00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00021 #ifndef LDNS_KEYS_H
00022 #define LDNS_KEYS_H
00023
00024 #include <ldns/common.h>
00025 #if LDNS_BUILD_CONFIG_HAVE_SSL
00026 #include <openssl/ssl.h>
00027 #endif
00028 #include <ldns/util.h>
00029 #include <errno.h>
00030
00031 #ifdef __cplusplus
00032 extern "C" {
00033 #endif
00034
00035 extern ldns_lookup_table ldns_signing_algorithms[];
00036
00037 #define LDNS_KEY_ZONE_KEY 0x0100
00038 #define LDNS_KEY_SEP_KEY 0x0001
00039 #define LDNS_KEY_REVOKE_KEY 0x0080
00040
00044 enum ldns_enum_algorithm
00045 {
00046 LDNS_RSAMD5 = 1,
00047 LDNS_DH = 2,
00048 LDNS_DSA = 3,
00049 LDNS_ECC = 4,
00050 LDNS_RSASHA1 = 5,
00051 LDNS_DSA_NSEC3 = 6,
00052 LDNS_RSASHA1_NSEC3 = 7,
00053 LDNS_RSASHA256 = 8,
00054 LDNS_RSASHA512 = 10,
00055 LDNS_ECC_GOST = 12,
00056 LDNS_ECDSAP256SHA256 = 13,
00057 LDNS_ECDSAP384SHA384 = 14,
00058 LDNS_INDIRECT = 252,
00059 LDNS_PRIVATEDNS = 253,
00060 LDNS_PRIVATEOID = 254
00061 };
00062 typedef enum ldns_enum_algorithm ldns_algorithm;
00063
00067 enum ldns_enum_hash
00068 {
00069 LDNS_SHA1 = 1,
00070 LDNS_SHA256 = 2,
00071 LDNS_HASH_GOST = 3,
00072 LDNS_SHA384 = 4
00073 };
00074 typedef enum ldns_enum_hash ldns_hash;
00075
00079 enum ldns_enum_signing_algorithm
00080 {
00081 LDNS_SIGN_RSAMD5 = LDNS_RSAMD5,
00082 LDNS_SIGN_RSASHA1 = LDNS_RSASHA1,
00083 LDNS_SIGN_DSA = LDNS_DSA,
00084 LDNS_SIGN_RSASHA1_NSEC3 = LDNS_RSASHA1_NSEC3,
00085 LDNS_SIGN_RSASHA256 = LDNS_RSASHA256,
00086 LDNS_SIGN_RSASHA512 = LDNS_RSASHA512,
00087 LDNS_SIGN_DSA_NSEC3 = LDNS_DSA_NSEC3,
00088 LDNS_SIGN_ECC_GOST = LDNS_ECC_GOST,
00089 LDNS_SIGN_ECDSAP256SHA256 = LDNS_ECDSAP256SHA256,
00090 LDNS_SIGN_ECDSAP384SHA384 = LDNS_ECDSAP384SHA384,
00091 LDNS_SIGN_HMACMD5 = 157,
00092 LDNS_SIGN_HMACSHA1 = 158,
00093 LDNS_SIGN_HMACSHA256 = 159
00094 };
00095 typedef enum ldns_enum_signing_algorithm ldns_signing_algorithm;
00096
00107 struct ldns_struct_key {
00108 ldns_signing_algorithm _alg;
00110 bool _use;
00112
00113 struct {
00114 #if LDNS_BUILD_CONFIG_HAVE_SSL
00115 #ifndef S_SPLINT_S
00116
00117
00118 EVP_PKEY *key;
00119 #endif
00120 #endif
00121
00124 struct {
00125 unsigned char *key;
00126 size_t size;
00127 } hmac;
00131 void *external_key;
00132 } _key;
00134 union {
00136 struct {
00138 uint32_t orig_ttl;
00140 uint32_t inception;
00142 uint32_t expiration;
00144 uint16_t keytag;
00146 uint16_t flags;
00147 } dnssec;
00148 } _extra;
00150 ldns_rdf *_pubkey_owner;
00151 };
00152 typedef struct ldns_struct_key ldns_key;
00153
00157 struct ldns_struct_key_list
00158 {
00159 size_t _key_count;
00160 ldns_key **_keys;
00161 };
00162 typedef struct ldns_struct_key_list ldns_key_list;
00163
00164
00169 ldns_key_list *ldns_key_list_new(void);
00170
00175 ldns_key *ldns_key_new(void);
00176
00184 ldns_key *ldns_key_new_frm_algorithm(ldns_signing_algorithm a, uint16_t size);
00185
00196 ldns_status ldns_key_new_frm_fp(ldns_key **k, FILE *fp);
00197
00209 ldns_status ldns_key_new_frm_fp_l(ldns_key **k, FILE *fp, int *line_nr);
00210
00211 #if LDNS_BUILD_CONFIG_HAVE_SSL
00212
00216 ldns_status ldns_key_new_frm_engine(ldns_key **key, ENGINE *e, char *key_id, ldns_algorithm);
00217
00218
00225 RSA *ldns_key_new_frm_fp_rsa(FILE *fp);
00226 #endif
00227
00228 #if LDNS_BUILD_CONFIG_HAVE_SSL
00229
00236 RSA *ldns_key_new_frm_fp_rsa_l(FILE *fp, int *line_nr);
00237 #endif
00238
00239 #if LDNS_BUILD_CONFIG_HAVE_SSL
00240
00246 DSA *ldns_key_new_frm_fp_dsa(FILE *fp);
00247 #endif
00248
00249 #if LDNS_BUILD_CONFIG_HAVE_SSL
