throw runtime_error("The algorithm does not support the given bit size.");
}
DNSSECPrivateKey dspk;
- dspk.setKey(dpk, setSEPBit ? 257 : 256);
- dspk.setAlgorithm(algorithm);
+ dspk.setKey(dpk, setSEPBit ? 257 : 256, algorithm);
return addKey(name, dspk, id, active, published) && clearKeyCache(name);
}
DNSKEYRecordContent dkrc;
auto key = shared_ptr<DNSCryptoKeyEngine>(DNSCryptoKeyEngine::makeFromISCString(dkrc, kd.content));
DNSSECPrivateKey dpk;
- dpk.setKey(key, kd.flags);
- dpk.setAlgorithm(dkrc.d_algorithm);
+ dpk.setKey(key, kd.flags, dkrc.d_algorithm);
return dpk;
}
DNSKEYRecordContent dkrc;
auto key = shared_ptr<DNSCryptoKeyEngine>(DNSCryptoKeyEngine::makeFromISCString(dkrc, kd.content));
DNSSECPrivateKey dpk;
- dpk.setKey(key, kd.flags);
- dpk.setAlgorithm(dkrc.d_algorithm);
+ dpk.setKey(key, kd.flags, dkrc.d_algorithm);
KeyMetaData kmd;
}
// be aware that calling setKey() will also set the algorithm
- void setKey(std::shared_ptr<DNSCryptoKeyEngine>& key, uint16_t flags)
+ void setKey(std::shared_ptr<DNSCryptoKeyEngine>& key, uint16_t flags, std::optional<uint8_t> algorithm = std::nullopt)
{
d_key = key;
d_flags = flags;
- d_algorithm = d_key->getAlgorithm();
+ d_algorithm = algorithm ? *algorithm : d_key->getAlgorithm();
computeDNSKEY();
}
// be aware that calling setKey() will also set the algorithm
- void setKey(std::unique_ptr<DNSCryptoKeyEngine>&& key, uint16_t flags)
+ void setKey(std::unique_ptr<DNSCryptoKeyEngine>&& key, uint16_t flags, std::optional<uint8_t> algorithm = std::nullopt)
{
d_key = std::move(key);
d_flags = flags;
- d_algorithm = d_key->getAlgorithm();
+ d_algorithm = algorithm ? *algorithm : d_key->getAlgorithm();
computeDNSKEY();
}
return d_algorithm;
}
- void setAlgorithm(uint8_t algo)
- {
- d_algorithm = algo;
- }
-
private:
void computeDNSKEY();
else {
flags = 257; // ksk
}
- dpk.setKey(key, flags);
- dpk.setAlgorithm(algo);
+ dpk.setKey(key, flags, algo);
int64_t id;
if (!dk.addKey(DNSName(zone), dpk, id)) {
}
DNSSECPrivateKey dpk;
- dpk.setKey(key, flags);
-
- if (dpk.getAlgorithm() == DNSSECKeeper::RSASHA1NSEC3SHA1) {
- dpk.setAlgorithm(DNSSECKeeper::RSASHA1);
+ uint8_t algo = key->getAlgorithm();
+ if (algo == DNSSECKeeper::RSASHA1NSEC3SHA1) {
+ algo = DNSSECKeeper::RSASHA1;
}
+ dpk.setKey(key, flags, algo);
int64_t id;
if (!dk.addKey(DNSName(zone), dpk, id, active, published)) {
}
dpk->create(bits);
DNSSECPrivateKey dspk;
- dspk.setKey(dpk, keyOrZone ? 257 : 256);
- dspk.setAlgorithm(algorithm);
+ dspk.setKey(dpk, keyOrZone ? 257 : 256, algorithm);
// print key to stdout
cout << "Flags: " << dspk.getFlags() << endl <<
auto dcke = DNSCryptoKeyEngine::make(DNSSECKeeper::ECDSA256);
dcke->create(dcke->getBits());
DNSSECPrivateKey dpk;
- dpk.setKey(std::move(dcke), 256);
/* Fake algorithm number (private) */
- dpk.setAlgorithm(253);
+ dpk.setKey(std::move(dcke), 256, 253);
DSRecordContent drc = makeDSFromDNSKey(target, dpk.getDNSKEY(), DNSSECKeeper::DIGEST_SHA256);
keys[target] = std::pair<DNSSECPrivateKey, DSRecordContent>(dpk, drc);
}
uint8_t algorithm = dkrc.d_algorithm;
- dpk.setKey(dke, flags);
// TODO remove in 4.2.0
if (algorithm == DNSSECKeeper::RSASHA1NSEC3SHA1) {
- dpk.setAlgorithm(DNSSECKeeper::RSASHA1);
+ algorithm = DNSSECKeeper::RSASHA1;
}
+ dpk.setKey(dke, flags, algorithm);
}
catch (std::runtime_error& error) {
throw ApiException("Key could not be parsed. Make sure your key format is correct.");
projects / thirdparty / pdns.git / commitdiff
