<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head><meta http-equiv="Content-Type"
content="text/html;charset=iso-8859-1">
<title>ldns documentation</title>
<link href="doxygen.css" rel="stylesheet" type="text/css">
<link href="tabs.css" rel="stylesheet" type="text/css">
</head><body>
<div class="logo">
<img src="LogoInGradientBar2-y100.png"/>
</div>
<!-- Generated by Doxygen 1.7.4 -->
<div id="navrow1" class="tabs">
<ul class="tablist">
<li><a href="index.html"><span>Main Page</span></a></li>
<li><a href="pages.html"><span>Related Pages</span></a></li>
<li><a href="annotated.html"><span>Data Structures</span></a></li>
<li class="current"><a href="files.html"><span>Files</span></a></li>
<li><a href="dirs.html"><span>Directories</span></a></li>
</ul>
</div>
<div id="navrow2" class="tabs2">
<ul class="tablist">
<li><a href="files.html"><span>File List</span></a></li>
<li><a href="globals.html"><span>Globals</span></a></li>
</ul>
</div>
<div class="header">
<div class="headertitle">
<div class="title">keys.c</div> </div>
</div>
<div class="contents">
<a href="keys_8c.html">Go to the documentation of this file.</a><div class="fragment"><pre class="fragment"><a name="l00001"></a>00001 <span class="comment">/*</span>
<a name="l00002"></a>00002 <span class="comment"> * keys.c handle private keys for use in DNSSEC</span>
<a name="l00003"></a>00003 <span class="comment"> *</span>
<a name="l00004"></a>00004 <span class="comment"> * This module should hide some of the openSSL complexities</span>
<a name="l00005"></a>00005 <span class="comment"> * and give a general interface for private keys and hmac</span>
<a name="l00006"></a>00006 <span class="comment"> * handling</span>
<a name="l00007"></a>00007 <span class="comment"> *</span>
<a name="l00008"></a>00008 <span class="comment"> * (c) NLnet Labs, 2004-2006</span>
<a name="l00009"></a>00009 <span class="comment"> *</span>
<a name="l00010"></a>00010 <span class="comment"> * See the file LICENSE for the license</span>
<a name="l00011"></a>00011 <span class="comment"> */</span>
<a name="l00012"></a>00012
<a name="l00013"></a>00013 <span class="preprocessor">#include <<a class="code" href="ldns_2config_8h.html">ldns/config.h</a>></span>
<a name="l00014"></a>00014
<a name="l00015"></a>00015 <span class="preprocessor">#include <<a class="code" href="ldns_8h.html" title="Including this file will include all ldns files, and define some lookup tables.">ldns/ldns.h</a>></span>
<a name="l00016"></a>00016
<a name="l00017"></a>00017 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00018"></a>00018 <span class="preprocessor"></span><span class="preprocessor">#include <openssl/ssl.h></span>
<a name="l00019"></a>00019 <span class="preprocessor">#include <openssl/engine.h></span>
<a name="l00020"></a>00020 <span class="preprocessor">#include <openssl/rand.h></span>
<a name="l00021"></a>00021 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l00022"></a>00022
<a name="l00023"></a><a class="code" href="keys_8h.html#abe875964254b61807ec7953e478db5bf">00023</a> <a class="code" href="structldns__struct__lookup__table.html" title="A general purpose lookup table.">ldns_lookup_table</a> <a class="code" href="keys_8c.html#abe875964254b61807ec7953e478db5bf">ldns_signing_algorithms</a>[] = {
<a name="l00024"></a>00024 { <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a92e7ccac219c462f054e00c8e6c8321b">LDNS_SIGN_RSAMD5</a>, <span class="stringliteral">"RSAMD5"</span> },
<a name="l00025"></a>00025 { <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a062ab8c29c8f73b28bbb552597975dbc">LDNS_SIGN_RSASHA1</a>, <span class="stringliteral">"RSASHA1"</span> },
<a name="l00026"></a>00026 { <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a7a8b2b416cc65f7637108b6ba35cad69">LDNS_SIGN_RSASHA1_NSEC3</a>, <span class="stringliteral">"RSASHA1-NSEC3-SHA1"</span> },
<a name="l00027"></a>00027 <span class="preprocessor">#ifdef USE_SHA2</span>
<a name="l00028"></a>00028 <span class="preprocessor"></span> { <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a9f88342b4f9ce95700a72154b6d30269">LDNS_SIGN_RSASHA256</a>, <span class="stringliteral">"RSASHA256"</span> },
<a name="l00029"></a>00029 { <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a93fc09210171fbecee85ed84ebfc7dbd">LDNS_SIGN_RSASHA512</a>, <span class="stringliteral">"RSASHA512"</span> },
<a name="l00030"></a>00030 <span class="preprocessor">#endif</span>
<a name="l00031"></a>00031 <span class="preprocessor"></span><span class="preprocessor">#ifdef USE_GOST</span>
<a name="l00032"></a>00032 <span class="preprocessor"></span> { <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a2f5cc1330edd5c11be92509543402f98">LDNS_SIGN_ECC_GOST</a>, <span class="stringliteral">"ECC-GOST"</span> },
<a name="l00033"></a>00033 <span class="preprocessor">#endif</span>
<a name="l00034"></a>00034 <span class="preprocessor"></span><span class="preprocessor">#ifdef USE_ECDSA</span>
<a name="l00035"></a>00035 <span class="preprocessor"></span> { LDNS_SIGN_ECDSAP256SHA256, <span class="stringliteral">"ECDSAP256SHA256"</span> },
<a name="l00036"></a>00036 { LDNS_SIGN_ECDSAP384SHA384, <span class="stringliteral">"ECDSAP384SHA384"</span> },
<a name="l00037"></a>00037 <span class="preprocessor">#endif</span>
<a name="l00038"></a>00038 <span class="preprocessor"></span> { <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a98ae68498fea31062b1d03a861846aa5">LDNS_SIGN_DSA</a>, <span class="stringliteral">"DSA"</span> },
<a name="l00039"></a>00039 { <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a28624a25c45025703d05de9984c4ee4a">LDNS_SIGN_DSA_NSEC3</a>, <span class="stringliteral">"DSA-NSEC3-SHA1"</span> },
<a name="l00040"></a>00040 { <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a90eafd9721029814659dce35a33cdede">LDNS_SIGN_HMACMD5</a>, <span class="stringliteral">"hmac-md5.sig-alg.reg.int"</span> },
<a name="l00041"></a>00041 { <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664ab4bb484126261b3e71183a0d7ae47404">LDNS_SIGN_HMACSHA1</a>, <span class="stringliteral">"hmac-sha1"</span> },
<a name="l00042"></a>00042 { <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664afec7895ef19516fe5304601d31d3f117">LDNS_SIGN_HMACSHA256</a>, <span class="stringliteral">"hmac-sha256"</span> },
<a name="l00043"></a>00043 { 0, NULL }
<a name="l00044"></a>00044 };
<a name="l00045"></a>00045
<a name="l00046"></a>00046 <a class="code" href="structldns__struct__key__list.html" title="Same as rr_list, but now for keys.">ldns_key_list</a> *
<a name="l00047"></a><a class="code" href="keys_8h.html#a311eb372cb3180df25cdef98751adb27">00047</a> <a class="code" href="keys_8c.html#a311eb372cb3180df25cdef98751adb27" title="Creates a new empty key list.">ldns_key_list_new</a>()
<a name="l00048"></a>00048 {
<a name="l00049"></a>00049 <a class="code" href="structldns__struct__key__list.html" title="Same as rr_list, but now for keys.">ldns_key_list</a> *key_list = <a class="code" href="util_8h.html#a828619b138fdeb9756cd3c874d0551c1" title="Memory management macros.">LDNS_MALLOC</a>(<a class="code" href="structldns__struct__key__list.html" title="Same as rr_list, but now for keys.">ldns_key_list</a>);
<a name="l00050"></a>00050 <span class="keywordflow">if</span> (!key_list) {
<a name="l00051"></a>00051 <span class="keywordflow">return</span> NULL;
<a name="l00052"></a>00052 } <span class="keywordflow">else</span> {
<a name="l00053"></a>00053 key_list-><a class="code" href="structldns__struct__key__list.html#a09bfe05a526c79151b5b3a1c83a907f0">_key_count</a> = 0;
<a name="l00054"></a>00054 key_list-><a class="code" href="structldns__struct__key__list.html#ae37a58c4445d1007a6514e3fe4e36320">_keys</a> = NULL;
<a name="l00055"></a>00055 <span class="keywordflow">return</span> key_list;
<a name="l00056"></a>00056 }
<a name="l00057"></a>00057 }
<a name="l00058"></a>00058
<a name="l00059"></a>00059 <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *
<a name="l00060"></a><a class="code" href="keys_8h.html#aa0f2535ad10be9b2938a67e8e8e3b6b6">00060</a> <a class="code" href="keys_8c.html#aa0f2535ad10be9b2938a67e8e8e3b6b6" title="Creates a new empty key structure.">ldns_key_new</a>()
<a name="l00061"></a>00061 {
<a name="l00062"></a>00062 <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *newkey;
<a name="l00063"></a>00063
<a name="l00064"></a>00064 newkey = <a class="code" href="util_8h.html#a828619b138fdeb9756cd3c874d0551c1" title="Memory management macros.">LDNS_MALLOC</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a>);
<a name="l00065"></a>00065 <span class="keywordflow">if</span> (!newkey) {
<a name="l00066"></a>00066 <span class="keywordflow">return</span> NULL;
<a name="l00067"></a>00067 } <span class="keywordflow">else</span> {
<a name="l00068"></a>00068 <span class="comment">/* some defaults - not sure wether to do this */</span>
<a name="l00069"></a>00069 <a class="code" href="keys_8c.html#a3b7792865c5af9fd4fbc53c04946be01" title="set the use flag">ldns_key_set_use</a>(newkey, <span class="keyword">true</span>);
<a name="l00070"></a>00070 <a class="code" href="keys_8c.html#aea3bc851574cf6ccc40d850deaea348f" title="Set the key's flags.">ldns_key_set_flags</a>(newkey, <a class="code" href="keys_8h.html#ad5f212d6a80316d427f4b068e849ff73">LDNS_KEY_ZONE_KEY</a>);
<a name="l00071"></a>00071 <a class="code" href="keys_8c.html#a8d14084f74652791362a77846546bcc8" title="Set the key's original ttl.">ldns_key_set_origttl</a>(newkey, 0);
<a name="l00072"></a>00072 <a class="code" href="keys_8c.html#a9bdf435dfcf6a6a603c3284054a8126c" title="Set the key's key tag.">ldns_key_set_keytag</a>(newkey, 0);
<a name="l00073"></a>00073 <a class="code" href="keys_8c.html#af1521b6b3c0e84a629d09bf237f40308" title="Set the key's inception date (seconds after epoch)">ldns_key_set_inception</a>(newkey, 0);
<a name="l00074"></a>00074 <a class="code" href="keys_8c.html#a25f9483844dbd83abca56d725923c591" title="Set the key's expiration date (seconds after epoch)">ldns_key_set_expiration</a>(newkey, 0);
<a name="l00075"></a>00075 <a class="code" href="keys_8c.html#a4c0b77f2579a2a6ce4355aa29de237e5" title="Set the key's pubkey owner.">ldns_key_set_pubkey_owner</a>(newkey, NULL);
<a name="l00076"></a>00076 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00077"></a>00077 <span class="preprocessor"></span> <a class="code" href="keys_8c.html#a92165f884e17f7c067a185442085a5aa" title="Set the key's evp key.">ldns_key_set_evp_key</a>(newkey, NULL);
<a name="l00078"></a>00078 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l00079"></a>00079 <a class="code" href="keys_8c.html#a385ccd045bc926c760dad28dc35dfaaf" title="Set the key's hmac data.">ldns_key_set_hmac_key</a>(newkey, NULL);
<a name="l00080"></a>00080 <a class="code" href="keys_8c.html#a23e41ca680c1bfe71c1fbe74a5b58c3b" title="Set the key id data.">ldns_key_set_external_key</a>(newkey, NULL);
<a name="l00081"></a>00081 <span class="keywordflow">return</span> newkey;
<a name="l00082"></a>00082 }
<a name="l00083"></a>00083 }
<a name="l00084"></a>00084
<a name="l00085"></a>00085 <a class="code" href="error_8h.html#aaa6d98f86f535cf87b83b89e91f488f9">ldns_status</a>
<a name="l00086"></a><a class="code" href="keys_8h.html#a2c1d9ee3695140309e818e3ce16d637f">00086</a> <a class="code" href="keys_8c.html#a2c1d9ee3695140309e818e3ce16d637f" title="Creates a new priv key based on the contents of the file pointed by fp.">ldns_key_new_frm_fp</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> **k, FILE *fp)
<a name="l00087"></a>00087 {
<a name="l00088"></a>00088 <span class="keywordflow">return</span> <a class="code" href="keys_8c.html#a0197f9dd65bae3a3cb408c19683d3db8" title="Creates a new private key based on the contents of the file pointed by fp.">ldns_key_new_frm_fp_l</a>(k, fp, NULL);
<a name="l00089"></a>00089 }
<a name="l00090"></a>00090
<a name="l00091"></a>00091 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00092"></a>00092 <span class="preprocessor"></span><a class="code" href="error_8h.html#aaa6d98f86f535cf87b83b89e91f488f9">ldns_status</a>
<a name="l00093"></a><a class="code" href="keys_8h.html#a4694b667ba30243da292de1bde7899c9">00093</a> <a class="code" href="keys_8c.html#ac73013d7e683e0b4d8e9a32c3036da44" title="Read the key with the given id from the given engine and store it in the given ldns_key structure...">ldns_key_new_frm_engine</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> **key, ENGINE *e, <span class="keywordtype">char</span> *key_id, <a class="code" href="keys_8h.html#af4bde8238e05b183cf373f49639a3e58">ldns_algorithm</a> alg)
<a name="l00094"></a>00094 {
<a name="l00095"></a>00095 <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k;
<a name="l00096"></a>00096
<a name="l00097"></a>00097 k = <a class="code" href="keys_8c.html#aa0f2535ad10be9b2938a67e8e8e3b6b6" title="Creates a new empty key structure.">ldns_key_new</a>();
<a name="l00098"></a>00098 <span class="keywordflow">if</span>(!k) <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa81e80e66a14551db514726fa49290498">LDNS_STATUS_MEM_ERR</a>;
<a name="l00099"></a>00099 <span class="preprocessor">#ifndef S_SPLINT_S</span>
<a name="l00100"></a>00100 <span class="preprocessor"></span> k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a> = ENGINE_load_private_key(e, key_id, UI_OpenSSL(), NULL);
<a name="l00101"></a>00101 <span class="keywordflow">if</span>(!k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a>) {
<a name="l00102"></a>00102 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00103"></a>00103 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa804a996d5f13cda0806bf1d54114d2ca">LDNS_STATUS_ERR</a>;
<a name="l00104"></a>00104 }
<a name="l00105"></a>00105 <a class="code" href="keys_8c.html#ae27c72580b947a8ae330a5753cf4c220" title="Set the key's algorithm.">ldns_key_set_algorithm</a>(k, (<a class="code" href="keys_8h.html#a760c6c6be2337ff27f2dcf5d3253549a">ldns_signing_algorithm</a>) alg);
<a name="l00106"></a>00106 <span class="keywordflow">if</span> (!k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a>) {
<a name="l00107"></a>00107 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00108"></a>00108 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa1d186fa69b3fb1fabdea4b3f77c955c9">LDNS_STATUS_ENGINE_KEY_NOT_LOADED</a>;
<a name="l00109"></a>00109 }
<a name="l00110"></a>00110 <span class="preprocessor">#endif </span><span class="comment">/* splint */</span>
<a name="l00111"></a>00111 *key = k;
<a name="l00112"></a>00112 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afac58492ee3fc8d23f33c79824ed08c465">LDNS_STATUS_OK</a>;
<a name="l00113"></a>00113 }
<a name="l00114"></a>00114 <span class="preprocessor">#endif</span>
<a name="l00115"></a>00115 <span class="preprocessor"></span>
<a name="l00116"></a>00116 <span class="preprocessor">#ifdef USE_GOST</span>
<a name="l00117"></a>00117 <span class="preprocessor"></span>
<a name="l00118"></a>00118 ENGINE* ldns_gost_engine = NULL;
<a name="l00119"></a>00119
<a name="l00120"></a>00120 <span class="keywordtype">int</span>
<a name="l00121"></a>00121 <a class="code" href="keys_8h.html#a631eb1d2915d9c72cd12a0e44a549f45" title="Get the PKEY id for GOST, loads GOST into openssl as a side effect.">ldns_key_EVP_load_gost_id</a>(<span class="keywordtype">void</span>)
