From: Miek Gieben Date: Mon, 21 Mar 2005 10:13:55 +0000 (+0000) Subject: some macro magic - some signing preparations X-Git-Tag: release-0.50~224 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6ea0a5edf9c3e2e5365b5b4f052d95a54b7c6c4b;p=thirdparty%2Fldns.git some macro magic - some signing preparations --- diff --git a/dnssec.c b/dnssec.c index 096b0598..a419fff5 100644 --- a/dnssec.c +++ b/dnssec.c @@ -408,38 +408,6 @@ ldns_key_buf2rsa(ldns_buffer *key) return rsa; } -/** - * sign the rrset with all the keys. - * \param[in] rrset the rrset to sign - * \param[in] keys the keys to use for the signing - * \return the signatures created - */ -ldns_rr_list * -ldns_sign(ldns_rr_list *ATTR_UNUSED(rrset), ldns_rr_list *ATTR_UNUSED(keys)) -{ - /* how to sign - * - create the correct openSSL keys from the keys - * - sort and extract the original ttl from the rrset - * - type covered, labels, wildcards?!?! - * - inception, expiration?!?! - * - * signature = sign(RRSIG_RDATA | RR(1) | RR(2)... ) - */ - - /* create a hash and sign that??? */ -#if 0 - int RSA_sign(NID_sha1 | NID_md5, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa); - - int DSA_sign(int type, const unsigned char *dgst, int len, - unsigned char *sigret, unsigned int *siglen, DSA *dsa); -#endif - - /* convert the sigstuff to base64 ... */ - - return NULL; -} - ldns_rdf * ldns_create_tsig_mac( ldns_pkt *pkt, @@ -774,8 +742,7 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys) signatures = ldns_rr_list_new(); /* prepare a signature and add all the know data - * prepare the rrset - * sign this together + * prepare the rrset. Sign this together */ rrset_clone = ldns_rr_list_deep_clone(rrset); @@ -795,16 +762,31 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys) current_sig = ldns_rr_new(); orig_ttl = ldns_key_ttl(current_key); - /* set the ttl from the priv key on the rrset */ for (i = 0; i < ldns_rr_list_rr_count(rrset); i++) { ldns_rr_set_ttl( ldns_rr_list_rr(rrset_clone, i), orig_ttl); } + /* fill in what we now of the signature */ + + + /* right now, we have: a key, a semi-sig and an rrset */ + + + } +#if 0 + int RSA_sign(NID_sha1 | NID_md5, unsigned char *m, unsigned int m_len, + unsigned char *sigret, unsigned int *siglen, RSA *rsa); + + int DSA_sign(int type, const unsigned char *dgst, int len, + unsigned char *sigret, unsigned int *siglen, DSA *dsa); +#endif + + return NULL; } diff --git a/ldns/rr_functions.h b/ldns/rr_functions.h new file mode 100644 index 00000000..a91638c9 --- /dev/null +++ b/ldns/rr_functions.h @@ -0,0 +1,35 @@ +/* + * rr_functions.h + * + * the .h file with defs for the per rr + * functions + * + * a Net::DNS like library for C + * + * (c) NLnet Labs, 2004 + * + * See the file LICENSE for the license + */ +#ifndef _RR_FUNCTIONS_H +#define _RR_FUNCTIONS_H + +#define _LDNS_RR_FUNCTION(RR, POS, TYPE) \ + if (!(RR) || (ldns_rr_get_type((RR)) != (TYPE))) { \ + return false; \ + } \ + return ldns_rr_rdf((RR), (POS)); + +#define _LDNS_RR_SET_FUNCTION(RR, RDF, POS, TYPE) \ + ldns_rdf *pop; \ + if (!(RR) || (ldns_rr_get_type((RR)) != (TYPE))) { \ + return false; \ + } \ + pop = ldns_rr_set_rdf((RR), (RDF), (POS)); \ + if (pop) { \ + FREE(pop); \ + return true; \ + } else { \ + return false; \ + } + +#endif /* _RR_FUNCTIONS_H */ diff --git a/rr_functions.c b/rr_functions.c index f60541ef..00fa6233 100644 --- a/rr_functions.c +++ b/rr_functions.c @@ -19,6 +19,7 @@ #include #include +#include #include "util.h" @@ -27,6 +28,7 @@ ldns_rdf * ldns_rr_address(ldns_rr *r) { + /* 2 types to check, cannot use the macro */ if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_A && ldns_rr_get_type(r) != LDNS_RR_TYPE_AAAA)) { return NULL; @@ -34,10 +36,13 @@ ldns_rr_address(ldns_rr *r) return ldns_rr_rdf(r, 0); } -/* write */ +/* write - + * if there is a value in the rr - is is _freed_! + */ bool ldns_rr_set_address(ldns_rr *r, ldns_rdf *f) { + /* 2 types to check, cannot use the macro... */ ldns_rdf *pop; if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_A && ldns_rr_get_type(r) != LDNS_RR_TYPE_AAAA)) { @@ -56,109 +61,121 @@ ldns_rr_set_address(ldns_rr *r, ldns_rdf *f) ldns_rdf * ldns_rr_nsdname(ldns_rr *r) { - if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_NS)) { - return NULL; - } - return ldns_rr_rdf(r, 0); + _LDNS_RR_FUNCTION(r, 0, LDNS_RR_TYPE_NS); } /* MX records */ ldns_rdf * ldns_rr_preference(ldns_rr *r) { - if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_MX)) { - return NULL; - } - return ldns_rr_rdf(r, 0); + _LDNS_RR_FUNCTION(r, 0, LDNS_RR_TYPE_MX); } ldns_rdf * ldns_rr_exchange(ldns_rr *r) { - if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_MX)) { - return NULL; - } - return ldns_rr_rdf(r, 1); + _LDNS_RR_FUNCTION(r, 1, LDNS_RR_TYPE_MX); } -/* RRSIG records */ +/* RRSIG record */ ldns_rdf * ldns_rr_typecovered(ldns_rr *r) { - if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_RRSIG)) { - return NULL; - } - return ldns_rr_rdf(r, 0); + _LDNS_RR_FUNCTION(r, 0, LDNS_RR_TYPE_RRSIG); +} + +bool +ldns_rr_set_typecovered(ldns_rr *r, ldns_rdf *f) +{ + _LDNS_RR_SET_FUNCTION(r, f, 0, LDNS_RR_TYPE_RRSIG); } ldns_rdf * ldns_rr_algorithm(ldns_rr *r) { - if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_RRSIG)) { - return NULL; - } - return ldns_rr_rdf(r, 1); + _LDNS_RR_FUNCTION(r, 1, LDNS_RR_TYPE_RRSIG); +} + +bool +ldns_rr_set_algorithm(ldns_rr *r, ldns_rdf *f) +{ + _LDNS_RR_SET_FUNCTION(r, f, 1, LDNS_RR_TYPE_RRSIG); } ldns_rdf * ldns_rr_labels(ldns_rr *r) { - if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_RRSIG)) { - return NULL; - } - return ldns_rr_rdf(r, 2); + _LDNS_RR_FUNCTION(r, 2, LDNS_RR_TYPE_RRSIG); +} +bool +ldns_rr_set_labels(ldns_rr *r, ldns_rdf *f) +{ + _LDNS_RR_SET_FUNCTION(r, f, 2, LDNS_RR_TYPE_RRSIG); } ldns_rdf * ldns_rr_origttl(ldns_rr *r) { - if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_RRSIG)) { - return NULL; - } - return ldns_rr_rdf(r, 3); + _LDNS_RR_FUNCTION(r, 3, LDNS_RR_TYPE_RRSIG); +} +bool +ldns_rr_set_origtll(ldns_rr *r, ldns_rdf *f) +{ + _LDNS_RR_SET_FUNCTION(r, f, 3, LDNS_RR_TYPE_RRSIG); } ldns_rdf * ldns_rr_expiration(ldns_rr *r) { - if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_RRSIG)) { - return NULL; - } - return ldns_rr_rdf(r, 4); + _LDNS_RR_FUNCTION(r, 4, LDNS_RR_TYPE_RRSIG); +} +bool +ldns_rr_set_expiration(ldns_rr *r, ldns_rdf *f) +{ + _LDNS_RR_SET_FUNCTION(r, f, 4, LDNS_RR_TYPE_RRSIG); } ldns_rdf * ldns_rr_inception(ldns_rr *r) { - if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_RRSIG)) { - return NULL; - } - return ldns_rr_rdf(r, 5); + _LDNS_RR_FUNCTION(r, 5, LDNS_RR_TYPE_RRSIG); +} +bool +ldns_rr_set_inception(ldns_rr *r, ldns_rdf *f) +{ + _LDNS_RR_SET_FUNCTION(r, f, 5, LDNS_RR_TYPE_RRSIG); } ldns_rdf * ldns_rr_keytag(ldns_rr *r) { - if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_RRSIG)) { - return NULL; - } - return ldns_rr_rdf(r, 6); + _LDNS_RR_FUNCTION(r, 6, LDNS_RR_TYPE_RRSIG); } +bool +ldns_rr_set_keytag(ldns_rr *r, ldns_rdf *f) +{ + _LDNS_RR_SET_FUNCTION(r, f, 6, LDNS_RR_TYPE_RRSIG); +} ldns_rdf * ldns_rr_signame(ldns_rr *r) { - if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_RRSIG)) { - return NULL; - } - return ldns_rr_rdf(r, 7); + _LDNS_RR_FUNCTION(r, 7, LDNS_RR_TYPE_RRSIG); +} +bool +ldns_rr_set_signame(ldns_rr *r, ldns_rdf *f) +{ + _LDNS_RR_SET_FUNCTION(r, f, 7, LDNS_RR_TYPE_RRSIG); } ldns_rdf * ldns_rr_sig(ldns_rr *r) { - if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_RRSIG)) { - return NULL; - } - return ldns_rr_rdf(r, 8); + _LDNS_RR_FUNCTION(r, 8, LDNS_RR_TYPE_RRSIG); +} + +bool +ldns_rr_set_sig(ldns_rr *r, ldns_rdf *f) +{ + _LDNS_RR_SET_FUNCTION(r, f, 8, LDNS_RR_TYPE_RRSIG); }