OpenDNSSEC-signer  1.4.10
tsig.h
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2011 NLNet Labs. All rights reserved.
3  *
4  * Taken from NSD3 and adjusted for OpenDNSSEC, NLnet Labs.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  * notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  * notice, this list of conditions and the following disclaimer in the
13  * documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
17  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
19  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
21  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
22  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
23  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
24  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
25  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26  *
27  */
28 
34 #ifndef WIRE_TSIG_H
35 #define WIRE_TSIG_H
36 
37 #include "config.h"
38 #include "shared/allocator.h"
39 #include "shared/status.h"
40 #include "wire/buffer.h"
41 
42 #include <ldns/ldns.h>
43 
44 #define TSIG_ERROR_BADSIG 16
45 #define TSIG_ERROR_BADKEY 17
46 #define TSIG_ERROR_BADTIME 18
47 
48 #define TSIG_HMAC_MD5 157
49 #define TSIG_HMAC_SHA1 158
50 #define TSIG_HMAC_SHA256 159
51 
60 };
62 
69 {
70  uint8_t id;
71  const char* short_name;
72 };
73 
80  ldns_rdf* dname;
81  size_t size;
82  const uint8_t* data;
83 };
84 
91  const char* txt_name;
92  ldns_rdf* wf_name;
94  const void* data;
95  /* create a new HMAC context */
96  void*(*hmac_create)(allocator_type* allocator);
97  /* initialize an HMAC context */
98  void(*hmac_init)(void* context, tsig_algo_type* algo,
99  tsig_key_type* key);
100  /* update the HMAC context */
101  void(*hmac_update)(void* context, const void* data, size_t size);
102  /* finalize digest */
103  void(*hmac_final)(void* context, uint8_t* digest, size_t* size);
104 };
105 
110 typedef struct tsig_struct tsig_type;
111 struct tsig_struct {
113  const char* name;
114  const char* algorithm;
115  const char* secret;
117 };
118 
127  size_t position;
130  void* context;
134  uint8_t* prior_mac_data;
135 
136  ldns_rdf* key_name;
137  ldns_rdf* algo_name;
139  uint32_t signed_time_low;
141  uint16_t mac_size;
142  uint8_t* mac_data;
144  uint16_t error_code;
145  uint16_t other_size;
146  uint8_t* other_data;
147 };
148 
156 
161 void tsig_handler_cleanup(void);
162 
169 
176 
186 tsig_type* tsig_create(allocator_type* allocator, char* name, char* algo,
187  char* secret);
188 
196 tsig_type* tsig_lookup_by_name(tsig_type* tsig, const char* name);
197 
204 tsig_algo_type* tsig_lookup_algo(const char* name);
205 
213 
222 
230 int tsig_rr_find(tsig_rr_type* trr, buffer_type* buffer);
231 
239 int tsig_rr_parse(tsig_rr_type* trr, buffer_type* buffer);
240 
247 int tsig_rr_lookup(tsig_rr_type* trr);
248 
254 void tsig_rr_prepare(tsig_rr_type* trr);
255 
265 void tsig_rr_update(tsig_rr_type* trr, buffer_type* buffer, size_t length);
266 
272 void tsig_rr_sign(tsig_rr_type* trr);
273 
280 int tsig_rr_verify(tsig_rr_type* trr);
281 
288 void tsig_rr_append(tsig_rr_type* trr, buffer_type* buffer);
289 
290 /*
291  * The amount of space to reserve in the response for the TSIG data.
