OpenDNSSEC-signer  1.4.10
keys.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2009 NLNet Labs. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  * notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  * notice, this list of conditions and the following disclaimer in the
11  * documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
15  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
17  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
19  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
21  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
22  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
23  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  *
25  */
26 
32 #include "shared/file.h"
33 #include "shared/log.h"
34 #include "shared/util.h"
35 #include "signer/backup.h"
36 #include "signer/keys.h"
37 #include "signer/signconf.h"
38 
39 static const char* key_str = "keys";
40 
41 
47 keylist_create(void* sc)
48 {
49  signconf_type* signconf = (signconf_type*) sc;
50  keylist_type* kl = NULL;
51 
52  if (!signconf || !signconf->allocator) {
53  return NULL;
54  }
55  kl = (keylist_type*) allocator_alloc(signconf->allocator,
56  sizeof(keylist_type));
57  if (!kl) {
58  ods_log_error("[%s] create list failed: allocator_alloc() failed",
59  key_str);
60  return NULL;
61  }
62  kl->sc = sc;
63  kl->count = 0;
64  kl->keys = NULL;
65  return kl;
66 }
67 
68 
73 key_type*
74 keylist_lookup_by_locator(keylist_type* kl, const char* locator)
75 {
76  uint16_t i = 0;
77  if (!kl || !locator || kl->count <= 0) {
78  return NULL;
79  }
80  for (i=0; i < kl->count; i++) {
81  if (&kl->keys[i] && kl->keys[i].locator) {
82  if (ods_strcmp(kl->keys[i].locator, locator) == 0) {
83  return &kl->keys[i];
84  }
85  }
86  }
87  return NULL;
88 }
89 
90 
95 key_type*
97 {
98  uint16_t i = 0;
99  if (!kl || !dnskey || kl->count <= 0) {
100  return NULL;
101  }
102  for (i=0; i < kl->count; i++) {
103  if (&kl->keys[i] && kl->keys[i].dnskey) {
104  if (ldns_rr_compare(kl->keys[i].dnskey, dnskey) == 0) {
105  return &kl->keys[i];
106  }
107  }
108  }
109  return NULL;
110 }
111 
112 
117 key_type*
118 keylist_push(keylist_type* kl, const char* locator,
119  uint8_t algorithm, uint32_t flags, int publish, int ksk, int zsk,
120  int rfc5011)
121 {
122  key_type* keys_old = NULL;
123  signconf_type* sc = NULL;
124 
125  ods_log_assert(kl);
126  ods_log_assert(locator);
127  ods_log_debug("[%s] add locator %s", key_str, locator);
128 
129  sc = (signconf_type*) kl->sc;
130  keys_old = kl->keys;
131  kl->keys = (key_type*) allocator_alloc(sc->allocator,
132  (kl->count + 1) * sizeof(key_type));
133  if (!kl->keys) {
134  ods_fatal_exit("[%s] unable to add key: allocator_alloc() failed",
135  key_str);
136  }
137  if (keys_old) {
138  memcpy(kl->keys, keys_old, (kl->count) * sizeof(key_type));
139  }
140  allocator_deallocate(sc->allocator, (void*) keys_old);
141  kl->count++;
142  kl->keys[kl->count -1].locator = locator;
143  kl->keys[kl->count -1].algorithm = algorithm;
144  kl->keys[kl->count -1].flags = flags;
145  kl->keys[kl->count -1].publish = publish;
146  kl->keys[kl->count -1].ksk = ksk;
147  kl->keys[kl->count -1].zsk = zsk;
