From: Miek Gieben <miekg@NLnetLabs.nl>
Date: Mon, 21 Mar 2005 11:11:14 +0000 (+0000)
Subject: some includes changed, more work on the signing
X-Git-Tag: release-0.50~223
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2154c05986bdd04575150169ba7dfed66b0efb67;p=thirdparty%2Fldns.git

some includes changed, more work on the signing
---

diff --git a/dnssec.c b/dnssec.c
index a419fff5..b017661d 100644
--- a/dnssec.c
+++ b/dnssec.c
@@ -765,16 +765,39 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys)
 		/* set the ttl from the priv key on the rrset */
 		for (i = 0; i < ldns_rr_list_rr_count(rrset); i++) {
 			ldns_rr_set_ttl(
-					ldns_rr_list_rr(rrset_clone, i),
-					orig_ttl);
+					ldns_rr_list_rr(rrset_clone, i), orig_ttl);
 		}
 		/* fill in what we now of the signature */
-
-		
-		/* right now, we have: a key, a semi-sig and an rrset */
-
-
+		/* set the orig_ttl */
+		ldns_rr_set_origttl(current_sig, ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, orig_ttl));
+		/* the signers name */
+		ldns_rr_set_signame(current_sig, 
+				ldns_key_pubkey_owner(current_key));
+		/* label count - get it from the first rr in the rr_list */
+		ldns_rr_set_labels(current_sig, 
+				ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, ldns_rr_label_count(
+						ldns_rr_list_rr(rrset_clone, 0))));
+		/* inception, expiration */
+		ldns_rr_set_inception(current_sig,
+				ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, ldns_key_inception(current_key)));
+		ldns_rr_set_expiration(current_sig,
+				ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, ldns_key_expiration(current_key)));
+		/* key-tag */
+		ldns_rr_set_keytag(current_sig,
+				ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16, ldns_key_keytag(current_key)));
+
+		/* algorithm - check the key and substitute that */
+		ldns_rr_set_algorithm(current_sig,
+				ldns_native2rdf_int8(LDNS_RDF_TYPE_ALG, ldns_key_algorithm(current_key)));
 		
+		/* type-covered */
+		ldns_rr_set_typecovered(current_sig,
+				ldns_native2rdf_int16(LDNS_RDF_TYPE_TYPE,
+					ldns_rr_get_type(ldns_rr_list_rr(rrset_clone, 0))));
+
+		/* right now, we have: a key, a semi-sig and an rrset. For
+		 * which we can create the sig and base64 encode that and
+		 * add that to the signature */
 
 	}
 
diff --git a/keys.c b/keys.c
index ab6af8a5..3f0df4ea 100644
--- a/keys.c
+++ b/keys.c
@@ -82,6 +82,11 @@ ldns_key_set_pubkey_owner(ldns_key *k, ldns_rdf *r)
 	k->_pubkey_owner = r;
 }
 
+void
+ldns_key_set_keytag(ldns_key *k, uint16_t tag)
+{
+	k->_extra.dnssec.keytag = tag;
+}
 
 /* read */
 size_t
@@ -142,6 +147,12 @@ ldns_key_expiration(ldns_key *k)
 	return k->_extra.dnssec.expiration;
 }
 
+uint16_t
+ldns_key_keytag(ldns_key *k)
+{
+	return k->_extra.dnssec.keytag;
+}
+
 /* todo also for tsig */
 
 ldns_rdf *
diff --git a/ldns/dns.h b/ldns/dns.h
index 9f0b7d20..e5aeba5a 100644
--- a/ldns/dns.h
+++ b/ldns/dns.h
@@ -28,6 +28,8 @@
 #include <ldns/rr.h>
 #include <ldns/str2host.h>
 #include <ldns/wire2host.h>
+#include <ldns/rr_functions.h>
+#include <ldns/keys.h>
 
 #define LDNS_IP4ADDRLEN      (32/8)
 #define LDNS_IP6ADDRLEN      (128/8)
diff --git a/ldns/dnssec.h b/ldns/dnssec.h
index 9261bc2a..9a3b9557 100644
--- a/ldns/dnssec.h
+++ b/ldns/dnssec.h
@@ -12,7 +12,10 @@
 #define _DNSSEC_H_
 