<a name="l00122"></a>00122 {
<a name="l00123"></a>00123 <span class="keyword">static</span> <span class="keywordtype">int</span> gost_id = 0;
<a name="l00124"></a>00124 <span class="keyword">const</span> EVP_PKEY_ASN1_METHOD* meth;
<a name="l00125"></a>00125 ENGINE* e;
<a name="l00126"></a>00126
<a name="l00127"></a>00127 <span class="keywordflow">if</span>(gost_id) <span class="keywordflow">return</span> gost_id;
<a name="l00128"></a>00128
<a name="l00129"></a>00129 <span class="comment">/* see if configuration loaded gost implementation from other engine*/</span>
<a name="l00130"></a>00130 meth = EVP_PKEY_asn1_find_str(NULL, <span class="stringliteral">"gost2001"</span>, -1);
<a name="l00131"></a>00131 <span class="keywordflow">if</span>(meth) {
<a name="l00132"></a>00132 EVP_PKEY_asn1_get0_info(&gost_id, NULL, NULL, NULL, NULL, meth);
<a name="l00133"></a>00133 <span class="keywordflow">return</span> gost_id;
<a name="l00134"></a>00134 }
<a name="l00135"></a>00135
<a name="l00136"></a>00136 <span class="comment">/* see if engine can be loaded already */</span>
<a name="l00137"></a>00137 e = ENGINE_by_id(<span class="stringliteral">"gost"</span>);
<a name="l00138"></a>00138 <span class="keywordflow">if</span>(!e) {
<a name="l00139"></a>00139 <span class="comment">/* load it ourself, in case statically linked */</span>
<a name="l00140"></a>00140 ENGINE_load_builtin_engines();
<a name="l00141"></a>00141 ENGINE_load_dynamic();
<a name="l00142"></a>00142 e = ENGINE_by_id(<span class="stringliteral">"gost"</span>);
<a name="l00143"></a>00143 }
<a name="l00144"></a>00144 <span class="keywordflow">if</span>(!e) {
<a name="l00145"></a>00145 <span class="comment">/* no gost engine in openssl */</span>
<a name="l00146"></a>00146 <span class="keywordflow">return</span> 0;
<a name="l00147"></a>00147 }
<a name="l00148"></a>00148 <span class="keywordflow">if</span>(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
<a name="l00149"></a>00149 ENGINE_finish(e);
<a name="l00150"></a>00150 ENGINE_free(e);
<a name="l00151"></a>00151 <span class="keywordflow">return</span> 0;
<a name="l00152"></a>00152 }
<a name="l00153"></a>00153
<a name="l00154"></a>00154 meth = EVP_PKEY_asn1_find_str(&e, <span class="stringliteral">"gost2001"</span>, -1);
<a name="l00155"></a>00155 <span class="keywordflow">if</span>(!meth) {
<a name="l00156"></a>00156 <span class="comment">/* algo not found */</span>
<a name="l00157"></a>00157 ENGINE_finish(e);
<a name="l00158"></a>00158 ENGINE_free(e);
<a name="l00159"></a>00159 <span class="keywordflow">return</span> 0;
<a name="l00160"></a>00160 }
<a name="l00161"></a>00161 <span class="comment">/* Note: do not ENGINE_finish and ENGINE_free the acquired engine</span>
<a name="l00162"></a>00162 <span class="comment"> * on some platforms this frees up the meth and unloads gost stuff */</span>
<a name="l00163"></a>00163 ldns_gost_engine = e;
<a name="l00164"></a>00164
<a name="l00165"></a>00165 EVP_PKEY_asn1_get0_info(&gost_id, NULL, NULL, NULL, NULL, meth);
<a name="l00166"></a>00166 <span class="keywordflow">return</span> gost_id;
<a name="l00167"></a>00167 }
<a name="l00168"></a>00168
<a name="l00169"></a>00169 <span class="keywordtype">void</span> <a class="code" href="keys_8h.html#a52726afb8fc5290a6fecbd412eed49f2" title="Release the engine reference held for the GOST engine.">ldns_key_EVP_unload_gost</a>(<span class="keywordtype">void</span>)
<a name="l00170"></a>00170 {
<a name="l00171"></a>00171 <span class="keywordflow">if</span>(ldns_gost_engine) {
<a name="l00172"></a>00172 ENGINE_finish(ldns_gost_engine);
<a name="l00173"></a>00173 ENGINE_free(ldns_gost_engine);
<a name="l00174"></a>00174 ldns_gost_engine = NULL;
<a name="l00175"></a>00175 }
<a name="l00176"></a>00176 }
<a name="l00177"></a>00177
<a name="l00179"></a>00179 <span class="keyword">static</span> EVP_PKEY*
<a name="l00180"></a>00180 ldns_key_new_frm_fp_gost_l(FILE* fp, <span class="keywordtype">int</span>* line_nr)
<a name="l00181"></a>00181 {
<a name="l00182"></a>00182 <span class="keywordtype">char</span> token[16384];
<a name="l00183"></a>00183 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span>* pp;
<a name="l00184"></a>00184 <span class="keywordtype">int</span> gost_id;
<a name="l00185"></a>00185 EVP_PKEY* pkey;
<a name="l00186"></a>00186 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a>* b64rdf = NULL;
<a name="l00187"></a>00187
<a name="l00188"></a>00188 gost_id = <a class="code" href="keys_8h.html#a631eb1d2915d9c72cd12a0e44a549f45" title="Get the PKEY id for GOST, loads GOST into openssl as a side effect.">ldns_key_EVP_load_gost_id</a>();
<a name="l00189"></a>00189 <span class="keywordflow">if</span>(!gost_id)
<a name="l00190"></a>00190 <span class="keywordflow">return</span> NULL;
<a name="l00191"></a>00191
<a name="l00192"></a>00192 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(fp, <span class="stringliteral">"GostAsn1"</span>, <span class="stringliteral">": "</span>, token, <span class="stringliteral">"\n"</span>,
<a name="l00193"></a>00193 <span class="keyword">sizeof</span>(token), line_nr) == -1)
<a name="l00194"></a>00194 <span class="keywordflow">return</span> NULL;
<a name="l00195"></a>00195 <span class="keywordflow">while</span>(strlen(token) < 96) {
<a name="l00196"></a>00196 <span class="comment">/* read more b64 from the file, b64 split on multiple lines */</span>
<a name="l00197"></a>00197 <span class="keywordflow">if</span>(<a class="code" href="parse_8c.html#a0871ab9743d5418ca159ca3e02cef1d7" title="returns a token/char from the stream F.">ldns_fget_token_l</a>(fp, token+strlen(token), <span class="stringliteral">"\n"</span>,
<a name="l00198"></a>00198 <span class="keyword">sizeof</span>(token)-strlen(token), line_nr) == -1)
<a name="l00199"></a>00199 <span class="keywordflow">return</span> NULL;
<a name="l00200"></a>00200 }
<a name="l00201"></a>00201 <span class="keywordflow">if</span>(<a class="code" href="str2host_8c.html#ad4fa165028582d9bf157ac86eb609432" title="convert the string with the b64 data into wireformat">ldns_str2rdf_b64</a>(&b64rdf, token) != <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afac58492ee3fc8d23f33c79824ed08c465">LDNS_STATUS_OK</a>)
<a name="l00202"></a>00202 <span class="keywordflow">return</span> NULL;
<a name="l00203"></a>00203 pp = (<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span>*)<a class="code" href="rdata_8c.html#adc126e8f5417a3c1049242f93fde3602" title="returns the data of the rdf.">ldns_rdf_data</a>(b64rdf);
<a name="l00204"></a>00204 pkey = d2i_PrivateKey(gost_id, NULL, &pp, (<span class="keywordtype">int</span>)<a class="code" href="rdata_8c.html#acccb19af8b71b0c8d341d17946b46e8b" title="returns the size of the rdf.">ldns_rdf_size</a>(b64rdf));
<a name="l00205"></a>00205 <a class="code" href="rdata_8c.html#a47cb2779f76f2f6561ff8ede8e41afec" title="frees a rdf structure _and_ frees the data.">ldns_rdf_deep_free</a>(b64rdf);
<a name="l00206"></a>00206 <span class="keywordflow">return</span> pkey;
<a name="l00207"></a>00207 }
<a name="l00208"></a>00208 <span class="preprocessor">#endif</span>
<a name="l00209"></a>00209 <span class="preprocessor"></span>
<a name="l00210"></a>00210 <span class="preprocessor">#ifdef USE_ECDSA</span>
<a name="l00211"></a>00211 <span class="preprocessor"></span>
<a name="l00212"></a>00212 <span class="keyword">static</span> <span class="keywordtype">int</span>
<a name="l00213"></a>00213 ldns_EC_KEY_calc_public(EC_KEY* ec)
<a name="l00214"></a>00214 {
<a name="l00215"></a>00215 EC_POINT* pub_key;
<a name="l00216"></a>00216 <span class="keyword">const</span> EC_GROUP* group;
<a name="l00217"></a>00217 group = EC_KEY_get0_group(ec);
<a name="l00218"></a>00218 pub_key = EC_POINT_new(group);
<a name="l00219"></a>00219 <span class="keywordflow">if</span>(!pub_key) <span class="keywordflow">return</span> 0;
<a name="l00220"></a>00220 <span class="keywordflow">if</span>(!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) {
<a name="l00221"></a>00221 EC_POINT_free(pub_key);
<a name="l00222"></a>00222 <span class="keywordflow">return</span> 0;
<a name="l00223"></a>00223 }
<a name="l00224"></a>00224 <span class="keywordflow">if</span>(!EC_POINT_mul(group, pub_key, EC_KEY_get0_private_key(ec),
<a name="l00225"></a>00225 NULL, NULL, NULL)) {
<a name="l00226"></a>00226 EC_POINT_free(pub_key);
<a name="l00227"></a>00227 <span class="keywordflow">return</span> 0;
<a name="l00228"></a>00228 }
<a name="l00229"></a>00229 <span class="keywordflow">if</span>(EC_KEY_set_public_key(ec, pub_key) == 0) {
<a name="l00230"></a>00230 EC_POINT_free(pub_key);
<a name="l00231"></a>00231 <span class="keywordflow">return</span> 0;
<a name="l00232"></a>00232 }
<a name="l00233"></a>00233 EC_POINT_free(pub_key);
<a name="l00234"></a>00234 <span class="keywordflow">return</span> 1;
<a name="l00235"></a>00235 }
<a name="l00236"></a>00236
<a name="l00238"></a>00238 <span class="keyword">static</span> EVP_PKEY*
<a name="l00239"></a>00239 ldns_key_new_frm_fp_ecdsa_l(FILE* fp, <a class="code" href="keys_8h.html#af4bde8238e05b183cf373f49639a3e58">ldns_algorithm</a> alg, <span class="keywordtype">int</span>* line_nr)
<a name="l00240"></a>00240 {
<a name="l00241"></a>00241 <span class="keywordtype">char</span> token[16384];
<a name="l00242"></a>00242 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a>* b64rdf = NULL;
<a name="l00243"></a>00243 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span>* pp;
<a name="l00244"></a>00244 BIGNUM* bn;
<a name="l00245"></a>00245 EVP_PKEY* evp_key;
<a name="l00246"></a>00246 EC_KEY* ec;
<a name="l00247"></a>00247 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(fp, <span class="stringliteral">"PrivateKey"</span>, <span class="stringliteral">": "</span>, token, <span class="stringliteral">"\n"</span>,
<a name="l00248"></a>00248 <span class="keyword">sizeof</span>(token), line_nr) == -1)
<a name="l00249"></a>00249 <span class="keywordflow">return</span> NULL;
<a name="l00250"></a>00250 <span class="keywordflow">if</span>(<a class="code" href="str2host_8c.html#ad4fa165028582d9bf157ac86eb609432" title="convert the string with the b64 data into wireformat">ldns_str2rdf_b64</a>(&b64rdf, token) != <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afac58492ee3fc8d23f33c79824ed08c465">LDNS_STATUS_OK</a>)
<a name="l00251"></a>00251 <span class="keywordflow">return</span> NULL;
<a name="l00252"></a>00252 pp = (<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span>*)<a class="code" href="rdata_8c.html#adc126e8f5417a3c1049242f93fde3602" title="returns the data of the rdf.">ldns_rdf_data</a>(b64rdf);
<a name="l00253"></a>00253
<a name="l00254"></a>00254 <span class="keywordflow">if</span>(alg == LDNS_ECDSAP256SHA256)
<a name="l00255"></a>00255 ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
<a name="l00256"></a>00256 <span class="keywordflow">else</span> <span class="keywordflow">if</span>(alg == LDNS_ECDSAP384SHA384)
<a name="l00257"></a>00257 ec = EC_KEY_new_by_curve_name(NID_secp384r1);
<a name="l00258"></a>00258 <span class="keywordflow">else</span> ec = NULL;
<a name="l00259"></a>00259 <span class="keywordflow">if</span>(!ec) {
<a name="l00260"></a>00260 <a class="code" href="rdata_8c.html#a47cb2779f76f2f6561ff8ede8e41afec" title="frees a rdf structure _and_ frees the data.">ldns_rdf_deep_free</a>(b64rdf);
<a name="l00261"></a>00261 <span class="keywordflow">return</span> NULL;
<a name="l00262"></a>00262 }
<a name="l00263"></a>00263 bn = BN_bin2bn(pp, (<span class="keywordtype">int</span>)<a class="code" href="rdata_8c.html#acccb19af8b71b0c8d341d17946b46e8b" title="returns the size of the rdf.">ldns_rdf_size</a>(b64rdf), NULL);
<a name="l00264"></a>00264 <a class="code" href="rdata_8c.html#a47cb2779f76f2f6561ff8ede8e41afec" title="frees a rdf structure _and_ frees the data.">ldns_rdf_deep_free</a>(b64rdf);
<a name="l00265"></a>00265 <span class="keywordflow">if</span>(!bn) {
<a name="l00266"></a>00266 EC_KEY_free(ec);
<a name="l00267"></a>00267 <span class="keywordflow">return</span> NULL;
<a name="l00268"></a>00268 }
<a name="l00269"></a>00269 EC_KEY_set_private_key(ec, bn);
<a name="l00270"></a>00270 BN_free(bn);
<a name="l00271"></a>00271 <span class="keywordflow">if</span>(!ldns_EC_KEY_calc_public(ec)) {
<a name="l00272"></a>00272 EC_KEY_free(ec);
<a name="l00273"></a>00273 <span class="keywordflow">return</span> NULL;
<a name="l00274"></a>00274 }
<a name="l00275"></a>00275
<a name="l00276"></a>00276 evp_key = EVP_PKEY_new();
<a name="l00277"></a>00277 <span class="keywordflow">if</span>(!evp_key) {
<a name="l00278"></a>00278 EC_KEY_free(ec);
<a name="l00279"></a>00279 <span class="keywordflow">return</span> NULL;
<a name="l00280"></a>00280 }
<a name="l00281"></a>00281 <span class="keywordflow">if</span> (!EVP_PKEY_assign_EC_KEY(evp_key, ec)) {
<a name="l00282"></a>00282 EVP_PKEY_free(evp_key);
<a name="l00283"></a>00283 EC_KEY_free(ec);
<a name="l00284"></a>00284 <span class="keywordflow">return</span> NULL;
<a name="l00285"></a>00285 }
<a name="l00286"></a>00286 <span class="keywordflow">return</span> evp_key;
<a name="l00287"></a>00287 }
<a name="l00288"></a>00288 <span class="preprocessor">#endif</span>
<a name="l00289"></a>00289 <span class="preprocessor"></span>
<a name="l00290"></a>00290 <a class="code" href="error_8h.html#aaa6d98f86f535cf87b83b89e91f488f9">ldns_status</a>
<a name="l00291"></a><a class="code" href="keys_8h.html#a2408a3a0c2285ac202b985f3878bf9a5">00291</a> <a class="code" href="keys_8c.html#a0197f9dd65bae3a3cb408c19683d3db8" title="Creates a new private key based on the contents of the file pointed by fp.">ldns_key_new_frm_fp_l</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> **key, FILE *fp, <span class="keywordtype">int</span> *line_nr)
<a name="l00292"></a>00292 {
<a name="l00293"></a>00293 <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k;
<a name="l00294"></a>00294 <span class="keywordtype">char</span> *d;
<a name="l00295"></a>00295 <a class="code" href="keys_8h.html#a760c6c6be2337ff27f2dcf5d3253549a">ldns_signing_algorithm</a> alg;
<a name="l00296"></a>00296 <a class="code" href="structldns__struct__rr.html" title="Resource Record.">ldns_rr</a> *key_rr;
<a name="l00297"></a>00297 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00298"></a>00298 <span class="preprocessor"></span> RSA *rsa;
<a name="l00299"></a>00299 DSA *dsa;
<a name="l00300"></a>00300 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *hmac;
<a name="l00301"></a>00301 <span class="keywordtype">size_t</span> hmac_size;
<a name="l00302"></a>00302 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l00303"></a>00303
<a name="l00304"></a>00304 k = <a class="code" href="keys_8c.html#aa0f2535ad10be9b2938a67e8e8e3b6b6" title="Creates a new empty key structure.">ldns_key_new</a>();
<a name="l00305"></a>00305
<a name="l00306"></a>00306 d = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(<span class="keywordtype">char</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>);
<a name="l00307"></a>00307 <span class="keywordflow">if</span> (!k || !d) {
<a name="l00308"></a>00308 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00309"></a>00309 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(d);
