OpenDNSSEC-signer  1.4.3
keys.c
Go to the documentation of this file.
1 /*
2  * $Id: keys.c 6376 2012-06-04 14:16:48Z matthijs $
3  *
4  * Copyright (c) 2009 NLNet Labs. All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  * notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  * notice, this list of conditions and the following disclaimer in the
13  * documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
17  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
19  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
21  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
22  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
23  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
24  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
25  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26  *
27  */
28 
34 #include "shared/file.h"
35 #include "shared/log.h"
36 #include "shared/util.h"
37 #include "signer/backup.h"
38 #include "signer/keys.h"
39 #include "signer/signconf.h"
40 
41 static const char* key_str = "keys";
42 
43 
49 keylist_create(void* sc)
50 {
51  signconf_type* signconf = (signconf_type*) sc;
52  keylist_type* kl = NULL;
53 
54  if (!signconf || !signconf->allocator) {
55  return NULL;
56  }
57  kl = (keylist_type*) allocator_alloc(signconf->allocator,
58  sizeof(keylist_type));
59  if (!kl) {
60  ods_log_error("[%s] create list failed: allocator_alloc() failed",
61  key_str);
62  return NULL;
63  }
64  kl->sc = sc;
65  kl->count = 0;
66  kl->keys = NULL;
67  return kl;
68 }
69 
70 
75 key_type*
76 keylist_lookup_by_locator(keylist_type* kl, const char* locator)
77 {
78  uint16_t i = 0;
79  if (!kl || !locator || kl->count <= 0) {
80  return NULL;
81  }
82  for (i=0; i < kl->count; i++) {
83  if (&kl->keys[i] && kl->keys[i].locator) {
84  if (ods_strcmp(kl->keys[i].locator, locator) == 0) {
85  return &kl->keys[i];
86  }
87  }
88  }
89  return NULL;
90 }
91 
92 
97 key_type*
99 {
100  uint16_t i = 0;
101  if (!kl || !dnskey || kl->count <= 0) {
102  return NULL;
103  }
104  for (i=0; i < kl->count; i++) {
105  if (&kl->keys[i] && kl->keys[i].dnskey) {
106  if (ldns_rr_compare(kl->keys[i].dnskey, dnskey) == 0) {
107  return &kl->keys[i];
108  }
109  }
110  }
111  return NULL;
112 }
113 
114 
119 key_type*
120 keylist_push(keylist_type* kl, const char* locator,
121  uint8_t algorithm, uint32_t flags, int publish, int ksk, int zsk)
122 {
123  key_type* keys_old = NULL;
124  signconf_type* sc = NULL;
125 
126  ods_log_assert(kl);
127  ods_log_assert(locator);
128  ods_log_debug("[%s] add locator %s", key_str, locator);
129 
130  sc = (signconf_type*) kl->sc;
131  keys_old = kl->keys;
132  kl->keys = (key_type*) allocator_alloc(sc->allocator,
133  (kl->count + 1) * sizeof(key_type));
134  if (!kl->keys) {
135  ods_fatal_exit("[%s] unable to add key: allocator_alloc() failed",
136  key_str);
137  }
138  if (keys_old) {
139  memcpy(kl->keys, keys_old, (kl->count) * sizeof(key_type));
140  }
141  allocator_deallocate(sc->allocator, (void*) keys_old);
142  kl->count++;
143  kl->keys[kl->count -1].locator = locator;
144  kl->keys[kl->count -1].algorithm = algorithm;
