From: Miek Gieben Date: Tue, 31 May 2005 10:13:22 +0000 (+0000) Subject: print ldns_key's to buffers or stdout/err X-Git-Tag: release-0.65~30 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e439787462acad030dbb030e2deab37e299265cd;p=thirdparty%2Fldns.git print ldns_key's to buffers or stdout/err keygen.c for proof of concept --- diff --git a/host2str.c b/host2str.c index 67173f8c..1b3af7f2 100644 --- a/host2str.c +++ b/host2str.c @@ -846,14 +846,20 @@ ldns_rr2buffer_str(ldns_buffer *output, ldns_rr *rr) for (i = 0; i < ldns_rr_rd_count(rr); i++) { status = ldns_rdf2buffer_str(output, ldns_rr_rdf(rr, i)); - ldns_buffer_printf(output, " "); + if (i != ldns_rr_rd_count(rr)) { + ldns_buffer_printf(output, " "); + } else { + /* last one */ + ldns_buffer_printf(output, "\n"); + } + } /* print the id of dnskey's also */ if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_DNSKEY && ldns_rr_rd_count(rr) > 0) { /* last check to prevent question sec. rr from * getting here */ - ldns_buffer_printf(output, " ; {id = %d}", + ldns_buffer_printf(output, " ; {id = %d}\n", ldns_calc_keytag(rr)); } @@ -1027,23 +1033,134 @@ ldns_status ldns_key2buffer_str(ldns_buffer *output, ldns_key *k) { ldns_status status = LDNS_STATUS_OK; - /* copy some stuff from sign */ + unsigned char *bignum; + ldns_rdf *b64_bignum; + uint16_t i; + + if (!k) { + return LDNS_STATUS_ERR; + } + + bignum = LDNS_XMALLOC(unsigned char, LDNS_MAX_KEYLEN); + if (!bignum) { + return LDNS_STATUS_ERR; + } if (ldns_buffer_status_ok(output)) { switch(ldns_key_algorithm(k)) { case LDNS_SIGN_RSASHA1: case LDNS_SIGN_RSAMD5: + /* copied by looking at dnssec-keygen output */ + /* header */ + ldns_buffer_printf(output,"Private-key-format: v1.2\n"); + ldns_buffer_printf(output,"Algorithm: 1 (RSA)\n"); + + /* print to buf, convert to bin, convert to b64, + * print to buf */ + ldns_buffer_printf(output, "Modulus: "); + i = (uint16_t)BN_bn2bin(ldns_key_rsa_key(k)->n, bignum); + if (i > LDNS_MAX_KEYLEN) { + goto error; + } + b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i + 1, bignum); + if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + goto error; + } + ldns_buffer_printf(output, "\n"); + + ldns_buffer_printf(output, "PublicExponent: "); + i = (uint16_t)BN_bn2bin(ldns_key_rsa_key(k)->e, bignum); + if (i > LDNS_MAX_KEYLEN) { + goto error; + } + b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i + 1, bignum); + if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + goto error; + } + ldns_buffer_printf(output, "\n"); + + ldns_buffer_printf(output, "PrivateExponent: "); + i = (uint16_t)BN_bn2bin(ldns_key_rsa_key(k)->d, bignum); + if (i > LDNS_MAX_KEYLEN) { + goto error; + } + b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i + 1, bignum); + if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + goto error; + } + ldns_buffer_printf(output, "\n"); + + ldns_buffer_printf(output, "Prime1: "); + i = (uint16_t)BN_bn2bin(ldns_key_rsa_key(k)->p, bignum); + if (i > LDNS_MAX_KEYLEN) { + goto error; + } + b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i + 1, bignum); + if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + goto error; + } + ldns_buffer_printf(output, "\n"); + + ldns_buffer_printf(output, "Prime2: "); + i = (uint16_t)BN_bn2bin(ldns_key_rsa_key(k)->q, bignum); + if (i > LDNS_MAX_KEYLEN) { + goto error; + } + b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i + 1, bignum); + if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + goto error; + } + ldns_buffer_printf(output, "\n"); + + ldns_buffer_printf(output, "Exponent1: "); + i = (uint16_t)BN_bn2bin(ldns_key_rsa_key(k)->dmp1, bignum); + if (i > LDNS_MAX_KEYLEN) { + goto error; + } + b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i + 1, bignum); + if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + goto error; + } + ldns_buffer_printf(output, "\n"); + + ldns_buffer_printf(output, "Exponent2: "); + i = (uint16_t)BN_bn2bin(ldns_key_rsa_key(k)->dmq1, bignum); + if (i > LDNS_MAX_KEYLEN) { + goto error; + } + b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i + 1, bignum); + if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + goto error; + } + ldns_buffer_printf(output, "\n"); + + ldns_buffer_printf(output, "Coefficient: "); + i = (uint16_t)BN_bn2bin(ldns_key_rsa_key(k)->iqmp, bignum); + if (i > LDNS_MAX_KEYLEN) { + goto error; + } + b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i + 1, bignum); + if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + goto error; + } + ldns_buffer_printf(output, "\n"); break; case LDNS_SIGN_DSA: - break; case LDNS_SIGN_HMACMD5: - break; + /* as always; todo code */ + goto error; } - /* blaat */ } else { + LDNS_FREE(bignum); return ldns_buffer_status(output); } + LDNS_FREE(bignum); return status; + +error: + LDNS_FREE(bignum); + return LDNS_STATUS_ERR; + } /* diff --git a/keygen.c b/keygen.c index 8477e67e..fff7855d 100644 --- a/keygen.c +++ b/keygen.c @@ -16,6 +16,9 @@ usage(FILE *fp, char *prog) { fprintf(fp, " -D\tgenerate a DSA key\n"); fprintf(fp, " -R\tgenerate a RSA key\n"); fprintf(fp, " -b \tspecify the keylength\n"); + fprintf(fp, " The public key is printed to stdout\n"); + fprintf(fp, " The private key is printed to stderr\n"); + fprintf(fp, "\nWARING, WARNING, this program does NOT use a good random source for the key generation.\nUse at your OWN RISK\n\n"); } int @@ -79,7 +82,6 @@ main(int argc, char *argv[]) /* although we use openssl - we don't setup the random stuff * correct - give a big fat warning of that */ - fprintf(stderr, "\nWARING, WARNING, this program does NOT use a good random source for the key generation.\nUse at your OWN RISK\n\n"); /* create an rdf from the domain name */ domain = ldns_dname_new_frm_str(argv[0]); @@ -96,6 +98,7 @@ main(int argc, char *argv[]) /* print it to stdout */ ldns_rr_print(stdout, pubkey); - /* print the private key to stderr - not yet done */ + ldns_key_print(stderr, key); + return 0; } diff --git a/keys.c b/keys.c index e05d1810..72a03b40 100644 --- a/keys.c +++ b/keys.c @@ -108,21 +108,16 @@ ldns_key_new_frm_fp(FILE *fp) return NULL; case LDNS_SIGN_RSAMD5: case LDNS_SIGN_RSASHA1: - printf("RSA seen\n"); ldns_key_set_algorithm(k, alg); ldns_key_set_rsa_key(k, ldns_key_new_frm_fp_rsa(fp)); break; case LDNS_SIGN_DSA: - printf("DSA seen\n"); ldns_key_set_algorithm(k, alg); ldns_key_set_dsa_key(k, ldns_key_new_frm_fp_dsa(fp)); break; } - - printf("So far so good\n"); - return k; } @@ -318,11 +313,16 @@ ldns_key_new_frm_algorithm(ldns_signing_algorithm alg, uint16_t size) return k; } - void ldns_key_print(FILE *output, ldns_key *k) { - /* TODO miek */ + char *str = ldns_key2str(k); + if (str) { + fprintf(output, "%s", str); + } else { + fprintf(output, "Unable to convert rr to string\n"); + } + LDNS_FREE(str); } diff --git a/ldns/keys.h b/ldns/keys.h index 1d55300b..db8c5349 100644 --- a/ldns/keys.h +++ b/ldns/keys.h @@ -196,4 +196,12 @@ ldns_key *ldns_key_list_pop_key(ldns_key_list *key_list); */ ldns_rr *ldns_key2rr(ldns_key *k); +/** + * print a private key to the file ouput + * + * \param[in] output the FILE descriptor where to print to + * \param[in] k the ldns_key to print + */ +void ldns_key_print(FILE *output, ldns_key *k); + #endif /* _LDNS_KEYS_H */