<a name="l00310"></a>00310 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa81e80e66a14551db514726fa49290498">LDNS_STATUS_MEM_ERR</a>;
<a name="l00311"></a>00311 }
<a name="l00312"></a>00312
<a name="l00313"></a>00313 alg = 0;
<a name="l00314"></a>00314
<a name="l00315"></a>00315 <span class="comment">/* the file is highly structured. Do this in sequence */</span>
<a name="l00316"></a>00316 <span class="comment">/* RSA:</span>
<a name="l00317"></a>00317 <span class="comment"> * Private-key-format: v1.x.</span>
<a name="l00318"></a>00318 <span class="comment"> * Algorithm: 1 (RSA)</span>
<a name="l00319"></a>00319 <span class="comment"></span>
<a name="l00320"></a>00320 <span class="comment"> */</span>
<a name="l00321"></a>00321 <span class="comment">/* get the key format version number */</span>
<a name="l00322"></a>00322 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(fp, <span class="stringliteral">"Private-key-format"</span>, <span class="stringliteral">": "</span>, d, <span class="stringliteral">"\n"</span>,
<a name="l00323"></a>00323 <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>, line_nr) == -1) {
<a name="l00324"></a>00324 <span class="comment">/* no version information */</span>
<a name="l00325"></a>00325 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00326"></a>00326 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(d);
<a name="l00327"></a>00327 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa490d1b376ded8a2368dc5548da8f2a04">LDNS_STATUS_SYNTAX_ERR</a>;
<a name="l00328"></a>00328 }
<a name="l00329"></a>00329 <span class="keywordflow">if</span> (strncmp(d, <span class="stringliteral">"v1."</span>, 3) != 0) {
<a name="l00330"></a>00330 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00331"></a>00331 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(d);
<a name="l00332"></a>00332 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa16417d182c163e350b9cc391f0df34c0">LDNS_STATUS_SYNTAX_VERSION_ERR</a>;
<a name="l00333"></a>00333 }
<a name="l00334"></a>00334
<a name="l00335"></a>00335 <span class="comment">/* get the algorithm type, our file function strip ( ) so there are</span>
<a name="l00336"></a>00336 <span class="comment"> * not in the return string! */</span>
<a name="l00337"></a>00337 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(fp, <span class="stringliteral">"Algorithm"</span>, <span class="stringliteral">": "</span>, d, <span class="stringliteral">"\n"</span>,
<a name="l00338"></a>00338 <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>, line_nr) == -1) {
<a name="l00339"></a>00339 <span class="comment">/* no alg information */</span>
<a name="l00340"></a>00340 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00341"></a>00341 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(d);
<a name="l00342"></a>00342 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afacca94a9a1411f1c6bb41c800d69a38e0">LDNS_STATUS_SYNTAX_ALG_ERR</a>;
<a name="l00343"></a>00343 }
<a name="l00344"></a>00344
<a name="l00345"></a>00345 <span class="keywordflow">if</span> (strncmp(d, <span class="stringliteral">"1 RSA"</span>, 2) == 0) {
<a name="l00346"></a>00346 alg = <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a92e7ccac219c462f054e00c8e6c8321b">LDNS_SIGN_RSAMD5</a>;
<a name="l00347"></a>00347 }
<a name="l00348"></a>00348 <span class="keywordflow">if</span> (strncmp(d, <span class="stringliteral">"2 DH"</span>, 2) == 0) {
<a name="l00349"></a>00349 alg = (<a class="code" href="keys_8h.html#a760c6c6be2337ff27f2dcf5d3253549a">ldns_signing_algorithm</a>)<a class="code" href="keys_8h.html#a7263c18ede33d95a849cc07f54bc5b10a9c80e013ab6422f81bd5995312d07bf6">LDNS_DH</a>;
<a name="l00350"></a>00350 }
<a name="l00351"></a>00351 <span class="keywordflow">if</span> (strncmp(d, <span class="stringliteral">"3 DSA"</span>, 2) == 0) {
<a name="l00352"></a>00352 alg = <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a98ae68498fea31062b1d03a861846aa5">LDNS_SIGN_DSA</a>;
<a name="l00353"></a>00353 }
<a name="l00354"></a>00354 <span class="keywordflow">if</span> (strncmp(d, <span class="stringliteral">"4 ECC"</span>, 2) == 0) {
<a name="l00355"></a>00355 alg = (<a class="code" href="keys_8h.html#a760c6c6be2337ff27f2dcf5d3253549a">ldns_signing_algorithm</a>)<a class="code" href="keys_8h.html#a7263c18ede33d95a849cc07f54bc5b10acb69374043a01c4baded7ba3681e9f6c">LDNS_ECC</a>;
<a name="l00356"></a>00356 }
<a name="l00357"></a>00357 <span class="keywordflow">if</span> (strncmp(d, <span class="stringliteral">"5 RSASHA1"</span>, 2) == 0) {
<a name="l00358"></a>00358 alg = <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a062ab8c29c8f73b28bbb552597975dbc">LDNS_SIGN_RSASHA1</a>;
<a name="l00359"></a>00359 }
<a name="l00360"></a>00360 <span class="keywordflow">if</span> (strncmp(d, <span class="stringliteral">"6 DSA"</span>, 2) == 0) {
<a name="l00361"></a>00361 alg = <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a28624a25c45025703d05de9984c4ee4a">LDNS_SIGN_DSA_NSEC3</a>;
<a name="l00362"></a>00362 }
<a name="l00363"></a>00363 <span class="keywordflow">if</span> (strncmp(d, <span class="stringliteral">"7 RSASHA1"</span>, 2) == 0) {
<a name="l00364"></a>00364 alg = <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a7a8b2b416cc65f7637108b6ba35cad69">LDNS_SIGN_RSASHA1_NSEC3</a>;
<a name="l00365"></a>00365 }
<a name="l00366"></a>00366
<a name="l00367"></a>00367 <span class="keywordflow">if</span> (strncmp(d, <span class="stringliteral">"8 RSASHA256"</span>, 2) == 0) {
<a name="l00368"></a>00368 <span class="preprocessor">#ifdef USE_SHA2</span>
<a name="l00369"></a>00369 <span class="preprocessor"></span> alg = <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a9f88342b4f9ce95700a72154b6d30269">LDNS_SIGN_RSASHA256</a>;
<a name="l00370"></a>00370 <span class="preprocessor">#else</span>
<a name="l00371"></a>00371 <span class="preprocessor"></span> fprintf(stderr, <span class="stringliteral">"Warning: SHA256 not compiled into this "</span>);
<a name="l00372"></a>00372 fprintf(stderr, <span class="stringliteral">"version of ldns\n"</span>);
<a name="l00373"></a>00373 <span class="preprocessor">#endif</span>
<a name="l00374"></a>00374 <span class="preprocessor"></span> }
<a name="l00375"></a>00375 <span class="keywordflow">if</span> (strncmp(d, <span class="stringliteral">"10 RSASHA512"</span>, 3) == 0) {
<a name="l00376"></a>00376 <span class="preprocessor">#ifdef USE_SHA2</span>
<a name="l00377"></a>00377 <span class="preprocessor"></span> alg = <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a93fc09210171fbecee85ed84ebfc7dbd">LDNS_SIGN_RSASHA512</a>;
<a name="l00378"></a>00378 <span class="preprocessor">#else</span>
<a name="l00379"></a>00379 <span class="preprocessor"></span> fprintf(stderr, <span class="stringliteral">"Warning: SHA512 not compiled into this "</span>);
<a name="l00380"></a>00380 fprintf(stderr, <span class="stringliteral">"version of ldns\n"</span>);
<a name="l00381"></a>00381 <span class="preprocessor">#endif</span>
<a name="l00382"></a>00382 <span class="preprocessor"></span> }
<a name="l00383"></a>00383 <span class="keywordflow">if</span> (strncmp(d, <span class="stringliteral">"12 ECC-GOST"</span>, 3) == 0) {
<a name="l00384"></a>00384 <span class="preprocessor">#ifdef USE_GOST</span>
<a name="l00385"></a>00385 <span class="preprocessor"></span> alg = <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a2f5cc1330edd5c11be92509543402f98">LDNS_SIGN_ECC_GOST</a>;
<a name="l00386"></a>00386 <span class="preprocessor">#else</span>
<a name="l00387"></a>00387 <span class="preprocessor"></span> fprintf(stderr, <span class="stringliteral">"Warning: ECC-GOST not compiled into this "</span>);
<a name="l00388"></a>00388 fprintf(stderr, <span class="stringliteral">"version of ldns, use --enable-gost\n"</span>);
<a name="l00389"></a>00389 <span class="preprocessor">#endif</span>
<a name="l00390"></a>00390 <span class="preprocessor"></span> }
<a name="l00391"></a>00391 <span class="preprocessor">#ifdef USE_ECDSA</span>
<a name="l00392"></a>00392 <span class="preprocessor"></span> <span class="keywordflow">if</span> (strncmp(d, <span class="stringliteral">"13 ECDSAP256SHA256"</span>, 3) == 0) {
<a name="l00393"></a>00393 alg = LDNS_SIGN_ECDSAP256SHA256;
<a name="l00394"></a>00394 }
<a name="l00395"></a>00395 <span class="keywordflow">if</span> (strncmp(d, <span class="stringliteral">"14 ECDSAP384SHA384"</span>, 3) == 0) {
<a name="l00396"></a>00396 alg = LDNS_SIGN_ECDSAP384SHA384;
<a name="l00397"></a>00397 }
<a name="l00398"></a>00398 <span class="preprocessor">#endif</span>
<a name="l00399"></a>00399 <span class="preprocessor"></span> <span class="keywordflow">if</span> (strncmp(d, <span class="stringliteral">"157 HMAC-MD5"</span>, 4) == 0) {
<a name="l00400"></a>00400 alg = <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a90eafd9721029814659dce35a33cdede">LDNS_SIGN_HMACMD5</a>;
<a name="l00401"></a>00401 }
<a name="l00402"></a>00402 <span class="keywordflow">if</span> (strncmp(d, <span class="stringliteral">"158 HMAC-SHA1"</span>, 4) == 0) {
<a name="l00403"></a>00403 alg = <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664ab4bb484126261b3e71183a0d7ae47404">LDNS_SIGN_HMACSHA1</a>;
<a name="l00404"></a>00404 }
<a name="l00405"></a>00405 <span class="keywordflow">if</span> (strncmp(d, <span class="stringliteral">"159 HMAC-SHA256"</span>, 4) == 0) {
<a name="l00406"></a>00406 alg = <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664afec7895ef19516fe5304601d31d3f117">LDNS_SIGN_HMACSHA256</a>;
<a name="l00407"></a>00407 }
<a name="l00408"></a>00408
<a name="l00409"></a>00409 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(d);
<a name="l00410"></a>00410
<a name="l00411"></a>00411 <span class="keywordflow">switch</span>(alg) {
<a name="l00412"></a>00412 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a92e7ccac219c462f054e00c8e6c8321b">LDNS_SIGN_RSAMD5</a>:
<a name="l00413"></a>00413 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a062ab8c29c8f73b28bbb552597975dbc">LDNS_SIGN_RSASHA1</a>:
<a name="l00414"></a>00414 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a7a8b2b416cc65f7637108b6ba35cad69">LDNS_SIGN_RSASHA1_NSEC3</a>:
<a name="l00415"></a>00415 <span class="preprocessor">#ifdef USE_SHA2</span>
<a name="l00416"></a>00416 <span class="preprocessor"></span> <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a9f88342b4f9ce95700a72154b6d30269">LDNS_SIGN_RSASHA256</a>:
<a name="l00417"></a>00417 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a93fc09210171fbecee85ed84ebfc7dbd">LDNS_SIGN_RSASHA512</a>:
<a name="l00418"></a>00418 <span class="preprocessor">#endif</span>
<a name="l00419"></a>00419 <span class="preprocessor"></span> <a class="code" href="keys_8c.html#ae27c72580b947a8ae330a5753cf4c220" title="Set the key's algorithm.">ldns_key_set_algorithm</a>(k, alg);
<a name="l00420"></a>00420 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00421"></a>00421 <span class="preprocessor"></span> rsa = <a class="code" href="keys_8c.html#a2249817ddcd666f22df3b1f3dc8ac7de" title="frm_fp helper function.">ldns_key_new_frm_fp_rsa_l</a>(fp, line_nr);
<a name="l00422"></a>00422 <span class="keywordflow">if</span> (!rsa) {
<a name="l00423"></a>00423 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00424"></a>00424 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa804a996d5f13cda0806bf1d54114d2ca">LDNS_STATUS_ERR</a>;
<a name="l00425"></a>00425 }
<a name="l00426"></a>00426 <a class="code" href="keys_8c.html#aed378f559db3f0b4206f7f52b0f78762" title="Set the key's rsa data.">ldns_key_set_rsa_key</a>(k, rsa);
<a name="l00427"></a>00427 RSA_free(rsa);
<a name="l00428"></a>00428 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l00429"></a>00429 <span class="keywordflow">break</span>;
<a name="l00430"></a>00430 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a98ae68498fea31062b1d03a861846aa5">LDNS_SIGN_DSA</a>:
<a name="l00431"></a>00431 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a28624a25c45025703d05de9984c4ee4a">LDNS_SIGN_DSA_NSEC3</a>:
<a name="l00432"></a>00432 <a class="code" href="keys_8c.html#ae27c72580b947a8ae330a5753cf4c220" title="Set the key's algorithm.">ldns_key_set_algorithm</a>(k, alg);
<a name="l00433"></a>00433 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00434"></a>00434 <span class="preprocessor"></span> dsa = <a class="code" href="keys_8c.html#a8897b13a4597a7ce543ddafa576a771a" title="frm_fp helper function.">ldns_key_new_frm_fp_dsa_l</a>(fp, line_nr);
<a name="l00435"></a>00435 <span class="keywordflow">if</span> (!dsa) {
<a name="l00436"></a>00436 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00437"></a>00437 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa804a996d5f13cda0806bf1d54114d2ca">LDNS_STATUS_ERR</a>;
<a name="l00438"></a>00438 }
<a name="l00439"></a>00439 <a class="code" href="keys_8c.html#a39152994a2369b033721ffa904738f82" title="Set the key's dsa data.">ldns_key_set_dsa_key</a>(k, dsa);
<a name="l00440"></a>00440 DSA_free(dsa);
<a name="l00441"></a>00441 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l00442"></a>00442 <span class="keywordflow">break</span>;
<a name="l00443"></a>00443 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a90eafd9721029814659dce35a33cdede">LDNS_SIGN_HMACMD5</a>:
<a name="l00444"></a>00444 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664ab4bb484126261b3e71183a0d7ae47404">LDNS_SIGN_HMACSHA1</a>:
<a name="l00445"></a>00445 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664afec7895ef19516fe5304601d31d3f117">LDNS_SIGN_HMACSHA256</a>:
<a name="l00446"></a>00446 <a class="code" href="keys_8c.html#ae27c72580b947a8ae330a5753cf4c220" title="Set the key's algorithm.">ldns_key_set_algorithm</a>(k, alg);
<a name="l00447"></a>00447 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00448"></a>00448 <span class="preprocessor"></span> hmac = <a class="code" href="keys_8c.html#ac067b69d6cccf933d9a71fadd663f529" title="frm_fp helper function.">ldns_key_new_frm_fp_hmac_l</a>(fp, line_nr, &hmac_size);
<a name="l00449"></a>00449 <span class="keywordflow">if</span> (!hmac) {
<a name="l00450"></a>00450 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00451"></a>00451 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa804a996d5f13cda0806bf1d54114d2ca">LDNS_STATUS_ERR</a>;
<a name="l00452"></a>00452 }
<a name="l00453"></a>00453 <a class="code" href="keys_8c.html#ab66e843127443126bb93edb7e8a58f7c" title="Set the key's hmac size.">ldns_key_set_hmac_size</a>(k, hmac_size);
<a name="l00454"></a>00454 <a class="code" href="keys_8c.html#a385ccd045bc926c760dad28dc35dfaaf" title="Set the key's hmac data.">ldns_key_set_hmac_key</a>(k, hmac);
<a name="l00455"></a>00455 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l00456"></a>00456 <span class="keywordflow">break</span>;
<a name="l00457"></a>00457 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a2f5cc1330edd5c11be92509543402f98">LDNS_SIGN_ECC_GOST</a>:
<a name="l00458"></a>00458 <a class="code" href="keys_8c.html#ae27c72580b947a8ae330a5753cf4c220" title="Set the key's algorithm.">ldns_key_set_algorithm</a>(k, alg);
<a name="l00459"></a>00459 <span class="preprocessor">#if defined(HAVE_SSL) && defined(USE_GOST)</span>