148  kl->keys[kl->count -1].rfc5011 = rfc5011;
149  kl->keys[kl->count -1].dnskey = NULL;
150  kl->keys[kl->count -1].params = NULL;
151  return &kl->keys[kl->count -1];
152 }
153 
154 
159 static void
160 key_print(FILE* fd, key_type* key)
161 {
162  if (!fd || !key) {
163  return;
164  }
165  fprintf(fd, "\t\t\t<Key>\n");
166  fprintf(fd, "\t\t\t\t<Flags>%u</Flags>\n", key->flags);
167  fprintf(fd, "\t\t\t\t<Algorithm>%u</Algorithm>\n", key->algorithm);
168  if (key->locator) {
169  fprintf(fd, "\t\t\t\t<Locator>%s</Locator>\n", key->locator);
170  }
171  if (key->ksk) {
172  fprintf(fd, "\t\t\t\t<KSK />\n");
173  }
174  if (key->zsk) {
175  fprintf(fd, "\t\t\t\t<ZSK />\n");
176  }
177  if (key->publish) {
178  fprintf(fd, "\t\t\t\t<Publish />\n");
179  }
180  if (key->rfc5011) {
181  fprintf(fd, "\t\t\t\t<RFC5011 />\n");
182  }
183  fprintf(fd, "\t\t\t</Key>\n");
184  fprintf(fd, "\n");
185  return;
186 }
187 
188 
193 static void
194 key_log(key_type* key, const char* name)
195 {
196  if (!key) {
197  return;
198  }
199  ods_log_debug("[%s] zone %s key: LOCATOR[%s] FLAGS[%u] ALGORITHM[%u] "
200  "KSK[%i] ZSK[%i] PUBLISH[%i] RFC5011[%i]", key_str, name?name:"(null)", key->locator,
201  key->flags, key->algorithm, key->ksk, key->zsk, key->publish, key->rfc5011);
202  return;
203 }
204 
205 
210 void
212 {
213  uint16_t i = 0;
214  if (!fd || !kl || kl->count <= 0) {
215  return;
216  }
217  for (i=0; i < kl->count; i++) {
218  key_print(fd, &kl->keys[i]);
219  }
220  return;
221 }
222 
223 
228 void
229 keylist_log(keylist_type* kl, const char* name)
230 {
231  uint16_t i = 0;
232  if (!kl || kl->count <= 0) {
233  return;
234  }
235  for (i=0; i < kl->count; i++) {
236  key_log(&kl->keys[i], name);
237  }
238  return;
239 }
240 
241 
246 static void
247 key_delfunc(key_type* key)
248 {
249  if (!key) {
250  return;
251  }
252  /* ldns_rr_free(key->dnskey); */
253  hsm_sign_params_free(key->params);
254  free((void*) key->locator);
255  return;
256 }
257 
258 
263 void
265 {
266  uint16_t i = 0;
267  signconf_type* sc = NULL;
268  if (!kl) {
269  return;
270  }
271  for (i=0; i < kl->count; i++) {
272  key_delfunc(&kl->keys[i]);
273  }
274  sc = (signconf_type*) kl->sc;
275  allocator_deallocate(sc->allocator, (void*) kl->keys);
276  allocator_deallocate(sc->allocator, (void*) kl);
277 }
278 
279 
284 static void
285 key_backup(FILE* fd, key_type* key, const char* version)
286 {
287  if (!fd || !key) {
288  return;
289  }
290  fprintf(fd, ";;Key: locator %s algorithm %u flags %u publish %i ksk %i "
291  "zsk %i rfc5011 %i\n", key->locator, (unsigned) key->algorithm,
292  (unsigned) key->flags, key->publish, key->ksk, key->zsk, key->rfc5011);
293  if (strcmp(version, ODS_SE_FILE_MAGIC_V2) == 0) {
294  if (key->dnskey) {
295  (void)util_rr_print(fd, key->dnskey);
296  }
297  fprintf(fd, ";;Keydone\n");
298  }
299  return;
300 }
301 
302 
307 key_type*
309 {
310  const char* locator = NULL;
311  uint8_t algorithm = 0;
312  uint32_t flags = 0;
313  int publish = 0;
314  int ksk = 0;
315  int zsk = 0;
316  int rfc5011 = 0;
317 
318  ods_log_assert(fd);
319 
320  if (!backup_read_check_str(fd, "locator") ||
321  !backup_read_str(fd, &locator) ||