00250
00257 DSA *ldns_key_new_frm_fp_dsa_l(FILE *fp, int *line_nr);
00258 #endif
00259
00260 #if LDNS_BUILD_CONFIG_HAVE_SSL
00261
00269 unsigned char *ldns_key_new_frm_fp_hmac(FILE *fp, size_t *hmac_size);
00270 #endif
00271
00272 #if LDNS_BUILD_CONFIG_HAVE_SSL
00273
00282 unsigned char *ldns_key_new_frm_fp_hmac_l(FILE *fp, int *line_nr, size_t *hmac_size);
00283 #endif
00284
00285
00291 void ldns_key_set_algorithm(ldns_key *k, ldns_signing_algorithm l);
00292 #if LDNS_BUILD_CONFIG_HAVE_SSL
00293
00298 void ldns_key_set_evp_key(ldns_key *k, EVP_PKEY *e);
00299
00306 void ldns_key_set_rsa_key(ldns_key *k, RSA *r);
00307
00314 void ldns_key_set_dsa_key(ldns_key *k, DSA *d);
00315
00322 void ldns_key_assign_rsa_key(ldns_key *k, RSA *r);
00323
00330 void ldns_key_assign_dsa_key(ldns_key *k, DSA *d);
00331
00337 int ldns_key_EVP_load_gost_id(void);
00338
00340 void ldns_key_EVP_unload_gost(void);
00341 #endif
00342
00348 void ldns_key_set_hmac_key(ldns_key *k, unsigned char *hmac);
00349
00360 void ldns_key_set_external_key(ldns_key *key, void *external_key);
00361
00367 void ldns_key_set_hmac_size(ldns_key *k, size_t hmac_size);
00373 void ldns_key_set_origttl(ldns_key *k, uint32_t t);
00379 void ldns_key_set_inception(ldns_key *k, uint32_t i);
00385 void ldns_key_set_expiration(ldns_key *k, uint32_t e);
00391 void ldns_key_set_pubkey_owner(ldns_key *k, ldns_rdf *r);
00397 void ldns_key_set_keytag(ldns_key *k, uint16_t tag);
00403 void ldns_key_set_flags(ldns_key *k, uint16_t flags);
00409 void ldns_key_list_set_key_count(ldns_key_list *key, size_t count);
00410
00417 bool ldns_key_list_push_key(ldns_key_list *key_list, ldns_key *key);
00418
00424 size_t ldns_key_list_key_count(const ldns_key_list *key_list);
00425
00432 ldns_key *ldns_key_list_key(const ldns_key_list *key, size_t nr);
00433
00434 #if LDNS_BUILD_CONFIG_HAVE_SSL
00435
00440 RSA *ldns_key_rsa_key(const ldns_key *k);
00446 EVP_PKEY *ldns_key_evp_key(const ldns_key *k);
00447 #endif
00448
00452 #if LDNS_BUILD_CONFIG_HAVE_SSL
00453 DSA *ldns_key_dsa_key(const ldns_key *k);
00454 #endif
00455
00461 ldns_signing_algorithm ldns_key_algorithm(const ldns_key *k);
00467 void ldns_key_set_use(ldns_key *k, bool v);
00473 bool ldns_key_use(const ldns_key *k);
00479 unsigned char *ldns_key_hmac_key(const ldns_key *k);
00485 void *ldns_key_external_key(const ldns_key *k);
00491 size_t ldns_key_hmac_size(const ldns_key *k);
00497 uint32_t ldns_key_origttl(const ldns_key *k);
00503 uint32_t ldns_key_inception(const ldns_key *k);
00509 uint32_t ldns_key_expiration(const ldns_key *k);
00515 uint16_t ldns_key_keytag(const ldns_key *k);
00521 ldns_rdf *ldns_key_pubkey_owner(const ldns_key *k);
00527 void
00528 ldns_key_list_set_use(ldns_key_list *keys, bool v);
00529
00535 uint16_t ldns_key_flags(const ldns_key *k);
00536
00542 ldns_key *ldns_key_list_pop_key(ldns_key_list *key_list);
00543
00553 ldns_rr *ldns_key2rr(const ldns_key *k);
00554
00561 void ldns_key_print(FILE *output, const ldns_key *k);
00562
00568 void ldns_key_free(ldns_key *key);
00569
00576 void ldns_key_deep_free(ldns_key *key);
00577
00582 void ldns_key_list_free(ldns_key_list *key_list);
00583
00589 ldns_rr * ldns_read_anchor_file(const char *filename);
00590
00601 char *ldns_key_get_file_base_name(ldns_key *key);
00602
00608 int ldns_key_algo_supported(int algo);
00609
00615 ldns_signing_algorithm ldns_get_signing_algorithm_by_name(const char* name);
00616
00617 #ifdef __cplusplus
00618 }
00619 #endif
00620
00621 #endif