<a name="l00460"></a>00460 <span class="preprocessor"></span> <span class="keywordflow">if</span>(!<a class="code" href="keys_8h.html#a631eb1d2915d9c72cd12a0e44a549f45" title="Get the PKEY id for GOST, loads GOST into openssl as a side effect.">ldns_key_EVP_load_gost_id</a>()) {
<a name="l00461"></a>00461 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00462"></a>00462 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa20e6f2e3ad5fe53f67985a52aa797629">LDNS_STATUS_CRYPTO_ALGO_NOT_IMPL</a>;
<a name="l00463"></a>00463 }
<a name="l00464"></a>00464 <a class="code" href="keys_8c.html#a92165f884e17f7c067a185442085a5aa" title="Set the key's evp key.">ldns_key_set_evp_key</a>(k,
<a name="l00465"></a>00465 ldns_key_new_frm_fp_gost_l(fp, line_nr));
<a name="l00466"></a>00466 <span class="preprocessor">#ifndef S_SPLINT_S</span>
<a name="l00467"></a>00467 <span class="preprocessor"></span> <span class="keywordflow">if</span>(!k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a>) {
<a name="l00468"></a>00468 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00469"></a>00469 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa804a996d5f13cda0806bf1d54114d2ca">LDNS_STATUS_ERR</a>;
<a name="l00470"></a>00470 }
<a name="l00471"></a>00471 <span class="preprocessor">#endif </span><span class="comment">/* splint */</span>
<a name="l00472"></a>00472 <span class="preprocessor">#endif</span>
<a name="l00473"></a>00473 <span class="preprocessor"></span> <span class="keywordflow">break</span>;
<a name="l00474"></a>00474 <span class="preprocessor">#ifdef USE_ECDSA</span>
<a name="l00475"></a>00475 <span class="preprocessor"></span> <span class="keywordflow">case</span> LDNS_SIGN_ECDSAP256SHA256:
<a name="l00476"></a>00476 <span class="keywordflow">case</span> LDNS_SIGN_ECDSAP384SHA384:
<a name="l00477"></a>00477 <a class="code" href="keys_8c.html#ae27c72580b947a8ae330a5753cf4c220" title="Set the key's algorithm.">ldns_key_set_algorithm</a>(k, alg);
<a name="l00478"></a>00478 <a class="code" href="keys_8c.html#a92165f884e17f7c067a185442085a5aa" title="Set the key's evp key.">ldns_key_set_evp_key</a>(k,
<a name="l00479"></a>00479 ldns_key_new_frm_fp_ecdsa_l(fp, (<a class="code" href="keys_8h.html#af4bde8238e05b183cf373f49639a3e58">ldns_algorithm</a>)alg, line_nr));
<a name="l00480"></a>00480 <span class="preprocessor">#ifndef S_SPLINT_S</span>
<a name="l00481"></a>00481 <span class="preprocessor"></span> <span class="keywordflow">if</span>(!k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a>) {
<a name="l00482"></a>00482 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00483"></a>00483 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa804a996d5f13cda0806bf1d54114d2ca">LDNS_STATUS_ERR</a>;
<a name="l00484"></a>00484 }
<a name="l00485"></a>00485 <span class="preprocessor">#endif </span><span class="comment">/* splint */</span>
<a name="l00486"></a>00486 <span class="keywordflow">break</span>;
<a name="l00487"></a>00487 <span class="preprocessor">#endif</span>
<a name="l00488"></a>00488 <span class="preprocessor"></span> <span class="keywordflow">default</span>:
<a name="l00489"></a>00489 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00490"></a>00490 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afacca94a9a1411f1c6bb41c800d69a38e0">LDNS_STATUS_SYNTAX_ALG_ERR</a>;
<a name="l00491"></a>00491 }
<a name="l00492"></a>00492 key_rr = <a class="code" href="keys_8c.html#a45bdcdbe6aac4764bff1ad12a86a6541" title="converts a ldns_key to a public key rr If the key data exists at an external point, the corresponding rdata field must still be added with ldns_rr_rdf_push() to the result rr of this function">ldns_key2rr</a>(k);
<a name="l00493"></a>00493 <a class="code" href="keys_8c.html#a9bdf435dfcf6a6a603c3284054a8126c" title="Set the key's key tag.">ldns_key_set_keytag</a>(k, <a class="code" href="dnssec_8c.html#a7cf8c4687caff6153a61052c5523e7ab" title="calculates a keytag of a key for use in DNSSEC.">ldns_calc_keytag</a>(key_rr));
<a name="l00494"></a>00494 <a class="code" href="rr_8c.html#a277ccb85853d3c527ff3bc963cdde505" title="frees an RR structure">ldns_rr_free</a>(key_rr);
<a name="l00495"></a>00495
<a name="l00496"></a>00496 <span class="keywordflow">if</span> (key) {
<a name="l00497"></a>00497 *key = k;
<a name="l00498"></a>00498 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afac58492ee3fc8d23f33c79824ed08c465">LDNS_STATUS_OK</a>;
<a name="l00499"></a>00499 }
<a name="l00500"></a>00500 <span class="keywordflow">return</span> <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afa804a996d5f13cda0806bf1d54114d2ca">LDNS_STATUS_ERR</a>;
<a name="l00501"></a>00501 }
<a name="l00502"></a>00502
<a name="l00503"></a>00503 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00504"></a>00504 <span class="preprocessor"></span>RSA *
<a name="l00505"></a><a class="code" href="keys_8h.html#ac1610671c493a3080378676e9b7492d4">00505</a> <a class="code" href="keys_8c.html#abb0f8bdbe3c16887367a9dc7d3a6825a" title="frm_fp helper function.">ldns_key_new_frm_fp_rsa</a>(FILE *f)
<a name="l00506"></a>00506 {
<a name="l00507"></a>00507 <span class="keywordflow">return</span> <a class="code" href="keys_8c.html#a2249817ddcd666f22df3b1f3dc8ac7de" title="frm_fp helper function.">ldns_key_new_frm_fp_rsa_l</a>(f, NULL);
<a name="l00508"></a>00508 }
<a name="l00509"></a>00509
<a name="l00510"></a>00510 RSA *
<a name="l00511"></a><a class="code" href="keys_8h.html#a32264cbc5fb7aadd16c45d526aca79b3">00511</a> <a class="code" href="keys_8c.html#a2249817ddcd666f22df3b1f3dc8ac7de" title="frm_fp helper function.">ldns_key_new_frm_fp_rsa_l</a>(FILE *f, <span class="keywordtype">int</span> *line_nr)
<a name="l00512"></a>00512 {
<a name="l00513"></a>00513 <span class="comment">/* we parse</span>
<a name="l00514"></a>00514 <span class="comment"> * Modulus:</span>
<a name="l00515"></a>00515 <span class="comment"> * PublicExponent:</span>
<a name="l00516"></a>00516 <span class="comment"> * PrivateExponent:</span>
<a name="l00517"></a>00517 <span class="comment"> * Prime1:</span>
<a name="l00518"></a>00518 <span class="comment"> * Prime2:</span>
<a name="l00519"></a>00519 <span class="comment"> * Exponent1:</span>
<a name="l00520"></a>00520 <span class="comment"> * Exponent2:</span>
<a name="l00521"></a>00521 <span class="comment"> * Coefficient:</span>
<a name="l00522"></a>00522 <span class="comment"> *</span>
<a name="l00523"></a>00523 <span class="comment"> * man 3 RSA:</span>
<a name="l00524"></a>00524 <span class="comment"> *</span>
<a name="l00525"></a>00525 <span class="comment"> * struct</span>
<a name="l00526"></a>00526 <span class="comment"> * {</span>
<a name="l00527"></a>00527 <span class="comment"> * BIGNUM *n; // public modulus</span>
<a name="l00528"></a>00528 <span class="comment"> * BIGNUM *e; // public exponent</span>
<a name="l00529"></a>00529 <span class="comment"> * BIGNUM *d; // private exponent</span>
<a name="l00530"></a>00530 <span class="comment"> * BIGNUM *p; // secret prime factor</span>
<a name="l00531"></a>00531 <span class="comment"> * BIGNUM *q; // secret prime factor</span>
<a name="l00532"></a>00532 <span class="comment"> * BIGNUM *dmp1; // d mod (p-1)</span>
<a name="l00533"></a>00533 <span class="comment"> * BIGNUM *dmq1; // d mod (q-1)</span>
<a name="l00534"></a>00534 <span class="comment"> * BIGNUM *iqmp; // q^-1 mod p</span>
<a name="l00535"></a>00535 <span class="comment"> * // ...</span>
<a name="l00536"></a>00536 <span class="comment"> *</span>
<a name="l00537"></a>00537 <span class="comment"> */</span>
<a name="l00538"></a>00538 <span class="keywordtype">char</span> *d;
<a name="l00539"></a>00539 RSA *rsa;
<a name="l00540"></a>00540 uint8_t *buf;
<a name="l00541"></a>00541 <span class="keywordtype">int</span> i;
<a name="l00542"></a>00542
<a name="l00543"></a>00543 d = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(<span class="keywordtype">char</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>);
<a name="l00544"></a>00544 buf = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(uint8_t, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>);
<a name="l00545"></a>00545 rsa = RSA_new();
<a name="l00546"></a>00546 <span class="keywordflow">if</span> (!d || !rsa || !buf) {
<a name="l00547"></a>00547 <span class="keywordflow">goto</span> error;
<a name="l00548"></a>00548 }
<a name="l00549"></a>00549
<a name="l00550"></a>00550 <span class="comment">/* I could use functions again, but that seems an overkill,</span>
<a name="l00551"></a>00551 <span class="comment"> * allthough this also looks tedious</span>
<a name="l00552"></a>00552 <span class="comment"> */</span>
<a name="l00553"></a>00553
<a name="l00554"></a>00554 <span class="comment">/* Modules, rsa->n */</span>
<a name="l00555"></a>00555 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(f, <span class="stringliteral">"Modulus"</span>, <span class="stringliteral">": "</span>, d, <span class="stringliteral">"\n"</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>, line_nr) == -1) {
<a name="l00556"></a>00556 <span class="keywordflow">goto</span> error;
<a name="l00557"></a>00557 }
<a name="l00558"></a>00558 i = <a class="code" href="config_8h.html#ada3d1fd2fcddf397179b070fe5588c48">ldns_b64_pton</a>((<span class="keyword">const</span> <span class="keywordtype">char</span>*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
<a name="l00559"></a>00559 <span class="preprocessor">#ifndef S_SPLINT_S</span>
<a name="l00560"></a>00560 <span class="preprocessor"></span> rsa->n = BN_bin2bn((<span class="keyword">const</span> <span class="keywordtype">char</span> <span class="keywordtype">unsigned</span>*)buf, i, NULL);
<a name="l00561"></a>00561 <span class="keywordflow">if</span> (!rsa->n) {
<a name="l00562"></a>00562 <span class="keywordflow">goto</span> error;
<a name="l00563"></a>00563 }
<a name="l00564"></a>00564
<a name="l00565"></a>00565 <span class="comment">/* PublicExponent, rsa->e */</span>
<a name="l00566"></a>00566 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(f, <span class="stringliteral">"PublicExponent"</span>, <span class="stringliteral">": "</span>, d, <span class="stringliteral">"\n"</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>, line_nr) == -1) {
<a name="l00567"></a>00567 <span class="keywordflow">goto</span> error;
<a name="l00568"></a>00568 }
<a name="l00569"></a>00569 i = <a class="code" href="config_8h.html#ada3d1fd2fcddf397179b070fe5588c48">ldns_b64_pton</a>((<span class="keyword">const</span> <span class="keywordtype">char</span>*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
<a name="l00570"></a>00570 rsa->e = BN_bin2bn((<span class="keyword">const</span> <span class="keywordtype">char</span> <span class="keywordtype">unsigned</span>*)buf, i, NULL);
<a name="l00571"></a>00571 <span class="keywordflow">if</span> (!rsa->e) {
<a name="l00572"></a>00572 <span class="keywordflow">goto</span> error;
<a name="l00573"></a>00573 }
<a name="l00574"></a>00574
<a name="l00575"></a>00575 <span class="comment">/* PrivateExponent, rsa->d */</span>
<a name="l00576"></a>00576 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(f, <span class="stringliteral">"PrivateExponent"</span>, <span class="stringliteral">": "</span>, d, <span class="stringliteral">"\n"</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>, line_nr) == -1) {
<a name="l00577"></a>00577 <span class="keywordflow">goto</span> error;
<a name="l00578"></a>00578 }
<a name="l00579"></a>00579 i = <a class="code" href="config_8h.html#ada3d1fd2fcddf397179b070fe5588c48">ldns_b64_pton</a>((<span class="keyword">const</span> <span class="keywordtype">char</span>*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
<a name="l00580"></a>00580 rsa->d = BN_bin2bn((<span class="keyword">const</span> <span class="keywordtype">char</span> <span class="keywordtype">unsigned</span>*)buf, i, NULL);
<a name="l00581"></a>00581 <span class="keywordflow">if</span> (!rsa->d) {
<a name="l00582"></a>00582 <span class="keywordflow">goto</span> error;
<a name="l00583"></a>00583 }
<a name="l00584"></a>00584
<a name="l00585"></a>00585 <span class="comment">/* Prime1, rsa->p */</span>
<a name="l00586"></a>00586 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(f, <span class="stringliteral">"Prime1"</span>, <span class="stringliteral">": "</span>, d, <span class="stringliteral">"\n"</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>, line_nr) == -1) {
<a name="l00587"></a>00587 <span class="keywordflow">goto</span> error;
<a name="l00588"></a>00588 }
<a name="l00589"></a>00589 i = <a class="code" href="config_8h.html#ada3d1fd2fcddf397179b070fe5588c48">ldns_b64_pton</a>((<span class="keyword">const</span> <span class="keywordtype">char</span>*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
<a name="l00590"></a>00590 rsa->p = BN_bin2bn((<span class="keyword">const</span> <span class="keywordtype">char</span> <span class="keywordtype">unsigned</span>*)buf, i, NULL);
<a name="l00591"></a>00591 <span class="keywordflow">if</span> (!rsa->p) {
<a name="l00592"></a>00592 <span class="keywordflow">goto</span> error;
<a name="l00593"></a>00593 }
<a name="l00594"></a>00594
<a name="l00595"></a>00595 <span class="comment">/* Prime2, rsa->q */</span>
<a name="l00596"></a>00596 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(f, <span class="stringliteral">"Prime2"</span>, <span class="stringliteral">": "</span>, d, <span class="stringliteral">"\n"</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>, line_nr) == -1) {
<a name="l00597"></a>00597 <span class="keywordflow">goto</span> error;
<a name="l00598"></a>00598 }
<a name="l00599"></a>00599 i = <a class="code" href="config_8h.html#ada3d1fd2fcddf397179b070fe5588c48">ldns_b64_pton</a>((<span class="keyword">const</span> <span class="keywordtype">char</span>*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
<a name="l00600"></a>00600 rsa->q = BN_bin2bn((<span class="keyword">const</span> <span class="keywordtype">char</span> <span class="keywordtype">unsigned</span>*)buf, i, NULL);
<a name="l00601"></a>00601 <span class="keywordflow">if</span> (!rsa->q) {
<a name="l00602"></a>00602 <span class="keywordflow">goto</span> error;
<a name="l00603"></a>00603 }
<a name="l00604"></a>00604
<a name="l00605"></a>00605 <span class="comment">/* Exponent1, rsa->dmp1 */</span>
<a name="l00606"></a>00606 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(f, <span class="stringliteral">"Exponent1"</span>, <span class="stringliteral">": "</span>, d, <span class="stringliteral">"\n"</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>, line_nr) == -1) {
<a name="l00607"></a>00607 <span class="keywordflow">goto</span> error;
<a name="l00608"></a>00608 }
<a name="l00609"></a>00609 i = <a class="code" href="config_8h.html#ada3d1fd2fcddf397179b070fe5588c48">ldns_b64_pton</a>((<span class="keyword">const</span> <span class="keywordtype">char</span>*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
<a name="l00610"></a>00610 rsa->dmp1 = BN_bin2bn((<span class="keyword">const</span> <span class="keywordtype">char</span> <span class="keywordtype">unsigned</span>*)buf, i, NULL);
<a name="l00611"></a>00611 <span class="keywordflow">if</span> (!rsa->dmp1) {