322  !backup_read_check_str(fd, "algorithm") ||
323  !backup_read_uint8_t(fd, &algorithm) ||
324  !backup_read_check_str(fd, "flags") ||
325  !backup_read_uint32_t(fd, &flags) ||
326  !backup_read_check_str(fd, "publish") ||
327  !backup_read_int(fd, &publish) ||
328  !backup_read_check_str(fd, "ksk") ||
329  !backup_read_int(fd, &ksk) ||
330  !backup_read_check_str(fd, "zsk") ||
331  !backup_read_int(fd, &zsk) ||
332  !backup_read_check_str(fd, "rfc5011") ||
333  !backup_read_int(fd, &rfc5011)) {
334  if (locator) {
335  free((void*)locator);
336  locator = NULL;
337  }
338  return NULL;
339  }
340  /* key ok */
341  return keylist_push(kl, locator, algorithm, flags, publish, ksk,
342  zsk, rfc5011);
343 }
344 
345 
350 void
351 keylist_backup(FILE* fd, keylist_type* kl, const char* version)
352 {
353  uint16_t i = 0;
354  if (!fd || !kl || kl->count <= 0) {
355  return;
356  }
357  for (i=0; i < kl->count; i++) {
358  key_backup(fd, &kl->keys[i], version);
359  }
360  return;
361 }
void keylist_cleanup(keylist_type *kl)
Definition: keys.c:264
int backup_read_str(FILE *in, const char **str)
Definition: backup.c:97
key_type * keylist_push(keylist_type *kl, const char *locator, uint8_t algorithm, uint32_t flags, int publish, int ksk, int zsk, int rfc5011)
Definition: keys.c:118
int publish
Definition: keys.h:60
int zsk
Definition: keys.h:62
void keylist_log(keylist_type *kl, const char *name)
Definition: keys.c:229
key_type * keylist_lookup_by_locator(keylist_type *kl, const char *locator)
Definition: keys.c:74
int backup_read_uint8_t(FILE *in, uint8_t *v)
Definition: backup.c:199
void ods_log_debug(const char *format,...)
Definition: log.c:270
ldns_rr * dnskey
Definition: keys.h:55
void * allocator_alloc(allocator_type *allocator, size_t size)
Definition: allocator.c:66
void ods_fatal_exit(const char *format,...)
Definition: log.c:382
void ods_log_error(const char *format,...)
Definition: log.c:334
void keylist_print(FILE *fd, keylist_type *kl)
Definition: keys.c:211
int rfc5011
Definition: keys.h:63
int ods_strcmp(const char *s1, const char *s2)
Definition: file.c:320
int backup_read_int(FILE *in, int *v)
Definition: backup.c:165
ods_status util_rr_print(FILE *fd, const ldns_rr *rr)
Definition: util.c:378
const char * locator
Definition: keys.h:57
key_type * keys
Definition: keys.h:73
keylist_type * keylist_create(void *sc)
Definition: keys.c:47
size_t count
Definition: keys.h:74
allocator_type * allocator
Definition: signconf.h:53
void * sc
Definition: keys.h:72
int ksk
Definition: keys.h:61
uint8_t algorithm
Definition: keys.h:58
int backup_read_check_str(FILE *in, const char *str)
Definition: backup.c:77
hsm_sign_params_t * params
Definition: keys.h:56
key_type * keylist_lookup_by_dnskey(keylist_type *kl, ldns_rr *dnskey)
Definition: keys.c:96
void allocator_deallocate(allocator_type *allocator, void *data)
Definition: allocator.c:135
#define ods_log_assert(x)
Definition: log.h:154
uint32_t flags
Definition: keys.h:59
key_type * key_recover2(FILE *fd, keylist_type *kl)
Definition: keys.c:308
void keylist_backup(FILE *fd, keylist_type *kl, const char *version)
Definition: keys.c:351
int backup_read_uint32_t(FILE *in, uint32_t *v)
Definition: backup.c:233