145  kl->keys[kl->count -1].flags = flags;
146  kl->keys[kl->count -1].publish = publish;
147  kl->keys[kl->count -1].ksk = ksk;
148  kl->keys[kl->count -1].zsk = zsk;
149  kl->keys[kl->count -1].dnskey = NULL;
150  kl->keys[kl->count -1].hsmkey = NULL;
151  kl->keys[kl->count -1].params = NULL;
152  return &kl->keys[kl->count -1];
153 }
154 
155 
160 static void
161 key_print(FILE* fd, key_type* key)
162 {
163  if (!fd || !key) {
164  return;
165  }
166  fprintf(fd, "\t\t\t<Key>\n");
167  fprintf(fd, "\t\t\t\t<Flags>%u</Flags>\n", key->flags);
168  fprintf(fd, "\t\t\t\t<Algorithm>%u</Algorithm>\n", key->algorithm);
169  if (key->locator) {
170  fprintf(fd, "\t\t\t\t<Locator>%s</Locator>\n", key->locator);
171  }
172  if (key->ksk) {
173  fprintf(fd, "\t\t\t\t<KSK />\n");
174  }
175  if (key->zsk) {
176  fprintf(fd, "\t\t\t\t<ZSK />\n");
177  }
178  if (key->publish) {
179  fprintf(fd, "\t\t\t\t<Publish />\n");
180  }
181  fprintf(fd, "\t\t\t</Key>\n");
182  fprintf(fd, "\n");
183  return;
184 }
185 
186 
191 static void
192 key_log(key_type* key, const char* name)
193 {
194  if (!key) {
195  return;
196  }
197  ods_log_debug("[%s] zone %s key: LOCATOR[%s] FLAGS[%u] ALGORITHM[%u] "
198  "KSK[%i] ZSK[%i] PUBLISH[%i]", key_str, name?name:"(null)", key->locator,
199  key->flags, key->algorithm, key->ksk, key->zsk, key->publish);
200  return;
201 }
202 
203 
208 void
210 {
211  uint16_t i = 0;
212  if (!fd || !kl || kl->count <= 0) {
213  return;
214  }
215  for (i=0; i < kl->count; i++) {
216  key_print(fd, &kl->keys[i]);
217  }
218  return;
219 }
220 
221 
226 void
227 keylist_log(keylist_type* kl, const char* name)
228 {
229  uint16_t i = 0;
230  if (!kl || kl->count <= 0) {
231  return;
232  }
233  for (i=0; i < kl->count; i++) {
234  key_log(&kl->keys[i], name);
235  }
236  return;
237 }
238 
239 
244 static void
245 key_delfunc(key_type* key)
246 {
247  if (!key) {
248  return;
249  }
250  /* ldns_rr_free(key->dnskey); */
251  hsm_key_free(key->hsmkey);
252  hsm_sign_params_free(key->params);
253  free((void*) key->locator);
254  return;
255 }
256 
257 
262 void
264 {
265  uint16_t i = 0;
266  signconf_type* sc = NULL;
267  if (!kl) {
268  return;
269  }
270  for (i=0; i < kl->count; i++) {
271  key_delfunc(&kl->keys[i]);
272  }
273  sc = (signconf_type*) kl->sc;
274  allocator_deallocate(sc->allocator, (void*) kl->keys);
275  allocator_deallocate(sc->allocator, (void*) kl);
276 }
277 
278 
283 static void
284 key_backup(FILE* fd, key_type* key, const char* version)
285 {
286  if (!fd || !key) {
287  return;
288  }
289  fprintf(fd, ";;Key: locator %s algorithm %u flags %u publish %i ksk %i "
290  "zsk %i\n", key->locator, (unsigned) key->algorithm,
291  (unsigned) key->flags, key->publish, key->ksk, key->zsk);
292  if (strcmp(version, ODS_SE_FILE_MAGIC_V2) == 0) {
293  if (key->dnskey) {
294  (void)util_rr_print(fd, key->dnskey);
295  }
296  fprintf(fd, ";;Keydone\n");
297  }
298  return;
299 }
300 
301 
306 key_type*
308 {
309  const char* locator = NULL;
310  uint8_t algorithm = 0;
311  uint32_t flags = 0;
312  int publish = 0;
313  int ksk = 0;
314  int zsk = 0;
315 
316  ods_log_assert(fd);
317 
318  if (!backup_read_check_str(fd, "locator") ||
