From: Daniel Salzman Date: Tue, 21 Oct 2025 08:15:33 +0000 (+0200) Subject: Replace DNSSEC_INVALID_PUBLIC_KEY with KNOT_INVALID_PUBLIC_KEY X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fcdb13c3aaaba61169fecb260ce96017870dd354;p=thirdparty%2Fknot-dns.git Replace DNSSEC_INVALID_PUBLIC_KEY with KNOT_INVALID_PUBLIC_KEY --- diff --git a/src/libknot/dnssec/error.c b/src/libknot/dnssec/error.c index 1f56729b1d..12adcd6e01 100644 --- a/src/libknot/dnssec/error.c +++ b/src/libknot/dnssec/error.c @@ -30,7 +30,7 @@ static const error_message_t ERROR_MESSAGES[] = { { KNOT_KEY_EIMPORT, "key import error" }, { KNOT_KEY_EGENERATE, "key generation error" }, - { DNSSEC_INVALID_PUBLIC_KEY, "invalid public key" }, + { KNOT_INVALID_PUBLIC_KEY, "invalid public key" }, { DNSSEC_INVALID_PRIVATE_KEY, "invalid private key" }, { DNSSEC_INVALID_KEY_ALGORITHM, "invalid key algorithm" }, { DNSSEC_INVALID_KEY_SIZE, "invalid key size" }, diff --git a/src/libknot/dnssec/error.h b/src/libknot/dnssec/error.h index 3693c912ac..f8d91b5bce 100644 --- a/src/libknot/dnssec/error.h +++ b/src/libknot/dnssec/error.h @@ -42,7 +42,7 @@ enum dnssec_error { KNOT_KEY_EIMPORT, KNOT_KEY_EGENERATE, - DNSSEC_INVALID_PUBLIC_KEY, + KNOT_INVALID_PUBLIC_KEY, DNSSEC_INVALID_PRIVATE_KEY, DNSSEC_INVALID_KEY_ALGORITHM, DNSSEC_INVALID_KEY_SIZE, diff --git a/src/libknot/dnssec/key/convert.c b/src/libknot/dnssec/key/convert.c index d25a50bed1..0bb8b6560e 100644 --- a/src/libknot/dnssec/key/convert.c +++ b/src/libknot/dnssec/key/convert.c @@ -123,7 +123,7 @@ static int ecdsa_pubkey_to_rdata(gnutls_pubkey_t key, dnssec_binary_t *rdata) size_t point_size = ecdsa_curve_point_size(curve); if (point_size == 0) { - return DNSSEC_INVALID_PUBLIC_KEY; + return KNOT_INVALID_PUBLIC_KEY; } result = dnssec_binary_alloc(rdata, 2 * point_size); @@ -157,7 +157,7 @@ static int eddsa_pubkey_to_rdata(gnutls_pubkey_t key, dnssec_binary_t *rdata) size_t point_size = eddsa_curve_point_size(curve); if (point_size == 0) { - return DNSSEC_INVALID_PUBLIC_KEY; + return KNOT_INVALID_PUBLIC_KEY; } result = dnssec_binary_alloc(rdata, point_size); @@ -183,7 +183,7 @@ static int rsa_rdata_to_pubkey(const dnssec_binary_t *rdata, gnutls_pubkey_t key assert(key); if (rdata->size == 0) { - return DNSSEC_INVALID_PUBLIC_KEY; + return KNOT_INVALID_PUBLIC_KEY; } wire_ctx_t ctx = binary_init(rdata); @@ -192,7 +192,7 @@ static int rsa_rdata_to_pubkey(const dnssec_binary_t *rdata, gnutls_pubkey_t key uint8_t exponent_size = wire_ctx_read_u8(&ctx); if (exponent_size == 0 || wire_ctx_available(&ctx) < exponent_size) { - return DNSSEC_INVALID_PUBLIC_KEY; + return KNOT_INVALID_PUBLIC_KEY; } gnutls_datum_t exponent = wire_take_datum(&ctx, exponent_size); @@ -201,7 +201,7 @@ static int rsa_rdata_to_pubkey(const dnssec_binary_t *rdata, gnutls_pubkey_t key size_t modulus_size = wire_ctx_available(&ctx); if (modulus_size == 0) { - return DNSSEC_INVALID_PUBLIC_KEY; + return KNOT_INVALID_PUBLIC_KEY; } gnutls_datum_t modulus = wire_take_datum(&ctx, modulus_size); @@ -252,7 +252,7 @@ static int ecdsa_rdata_to_pubkey(const dnssec_binary_t *rdata, gnutls_pubkey_t k gnutls_ecc_curve_t curve = ecdsa_curve_from_rdata_size(rdata->size); if (curve == GNUTLS_ECC_CURVE_INVALID) { - return DNSSEC_INVALID_PUBLIC_KEY; + return KNOT_INVALID_PUBLIC_KEY; } // parse points @@ -282,7 +282,7 @@ static int eddsa_rdata_to_pubkey(const dnssec_binary_t *rdata, gnutls_pubkey_t k gnutls_ecc_curve_t curve = eddsa_curve_from_rdata_size(rdata->size); if (curve == GNUTLS_ECC_CURVE_INVALID) { - return DNSSEC_INVALID_PUBLIC_KEY; + return KNOT_INVALID_PUBLIC_KEY; } wire_ctx_t ctx = binary_init(rdata); @@ -311,7 +311,7 @@ int convert_pubkey_to_dnskey(gnutls_pubkey_t key, dnssec_binary_t *rdata) int algorithm = gnutls_pubkey_get_pk_algorithm(key, NULL); if (algorithm < 0) { - return DNSSEC_INVALID_PUBLIC_KEY; + return KNOT_INVALID_PUBLIC_KEY; } switch ((gnutls_pk_algorithm_t)algorithm) { diff --git a/src/libknot/dnssec/key/dnskey.c b/src/libknot/dnssec/key/dnskey.c index 2a7e0dbcd4..0229d5d0a1 100644 --- a/src/libknot/dnssec/key/dnskey.c +++ b/src/libknot/dnssec/key/dnskey.c @@ -54,7 +54,7 @@ int dnskey_rdata_to_crypto_key(const dnssec_binary_t *rdata, gnutls_pubkey_t *ke wire_ctx_set_offset(&wire, DNSKEY_RDATA_OFFSET_PROTOCOL); protocol = wire_ctx_read_u8(&wire); if (!(flags_hi & 0x1) || protocol != 0x3) { - return DNSSEC_INVALID_PUBLIC_KEY; + return KNOT_INVALID_PUBLIC_KEY; } wire_ctx_set_offset(&wire, DNSKEY_RDATA_OFFSET_ALGORITHM); diff --git a/src/libknot/dnssec/key/ds.c b/src/libknot/dnssec/key/ds.c index ca215f20e1..e921d0e554 100644 --- a/src/libknot/dnssec/key/ds.c +++ b/src/libknot/dnssec/key/ds.c @@ -69,7 +69,7 @@ int dnssec_key_create_ds(const dnssec_key_t *key, } if (!key->public_key){ - return DNSSEC_INVALID_PUBLIC_KEY; + return KNOT_INVALID_PUBLIC_KEY; } gnutls_digest_algorithm_t algorithm = lookup_algorithm(ds_algorithm); diff --git a/src/libknot/error.c b/src/libknot/error.c index 81525ee9cf..92d0bfbe42 100644 --- a/src/libknot/error.c +++ b/src/libknot/error.c @@ -210,9 +210,9 @@ int knot_error_from_libdnssec(int libdnssec_errcode) case DNSSEC_NO_PRIVATE_KEY: return KNOT_DNSSEC_ENOKEY; // EOK, EINVAL, ENOMEM and ENOENT are identical, no need to translate - case DNSSEC_INVALID_PUBLIC_KEY ... DNSSEC_INVALID_KEY_NAME: + case KNOT_INVALID_PUBLIC_KEY ... DNSSEC_INVALID_KEY_NAME: return libdnssec_errcode - - DNSSEC_INVALID_PUBLIC_KEY + KNOT_INVALID_PUBLIC_KEY; + - KNOT_INVALID_PUBLIC_KEY + KNOT_INVALID_PUBLIC_KEY; default: return libdnssec_errcode; } diff --git a/tests/libknot/test_dnssec_key_ds.c b/tests/libknot/test_dnssec_key_ds.c index dc4a55fd70..235057bb11 100644 --- a/tests/libknot/test_dnssec_key_ds.c +++ b/tests/libknot/test_dnssec_key_ds.c @@ -66,7 +66,7 @@ static void test_errors(const struct key_parameters *params) dnssec_key_set_dname(key, params->name); r = dnssec_key_create_ds(key, DNSSEC_KEY_DIGEST_SHA1, &ds); - is_int(DNSSEC_INVALID_PUBLIC_KEY, r, "dnssec_key_create_ds() no public key"); + is_int(KNOT_INVALID_PUBLIC_KEY, r, "dnssec_key_create_ds() no public key"); dnssec_key_set_rdata(key, ¶ms->rdata); r = dnssec_key_create_ds(key, DNSSEC_KEY_DIGEST_SHA1, NULL);