<a name="l00612"></a>00612 <span class="keywordflow">goto</span> error;
<a name="l00613"></a>00613 }
<a name="l00614"></a>00614
<a name="l00615"></a>00615 <span class="comment">/* Exponent2, rsa->dmq1 */</span>
<a name="l00616"></a>00616 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(f, <span class="stringliteral">"Exponent2"</span>, <span class="stringliteral">": "</span>, d, <span class="stringliteral">"\n"</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>, line_nr) == -1) {
<a name="l00617"></a>00617 <span class="keywordflow">goto</span> error;
<a name="l00618"></a>00618 }
<a name="l00619"></a>00619 i = <a class="code" href="config_8h.html#ada3d1fd2fcddf397179b070fe5588c48">ldns_b64_pton</a>((<span class="keyword">const</span> <span class="keywordtype">char</span>*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
<a name="l00620"></a>00620 rsa->dmq1 = BN_bin2bn((<span class="keyword">const</span> <span class="keywordtype">char</span> <span class="keywordtype">unsigned</span>*)buf, i, NULL);
<a name="l00621"></a>00621 <span class="keywordflow">if</span> (!rsa->dmq1) {
<a name="l00622"></a>00622 <span class="keywordflow">goto</span> error;
<a name="l00623"></a>00623 }
<a name="l00624"></a>00624
<a name="l00625"></a>00625 <span class="comment">/* Coefficient, rsa->iqmp */</span>
<a name="l00626"></a>00626 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(f, <span class="stringliteral">"Coefficient"</span>, <span class="stringliteral">": "</span>, d, <span class="stringliteral">"\n"</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>, line_nr) == -1) {
<a name="l00627"></a>00627 <span class="keywordflow">goto</span> error;
<a name="l00628"></a>00628 }
<a name="l00629"></a>00629 i = <a class="code" href="config_8h.html#ada3d1fd2fcddf397179b070fe5588c48">ldns_b64_pton</a>((<span class="keyword">const</span> <span class="keywordtype">char</span>*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
<a name="l00630"></a>00630 rsa->iqmp = BN_bin2bn((<span class="keyword">const</span> <span class="keywordtype">char</span> <span class="keywordtype">unsigned</span>*)buf, i, NULL);
<a name="l00631"></a>00631 <span class="keywordflow">if</span> (!rsa->iqmp) {
<a name="l00632"></a>00632 <span class="keywordflow">goto</span> error;
<a name="l00633"></a>00633 }
<a name="l00634"></a>00634 <span class="preprocessor">#endif </span><span class="comment">/* splint */</span>
<a name="l00635"></a>00635
<a name="l00636"></a>00636 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(buf);
<a name="l00637"></a>00637 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(d);
<a name="l00638"></a>00638 <span class="keywordflow">return</span> rsa;
<a name="l00639"></a>00639
<a name="l00640"></a>00640 error:
<a name="l00641"></a>00641 RSA_free(rsa);
<a name="l00642"></a>00642 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(d);
<a name="l00643"></a>00643 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(buf);
<a name="l00644"></a>00644 <span class="keywordflow">return</span> NULL;
<a name="l00645"></a>00645 }
<a name="l00646"></a>00646
<a name="l00647"></a>00647 DSA *
<a name="l00648"></a><a class="code" href="keys_8h.html#a90c6d382665b96c6c3a8e3dc56ef4cde">00648</a> <a class="code" href="keys_8c.html#a4f289f32ebb8220a81edb0cead4666ea" title="frm_fp helper function.">ldns_key_new_frm_fp_dsa</a>(FILE *f)
<a name="l00649"></a>00649 {
<a name="l00650"></a>00650 <span class="keywordflow">return</span> <a class="code" href="keys_8c.html#a8897b13a4597a7ce543ddafa576a771a" title="frm_fp helper function.">ldns_key_new_frm_fp_dsa_l</a>(f, NULL);
<a name="l00651"></a>00651 }
<a name="l00652"></a>00652
<a name="l00653"></a>00653 DSA *
<a name="l00654"></a><a class="code" href="keys_8h.html#a91af85cd4a84404187da222881cf564a">00654</a> <a class="code" href="keys_8c.html#a8897b13a4597a7ce543ddafa576a771a" title="frm_fp helper function.">ldns_key_new_frm_fp_dsa_l</a>(FILE *f, <span class="keywordtype">int</span> *line_nr)
<a name="l00655"></a>00655 {
<a name="l00656"></a>00656 <span class="keywordtype">int</span> i;
<a name="l00657"></a>00657 <span class="keywordtype">char</span> *d;
<a name="l00658"></a>00658 DSA *dsa;
<a name="l00659"></a>00659 uint8_t *buf;
<a name="l00660"></a>00660
<a name="l00661"></a>00661 line_nr = line_nr;
<a name="l00662"></a>00662
<a name="l00663"></a>00663 d = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(<span class="keywordtype">char</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>);
<a name="l00664"></a>00664 buf = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(uint8_t, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>);
<a name="l00665"></a>00665 dsa = DSA_new();
<a name="l00666"></a>00666 <span class="keywordflow">if</span> (!d || !dsa || !buf) {
<a name="l00667"></a>00667 <span class="keywordflow">goto</span> error;
<a name="l00668"></a>00668 }
<a name="l00669"></a>00669
<a name="l00670"></a>00670 <span class="comment">/* the line parser removes the () from the input... */</span>
<a name="l00671"></a>00671
<a name="l00672"></a>00672 <span class="comment">/* Prime, dsa->p */</span>
<a name="l00673"></a>00673 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(f, <span class="stringliteral">"Primep"</span>, <span class="stringliteral">": "</span>, d, <span class="stringliteral">"\n"</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>, line_nr) == -1) {
<a name="l00674"></a>00674 <span class="keywordflow">goto</span> error;
<a name="l00675"></a>00675 }
<a name="l00676"></a>00676 i = <a class="code" href="config_8h.html#ada3d1fd2fcddf397179b070fe5588c48">ldns_b64_pton</a>((<span class="keyword">const</span> <span class="keywordtype">char</span>*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
<a name="l00677"></a>00677 <span class="preprocessor">#ifndef S_SPLINT_S</span>
<a name="l00678"></a>00678 <span class="preprocessor"></span> dsa->p = BN_bin2bn((<span class="keyword">const</span> <span class="keywordtype">char</span> <span class="keywordtype">unsigned</span>*)buf, i, NULL);
<a name="l00679"></a>00679 <span class="keywordflow">if</span> (!dsa->p) {
<a name="l00680"></a>00680 <span class="keywordflow">goto</span> error;
<a name="l00681"></a>00681 }
<a name="l00682"></a>00682
<a name="l00683"></a>00683 <span class="comment">/* Subprime, dsa->q */</span>
<a name="l00684"></a>00684 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(f, <span class="stringliteral">"Subprimeq"</span>, <span class="stringliteral">": "</span>, d, <span class="stringliteral">"\n"</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>, line_nr) == -1) {
<a name="l00685"></a>00685 <span class="keywordflow">goto</span> error;
<a name="l00686"></a>00686 }
<a name="l00687"></a>00687 i = <a class="code" href="config_8h.html#ada3d1fd2fcddf397179b070fe5588c48">ldns_b64_pton</a>((<span class="keyword">const</span> <span class="keywordtype">char</span>*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
<a name="l00688"></a>00688 dsa->q = BN_bin2bn((<span class="keyword">const</span> <span class="keywordtype">char</span> <span class="keywordtype">unsigned</span>*)buf, i, NULL);
<a name="l00689"></a>00689 <span class="keywordflow">if</span> (!dsa->q) {
<a name="l00690"></a>00690 <span class="keywordflow">goto</span> error;
<a name="l00691"></a>00691 }
<a name="l00692"></a>00692
<a name="l00693"></a>00693 <span class="comment">/* Base, dsa->g */</span>
<a name="l00694"></a>00694 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(f, <span class="stringliteral">"Baseg"</span>, <span class="stringliteral">": "</span>, d, <span class="stringliteral">"\n"</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>, line_nr) == -1) {
<a name="l00695"></a>00695 <span class="keywordflow">goto</span> error;
<a name="l00696"></a>00696 }
<a name="l00697"></a>00697 i = <a class="code" href="config_8h.html#ada3d1fd2fcddf397179b070fe5588c48">ldns_b64_pton</a>((<span class="keyword">const</span> <span class="keywordtype">char</span>*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
<a name="l00698"></a>00698 dsa->g = BN_bin2bn((<span class="keyword">const</span> <span class="keywordtype">char</span> <span class="keywordtype">unsigned</span>*)buf, i, NULL);
<a name="l00699"></a>00699 <span class="keywordflow">if</span> (!dsa->g) {
<a name="l00700"></a>00700 <span class="keywordflow">goto</span> error;
<a name="l00701"></a>00701 }
<a name="l00702"></a>00702
<a name="l00703"></a>00703 <span class="comment">/* Private key, dsa->priv_key */</span>
<a name="l00704"></a>00704 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(f, <span class="stringliteral">"Private_valuex"</span>, <span class="stringliteral">": "</span>, d, <span class="stringliteral">"\n"</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>, line_nr) == -1) {
<a name="l00705"></a>00705 <span class="keywordflow">goto</span> error;
<a name="l00706"></a>00706 }
<a name="l00707"></a>00707 i = <a class="code" href="config_8h.html#ada3d1fd2fcddf397179b070fe5588c48">ldns_b64_pton</a>((<span class="keyword">const</span> <span class="keywordtype">char</span>*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
<a name="l00708"></a>00708 dsa->priv_key = BN_bin2bn((<span class="keyword">const</span> <span class="keywordtype">char</span> <span class="keywordtype">unsigned</span>*)buf, i, NULL);
<a name="l00709"></a>00709 <span class="keywordflow">if</span> (!dsa->priv_key) {
<a name="l00710"></a>00710 <span class="keywordflow">goto</span> error;
<a name="l00711"></a>00711 }
<a name="l00712"></a>00712
<a name="l00713"></a>00713 <span class="comment">/* Public key, dsa->priv_key */</span>
<a name="l00714"></a>00714 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(f, <span class="stringliteral">"Public_valuey"</span>, <span class="stringliteral">": "</span>, d, <span class="stringliteral">"\n"</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>, line_nr) == -1) {
<a name="l00715"></a>00715 <span class="keywordflow">goto</span> error;
<a name="l00716"></a>00716 }
<a name="l00717"></a>00717 i = <a class="code" href="config_8h.html#ada3d1fd2fcddf397179b070fe5588c48">ldns_b64_pton</a>((<span class="keyword">const</span> <span class="keywordtype">char</span>*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
<a name="l00718"></a>00718 dsa->pub_key = BN_bin2bn((<span class="keyword">const</span> <span class="keywordtype">char</span> <span class="keywordtype">unsigned</span>*)buf, i, NULL);
<a name="l00719"></a>00719 <span class="keywordflow">if</span> (!dsa->pub_key) {
<a name="l00720"></a>00720 <span class="keywordflow">goto</span> error;
<a name="l00721"></a>00721 }
<a name="l00722"></a>00722 <span class="preprocessor">#endif </span><span class="comment">/* splint */</span>
<a name="l00723"></a>00723
<a name="l00724"></a>00724 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(buf);
<a name="l00725"></a>00725 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(d);
<a name="l00726"></a>00726
<a name="l00727"></a>00727 <span class="keywordflow">return</span> dsa;
<a name="l00728"></a>00728
<a name="l00729"></a>00729 error:
<a name="l00730"></a>00730 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(d);
<a name="l00731"></a>00731 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(buf);
<a name="l00732"></a>00732 DSA_free(dsa);
<a name="l00733"></a>00733 <span class="keywordflow">return</span> NULL;
<a name="l00734"></a>00734 }
<a name="l00735"></a>00735
<a name="l00736"></a>00736 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *
<a name="l00737"></a><a class="code" href="keys_8h.html#a6a3b5e8880beca1005c218ef48cdf286">00737</a> <a class="code" href="keys_8c.html#ad0d8d883cfd0e60971c90bbcede6b002" title="frm_fp helper function.">ldns_key_new_frm_fp_hmac</a>(FILE *f, <span class="keywordtype">size_t</span> *hmac_size)
<a name="l00738"></a>00738 {
<a name="l00739"></a>00739 <span class="keywordflow">return</span> <a class="code" href="keys_8c.html#ac067b69d6cccf933d9a71fadd663f529" title="frm_fp helper function.">ldns_key_new_frm_fp_hmac_l</a>(f, NULL, hmac_size);
<a name="l00740"></a>00740 }
<a name="l00741"></a>00741
<a name="l00742"></a>00742 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *
<a name="l00743"></a><a class="code" href="keys_8h.html#a5d014b89d113d9fb10c72c7b85f8c86b">00743</a> <a class="code" href="keys_8c.html#ac067b69d6cccf933d9a71fadd663f529" title="frm_fp helper function.">ldns_key_new_frm_fp_hmac_l</a>(FILE *f, <span class="keywordtype">int</span> *line_nr, <span class="keywordtype">size_t</span> *hmac_size)
<a name="l00744"></a>00744 {
<a name="l00745"></a>00745 <span class="keywordtype">size_t</span> i;
<a name="l00746"></a>00746 <span class="keywordtype">char</span> *d;
<a name="l00747"></a>00747 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *buf;
<a name="l00748"></a>00748
<a name="l00749"></a>00749 line_nr = line_nr;
<a name="l00750"></a>00750
<a name="l00751"></a>00751 d = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(<span class="keywordtype">char</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>);
<a name="l00752"></a>00752 buf = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>);
<a name="l00753"></a>00753 <span class="keywordflow">if</span>(!d || !buf) {
<a name="l00754"></a>00754 <span class="keywordflow">goto</span> error;
<a name="l00755"></a>00755 }
<a name="l00756"></a>00756
<a name="l00757"></a>00757 <span class="keywordflow">if</span> (<a class="code" href="parse_8c.html#a9aec3a54a2727f5b7e2adb30691795dd">ldns_fget_keyword_data_l</a>(f, <span class="stringliteral">"Key"</span>, <span class="stringliteral">": "</span>, d, <span class="stringliteral">"\n"</span>, <a class="code" href="parse_8h.html#a5e0b586eee52cb7d411f758a286e8e3f">LDNS_MAX_LINELEN</a>, line_nr) == -1) {
<a name="l00758"></a>00758 <span class="keywordflow">goto</span> error;
<a name="l00759"></a>00759 }
<a name="l00760"></a>00760 i = (size_t) <a class="code" href="config_8h.html#ada3d1fd2fcddf397179b070fe5588c48">ldns_b64_pton</a>((<span class="keyword">const</span> <span class="keywordtype">char</span>*)d,
<a name="l00761"></a>00761 buf,
<a name="l00762"></a>00762 ldns_b64_ntop_calculate_size(strlen(d)));
<a name="l00763"></a>00763
<a name="l00764"></a>00764 *hmac_size = i;
<a name="l00765"></a>00765 <span class="keywordflow">return</span> buf;
<a name="l00766"></a>00766
<a name="l00767"></a>00767 error:
<a name="l00768"></a>00768 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(d);
<a name="l00769"></a>00769 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(buf);
<a name="l00770"></a>00770 *hmac_size = 0;
<a name="l00771"></a>00771 <span class="keywordflow">return</span> NULL;
<a name="l00772"></a>00772 }
<a name="l00773"></a>00773 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l00774"></a>00774
<a name="l00775"></a>00775 <span class="preprocessor">#ifdef USE_GOST</span>
<a name="l00776"></a>00776 <span class="preprocessor"></span><span class="keyword">static</span> EVP_PKEY*
<a name="l00777"></a>00777 ldns_gen_gost_key(<span class="keywordtype">void</span>)
<a name="l00778"></a>00778 {
<a name="l00779"></a>00779 EVP_PKEY_CTX* ctx;
<a name="l00780"></a>00780 EVP_PKEY* p = NULL;
