Add functions to set CDNSKEY publication

Add kasp API functions to enable/disable publication of CDNSKEY records.

diff --git a/lib/dns/include/dns/kasp.h b/lib/dns/include/dns/kasp.h
index 4e14f400b0993eaffcf6abbefadea7a3c7c02906..347e3ff7464f54dc1a76a6c808ade32cee2515d2 100644 (file)
--- a/lib/dns/include/dns/kasp.h
+++ b/lib/dns/include/dns/kasp.h
@@ -86,6 +86,7 @@ struct dns_kasp {
        uint32_t signatures_validity_dnskey;
 
        /* Configuration: Keys */
+       bool                  cdnskey;
        dns_kasp_digestlist_t digests;
        dns_kasp_keylist_t    keys;
        dns_ttl_t             dnskey_ttl;
@@ -718,10 +719,33 @@ dns_kasp_setnsec3param(dns_kasp_t *kasp, uint8_t iter, bool optout,
  *
  */
 
+bool
+dns_kasp_cdnskey(dns_kasp_t *kasp);
+/*%<
+ * Do we need to publish a CDNSKEY?
+ *
+ * Requires:
+ *
+ *\li  'kasp' is a valid, frozen kasp.
+ *
+ */
+
+void
+dns_kasp_setcdnskey(dns_kasp_t *kasp, bool cdnskey);
+/*%<
+ * Set to enable publication of CDNSKEY records.
+ *
+ * Requires:
+ *
+ *\li  'kasp' is a valid, unfrozen kasp.
+ *
+ */
+
 dns_kasp_digestlist_t
 dns_kasp_digests(dns_kasp_t *kasp);
 /*%<
- * Get the list of kasp CDS digest types.
+ * Get the list of kasp CDS digest types. This determines which CDS records
+ * should be published.
  *
  * Requires:
  *
@@ -738,7 +762,8 @@ dns_kasp_digests(dns_kasp_t *kasp);
 void
 dns_kasp_adddigest(dns_kasp_t *kasp, dns_dsdigest_t alg);
 /*%<
- * Add a digest type.
+ * Add a CDS digest type, this will enable publication of a CDS record with
+ * digest type 'alg'.
  *
  * Requires:
  *

diff --git a/lib/dns/kasp.c b/lib/dns/kasp.c
index ed3a1303cce6e036c614de8610f0a88868e8fc8e..792dcfe9275f06fac95916d39d707ca0337bacd6 100644 (file)
--- a/lib/dns/kasp.c
+++ b/lib/dns/kasp.c
@@ -519,6 +519,22 @@ dns_kasp_setnsec3param(dns_kasp_t *kasp, uint8_t iter, bool optout,
        kasp->nsec3param.saltlen = saltlen;
 }
 
+bool
+dns_kasp_cdnskey(dns_kasp_t *kasp) {
+       REQUIRE(kasp != NULL);
+       REQUIRE(kasp->frozen);
+
+       return kasp->cdnskey;
+}
+
+void
+dns_kasp_setcdnskey(dns_kasp_t *kasp, bool cdnskey) {
+       REQUIRE(kasp != NULL);
+       REQUIRE(!kasp->frozen);
+
+       kasp->cdnskey = cdnskey;
+}
+
 dns_kasp_digestlist_t
 dns_kasp_digests(dns_kasp_t *kasp) {
        REQUIRE(DNS_KASP_VALID(kasp));