] drc Key record contents to be populated.
+     *
+     * \param[in] contents The PEM string contents.
+     *
+     * \return A key engine populated with the contents of the PEM string.
+     */
+    void createFromPEMString(DNSKEYRecordContent& drc, const std::string& contents)
+    {
+      // NOLINTNEXTLINE(*-cast): POSIX APIs.
+      unique_ptr<std::FILE, decltype(&std::fclose)> inputFile{fmemopen(const_cast<char*>(contents.data()), contents.length(), "r"), &std::fclose};
+      createFromPEMFile(drc, *inputFile);
+    }
+
     [[nodiscard]] virtual storvector_t convertToISCVector() const =0;
     [[nodiscard]] std::string convertToISC() const ;
 
@@ -107,6 +125,24 @@ class DNSCryptoKeyEngine
      */
     static std::unique_ptr<DNSCryptoKeyEngine> makeFromPEMFile(DNSKEYRecordContent& drc, uint8_t algorithm, std::FILE& inputFile, const std::string& filename);
 
+    /**
+     * \brief Creates a key engine from a PEM string.
+     *
+     * Receives PEM contents and creates a key engine corresponding to the algorithm
+     * requested.
+     *
+     * \param[in] drc Key record contents to be populated.
+     *
+     * \param[in] algorithm Which algorithm to use. See
+     * https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml
+     *
+     * \param[in] contents The PEM contents.
+     *
+     * \return A key engine corresponding to the requested algorithm and populated with
+     * the contents of the PEM string.
+     */
+    static std::unique_ptr<DNSCryptoKeyEngine> makeFromPEMString(DNSKEYRecordContent& drc, uint8_t algorithm, const std::string& contents);
+
     static std::unique_ptr<DNSCryptoKeyEngine> makeFromISCString(DNSKEYRecordContent& drc, const std::string& content);
     static std::unique_ptr<DNSCryptoKeyEngine> makeFromPublicKeyString(unsigned int algorithm, const std::string& raw);
     static std::unique_ptr<DNSCryptoKeyEngine> make(unsigned int algorithm);

diff --git a/pdns/test-signers.cc b/pdns/test-signers.cc
index 1c9b46142456ae3b8aab6eb65971eba8ecf847a8..1abb7d960f81f80623c88377d7394a4f28fb79d6 100644 (file)
--- a/pdns/test-signers.cc
+++ b/pdns/test-signers.cc
@@ -458,12 +458,8 @@ BOOST_FIXTURE_TEST_CASE(test_generic_signers, Fixture)
     auto dcke = std::shared_ptr<DNSCryptoKeyEngine>(DNSCryptoKeyEngine::makeFromISCString(drc, signer.iscMap));
     test_generic_signer(dcke, drc, signer, message);
 
-    unique_ptr<std::FILE, decltype(&std::fclose)> inputFile{fmemopen((void*)signer.pem.c_str(), signer.pem.length(), "r"), &std::fclose};
-    // NOLINTNEXTLINE(cppcoreguidelines-pro-type-vararg): Boost stuff.
-    BOOST_REQUIRE(inputFile.get() != nullptr);
-
     DNSKEYRecordContent pemDRC;
-    shared_ptr<DNSCryptoKeyEngine> pemKey{DNSCryptoKeyEngine::makeFromPEMFile(pemDRC, signer.algorithm, *inputFile, "<buffer>")};
+    shared_ptr<DNSCryptoKeyEngine> pemKey{DNSCryptoKeyEngine::makeFromPEMString(pemDRC, signer.algorithm, signer.pem)};
 
     BOOST_CHECK_EQUAL(pemKey->convertToISC(), dcke->convertToISC());