<a name="l00781"></a>00781 <span class="keywordtype">int</span> gost_id = <a class="code" href="keys_8h.html#a631eb1d2915d9c72cd12a0e44a549f45" title="Get the PKEY id for GOST, loads GOST into openssl as a side effect.">ldns_key_EVP_load_gost_id</a>();
<a name="l00782"></a>00782 <span class="keywordflow">if</span>(!gost_id)
<a name="l00783"></a>00783 <span class="keywordflow">return</span> NULL;
<a name="l00784"></a>00784 ctx = EVP_PKEY_CTX_new_id(gost_id, NULL);
<a name="l00785"></a>00785 <span class="keywordflow">if</span>(!ctx) {
<a name="l00786"></a>00786 <span class="comment">/* the id should be available now */</span>
<a name="l00787"></a>00787 <span class="keywordflow">return</span> NULL;
<a name="l00788"></a>00788 }
<a name="l00789"></a>00789 <span class="keywordflow">if</span>(EVP_PKEY_CTX_ctrl_str(ctx, <span class="stringliteral">"paramset"</span>, <span class="stringliteral">"A"</span>) <= 0) {
<a name="l00790"></a>00790 <span class="comment">/* cannot set paramset */</span>
<a name="l00791"></a>00791 EVP_PKEY_CTX_free(ctx);
<a name="l00792"></a>00792 <span class="keywordflow">return</span> NULL;
<a name="l00793"></a>00793 }
<a name="l00794"></a>00794
<a name="l00795"></a>00795 <span class="keywordflow">if</span>(EVP_PKEY_keygen_init(ctx) <= 0) {
<a name="l00796"></a>00796 EVP_PKEY_CTX_free(ctx);
<a name="l00797"></a>00797 <span class="keywordflow">return</span> NULL;
<a name="l00798"></a>00798 }
<a name="l00799"></a>00799 <span class="keywordflow">if</span>(EVP_PKEY_keygen(ctx, &p) <= 0) {
<a name="l00800"></a>00800 EVP_PKEY_free(p);
<a name="l00801"></a>00801 EVP_PKEY_CTX_free(ctx);
<a name="l00802"></a>00802 <span class="keywordflow">return</span> NULL;
<a name="l00803"></a>00803 }
<a name="l00804"></a>00804 EVP_PKEY_CTX_free(ctx);
<a name="l00805"></a>00805 <span class="keywordflow">return</span> p;
<a name="l00806"></a>00806 }
<a name="l00807"></a>00807 <span class="preprocessor">#endif</span>
<a name="l00808"></a>00808 <span class="preprocessor"></span>
<a name="l00809"></a>00809 <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *
<a name="l00810"></a><a class="code" href="keys_8h.html#ae164c665baaf171fdfd91df9d1ed0190">00810</a> <a class="code" href="keys_8c.html#a4e7e2ac8173cc9e0b7714b40a6d30845" title="Creates a new key based on the algorithm.">ldns_key_new_frm_algorithm</a>(<a class="code" href="keys_8h.html#a760c6c6be2337ff27f2dcf5d3253549a">ldns_signing_algorithm</a> alg, uint16_t size)
<a name="l00811"></a>00811 {
<a name="l00812"></a>00812 <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k;
<a name="l00813"></a>00813 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00814"></a>00814 <span class="preprocessor"></span> DSA *d;
<a name="l00815"></a>00815 RSA *r;
<a name="l00816"></a>00816 <span class="preprocessor"># ifdef USE_ECDSA</span>
<a name="l00817"></a>00817 <span class="preprocessor"></span> EC_KEY *ec = NULL;
<a name="l00818"></a>00818 <span class="preprocessor"># endif</span>
<a name="l00819"></a>00819 <span class="preprocessor"></span><span class="preprocessor">#else</span>
<a name="l00820"></a>00820 <span class="preprocessor"></span> <span class="keywordtype">int</span> i;
<a name="l00821"></a>00821 uint16_t offset = 0;
<a name="l00822"></a>00822 <span class="preprocessor">#endif</span>
<a name="l00823"></a>00823 <span class="preprocessor"></span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *hmac;
<a name="l00824"></a>00824
<a name="l00825"></a>00825 k = <a class="code" href="keys_8c.html#aa0f2535ad10be9b2938a67e8e8e3b6b6" title="Creates a new empty key structure.">ldns_key_new</a>();
<a name="l00826"></a>00826 <span class="keywordflow">if</span> (!k) {
<a name="l00827"></a>00827 <span class="keywordflow">return</span> NULL;
<a name="l00828"></a>00828 }
<a name="l00829"></a>00829 <span class="keywordflow">switch</span>(alg) {
<a name="l00830"></a>00830 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a92e7ccac219c462f054e00c8e6c8321b">LDNS_SIGN_RSAMD5</a>:
<a name="l00831"></a>00831 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a062ab8c29c8f73b28bbb552597975dbc">LDNS_SIGN_RSASHA1</a>:
<a name="l00832"></a>00832 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a7a8b2b416cc65f7637108b6ba35cad69">LDNS_SIGN_RSASHA1_NSEC3</a>:
<a name="l00833"></a>00833 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a9f88342b4f9ce95700a72154b6d30269">LDNS_SIGN_RSASHA256</a>:
<a name="l00834"></a>00834 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a93fc09210171fbecee85ed84ebfc7dbd">LDNS_SIGN_RSASHA512</a>:
<a name="l00835"></a>00835 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00836"></a>00836 <span class="preprocessor"></span> r = RSA_generate_key((<span class="keywordtype">int</span>)size, RSA_F4, NULL, NULL);
<a name="l00837"></a>00837 <span class="keywordflow">if</span>(!r) {
<a name="l00838"></a>00838 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00839"></a>00839 <span class="keywordflow">return</span> NULL;
<a name="l00840"></a>00840 }
<a name="l00841"></a>00841 <span class="keywordflow">if</span> (RSA_check_key(r) != 1) {
<a name="l00842"></a>00842 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00843"></a>00843 <span class="keywordflow">return</span> NULL;
<a name="l00844"></a>00844 }
<a name="l00845"></a>00845 <a class="code" href="keys_8c.html#aed378f559db3f0b4206f7f52b0f78762" title="Set the key's rsa data.">ldns_key_set_rsa_key</a>(k, r);
<a name="l00846"></a>00846 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l00847"></a>00847 <span class="keywordflow">break</span>;
<a name="l00848"></a>00848 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a98ae68498fea31062b1d03a861846aa5">LDNS_SIGN_DSA</a>:
<a name="l00849"></a>00849 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a28624a25c45025703d05de9984c4ee4a">LDNS_SIGN_DSA_NSEC3</a>:
<a name="l00850"></a>00850 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00851"></a>00851 <span class="preprocessor"></span> d = DSA_generate_parameters((<span class="keywordtype">int</span>)size, NULL, 0, NULL, NULL, NULL, NULL);
<a name="l00852"></a>00852 <span class="keywordflow">if</span> (!d) {
<a name="l00853"></a>00853 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00854"></a>00854 <span class="keywordflow">return</span> NULL;
<a name="l00855"></a>00855 }
<a name="l00856"></a>00856 <span class="keywordflow">if</span> (DSA_generate_key(d) != 1) {
<a name="l00857"></a>00857 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00858"></a>00858 <span class="keywordflow">return</span> NULL;
<a name="l00859"></a>00859 }
<a name="l00860"></a>00860 <a class="code" href="keys_8c.html#a39152994a2369b033721ffa904738f82" title="Set the key's dsa data.">ldns_key_set_dsa_key</a>(k, d);
<a name="l00861"></a>00861 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l00862"></a>00862 <span class="keywordflow">break</span>;
<a name="l00863"></a>00863 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a90eafd9721029814659dce35a33cdede">LDNS_SIGN_HMACMD5</a>:
<a name="l00864"></a>00864 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664ab4bb484126261b3e71183a0d7ae47404">LDNS_SIGN_HMACSHA1</a>:
<a name="l00865"></a>00865 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664afec7895ef19516fe5304601d31d3f117">LDNS_SIGN_HMACSHA256</a>:
<a name="l00866"></a>00866 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00867"></a>00867 <span class="preprocessor"></span><span class="preprocessor">#ifndef S_SPLINT_S</span>
<a name="l00868"></a>00868 <span class="preprocessor"></span> k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a> = NULL;
<a name="l00869"></a>00869 <span class="preprocessor">#endif </span><span class="comment">/* splint */</span>
<a name="l00870"></a>00870 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l00871"></a>00871 size = size / 8;
<a name="l00872"></a>00872 <a class="code" href="keys_8c.html#ab66e843127443126bb93edb7e8a58f7c" title="Set the key's hmac size.">ldns_key_set_hmac_size</a>(k, size);
<a name="l00873"></a>00873
<a name="l00874"></a>00874 hmac = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span>, size);
<a name="l00875"></a>00875 <span class="keywordflow">if</span>(!hmac) {
<a name="l00876"></a>00876 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00877"></a>00877 <span class="keywordflow">return</span> NULL;
<a name="l00878"></a>00878 }
<a name="l00879"></a>00879 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00880"></a>00880 <span class="preprocessor"></span> <span class="keywordflow">if</span> (RAND_bytes(hmac, (<span class="keywordtype">int</span>) size) != 1) {
<a name="l00881"></a>00881 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(hmac);
<a name="l00882"></a>00882 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00883"></a>00883 <span class="keywordflow">return</span> NULL;
<a name="l00884"></a>00884 }
<a name="l00885"></a>00885 <span class="preprocessor">#else</span>
<a name="l00886"></a>00886 <span class="preprocessor"></span> <span class="keywordflow">while</span> (offset + <span class="keyword">sizeof</span>(i) < size) {
<a name="l00887"></a>00887 i = <a class="code" href="config_8h.html#a970311ee5504bf0e1c421be1bbd78d39">random</a>();
<a name="l00888"></a>00888 memcpy(&hmac[offset], &i, <span class="keyword">sizeof</span>(i));
<a name="l00889"></a>00889 offset += <span class="keyword">sizeof</span>(i);
<a name="l00890"></a>00890 }
<a name="l00891"></a>00891 <span class="keywordflow">if</span> (offset < size) {
<a name="l00892"></a>00892 i = <a class="code" href="config_8h.html#a970311ee5504bf0e1c421be1bbd78d39">random</a>();
<a name="l00893"></a>00893 memcpy(&hmac[offset], &i, size - offset);
<a name="l00894"></a>00894 }
<a name="l00895"></a>00895 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l00896"></a>00896 <a class="code" href="keys_8c.html#a385ccd045bc926c760dad28dc35dfaaf" title="Set the key's hmac data.">ldns_key_set_hmac_key</a>(k, hmac);
<a name="l00897"></a>00897
<a name="l00898"></a>00898 <a class="code" href="keys_8c.html#aea3bc851574cf6ccc40d850deaea348f" title="Set the key's flags.">ldns_key_set_flags</a>(k, 0);
<a name="l00899"></a>00899 <span class="keywordflow">break</span>;
<a name="l00900"></a>00900 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a2f5cc1330edd5c11be92509543402f98">LDNS_SIGN_ECC_GOST</a>:
<a name="l00901"></a>00901 <span class="preprocessor">#if defined(HAVE_SSL) && defined(USE_GOST)</span>
<a name="l00902"></a>00902 <span class="preprocessor"></span> <a class="code" href="keys_8c.html#a92165f884e17f7c067a185442085a5aa" title="Set the key's evp key.">ldns_key_set_evp_key</a>(k, ldns_gen_gost_key());
<a name="l00903"></a>00903 <span class="preprocessor">#ifndef S_SPLINT_S</span>
<a name="l00904"></a>00904 <span class="preprocessor"></span> <span class="keywordflow">if</span>(!k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a>) {
<a name="l00905"></a>00905 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00906"></a>00906 <span class="keywordflow">return</span> NULL;
<a name="l00907"></a>00907 }
<a name="l00908"></a>00908 <span class="preprocessor">#endif </span><span class="comment">/* splint */</span>
<a name="l00909"></a>00909 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL and USE_GOST */</span>
<a name="l00910"></a>00910 <span class="keywordflow">break</span>;
<a name="l00911"></a>00911 <span class="preprocessor">#ifdef USE_ECDSA</span>
<a name="l00912"></a>00912 <span class="preprocessor"></span> <span class="keywordflow">case</span> LDNS_SIGN_ECDSAP256SHA256:
<a name="l00913"></a>00913 <span class="keywordflow">case</span> LDNS_SIGN_ECDSAP384SHA384:
<a name="l00914"></a>00914 <span class="keywordflow">if</span>(alg == LDNS_SIGN_ECDSAP256SHA256)
<a name="l00915"></a>00915 ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
<a name="l00916"></a>00916 <span class="keywordflow">else</span> <span class="keywordflow">if</span>(alg == LDNS_SIGN_ECDSAP384SHA384)
<a name="l00917"></a>00917 ec = EC_KEY_new_by_curve_name(NID_secp384r1);
<a name="l00918"></a>00918 <span class="keywordflow">if</span>(!ec) {
<a name="l00919"></a>00919 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00920"></a>00920 <span class="keywordflow">return</span> NULL;
<a name="l00921"></a>00921 }
<a name="l00922"></a>00922 <span class="keywordflow">if</span>(!EC_KEY_generate_key(ec)) {
<a name="l00923"></a>00923 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00924"></a>00924 EC_KEY_free(ec);
<a name="l00925"></a>00925 <span class="keywordflow">return</span> NULL;
<a name="l00926"></a>00926 }
<a name="l00927"></a>00927 <span class="preprocessor">#ifndef S_SPLINT_S</span>
<a name="l00928"></a>00928 <span class="preprocessor"></span> k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a> = EVP_PKEY_new();
<a name="l00929"></a>00929 <span class="keywordflow">if</span>(!k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a>) {
<a name="l00930"></a>00930 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00931"></a>00931 EC_KEY_free(ec);
<a name="l00932"></a>00932 <span class="keywordflow">return</span> NULL;
<a name="l00933"></a>00933 }
<a name="l00934"></a>00934 <span class="keywordflow">if</span> (!EVP_PKEY_assign_EC_KEY(k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a>, ec)) {
<a name="l00935"></a>00935 <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(k);
<a name="l00936"></a>00936 EC_KEY_free(ec);
<a name="l00937"></a>00937 <span class="keywordflow">return</span> NULL;
<a name="l00938"></a>00938 }
<a name="l00939"></a>00939 <span class="preprocessor">#endif </span><span class="comment">/* splint */</span>
<a name="l00940"></a>00940 <span class="keywordflow">break</span>;
<a name="l00941"></a>00941 <span class="preprocessor">#endif</span>
<a name="l00942"></a>00942 <span class="preprocessor"></span> }
<a name="l00943"></a>00943 <a class="code" href="keys_8c.html#ae27c72580b947a8ae330a5753cf4c220" title="Set the key's algorithm.">ldns_key_set_algorithm</a>(k, alg);
<a name="l00944"></a>00944 <span class="keywordflow">return</span> k;
<a name="l00945"></a>00945 }
<a name="l00946"></a>00946
<a name="l00947"></a>00947 <span class="keywordtype">void</span>
<a name="l00948"></a><a class="code" href="keys_8h.html#a743980d6a4c1f3cd2a87e4e323a34dac">00948</a> <a class="code" href="keys_8c.html#a743980d6a4c1f3cd2a87e4e323a34dac" title="print a private key to the file ouput">ldns_key_print</a>(FILE *output, <span class="keyword">const</span> <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k)
<a name="l00949"></a>00949 {
<a name="l00950"></a>00950 <span class="keywordtype">char</span> *str = <a class="code" href="host2str_8c.html#a1c5e18f49dfb77c4167d861a37751e84" title="Converts a private key to the test presentation fmt and returns that as a char *.">ldns_key2str</a>(k);
<a name="l00951"></a>00951 <span class="keywordflow">if</span> (str) {
<a name="l00952"></a>00952 fprintf(output, <span class="stringliteral">"%s"</span>, str);
<a name="l00953"></a>00953 } <span class="keywordflow">else</span> {
<a name="l00954"></a>00954 fprintf(output, <span class="stringliteral">"Unable to convert private key to string\n"</span>);
<a name="l00955"></a>00955 }
<a name="l00956"></a>00956 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(str);