 #include <openssl/ssl.h>
-#include <ldns/ldns.h>
+#include <ldns/common.h>
+#include <ldns/dns.h>
+#include <ldns/buffer.h>
+#include <ldns/packet.h>
 
 /**
  * algorigthms used in dns
diff --git a/ldns/keys.h b/ldns/keys.h
index 886cdf98..ee18dd57 100644
--- a/ldns/keys.h
+++ b/ldns/keys.h
@@ -15,18 +15,19 @@
 #define _LDNS_KEYS_H
 
 #include <openssl/ssl.h>
-
 #include <util.h>
 
+#include <ldns/dnssec.h>
+
 extern ldns_lookup_table ldns_signing_algorithms[];
 
 enum ldns_enum_signing_algorithm
 {
-	LDNS_SIGN_ALG_RSAMD5	 = 1,
-	LDNS_SIGN_ALG_RSASHA1	 = 2,
-	LDNS_SIGN_ALG_DSAMD5	 = 3,
-	LDNS_SIGN_ALG_DSASHA1	 = 4,
-	LDNS_SIGN_ALG_HMACMD5	 = 5
+	LDNS_SIGN_ALG_RSAMD5	 = LDNS_RSAMD5,
+	LDNS_SIGN_ALG_RSASHA1	 = LDNS_RSASHA1,
+	LDNS_SIGN_ALG_DSAMD5	 = LDNS_DSA,
+	LDNS_SIGN_ALG_DSASHA1	 = 140,	/* not official! */
+	LDNS_SIGN_ALG_HMACMD5	 = 150	/* not official! */
 };
 typedef enum ldns_enum_signing_algorithm ldns_signing_algorithm;
 
@@ -47,6 +48,7 @@ struct ldns_struct_key {
 			uint32_t orig_ttl;
 			uint32_t inception;
 			uint32_t expiration;
+			uint16_t keytag;
 		}  dnssec;
 		struct {
 			uint16_t fudge;
@@ -76,7 +78,7 @@ void ldns_key_set_ttl(ldns_key *k, uint32_t t);
 void ldns_key_set_inception(ldns_key *k, uint32_t i);
 void ldns_key_set_expiration(ldns_key *k, uint32_t e);
 void ldns_key_set_pubkey_owner(ldns_key *k, ldns_rdf *r);
-
+void ldns_key_set_keytag(ldns_key *k, uint16_t tag);
 size_t ldns_key_list_key_count(ldns_key_list *key_list);
 ldns_key * ldns_key_list_key(ldns_key_list *key, size_t nr);
 
@@ -87,6 +89,7 @@ unsigned char * ldns_key_hmac_key(ldns_key *k);
 uint32_t ldns_key_ttl(ldns_key *k);
 uint32_t ldns_key_inception(ldns_key *k);
 uint32_t ldns_key_expiration(ldns_key *k);
+uint16_t ldns_key_keytag(ldns_key *k);
 void ldns_key_list_set_key_count(ldns_key_list *key, size_t count);
 ldns_rdf * ldns_key_pubkey_owner(ldns_key *k);
 bool ldns_key_list_push_key(ldns_key_list *key_list, ldns_key *key);
diff --git a/ldns/ldns.h b/ldns/ldns.h
index f24f6d84..eb85fc14 100644
--- a/ldns/ldns.h
+++ b/ldns/ldns.h
@@ -23,6 +23,8 @@
 #include <ldns/resolver.h>
 #include <ldns/dns.h>
 #include <ldns/net.h>
+#include <ldns/dnssec.h>
 #include <ldns/keys.h>
+#include <ldns/rr_functions.h>
 
 #endif	/* _LDNS_H */
diff --git a/ldns/rr.h b/ldns/rr.h
index d8b338a2..dfca22a0 100644
--- a/ldns/rr.h
+++ b/ldns/rr.h
@@ -284,8 +284,11 @@ void ldns_rr_list2canonical(ldns_rr_list *);
 void ldns_rr2canonical(ldns_rr *);
 
 ldns_rr * ldns_rr_new_frm_fp(FILE *fp);
-
-
-
+/** 
+ * count the number of labels of the ownername
+ * \param[in] rr 
+ * \return the number of labels
+ */
+uint8_t ldns_rr_label_count(ldns_rr *rr);
 
