* PERFORMANCE OF THIS SOFTWARE.
*/
-/*
- * $Id$
- */
-
/*! \file */
#include <config.h>
}
if (result != ISC_R_SUCCESS) {
- char keybuf[DNS_NAME_FORMATSIZE];
- char algbuf[DNS_SECALG_FORMATSIZE];
- dns_name_format(dst_key_name(pubkey), keybuf,
- sizeof(keybuf));
- dns_secalg_format(dst_key_alg(pubkey), algbuf,
- sizeof(algbuf));
+ char filename[ISC_DIR_NAMEMAX];
+ isc_result_t result2;
+ isc_buffer_t buf;
+
+ isc_buffer_init(&buf, filename, ISC_DIR_NAMEMAX);
+ result2 = dst_key_getfilename(dst_key_name(pubkey),
+ dst_key_id(pubkey),
+ dst_key_alg(pubkey),
+ (DST_TYPE_PUBLIC |
+ DST_TYPE_PRIVATE),
+ directory, mctx,
+ &buf);
+ if (result2 != ISC_R_SUCCESS) {
+ char namebuf[DNS_NAME_FORMATSIZE];
+ char algbuf[DNS_SECALG_FORMATSIZE];
+
+ dns_name_format(dst_key_name(pubkey),
+ namebuf, sizeof(namebuf));
+ dns_secalg_format(dst_key_alg(pubkey),
+ algbuf, sizeof(algbuf));
+ snprintf(filename, sizeof(filename) - 1,
+ "key file for %s/%s/%d",
+ namebuf, algbuf, dst_key_id(pubkey));
+ }
+
isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
DNS_LOGMODULE_DNSSEC, ISC_LOG_WARNING,
"dns_dnssec_findzonekeys2: error "
- "reading private key file %s/%s/%d: %s",
- keybuf, algbuf, dst_key_id(pubkey),
- isc_result_totext(result));
+ "reading %s: %s",
+ filename, isc_result_totext(result));
}
if (result == ISC_R_FILENOTFOUND || result == ISC_R_NOPERM) {
}
if (result != ISC_R_SUCCESS) {
- char keybuf[DNS_NAME_FORMATSIZE];
- char algbuf[DNS_SECALG_FORMATSIZE];
- dns_name_format(dst_key_name(pubkey), keybuf,
- sizeof(keybuf));
- dns_secalg_format(dst_key_alg(pubkey), algbuf,
- sizeof(algbuf));
+ char filename[ISC_DIR_NAMEMAX];
+ isc_result_t result2;
+ isc_buffer_t buf;
+
+ isc_buffer_init(&buf, filename, ISC_DIR_NAMEMAX);
+ result2 = dst_key_getfilename(dst_key_name(pubkey),
+ dst_key_id(pubkey),
+ dst_key_alg(pubkey),
+ (DST_TYPE_PUBLIC |
+ DST_TYPE_PRIVATE),
+ directory, mctx,
+ &buf);
+ if (result2 != ISC_R_SUCCESS) {
+ char namebuf[DNS_NAME_FORMATSIZE];
+ char algbuf[DNS_SECALG_FORMATSIZE];
+
+ dns_name_format(dst_key_name(pubkey),
+ namebuf, sizeof(namebuf));
+ dns_secalg_format(dst_key_alg(pubkey),
+ algbuf, sizeof(algbuf));
+ snprintf(filename, sizeof(filename) - 1,
+ "key file for %s/%s/%d",
+ namebuf, algbuf, dst_key_id(pubkey));
+ }
+
isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
DNS_LOGMODULE_DNSSEC, ISC_LOG_WARNING,
"dns_dnssec_keylistfromrdataset: error "
- "reading private key file %s/%s/%d: %s",
- keybuf, algbuf, dst_key_id(pubkey),
- isc_result_totext(result));
+ "reading %s: %s",
+ filename, isc_result_totext(result));
}
if (result == ISC_R_FILENOTFOUND || result == ISC_R_NOPERM) {
return (key->external);
}
+isc_result_t
+dst_key_getfilename(dns_name_t *name, dns_keytag_t id,
+ unsigned int alg, int type, const char *directory,
+ isc_mem_t *mctx, isc_buffer_t *buf)
+{
+ isc_result_t result;
+
+ REQUIRE(dst_initialized == ISC_TRUE);
+ REQUIRE(dns_name_isabsolute(name));
+ REQUIRE((type & (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC)) != 0);