<a name="l00957"></a>00957 }
<a name="l00958"></a>00958
<a name="l00959"></a>00959
<a name="l00960"></a>00960 <span class="keywordtype">void</span>
<a name="l00961"></a><a class="code" href="keys_8h.html#ae27c72580b947a8ae330a5753cf4c220">00961</a> <a class="code" href="keys_8c.html#ae27c72580b947a8ae330a5753cf4c220" title="Set the key's algorithm.">ldns_key_set_algorithm</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k, <a class="code" href="keys_8h.html#a760c6c6be2337ff27f2dcf5d3253549a">ldns_signing_algorithm</a> l)
<a name="l00962"></a>00962 {
<a name="l00963"></a>00963 k-><a class="code" href="structldns__struct__key.html#acd8540a5c581d8f866ff9804e6139cc7">_alg</a> = l;
<a name="l00964"></a>00964 }
<a name="l00965"></a>00965
<a name="l00966"></a>00966 <span class="keywordtype">void</span>
<a name="l00967"></a><a class="code" href="keys_8h.html#aa640f76d23a320af96538a1ae95436e8">00967</a> <a class="code" href="keys_8c.html#aea3bc851574cf6ccc40d850deaea348f" title="Set the key's flags.">ldns_key_set_flags</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k, uint16_t f)
<a name="l00968"></a>00968 {
<a name="l00969"></a>00969 k-><a class="code" href="structldns__struct__key.html#acfa5ac64141c5e52faeebb5ce8613884">_extra</a>.<a class="code" href="structldns__struct__key.html#a2e2bd2157ba22e6c49bf29f841fe234b">dnssec</a>.flags = f;
<a name="l00970"></a>00970 }
<a name="l00971"></a>00971
<a name="l00972"></a>00972 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l00973"></a>00973 <span class="preprocessor"></span><span class="preprocessor">#ifndef S_SPLINT_S</span>
<a name="l00974"></a>00974 <span class="preprocessor"></span><span class="keywordtype">void</span>
<a name="l00975"></a><a class="code" href="keys_8h.html#a92165f884e17f7c067a185442085a5aa">00975</a> <a class="code" href="keys_8c.html#a92165f884e17f7c067a185442085a5aa" title="Set the key's evp key.">ldns_key_set_evp_key</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k, EVP_PKEY *e)
<a name="l00976"></a>00976 {
<a name="l00977"></a>00977 k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a> = e;
<a name="l00978"></a>00978 }
<a name="l00979"></a>00979
<a name="l00980"></a>00980 <span class="keywordtype">void</span>
<a name="l00981"></a><a class="code" href="keys_8h.html#aed378f559db3f0b4206f7f52b0f78762">00981</a> <a class="code" href="keys_8c.html#aed378f559db3f0b4206f7f52b0f78762" title="Set the key's rsa data.">ldns_key_set_rsa_key</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k, RSA *r)
<a name="l00982"></a>00982 {
<a name="l00983"></a>00983 EVP_PKEY *key = EVP_PKEY_new();
<a name="l00984"></a>00984 EVP_PKEY_set1_RSA(key, r);
<a name="l00985"></a>00985 k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a> = key;
<a name="l00986"></a>00986 }
<a name="l00987"></a>00987
<a name="l00988"></a>00988 <span class="keywordtype">void</span>
<a name="l00989"></a><a class="code" href="keys_8h.html#a39152994a2369b033721ffa904738f82">00989</a> <a class="code" href="keys_8c.html#a39152994a2369b033721ffa904738f82" title="Set the key's dsa data.">ldns_key_set_dsa_key</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k, DSA *d)
<a name="l00990"></a>00990 {
<a name="l00991"></a>00991 EVP_PKEY *key = EVP_PKEY_new();
<a name="l00992"></a>00992 EVP_PKEY_set1_DSA(key, d);
<a name="l00993"></a>00993 k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a> = key;
<a name="l00994"></a>00994 }
<a name="l00995"></a>00995 <span class="preprocessor">#endif </span><span class="comment">/* splint */</span>
<a name="l00996"></a>00996 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l00997"></a>00997
<a name="l00998"></a>00998 <span class="keywordtype">void</span>
<a name="l00999"></a><a class="code" href="keys_8h.html#a385ccd045bc926c760dad28dc35dfaaf">00999</a> <a class="code" href="keys_8c.html#a385ccd045bc926c760dad28dc35dfaaf" title="Set the key's hmac data.">ldns_key_set_hmac_key</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k, <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *hmac)
<a name="l01000"></a>01000 {
<a name="l01001"></a>01001 k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#af6b4352ba0e83e6da164a47bc694cc85">hmac</a>.key = hmac;
<a name="l01002"></a>01002 }
<a name="l01003"></a>01003
<a name="l01004"></a>01004 <span class="keywordtype">void</span>
<a name="l01005"></a><a class="code" href="keys_8h.html#ab66e843127443126bb93edb7e8a58f7c">01005</a> <a class="code" href="keys_8c.html#ab66e843127443126bb93edb7e8a58f7c" title="Set the key's hmac size.">ldns_key_set_hmac_size</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k, <span class="keywordtype">size_t</span> hmac_size)
<a name="l01006"></a>01006 {
<a name="l01007"></a>01007 k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#af6b4352ba0e83e6da164a47bc694cc85">hmac</a>.size = hmac_size;
<a name="l01008"></a>01008 }
<a name="l01009"></a>01009
<a name="l01010"></a>01010 <span class="keywordtype">void</span>
<a name="l01011"></a><a class="code" href="keys_8h.html#aa747b3ab48f451e2a156cbdff7e76425">01011</a> <a class="code" href="keys_8c.html#a23e41ca680c1bfe71c1fbe74a5b58c3b" title="Set the key id data.">ldns_key_set_external_key</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k, <span class="keywordtype">void</span> *external_key)
<a name="l01012"></a>01012 {
<a name="l01013"></a>01013 k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#ad55bab6d2e0b417032aa20c54d5f7c1c" title="the key structure can also just point to some external key data">external_key</a> = external_key;
<a name="l01014"></a>01014 }
<a name="l01015"></a>01015
<a name="l01016"></a>01016 <span class="keywordtype">void</span>
<a name="l01017"></a><a class="code" href="keys_8h.html#a8d14084f74652791362a77846546bcc8">01017</a> <a class="code" href="keys_8c.html#a8d14084f74652791362a77846546bcc8" title="Set the key's original ttl.">ldns_key_set_origttl</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k, uint32_t t)
<a name="l01018"></a>01018 {
<a name="l01019"></a>01019 k-><a class="code" href="structldns__struct__key.html#acfa5ac64141c5e52faeebb5ce8613884">_extra</a>.<a class="code" href="structldns__struct__key.html#a2e2bd2157ba22e6c49bf29f841fe234b">dnssec</a>.orig_ttl = t;
<a name="l01020"></a>01020 }
<a name="l01021"></a>01021
<a name="l01022"></a>01022 <span class="keywordtype">void</span>
<a name="l01023"></a><a class="code" href="keys_8h.html#af1521b6b3c0e84a629d09bf237f40308">01023</a> <a class="code" href="keys_8c.html#af1521b6b3c0e84a629d09bf237f40308" title="Set the key's inception date (seconds after epoch)">ldns_key_set_inception</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k, uint32_t i)
<a name="l01024"></a>01024 {
<a name="l01025"></a>01025 k-><a class="code" href="structldns__struct__key.html#acfa5ac64141c5e52faeebb5ce8613884">_extra</a>.<a class="code" href="structldns__struct__key.html#a2e2bd2157ba22e6c49bf29f841fe234b">dnssec</a>.inception = i;
<a name="l01026"></a>01026 }
<a name="l01027"></a>01027
<a name="l01028"></a>01028 <span class="keywordtype">void</span>
<a name="l01029"></a><a class="code" href="keys_8h.html#a25f9483844dbd83abca56d725923c591">01029</a> <a class="code" href="keys_8c.html#a25f9483844dbd83abca56d725923c591" title="Set the key's expiration date (seconds after epoch)">ldns_key_set_expiration</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k, uint32_t e)
<a name="l01030"></a>01030 {
<a name="l01031"></a>01031 k-><a class="code" href="structldns__struct__key.html#acfa5ac64141c5e52faeebb5ce8613884">_extra</a>.<a class="code" href="structldns__struct__key.html#a2e2bd2157ba22e6c49bf29f841fe234b">dnssec</a>.expiration = e;
<a name="l01032"></a>01032 }
<a name="l01033"></a>01033
<a name="l01034"></a>01034 <span class="keywordtype">void</span>
<a name="l01035"></a><a class="code" href="keys_8h.html#a4c0b77f2579a2a6ce4355aa29de237e5">01035</a> <a class="code" href="keys_8c.html#a4c0b77f2579a2a6ce4355aa29de237e5" title="Set the key's pubkey owner.">ldns_key_set_pubkey_owner</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k, <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *r)
<a name="l01036"></a>01036 {
<a name="l01037"></a>01037 k-><a class="code" href="structldns__struct__key.html#abc331cdc595e9167e5eb81733af7a370" title="Owner name of the key.">_pubkey_owner</a> = r;
<a name="l01038"></a>01038 }
<a name="l01039"></a>01039
<a name="l01040"></a>01040 <span class="keywordtype">void</span>
<a name="l01041"></a><a class="code" href="keys_8h.html#a9bdf435dfcf6a6a603c3284054a8126c">01041</a> <a class="code" href="keys_8c.html#a9bdf435dfcf6a6a603c3284054a8126c" title="Set the key's key tag.">ldns_key_set_keytag</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k, uint16_t tag)
<a name="l01042"></a>01042 {
<a name="l01043"></a>01043 k-><a class="code" href="structldns__struct__key.html#acfa5ac64141c5e52faeebb5ce8613884">_extra</a>.<a class="code" href="structldns__struct__key.html#a2e2bd2157ba22e6c49bf29f841fe234b">dnssec</a>.keytag = tag;
<a name="l01044"></a>01044 }
<a name="l01045"></a>01045
<a name="l01046"></a>01046 <span class="comment">/* read */</span>
<a name="l01047"></a>01047 <span class="keywordtype">size_t</span>
<a name="l01048"></a><a class="code" href="keys_8h.html#ae89bbcf27c4ff67cda1369b583dec02f">01048</a> <a class="code" href="keys_8c.html#ae89bbcf27c4ff67cda1369b583dec02f" title="returns the number of keys in the key list">ldns_key_list_key_count</a>(<span class="keyword">const</span> <a class="code" href="structldns__struct__key__list.html" title="Same as rr_list, but now for keys.">ldns_key_list</a> *key_list)
<a name="l01049"></a>01049 {
<a name="l01050"></a>01050 <span class="keywordflow">return</span> key_list-><a class="code" href="structldns__struct__key__list.html#a09bfe05a526c79151b5b3a1c83a907f0">_key_count</a>;
<a name="l01051"></a>01051 }
<a name="l01052"></a>01052
<a name="l01053"></a>01053 <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *
<a name="l01054"></a><a class="code" href="keys_8h.html#afe06ede6432e59eb7ccc9d57a285060a">01054</a> <a class="code" href="keys_8c.html#afe06ede6432e59eb7ccc9d57a285060a" title="returns a pointer to the key in the list at the given position">ldns_key_list_key</a>(<span class="keyword">const</span> <a class="code" href="structldns__struct__key__list.html" title="Same as rr_list, but now for keys.">ldns_key_list</a> *key, <span class="keywordtype">size_t</span> nr)
<a name="l01055"></a>01055 {
<a name="l01056"></a>01056 <span class="keywordflow">if</span> (nr < <a class="code" href="keys_8c.html#ae89bbcf27c4ff67cda1369b583dec02f" title="returns the number of keys in the key list">ldns_key_list_key_count</a>(key)) {
<a name="l01057"></a>01057 <span class="keywordflow">return</span> key-><a class="code" href="structldns__struct__key__list.html#ae37a58c4445d1007a6514e3fe4e36320">_keys</a>[nr];
<a name="l01058"></a>01058 } <span class="keywordflow">else</span> {
<a name="l01059"></a>01059 <span class="keywordflow">return</span> NULL;
<a name="l01060"></a>01060 }
<a name="l01061"></a>01061 }
<a name="l01062"></a>01062
<a name="l01063"></a>01063 <a class="code" href="keys_8h.html#a760c6c6be2337ff27f2dcf5d3253549a">ldns_signing_algorithm</a>
<a name="l01064"></a><a class="code" href="keys_8h.html#a906b7cc79acd016fb1f400aff16b9f1c">01064</a> <a class="code" href="keys_8c.html#a906b7cc79acd016fb1f400aff16b9f1c" title="return the signing alg of the key">ldns_key_algorithm</a>(<span class="keyword">const</span> <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k)
<a name="l01065"></a>01065 {
<a name="l01066"></a>01066 <span class="keywordflow">return</span> k-><a class="code" href="structldns__struct__key.html#acd8540a5c581d8f866ff9804e6139cc7">_alg</a>;
<a name="l01067"></a>01067 }
<a name="l01068"></a>01068
<a name="l01069"></a>01069 <span class="keywordtype">void</span>
<a name="l01070"></a><a class="code" href="keys_8h.html#a3b7792865c5af9fd4fbc53c04946be01">01070</a> <a class="code" href="keys_8c.html#a3b7792865c5af9fd4fbc53c04946be01" title="set the use flag">ldns_key_set_use</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k, <span class="keywordtype">bool</span> v)
<a name="l01071"></a>01071 {
<a name="l01072"></a>01072 <span class="keywordflow">if</span> (k) {
<a name="l01073"></a>01073 k-><a class="code" href="structldns__struct__key.html#a68c1f16bdc8e0a1d3ce3428bec650770" title="Whether to use this key when signing.">_use</a> = v;
<a name="l01074"></a>01074 }
<a name="l01075"></a>01075 }
<a name="l01076"></a>01076
<a name="l01077"></a>01077 <span class="keywordtype">bool</span>
<a name="l01078"></a><a class="code" href="keys_8h.html#afee1fabe43cf6dfb43c8b0966350153e">01078</a> <a class="code" href="keys_8c.html#afee1fabe43cf6dfb43c8b0966350153e" title="return the use flag">ldns_key_use</a>(<span class="keyword">const</span> <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k)
<a name="l01079"></a>01079 {
<a name="l01080"></a>01080 <span class="keywordflow">if</span> (k) {
<a name="l01081"></a>01081 <span class="keywordflow">return</span> k-><a class="code" href="structldns__struct__key.html#a68c1f16bdc8e0a1d3ce3428bec650770" title="Whether to use this key when signing.">_use</a>;
<a name="l01082"></a>01082 }
<a name="l01083"></a>01083 <span class="keywordflow">return</span> <span class="keyword">false</span>;
<a name="l01084"></a>01084 }
<a name="l01085"></a>01085
<a name="l01086"></a>01086 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l01087"></a>01087 <span class="preprocessor"></span><span class="preprocessor">#ifndef S_SPLINT_S</span>
<a name="l01088"></a>01088 <span class="preprocessor"></span>EVP_PKEY *
<a name="l01089"></a><a class="code" href="keys_8h.html#a1b18028c1c2b8bca296f099461dc747a">01089</a> <a class="code" href="keys_8c.html#a1b18028c1c2b8bca296f099461dc747a" title="returns the (openssl) EVP struct contained in the key">ldns_key_evp_key</a>(<span class="keyword">const</span> <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k)
<a name="l01090"></a>01090 {
<a name="l01091"></a>01091 <span class="keywordflow">return</span> k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a>;
<a name="l01092"></a>01092 }
<a name="l01093"></a>01093
<a name="l01094"></a>01094 RSA *
<a name="l01095"></a><a class="code" href="keys_8h.html#ab6d8d9d2a11f73c09c83c6ff4cd2bb98">01095</a> <a class="code" href="keys_8c.html#ab6d8d9d2a11f73c09c83c6ff4cd2bb98" title="returns the (openssl) RSA struct contained in the key">ldns_key_rsa_key</a>(<span class="keyword">const</span> <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k)
<a name="l01096"></a>01096 {
<a name="l01097"></a>01097 <span class="keywordflow">if</span> (k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a>) {
<a name="l01098"></a>01098 <span class="keywordflow">return</span> EVP_PKEY_get1_RSA(k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a>);
<a name="l01099"></a>01099 } <span class="keywordflow">else</span> {
<a name="l01100"></a>01100 <span class="keywordflow">return</span> NULL;
<a name="l01101"></a>01101 }
<a name="l01102"></a>01102 }
<a name="l01103"></a>01103
<a name="l01104"></a>01104 DSA *