 #endif /* _LDNS_RR_H */
diff --git a/ldns/rr_functions.h b/ldns/rr_functions.h
index a91638c9..8316d7e8 100644
--- a/ldns/rr_functions.h
+++ b/ldns/rr_functions.h
@@ -13,23 +13,4 @@
 #ifndef _RR_FUNCTIONS_H
 #define _RR_FUNCTIONS_H
 
-#define _LDNS_RR_FUNCTION(RR, POS, TYPE)		\
-        if (!(RR) || (ldns_rr_get_type((RR)) != (TYPE))) {	\
-                return false;				\
-        } 						\
-        return ldns_rr_rdf((RR), (POS));		
-
-#define _LDNS_RR_SET_FUNCTION(RR, RDF, POS, TYPE)	\
-        ldns_rdf *pop;					\
-        if (!(RR) || (ldns_rr_get_type((RR)) != (TYPE))) {	\
-                return false;				\
-        } 						\
-        pop = ldns_rr_set_rdf((RR), (RDF), (POS));	\
-        if (pop) {					\
-                FREE(pop);				\
-                return true;				\
-        } else {					\
-                return false;				\
-        }						
-
 #endif /* _RR_FUNCTIONS_H */
diff --git a/mx.c b/mx.c
index 50e3f43d..8dc15806 100644
--- a/mx.c
+++ b/mx.c
@@ -5,7 +5,7 @@
 
 #include <stdio.h>
 #include <config.h>
-#include <ldns/dns.h>
+#include <ldns/ldns.h>
 
 int
 usage(FILE *fp, char *prog) {
diff --git a/rr.c b/rr.c
index e140ee64..079aaef6 100644
--- a/rr.c
+++ b/rr.c
@@ -1411,3 +1411,13 @@ ldns_rr_list2canonical(ldns_rr_list *rr_list)
 		ldns_rr2canonical(ldns_rr_list_rr(rr_list, i));
 	}
 }
+
+uint8_t 
+ldns_rr_label_count(ldns_rr *rr)
+{
+	if (!rr) {
+		return 0;
+	}
+	return ldns_dname_label_count(
+			ldns_rr_owner(rr));
+}
diff --git a/rr_functions.c b/rr_functions.c
index 00fa6233..d9066287 100644
--- a/rr_functions.c
+++ b/rr_functions.c
@@ -23,6 +23,24 @@
 
 #include "util.h"
 
+#define _LDNS_RR_FUNCTION(TYPE, RR, POS)                \
+        if (!(RR) || (ldns_rr_get_type((RR)) != (TYPE))) {      \
+                return false;                           \
+        }                                               \
+        return ldns_rr_rdf((RR), (POS));                
+
+#define _LDNS_RR_SET_FUNCTION(TYPE, RR, RDF, POS)       \
+        ldns_rdf *pop;                                  \
+        if (!(RR) || (ldns_rr_get_type((RR)) != (TYPE))) {      \
+                return false;                           \
+        }                                               \
+        pop = ldns_rr_set_rdf((RR), (RDF), (POS));      \
+        if (pop) {                                      \
+                FREE(pop);                              \
+                return true;                            \
+        } else {                                        \
+                return false;                           \
+        }                                         
 
 /* handle A / AAAA records */
 ldns_rdf *
@@ -61,121 +79,121 @@ ldns_rr_set_address(ldns_rr *r, ldns_rdf *f)
 ldns_rdf *
 ldns_rr_nsdname(ldns_rr *r)
 {
-	_LDNS_RR_FUNCTION(r, 0, LDNS_RR_TYPE_NS);
+	_LDNS_RR_FUNCTION(LDNS_RR_TYPE_NS, r, 0);
 }
 