292  * \param[in] trr TSIG RR
293  * \return size_t reserved space size
294  *
295  */
297 
303 void tsig_rr_error(tsig_rr_type* trr);
304 
311 const char* tsig_status2str(tsig_status status);
312 
319 const char* tsig_strerror(uint16_t error);
320 
326 void tsig_rr_free(tsig_rr_type* trr);
327 
333 void tsig_rr_cleanup(tsig_rr_type* trr);
334 
341 void tsig_cleanup(tsig_type* tsig, allocator_type* allocator);
342 
343 #endif /* WIRE_TSIG_H */
tsig_algo_type * algo
Definition: tsig.h:131
tsig_status status
Definition: tsig.h:126
allocator_type * allocator
Definition: tsig.h:125
size_t max_digest_size
Definition: tsig.h:93
uint16_t mac_size
Definition: tsig.h:141
uint16_t signed_time_high
Definition: tsig.h:138
void tsig_handler_add_key(tsig_key_type *key)
Definition: tsig.c:86
tsig_type * tsig_create(allocator_type *allocator, char *name, char *algo, char *secret)
Definition: tsig.c:235
uint16_t error_code
Definition: tsig.h:144
int tsig_rr_lookup(tsig_rr_type *trr)
Definition: tsig.c:511
void tsig_rr_sign(tsig_rr_type *trr)
Definition: tsig.c:677
tsig_rr_type * tsig_rr_create(allocator_type *allocator)
Definition: tsig.c:306
uint8_t * prior_mac_data
Definition: tsig.h:134
enum ods_enum_status ods_status
Definition: status.h:90
const char * short_name
Definition: tsig.h:71
ldns_rdf * wf_name
Definition: tsig.h:92
uint16_t signed_time_fudge
Definition: tsig.h:140
const void * data
Definition: tsig.h:94
size_t update_since_last_prepare
Definition: tsig.h:129
tsig_type * tsig_lookup_by_name(tsig_type *tsig, const char *name)
Definition: tsig.c:267
uint8_t * other_data
Definition: tsig.h:146
int tsig_rr_verify(tsig_rr_type *trr)
Definition: tsig.c:699
size_t prior_mac_size
Definition: tsig.h:133
const char * tsig_strerror(uint16_t error)
Definition: tsig.c:829
const char * algorithm
Definition: tsig.h:114
tsig_key_type * key
Definition: tsig.h:116
ldns_rdf * key_name
Definition: tsig.h:136
int tsig_rr_find(tsig_rr_type *trr, buffer_type *buffer)
Definition: tsig.c:478
tsig_type * next
Definition: tsig.h:112
uint8_t * mac_data
Definition: tsig.h:142
int tsig_rr_parse(tsig_rr_type *trr, buffer_type *buffer)
Definition: tsig.c:364
Definition: tsig.h:58
ods_status tsig_handler_init(allocator_type *allocator)
Definition: tsig.c:133
size_t size
Definition: tsig.h:81
size_t tsig_rr_reserved_space(tsig_rr_type *trr)
Definition: tsig.c:763
tsig_key_type * key
Definition: tsig.h:132
uint32_t signed_time_low
Definition: tsig.h:139
ldns_rdf * dname
Definition: tsig.h:80
void tsig_handler_cleanup(void)
Definition: tsig.c:156
void tsig_rr_update(tsig_rr_type *trr, buffer_type *buffer, size_t length)
Definition: tsig.c:605
void tsig_rr_prepare(tsig_rr_type *trr)
Definition: tsig.c:580
tsig_status_enum
Definition: tsig.h:56
const char * secret
Definition: tsig.h:115
void tsig_cleanup(tsig_type *tsig, allocator_type *allocator)
Definition: tsig.c:902
tsig_algo_type * tsig_lookup_algo(const char *name)
Definition: tsig.c:289
size_t position
Definition: tsig.h:127
void tsig_handler_add_algo(tsig_algo_type *algo)
Definition: tsig.c:108
void tsig_rr_append(tsig_rr_type *trr, buffer_type *buffer)
Definition: tsig.c:721
uint16_t other_size
Definition: tsig.h:145
void tsig_rr_cleanup(tsig_rr_type *trr)
Definition: tsig.c:884
void * context
Definition: tsig.h:130
void tsig_rr_free(tsig_rr_type *trr)
Definition: tsig.c:862
ldns_rdf * algo_name
Definition: tsig.h:137
size_t response_count
Definition: tsig.h:128
const uint8_t * data
Definition: tsig.h:82
const char * tsig_status2str(tsig_status status)
Definition: tsig.c:810
void tsig_rr_error(tsig_rr_type *trr)
Definition: tsig.c:792
const char * name
Definition: tsig.h:113
const char * txt_name
Definition: tsig.h:91
enum tsig_status_enum tsig_status
Definition: tsig.h:61
void tsig_rr_reset(tsig_rr_type *trr, tsig_algo_type *algo, tsig_key_type *key)
Definition: tsig.c:333
uint16_t original_query_id
Definition: tsig.h:143