} catch (const std::runtime_error& error){
throw runtime_error("The algorithm does not support the given bit size.");
}
- dspk.setKey(dpk);
dspk.d_algorithm = algorithm;
dspk.d_flags = setSEPBit ? 257 : 256;
+ dspk.setKey(dpk);
return addKey(name, dspk, id, active, published) && clearKeyCache(name);
}
DNSSECPrivateKey dpk;
DNSKEYRecordContent dkrc;
auto key = shared_ptr<DNSCryptoKeyEngine>(DNSCryptoKeyEngine::makeFromISCString(dkrc, kd.content));
- dpk.setKey(key);
dpk.d_flags = kd.flags;
dpk.d_algorithm = dkrc.d_algorithm;
+ dpk.setKey(key);
return dpk;
}
DNSSECPrivateKey dpk;
DNSKEYRecordContent dkrc;
auto key = shared_ptr<DNSCryptoKeyEngine>(DNSCryptoKeyEngine::makeFromISCString(dkrc, kd.content));
- dpk.setKey(key);
-
dpk.d_flags = kd.flags;
dpk.d_algorithm = dkrc.d_algorithm;
+ dpk.setKey(key);
KeyMetaData kmd;
}
}
-DNSKEYRecordContent DNSSECPrivateKey::getDNSKEY() const
+const DNSKEYRecordContent& DNSSECPrivateKey::getDNSKEY() const
{
- return makeDNSKEYFromDNSCryptoKeyEngine(getKey(), d_algorithm, d_flags);
+ return d_dnskey;
+}
+
+void DNSSECPrivateKey::computeDNSKEY()
+{
+ d_dnskey = makeDNSKEYFromDNSCryptoKeyEngine(getKey(), d_algorithm, d_flags);
}
static string calculateHMAC(const std::string& key, const std::string& text, TSIGHashEnum hasher) {
{
d_key = key;
d_algorithm = d_key->getAlgorithm();
+ computeDNSKEY();
}
void setKey(std::unique_ptr<DNSCryptoKeyEngine>&& key)
{
d_key = std::move(key);
d_algorithm = d_key->getAlgorithm();
+ computeDNSKEY();
}
- DNSKEYRecordContent getDNSKEY() const;
+ const DNSKEYRecordContent& getDNSKEY() const;
uint16_t d_flags;
uint8_t d_algorithm;
private:
+ void computeDNSKEY();
+
+ DNSKEYRecordContent d_dnskey;
std::shared_ptr<DNSCryptoKeyEngine> d_key;
};
}
DNSSECPrivateKey dpk;
- dpk.setKey(key);
pdns::checked_stoi_into(dpk.d_algorithm, cmds.at(3));
if (dpk.d_algorithm == DNSSECKeeper::RSASHA1NSEC3SHA1) {
else {
dpk.d_flags = 257; // ksk
}
+ dpk.setKey(key);
int64_t id;
if (!dk.addKey(DNSName(zone), dpk, id)) {
DNSSECPrivateKey dpk;
DNSKEYRecordContent drc;
shared_ptr<DNSCryptoKeyEngine> key(DNSCryptoKeyEngine::makeFromISCFile(drc, fname.c_str()));
- dpk.setKey(key);
dpk.d_algorithm = drc.d_algorithm;
if(dpk.d_algorithm == DNSSECKeeper::RSASHA1NSEC3SHA1)
return 1;
}
}
+ dpk.setKey(key);
int64_t id;
if (!dk.addKey(DNSName(zone), dpk, id, active, published)) {
cerr<<"Adding key failed, perhaps DNSSEC not enabled in configuration?"<<endl;
}
}
dpk->create(bits);
- dspk.setKey(dpk);
dspk.d_algorithm = algorithm;
dspk.d_flags = keyOrZone ? 257 : 256;
+ dspk.setKey(dpk);
// print key to stdout
cout << "Flags: " << dspk.d_flags << endl <<
dcke->create(dcke->getBits());
DNSSECPrivateKey dpk;
dpk.d_flags = 256;
- dpk.setKey(std::move(dcke));
/* Fake algorithm number (private) */
dpk.d_algorithm = 253;
+ dpk.setKey(std::move(dcke));
DSRecordContent drc = makeDSFromDNSKey(target, dpk.getDNSKEY(), DNSSECKeeper::DIGEST_SHA256);
keys[target] = std::pair<DNSSECPrivateKey, DSRecordContent>(dpk, drc);
DNSKEYRecordContent drc;
auto dcke = std::shared_ptr<DNSCryptoKeyEngine>(DNSCryptoKeyEngine::makeFromISCString(drc, signer.iscMap));
DNSSECPrivateKey dpk;
- dpk.setKey(dcke);
dpk.d_flags = signer.rfcFlags;
+ dpk.setKey(dcke);
sortedRecords_t rrs;
/* values taken from rfc8080 for ed25519 and ed448, rfc5933 for gost */
BOOST_CHECK_EQUAL(drc.d_algorithm, signer.algorithm);
DNSSECPrivateKey dpk;
- dpk.setKey(dcke);
dpk.d_flags = signer.flags;
+ dpk.setKey(dcke);
drc = dpk.getDNSKEY();
BOOST_CHECK_EQUAL(drc.d_algorithm, signer.algorithm);
projects / thirdparty / pdns.git / commitdiff
