/contrib/bind9/lib/dns/key.c
C | 180 lines | 126 code | 36 blank | 18 comment | 27 complexity | 8ada7fec358762c6f9afe099c906e637 MD5 | raw file
1/* 2 * Copyright (C) 2004-2007, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") 3 * Copyright (C) 2001 Internet Software Consortium. 4 * 5 * Permission to use, copy, modify, and/or distribute this software for any 6 * purpose with or without fee is hereby granted, provided that the above 7 * copyright notice and this permission notice appear in all copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 11 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 15 * PERFORMANCE OF THIS SOFTWARE. 16 */ 17 18/* $Id$ */ 19 20#include <config.h> 21 22#include <stddef.h> 23#include <stdlib.h> 24 25#include <isc/region.h> 26#include <isc/util.h> 27 28#include <dns/keyvalues.h> 29 30#include <dst/dst.h> 31 32#include "dst_internal.h" 33 34isc_uint16_t 35dst_region_computeid(const isc_region_t *source, unsigned int alg) { 36 isc_uint32_t ac; 37 const unsigned char *p; 38 int size; 39 40 REQUIRE(source != NULL); 41 REQUIRE(source->length >= 4); 42 43 p = source->base; 44 size = source->length; 45 46 if (alg == DST_ALG_RSAMD5) 47 return ((p[size - 3] << 8) + p[size - 2]); 48 49 for (ac = 0; size > 1; size -= 2, p += 2) 50 ac += ((*p) << 8) + *(p + 1); 51 52 if (size > 0) 53 ac += ((*p) << 8); 54 ac += (ac >> 16) & 0xffff; 55 56 return ((isc_uint16_t)(ac & 0xffff)); 57} 58 59isc_uint16_t 60dst_region_computerid(const isc_region_t *source, unsigned int alg) { 61 isc_uint32_t ac; 62 const unsigned char *p; 63 int size; 64 65 REQUIRE(source != NULL); 66 REQUIRE(source->length >= 4); 67 68 p = source->base; 69 size = source->length; 70 71 if (alg == DST_ALG_RSAMD5) 72 return ((p[size - 3] << 8) + p[size - 2]); 73 74 ac = ((*p) << 8) + *(p + 1); 75 ac |= DNS_KEYFLAG_REVOKE; 76 for (size -= 2, p +=2; size > 1; size -= 2, p += 2) 77 ac += ((*p) << 8) + *(p + 1); 78 79 if (size > 0) 80 ac += ((*p) << 8); 81 ac += (ac >> 16) & 0xffff; 82 83 return ((isc_uint16_t)(ac & 0xffff)); 84} 85 86dns_name_t * 87dst_key_name(const dst_key_t *key) { 88 REQUIRE(VALID_KEY(key)); 89 return (key->key_name); 90} 91 92unsigned int 93dst_key_size(const dst_key_t *key) { 94 REQUIRE(VALID_KEY(key)); 95 return (key->key_size); 96} 97 98unsigned int 99dst_key_proto(const dst_key_t *key) { 100 REQUIRE(VALID_KEY(key)); 101 return (key->key_proto); 102} 103 104unsigned int 105dst_key_alg(const dst_key_t *key) { 106 REQUIRE(VALID_KEY(key)); 107 return (key->key_alg); 108} 109 110isc_uint32_t 111dst_key_flags(const dst_key_t *key) { 112 REQUIRE(VALID_KEY(key)); 113 return (key->key_flags); 114} 115 116dns_keytag_t 117dst_key_id(const dst_key_t *key) { 118 REQUIRE(VALID_KEY(key)); 119 return (key->key_id); 120} 121 122dns_keytag_t 123dst_key_rid(const dst_key_t *key) { 124 REQUIRE(VALID_KEY(key)); 125 return (key->key_rid); 126} 127 128dns_rdataclass_t 129dst_key_class(const dst_key_t *key) { 130 REQUIRE(VALID_KEY(key)); 131 return (key->key_class); 132} 133 134isc_boolean_t 135dst_key_iszonekey(const dst_key_t *key) { 136 REQUIRE(VALID_KEY(key)); 137 138 if ((key->key_flags & DNS_KEYTYPE_NOAUTH) != 0) 139 return (ISC_FALSE); 140 if ((key->key_flags & DNS_KEYFLAG_OWNERMASK) != DNS_KEYOWNER_ZONE) 141 return (ISC_FALSE); 142 if (key->key_proto != DNS_KEYPROTO_DNSSEC && 143 key->key_proto != DNS_KEYPROTO_ANY) 144 return (ISC_FALSE); 145 return (ISC_TRUE); 146} 147 148isc_boolean_t 149dst_key_isnullkey(const dst_key_t *key) { 150 REQUIRE(VALID_KEY(key)); 151 152 if ((key->key_flags & DNS_KEYFLAG_TYPEMASK) != DNS_KEYTYPE_NOKEY) 153 return (ISC_FALSE); 154 if ((key->key_flags & DNS_KEYFLAG_OWNERMASK) != DNS_KEYOWNER_ZONE) 155 return (ISC_FALSE); 156 if (key->key_proto != DNS_KEYPROTO_DNSSEC && 157 key->key_proto != DNS_KEYPROTO_ANY) 158 return (ISC_FALSE); 159 return (ISC_TRUE); 160} 161 162void 163dst_key_setbits(dst_key_t *key, isc_uint16_t bits) { 164 unsigned int maxbits; 165 REQUIRE(VALID_KEY(key)); 166 if (bits != 0) { 167 RUNTIME_CHECK(dst_key_sigsize(key, &maxbits) == ISC_R_SUCCESS); 168 maxbits *= 8; 169 REQUIRE(bits <= maxbits); 170 } 171 key->key_bits = bits; 172} 173 174isc_uint16_t 175dst_key_getbits(const dst_key_t *key) { 176 REQUIRE(VALID_KEY(key)); 177 return (key->key_bits); 178} 179 180/*! \file */