 /* MX records */
 ldns_rdf *
 ldns_rr_preference(ldns_rr *r)
 {
-	_LDNS_RR_FUNCTION(r, 0, LDNS_RR_TYPE_MX);
+	_LDNS_RR_FUNCTION(LDNS_RR_TYPE_MX, r, 0);
 }
 
 ldns_rdf *
 ldns_rr_exchange(ldns_rr *r)
 {
-	_LDNS_RR_FUNCTION(r, 1, LDNS_RR_TYPE_MX);
+	_LDNS_RR_FUNCTION(LDNS_RR_TYPE_MX, r, 1);
 }
 
 /* RRSIG record */
 ldns_rdf *
 ldns_rr_typecovered(ldns_rr *r)
 {
-	_LDNS_RR_FUNCTION(r, 0, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 0);
 }
 
 bool
 ldns_rr_set_typecovered(ldns_rr *r, ldns_rdf *f)
 {
-	_LDNS_RR_SET_FUNCTION(r, f, 0, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 0);
 }
 
 ldns_rdf *
 ldns_rr_algorithm(ldns_rr *r)
 {
-	_LDNS_RR_FUNCTION(r, 1, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 1);
 }
 
 bool
 ldns_rr_set_algorithm(ldns_rr *r, ldns_rdf *f)
 {
-	_LDNS_RR_SET_FUNCTION(r, f, 1, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 1);
 }
 
 ldns_rdf *
 ldns_rr_labels(ldns_rr *r)
 {
-	_LDNS_RR_FUNCTION(r, 2, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 2);
 }
 bool
 ldns_rr_set_labels(ldns_rr *r, ldns_rdf *f)
 {
-	_LDNS_RR_SET_FUNCTION(r, f, 2, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 2);
 }
 
 ldns_rdf *
 ldns_rr_origttl(ldns_rr *r)
 {
-	_LDNS_RR_FUNCTION(r, 3, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 3);
 }
 bool
-ldns_rr_set_origtll(ldns_rr *r, ldns_rdf *f)
+ldns_rr_set_origttl(ldns_rr *r, ldns_rdf *f)
 {
-	_LDNS_RR_SET_FUNCTION(r, f, 3, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 3);
 }
 	
 ldns_rdf *
 ldns_rr_expiration(ldns_rr *r)
 {
-	_LDNS_RR_FUNCTION(r, 4, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 4);
 }
 bool
 ldns_rr_set_expiration(ldns_rr *r, ldns_rdf *f)
 {
-	_LDNS_RR_SET_FUNCTION(r, f, 4, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 4);
 }
 
 ldns_rdf *
 ldns_rr_inception(ldns_rr *r)
 {
-	_LDNS_RR_FUNCTION(r, 5, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 5);
 }
 bool
 ldns_rr_set_inception(ldns_rr *r, ldns_rdf *f)
 {
-	_LDNS_RR_SET_FUNCTION(r, f, 5, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 5);
 }
 
 ldns_rdf *
 ldns_rr_keytag(ldns_rr *r)
 {
-	_LDNS_RR_FUNCTION(r, 6, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 6);
 }
 
 bool
 ldns_rr_set_keytag(ldns_rr *r, ldns_rdf *f)
 {
-	_LDNS_RR_SET_FUNCTION(r, f, 6, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 6);
 }
 ldns_rdf *
 ldns_rr_signame(ldns_rr *r)
 {
-	_LDNS_RR_FUNCTION(r, 7, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 7);
 }
 bool
 ldns_rr_set_signame(ldns_rr *r, ldns_rdf *f)
 {
-	_LDNS_RR_SET_FUNCTION(r, f, 7, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 7);
 }
 
 ldns_rdf *
 ldns_rr_sig(ldns_rr *r)
 {
-	_LDNS_RR_FUNCTION(r, 8, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_FUNCTION(LDNS_RR_TYPE_RRSIG, r, 8);
 }
 
 bool
 ldns_rr_set_sig(ldns_rr *r, ldns_rdf *f)
 {
-	_LDNS_RR_SET_FUNCTION(r, f, 8, LDNS_RR_TYPE_RRSIG);
+	_LDNS_RR_SET_FUNCTION(LDNS_RR_TYPE_RRSIG, r, f, 8);
 }