From: Fred Morcos Date: Mon, 13 Feb 2023 08:44:58 +0000 (+0100) Subject: Introduce DNSCryptoKeyEngine::makeFromPEMString X-Git-Tag: dnsdist-1.8.0-rc1~18^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3de36d82a0d1db5d2fb3d3fb335a41c4cf10114d;p=thirdparty%2Fpdns.git Introduce DNSCryptoKeyEngine::makeFromPEMString --- diff --git a/pdns/dnssecinfra.cc b/pdns/dnssecinfra.cc index 9dddd17f05..50479d5ee7 100644 --- a/pdns/dnssecinfra.cc +++ b/pdns/dnssecinfra.cc @@ -177,6 +177,13 @@ std::unique_ptr DNSCryptoKeyEngine::makeFromPEMFile(DNSKEYRe return maker; } +std::unique_ptr DNSCryptoKeyEngine::makeFromPEMString(DNSKEYRecordContent& drc, uint8_t algorithm, const std::string& contents) +{ + auto maker = DNSCryptoKeyEngine::make(algorithm); + maker->createFromPEMString(drc, contents); + return maker; +} + std::string DNSCryptoKeyEngine::convertToISC() const { storvector_t storvector = this->convertToISCVector(); diff --git a/pdns/dnssecinfra.hh b/pdns/dnssecinfra.hh index 1169ee7c28..b0f80af246 100644 --- a/pdns/dnssecinfra.hh +++ b/pdns/dnssecinfra.hh @@ -52,6 +52,24 @@ class DNSCryptoKeyEngine throw std::runtime_error("Can't create key from PEM contents"); } + /** + * \brief Creates a key engine from a PEM string. + * + * Receives PEM contents and creates a key engine. + * + * \param[in] drc Key record contents to be populated. + * + * \param[in] contents The PEM string contents. + * + * \return A key engine populated with the contents of the PEM string. + */ + void createFromPEMString(DNSKEYRecordContent& drc, const std::string& contents) + { + // NOLINTNEXTLINE(*-cast): POSIX APIs. + unique_ptr inputFile{fmemopen(const_cast(contents.data()), contents.length(), "r"), &std::fclose}; + createFromPEMFile(drc, *inputFile); + } + [[nodiscard]] virtual storvector_t convertToISCVector() const =0; [[nodiscard]] std::string convertToISC() const ; @@ -107,6 +125,24 @@ class DNSCryptoKeyEngine */ static std::unique_ptr makeFromPEMFile(DNSKEYRecordContent& drc, uint8_t algorithm, std::FILE& inputFile, const std::string& filename); + /** + * \brief Creates a key engine from a PEM string. + * + * Receives PEM contents and creates a key engine corresponding to the algorithm + * requested. + * + * \param[in] drc Key record contents to be populated. + * + * \param[in] algorithm Which algorithm to use. See + * https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml + * + * \param[in] contents The PEM contents. + * + * \return A key engine corresponding to the requested algorithm and populated with + * the contents of the PEM string. + */ + static std::unique_ptr makeFromPEMString(DNSKEYRecordContent& drc, uint8_t algorithm, const std::string& contents); + static std::unique_ptr makeFromISCString(DNSKEYRecordContent& drc, const std::string& content); static std::unique_ptr makeFromPublicKeyString(unsigned int algorithm, const std::string& raw); static std::unique_ptr make(unsigned int algorithm); diff --git a/pdns/test-signers.cc b/pdns/test-signers.cc index 1c9b461424..1abb7d960f 100644 --- a/pdns/test-signers.cc +++ b/pdns/test-signers.cc @@ -458,12 +458,8 @@ BOOST_FIXTURE_TEST_CASE(test_generic_signers, Fixture) auto dcke = std::shared_ptr(DNSCryptoKeyEngine::makeFromISCString(drc, signer.iscMap)); test_generic_signer(dcke, drc, signer, message); - unique_ptr inputFile{fmemopen((void*)signer.pem.c_str(), signer.pem.length(), "r"), &std::fclose}; - // NOLINTNEXTLINE(cppcoreguidelines-pro-type-vararg): Boost stuff. - BOOST_REQUIRE(inputFile.get() != nullptr); - DNSKEYRecordContent pemDRC; - shared_ptr pemKey{DNSCryptoKeyEngine::makeFromPEMFile(pemDRC, signer.algorithm, *inputFile, "")}; + shared_ptr pemKey{DNSCryptoKeyEngine::makeFromPEMString(pemDRC, signer.algorithm, signer.pem)}; BOOST_CHECK_EQUAL(pemKey->convertToISC(), dcke->convertToISC());