319  !backup_read_str(fd, &locator) ||
320  !backup_read_check_str(fd, "algorithm") ||
321  !backup_read_uint8_t(fd, &algorithm) ||
322  !backup_read_check_str(fd, "flags") ||
323  !backup_read_uint32_t(fd, &flags) ||
324  !backup_read_check_str(fd, "publish") ||
325  !backup_read_int(fd, &publish) ||
326  !backup_read_check_str(fd, "ksk") ||
327  !backup_read_int(fd, &ksk) ||
328  !backup_read_check_str(fd, "zsk") ||
329  !backup_read_int(fd, &zsk)) {
330  if (locator) {
331  free((void*)locator);
332  locator = NULL;
333  }
334  return NULL;
335  }
336  /* key ok */
337  return keylist_push(kl, locator, algorithm, flags, publish, ksk, zsk);
338 }
339 
340 
345 void
346 keylist_backup(FILE* fd, keylist_type* kl, const char* version)
347 {
348  uint16_t i = 0;
349  if (!fd || !kl || kl->count <= 0) {
350  return;
351  }
352  for (i=0; i < kl->count; i++) {
353  key_backup(fd, &kl->keys[i], version);
354  }
355  return;
356 }
void keylist_cleanup(keylist_type *kl)
Definition: keys.c:263
int backup_read_str(FILE *in, const char **str)
Definition: backup.c:99
int publish
Definition: keys.h:63
int zsk
Definition: keys.h:65
void keylist_log(keylist_type *kl, const char *name)
Definition: keys.c:227
key_type * keylist_lookup_by_locator(keylist_type *kl, const char *locator)
Definition: keys.c:76
int backup_read_uint8_t(FILE *in, uint8_t *v)
Definition: backup.c:201
void ods_log_debug(const char *format,...)
Definition: log.c:272
ldns_rr * dnskey
Definition: keys.h:57
void * allocator_alloc(allocator_type *allocator, size_t size)
Definition: allocator.c:68
void ods_fatal_exit(const char *format,...)
Definition: log.c:384
void ods_log_error(const char *format,...)
Definition: log.c:336
void keylist_print(FILE *fd, keylist_type *kl)
Definition: keys.c:209
int ods_strcmp(const char *s1, const char *s2)
Definition: file.c:317
int backup_read_int(FILE *in, int *v)
Definition: backup.c:167
ods_status util_rr_print(FILE *fd, const ldns_rr *rr)
Definition: util.c:380
const char * locator
Definition: keys.h:60
key_type * keys
Definition: keys.h:75
keylist_type * keylist_create(void *sc)
Definition: keys.c:49
size_t count
Definition: keys.h:76
allocator_type * allocator
Definition: signconf.h:55
void * sc
Definition: keys.h:74
int ksk
Definition: keys.h:64
uint8_t algorithm
Definition: keys.h:61
int backup_read_check_str(FILE *in, const char *str)
Definition: backup.c:79
hsm_sign_params_t * params
Definition: keys.h:59
key_type * keylist_lookup_by_dnskey(keylist_type *kl, ldns_rr *dnskey)
Definition: keys.c:98
void allocator_deallocate(allocator_type *allocator, void *data)
Definition: allocator.c:137
key_type * keylist_push(keylist_type *kl, const char *locator, uint8_t algorithm, uint32_t flags, int publish, int ksk, int zsk)
Definition: keys.c:120
#define ods_log_assert(x)
Definition: log.h:156
uint32_t flags
Definition: keys.h:62
key_type * key_recover2(FILE *fd, keylist_type *kl)
Definition: keys.c:307
void keylist_backup(FILE *fd, keylist_type *kl, const char *version)
Definition: keys.c:346
hsm_key_t * hsmkey
Definition: keys.h:58
int backup_read_uint32_t(FILE *in, uint32_t *v)
Definition: backup.c:235