+ REQUIRE(mctx != NULL);
+ REQUIRE(buf != NULL);
+
+ CHECKALG(alg);
+
+ result = buildfilename(name, id, alg, type, directory, buf);
+ if (result == ISC_R_SUCCESS) {
+ if (isc_buffer_availablelength(buf) > 0)
+ isc_buffer_putuint8(buf, 0);
+ else
+ result = ISC_R_NOSPACE;
+ }
+
+ return (result);
+}
+
isc_result_t
dst_key_fromfile(dns_name_t *name, dns_keytag_t id,
unsigned int alg, int type, const char *directory,
isc_mem_t *mctx, dst_key_t **keyp)
{
+ isc_result_t result;
char filename[ISC_DIR_NAMEMAX];
- isc_buffer_t b;
+ isc_buffer_t buf;
dst_key_t *key;
- isc_result_t result;
REQUIRE(dst_initialized == ISC_TRUE);
REQUIRE(dns_name_isabsolute(name));
CHECKALG(alg);
- isc_buffer_init(&b, filename, sizeof(filename));
- result = buildfilename(name, id, alg, type, directory, &b);
+ key = NULL;
+
+ isc_buffer_init(&buf, filename, ISC_DIR_NAMEMAX);
+ result = dst_key_getfilename(name, id, alg, type, NULL, mctx, &buf);
if (result != ISC_R_SUCCESS)
- return (result);
+ goto out;
- key = NULL;
- result = dst_key_fromnamedfile(filename, NULL, type, mctx, &key);
+ result = dst_key_fromnamedfile(filename, directory, type, mctx, &key);
if (result != ISC_R_SUCCESS)
- return (result);
+ goto out;
result = computeid(key);
- if (result != ISC_R_SUCCESS) {
- dst_key_free(&key);
- return (result);
- }
+ if (result != ISC_R_SUCCESS)
+ goto out;
if (!dns_name_equal(name, key->key_name) || id != key->key_id ||
alg != key->key_alg) {
- dst_key_free(&key);
- return (DST_R_INVALIDPRIVATEKEY);
+ result = DST_R_INVALIDPRIVATEKEY;
+ goto out;
}
*keyp = key;
- return (ISC_R_SUCCESS);
+ result = ISC_R_SUCCESS;
+
+ out:
+ if ((key != NULL) && (result != ISC_R_SUCCESS))
+ dst_key_free(&key);
+
+ return (result);
}
isc_result_t
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: dst.h,v 1.34 2011/10/20 21:20:02 marka Exp $ */
-
#ifndef DST_DST_H
#define DST_DST_H 1
* \li If successful, secret will contain the derived shared secret.
*/
+isc_result_t
+dst_key_getfilename(dns_name_t *name, dns_keytag_t id, unsigned int alg,
+ int type, const char *directory,
+ isc_mem_t *mctx, isc_buffer_t *buf);
+/*%<
+ * Generates a key filename for the name, algorithm, and
+ * id, and places it in the buffer 'buf'. If directory is NULL, the
+ * current directory is assumed.
+ *
+ * Requires:
+ * \li "name" is a valid absolute dns name.
+ * \li "id" is a valid key tag identifier.
+ * \li "alg" is a supported key algorithm.
+ * \li "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union.
+ * DST_TYPE_KEY look for a KEY record otherwise DNSKEY
+ * \li "mctx" is a valid memory context.
+ * \li "buf" is not NULL.
+ *
+ * Returns:
+ * \li ISC_R_SUCCESS
+ * \li any other result indicates failure
+ */
+
isc_result_t
dst_key_fromfile(dns_name_t *name, dns_keytag_t id, unsigned int alg, int type,
const char *directory, isc_mem_t *mctx, dst_key_t **keyp);
dst_key_fromnamedfile
dst_key_generate
dst_key_generate2
+dst_key_getfilename
dst_key_getprivateformat
dst_key_gettime
dst_key_getttl
projects / thirdparty / bind9.git / commitdiff
