Required for private resolver.

diff --git a/includes/isc/dst.h b/includes/isc/dst.h
new file mode 100644 (file)
index 0000000..ee2a60c
--- /dev/null
+++ b/includes/isc/dst.h
@@ -0,0 +1,142 @@
+#ifndef DST_H
+#define DST_H
+
+#ifndef HAS_DST_KEY
+typedef struct dst_key {
+       char    *dk_key_name;   /* name of the key */
+       int     dk_key_size;    /* this is the size of the key in bits */
+       int     dk_proto;       /* what protocols this key can be used for */
+       int     dk_alg;         /* algorithm number from key record */
+       u_int32_t dk_flags;     /* and the flags of the public key */
+       unsigned dk_id;        /* identifier of the key */
+} DST_KEY;
+#endif /* HAS_DST_KEY */
+
+/* 
+ * DST Crypto API defintions 
+ */
+void     dst_init(void);
+int      dst_check_algorithm(const int);
+
+int dst_sign_data(const int mode,       /* specifies INIT/UPDATE/FINAL/ALL */
+                 DST_KEY *in_key,       /* the key to use */
+                 void **context,        /* pointer to state structure */
+                 const u_char *data,    /* data to be signed */
+                 const unsigned len,    /* length of input data */
+                 u_char *signature,     /* buffer to write signature to */
+                 const unsigned sig_len); /* size of output buffer */
+
+int dst_verify_data(const int mode,     /* specifies INIT/UPDATE/FINAL/ALL */
+                   DST_KEY *in_key,     /* the key to use */
+                   void **context,      /* pointer to state structure */
+                   const u_char *data,  /* data to be verified */
+                   const unsigned len,  /* length of input data */
+                   const u_char *signature,/* buffer containing signature */
+                   const unsigned sig_len);     /* length of signature */
+
+
+DST_KEY *dst_read_key(const char *in_name,   /* name of key */
+                     const unsigned in_id, /* key tag identifier */
+                     const int in_alg,      /* key algorithm */
+                     const int key_type);   /* Private/PublicKey wanted*/
+
+int      dst_write_key(const DST_KEY *key,  /* key to write out */
+                      const int key_type); /* Public/Private */
+
+DST_KEY *dst_dnskey_to_key(const char *in_name,        /* KEY record name */
+                          const u_char *key,   /* KEY RDATA */
+                          const unsigned len); /* size of input buffer*/
+
+
+int      dst_key_to_dnskey(const DST_KEY *key, /* key to translate */
+                          u_char *out_storage, /* output buffer */
+                          const unsigned out_len); /* size of out_storage*/
+
+
+DST_KEY *dst_buffer_to_key(const char *key_name,  /* name of the key */
+                          const int alg,         /* algorithm */
+                          const unsigned flags,  /* dns flags */
+                          const int protocol,    /* dns protocol */
+                          const u_char *key_buf, /* key in dns wire fmt */
+                          const unsigned key_len);       /* size of key */
+
+
+int     dst_key_to_buffer(DST_KEY *key, u_char *out_buff, unsigned buf_len);
+
+DST_KEY *dst_generate_key(const char *name,    /* name of new key */
+                         const int bits,      /* size of new key */
+                         const int exp,       /* alg dependent parameter*/
+                         const unsigned flags,     /* key DNS flags */
+                         const int protocol, /* key DNS protocol */
+                         const int alg);       /* key algorithm to generate */
+
+DST_KEY *dst_free_key(DST_KEY *f_key);
+int      dst_compare_keys(const DST_KEY *key1, const DST_KEY *key2);
+
+int    dst_sig_size(DST_KEY *key);
+
+int     dst_random(const int mode, unsigned wanted, u_char *outran);
+
+
+/* support for dns key tags/ids */
+u_int16_t dst_s_dns_key_id(const u_char *dns_key_rdata,
+                          const unsigned rdata_len);
+u_int16_t dst_s_id_calc(const u_char *key_data, const unsigned key_len);
+
+/* Used by callers as well as by the library.  */
+#define RAW_KEY_SIZE    8192        /* large enough to store any key */
+
+/* DST_API control flags */
+/* These are used used in functions dst_sign_data and dst_verify_data */
+#define SIG_MODE_INIT          1  /* initalize digest */
+#define SIG_MODE_UPDATE                2  /* add data to digest */
+#define SIG_MODE_FINAL         4  /* generate/verify signature */
+#define SIG_MODE_ALL           (SIG_MODE_INIT|SIG_MODE_UPDATE|SIG_MODE_FINAL)
+
+/* Flags for dst_read_private_key()  */
+#define DST_FORCE_READ         0x1000000
+#define DST_CAN_SIGN           0x010F
+#define DST_NO_AUTHEN          0x8000
+#define DST_EXTEND_FLAG         0x1000
+#define DST_STANDARD           0
+#define DST_PRIVATE             0x2000000
+#define DST_PUBLIC              0x4000000
+#define DST_RAND_SEMI           1
+#define DST_RAND_STD            2
+#define DST_RAND_KEY            3
+#define DST_RAND_DSS            4
+
+
+/* DST algorithm codes */
+#define KEY_RSA                        1
+#define KEY_DH                 2
+#define KEY_DSA                        3
+#define KEY_PRIVATE            254
+#define KEY_EXPAND             255
+#define KEY_HMAC_MD5           157
+#define KEY_HMAC_SHA1          158
+#define UNKNOWN_KEYALG         0
+#define DST_MAX_ALGS            KEY_HMAC_SHA1
+
+/* DST constants to locations in KEY record  changes in new KEY record */
+#define DST_FLAGS_SIZE         2
+#define DST_KEY_PROT           2
+#define DST_KEY_ALG            3
+#define DST_EXT_FLAG            4
+#define DST_KEY_START          4
+
+#ifndef SIGN_F_NOKEY 
+#define SIGN_F_NOKEY           0xC000
+#endif
+
+/* error codes from dst routines */
+#define SIGN_INIT_FAILURE      (-23)
+#define SIGN_UPDATE_FAILURE    (-24)
+#define SIGN_FINAL_FAILURE     (-25)
+#define VERIFY_INIT_FAILURE    (-26)
+#define VERIFY_UPDATE_FAILURE  (-27)
+#define VERIFY_FINAL_FAILURE   (-28)
+#define MISSING_KEY_OR_SIGNATURE (-30)
+#define UNSUPPORTED_KEYALG     (-31)
+
+#endif /* DST_H */