<a name="l01105"></a><a class="code" href="keys_8h.html#ae3f85392da83f13ba7556373816b350d">01105</a> <a class="code" href="keys_8c.html#ae3f85392da83f13ba7556373816b350d" title="returns the (openssl) DSA struct contained in the key">ldns_key_dsa_key</a>(<span class="keyword">const</span> <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k)
<a name="l01106"></a>01106 {
<a name="l01107"></a>01107 <span class="keywordflow">if</span> (k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a>) {
<a name="l01108"></a>01108 <span class="keywordflow">return</span> EVP_PKEY_get1_DSA(k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a>);
<a name="l01109"></a>01109 } <span class="keywordflow">else</span> {
<a name="l01110"></a>01110 <span class="keywordflow">return</span> NULL;
<a name="l01111"></a>01111 }
<a name="l01112"></a>01112 }
<a name="l01113"></a>01113 <span class="preprocessor">#endif </span><span class="comment">/* splint */</span>
<a name="l01114"></a>01114 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l01115"></a>01115
<a name="l01116"></a>01116 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *
<a name="l01117"></a><a class="code" href="keys_8h.html#a4ddd291d05ea2a66c7dc8896ffb5bfd0">01117</a> <a class="code" href="keys_8c.html#a4ddd291d05ea2a66c7dc8896ffb5bfd0" title="return the hmac key data">ldns_key_hmac_key</a>(<span class="keyword">const</span> <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k)
<a name="l01118"></a>01118 {
<a name="l01119"></a>01119 <span class="keywordflow">if</span> (k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#af6b4352ba0e83e6da164a47bc694cc85">hmac</a>.key) {
<a name="l01120"></a>01120 <span class="keywordflow">return</span> k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#af6b4352ba0e83e6da164a47bc694cc85">hmac</a>.key;
<a name="l01121"></a>01121 } <span class="keywordflow">else</span> {
<a name="l01122"></a>01122 <span class="keywordflow">return</span> NULL;
<a name="l01123"></a>01123 }
<a name="l01124"></a>01124 }
<a name="l01125"></a>01125
<a name="l01126"></a>01126 <span class="keywordtype">size_t</span>
<a name="l01127"></a><a class="code" href="keys_8h.html#a84da4a777c99c6e96dea4c4d6e9cb269">01127</a> <a class="code" href="keys_8c.html#a84da4a777c99c6e96dea4c4d6e9cb269" title="return the hmac key size">ldns_key_hmac_size</a>(<span class="keyword">const</span> <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k)
<a name="l01128"></a>01128 {
<a name="l01129"></a>01129 <span class="keywordflow">if</span> (k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#af6b4352ba0e83e6da164a47bc694cc85">hmac</a>.size) {
<a name="l01130"></a>01130 <span class="keywordflow">return</span> k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#af6b4352ba0e83e6da164a47bc694cc85">hmac</a>.size;
<a name="l01131"></a>01131 } <span class="keywordflow">else</span> {
<a name="l01132"></a>01132 <span class="keywordflow">return</span> 0;
<a name="l01133"></a>01133 }
<a name="l01134"></a>01134 }
<a name="l01135"></a>01135
<a name="l01136"></a>01136 <span class="keywordtype">void</span> *
<a name="l01137"></a><a class="code" href="keys_8h.html#a727d06b70953304b1ebb426414506e91">01137</a> <a class="code" href="keys_8c.html#a727d06b70953304b1ebb426414506e91" title="return the key id key data">ldns_key_external_key</a>(<span class="keyword">const</span> <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k)
<a name="l01138"></a>01138 {
<a name="l01139"></a>01139 <span class="keywordflow">return</span> k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#ad55bab6d2e0b417032aa20c54d5f7c1c" title="the key structure can also just point to some external key data">external_key</a>;
<a name="l01140"></a>01140 }
<a name="l01141"></a>01141
<a name="l01142"></a>01142 uint32_t
<a name="l01143"></a><a class="code" href="keys_8h.html#a603a4e9fe16f00a7a69dea73f25bd797">01143</a> <a class="code" href="keys_8c.html#a603a4e9fe16f00a7a69dea73f25bd797" title="return the original ttl of the key">ldns_key_origttl</a>(<span class="keyword">const</span> <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k)
<a name="l01144"></a>01144 {
<a name="l01145"></a>01145 <span class="keywordflow">return</span> k-><a class="code" href="structldns__struct__key.html#acfa5ac64141c5e52faeebb5ce8613884">_extra</a>.<a class="code" href="structldns__struct__key.html#a2e2bd2157ba22e6c49bf29f841fe234b">dnssec</a>.orig_ttl;
<a name="l01146"></a>01146 }
<a name="l01147"></a>01147
<a name="l01148"></a>01148 uint16_t
<a name="l01149"></a><a class="code" href="keys_8h.html#ad4359824295f24c7cef57b616288947d">01149</a> <a class="code" href="keys_8c.html#ad4359824295f24c7cef57b616288947d" title="return the flag of the key">ldns_key_flags</a>(<span class="keyword">const</span> <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k)
<a name="l01150"></a>01150 {
<a name="l01151"></a>01151 <span class="keywordflow">return</span> k-><a class="code" href="structldns__struct__key.html#acfa5ac64141c5e52faeebb5ce8613884">_extra</a>.<a class="code" href="structldns__struct__key.html#a2e2bd2157ba22e6c49bf29f841fe234b">dnssec</a>.flags;
<a name="l01152"></a>01152 }
<a name="l01153"></a>01153
<a name="l01154"></a>01154 uint32_t
<a name="l01155"></a><a class="code" href="keys_8h.html#aab487cf33d6af3c24bf4c500772d951e">01155</a> <a class="code" href="keys_8c.html#aab487cf33d6af3c24bf4c500772d951e" title="return the key's inception date">ldns_key_inception</a>(<span class="keyword">const</span> <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k)
<a name="l01156"></a>01156 {
<a name="l01157"></a>01157 <span class="keywordflow">return</span> k-><a class="code" href="structldns__struct__key.html#acfa5ac64141c5e52faeebb5ce8613884">_extra</a>.<a class="code" href="structldns__struct__key.html#a2e2bd2157ba22e6c49bf29f841fe234b">dnssec</a>.inception;
<a name="l01158"></a>01158 }
<a name="l01159"></a>01159
<a name="l01160"></a>01160 uint32_t
<a name="l01161"></a><a class="code" href="keys_8h.html#a083d425d1bb74ace49cd4e7aa8d738fb">01161</a> <a class="code" href="keys_8c.html#a083d425d1bb74ace49cd4e7aa8d738fb" title="return the key's expiration date">ldns_key_expiration</a>(<span class="keyword">const</span> <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k)
<a name="l01162"></a>01162 {
<a name="l01163"></a>01163 <span class="keywordflow">return</span> k-><a class="code" href="structldns__struct__key.html#acfa5ac64141c5e52faeebb5ce8613884">_extra</a>.<a class="code" href="structldns__struct__key.html#a2e2bd2157ba22e6c49bf29f841fe234b">dnssec</a>.expiration;
<a name="l01164"></a>01164 }
<a name="l01165"></a>01165
<a name="l01166"></a>01166 uint16_t
<a name="l01167"></a><a class="code" href="keys_8h.html#a8cf2ca2fc8d72b28076157beb791b347">01167</a> <a class="code" href="keys_8c.html#a8cf2ca2fc8d72b28076157beb791b347" title="return the keytag">ldns_key_keytag</a>(<span class="keyword">const</span> <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k)
<a name="l01168"></a>01168 {
<a name="l01169"></a>01169 <span class="keywordflow">return</span> k-><a class="code" href="structldns__struct__key.html#acfa5ac64141c5e52faeebb5ce8613884">_extra</a>.<a class="code" href="structldns__struct__key.html#a2e2bd2157ba22e6c49bf29f841fe234b">dnssec</a>.keytag;
<a name="l01170"></a>01170 }
<a name="l01171"></a>01171
<a name="l01172"></a>01172 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *
<a name="l01173"></a><a class="code" href="keys_8h.html#ab8c7cbd30af086afa9046f059bc245c9">01173</a> <a class="code" href="keys_8c.html#ab8c7cbd30af086afa9046f059bc245c9" title="return the public key's owner">ldns_key_pubkey_owner</a>(<span class="keyword">const</span> <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k)
<a name="l01174"></a>01174 {
<a name="l01175"></a>01175 <span class="keywordflow">return</span> k-><a class="code" href="structldns__struct__key.html#abc331cdc595e9167e5eb81733af7a370" title="Owner name of the key.">_pubkey_owner</a>;
<a name="l01176"></a>01176 }
<a name="l01177"></a>01177
<a name="l01178"></a>01178 <span class="comment">/* write */</span>
<a name="l01179"></a>01179 <span class="keywordtype">void</span>
<a name="l01180"></a><a class="code" href="keys_8h.html#a40afb1fed3e89304d547a2b526d3db16">01180</a> <a class="code" href="keys_8c.html#a40afb1fed3e89304d547a2b526d3db16" title="Set the 'use' flag for all keys in the list.">ldns_key_list_set_use</a>(<a class="code" href="structldns__struct__key__list.html" title="Same as rr_list, but now for keys.">ldns_key_list</a> *keys, <span class="keywordtype">bool</span> v)
<a name="l01181"></a>01181 {
<a name="l01182"></a>01182 <span class="keywordtype">size_t</span> i;
<a name="l01183"></a>01183
<a name="l01184"></a>01184 <span class="keywordflow">for</span> (i = 0; i < <a class="code" href="keys_8c.html#ae89bbcf27c4ff67cda1369b583dec02f" title="returns the number of keys in the key list">ldns_key_list_key_count</a>(keys); i++) {
<a name="l01185"></a>01185 <a class="code" href="keys_8c.html#a3b7792865c5af9fd4fbc53c04946be01" title="set the use flag">ldns_key_set_use</a>(<a class="code" href="keys_8c.html#afe06ede6432e59eb7ccc9d57a285060a" title="returns a pointer to the key in the list at the given position">ldns_key_list_key</a>(keys, i), v);
<a name="l01186"></a>01186 }
<a name="l01187"></a>01187 }
<a name="l01188"></a>01188
<a name="l01189"></a>01189 <span class="keywordtype">void</span>
<a name="l01190"></a><a class="code" href="keys_8h.html#a05eb2cce01ec9ebbe9ff6ac8c724e668">01190</a> <a class="code" href="keys_8c.html#a05eb2cce01ec9ebbe9ff6ac8c724e668" title="Set the keylist's key count to count.">ldns_key_list_set_key_count</a>(<a class="code" href="structldns__struct__key__list.html" title="Same as rr_list, but now for keys.">ldns_key_list</a> *key, <span class="keywordtype">size_t</span> count)
<a name="l01191"></a>01191 {
<a name="l01192"></a>01192 key-><a class="code" href="structldns__struct__key__list.html#a09bfe05a526c79151b5b3a1c83a907f0">_key_count</a> = count;
<a name="l01193"></a>01193 }
<a name="l01194"></a>01194
<a name="l01195"></a>01195 <span class="keywordtype">bool</span>
<a name="l01196"></a><a class="code" href="keys_8h.html#a221251701900a1de52cfe2613a9e6e9d">01196</a> <a class="code" href="keys_8c.html#a221251701900a1de52cfe2613a9e6e9d" title="pushes a key to a keylist">ldns_key_list_push_key</a>(<a class="code" href="structldns__struct__key__list.html" title="Same as rr_list, but now for keys.">ldns_key_list</a> *key_list, <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *key)
<a name="l01197"></a>01197 {
<a name="l01198"></a>01198 <span class="keywordtype">size_t</span> key_count;
<a name="l01199"></a>01199 <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> **keys;
<a name="l01200"></a>01200
<a name="l01201"></a>01201 key_count = <a class="code" href="keys_8c.html#ae89bbcf27c4ff67cda1369b583dec02f" title="returns the number of keys in the key list">ldns_key_list_key_count</a>(key_list);
<a name="l01202"></a>01202
<a name="l01203"></a>01203 <span class="comment">/* grow the array */</span>
<a name="l01204"></a>01204 keys = <a class="code" href="util_8h.html#aef91214266c90875fa06e4a47e734538">LDNS_XREALLOC</a>(
<a name="l01205"></a>01205 key_list-><a class="code" href="structldns__struct__key__list.html#ae37a58c4445d1007a6514e3fe4e36320">_keys</a>, <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *, key_count + 1);
<a name="l01206"></a>01206 <span class="keywordflow">if</span> (!keys) {
<a name="l01207"></a>01207 <span class="keywordflow">return</span> <span class="keyword">false</span>;
<a name="l01208"></a>01208 }
<a name="l01209"></a>01209
<a name="l01210"></a>01210 <span class="comment">/* add the new member */</span>
<a name="l01211"></a>01211 key_list-><a class="code" href="structldns__struct__key__list.html#ae37a58c4445d1007a6514e3fe4e36320">_keys</a> = keys;
<a name="l01212"></a>01212 key_list-><a class="code" href="structldns__struct__key__list.html#ae37a58c4445d1007a6514e3fe4e36320">_keys</a>[key_count] = key;
<a name="l01213"></a>01213
<a name="l01214"></a>01214 <a class="code" href="keys_8c.html#a05eb2cce01ec9ebbe9ff6ac8c724e668" title="Set the keylist's key count to count.">ldns_key_list_set_key_count</a>(key_list, key_count + 1);
<a name="l01215"></a>01215 <span class="keywordflow">return</span> <span class="keyword">true</span>;
<a name="l01216"></a>01216 }
<a name="l01217"></a>01217
<a name="l01218"></a>01218 <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *
<a name="l01219"></a><a class="code" href="keys_8h.html#a2202111bbdbcd68df9e4bb89985ca95a">01219</a> <a class="code" href="keys_8c.html#a2202111bbdbcd68df9e4bb89985ca95a" title="pops the last rr from a keylist">ldns_key_list_pop_key</a>(<a class="code" href="structldns__struct__key__list.html" title="Same as rr_list, but now for keys.">ldns_key_list</a> *key_list)
<a name="l01220"></a>01220 {
<a name="l01221"></a>01221 <span class="keywordtype">size_t</span> key_count;
<a name="l01222"></a>01222 <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a>** a;
<a name="l01223"></a>01223 <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *pop;
<a name="l01224"></a>01224
<a name="l01225"></a>01225 <span class="keywordflow">if</span> (!key_list) {
<a name="l01226"></a>01226 <span class="keywordflow">return</span> NULL;
<a name="l01227"></a>01227 }
<a name="l01228"></a>01228
<a name="l01229"></a>01229 key_count = <a class="code" href="keys_8c.html#ae89bbcf27c4ff67cda1369b583dec02f" title="returns the number of keys in the key list">ldns_key_list_key_count</a>(key_list);
<a name="l01230"></a>01230 <span class="keywordflow">if</span> (key_count == 0) {
<a name="l01231"></a>01231 <span class="keywordflow">return</span> NULL;
<a name="l01232"></a>01232 }
<a name="l01233"></a>01233
<a name="l01234"></a>01234 pop = <a class="code" href="keys_8c.html#afe06ede6432e59eb7ccc9d57a285060a" title="returns a pointer to the key in the list at the given position">ldns_key_list_key</a>(key_list, key_count);
<a name="l01235"></a>01235
<a name="l01236"></a>01236 <span class="comment">/* shrink the array */</span>
<a name="l01237"></a>01237 a = <a class="code" href="util_8h.html#aef91214266c90875fa06e4a47e734538">LDNS_XREALLOC</a>(key_list-><a class="code" href="structldns__struct__key__list.html#ae37a58c4445d1007a6514e3fe4e36320">_keys</a>, <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *, key_count - 1);
<a name="l01238"></a>01238 <span class="keywordflow">if</span>(a) {
<a name="l01239"></a>01239 key_list-><a class="code" href="structldns__struct__key__list.html#ae37a58c4445d1007a6514e3fe4e36320">_keys</a> = a;
<a name="l01240"></a>01240 }
<a name="l01241"></a>01241
<a name="l01242"></a>01242 <a class="code" href="keys_8c.html#a05eb2cce01ec9ebbe9ff6ac8c724e668" title="Set the keylist's key count to count.">ldns_key_list_set_key_count</a>(key_list, key_count - 1);
<a name="l01243"></a>01243
<a name="l01244"></a>01244 <span class="keywordflow">return</span> pop;
<a name="l01245"></a>01245 }
<a name="l01246"></a>01246
<a name="l01247"></a>01247 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l01248"></a>01248 <span class="preprocessor"></span><span class="preprocessor">#ifndef S_SPLINT_S</span>
<a name="l01249"></a>01249 <span class="preprocessor"></span><span class="comment">/* data pointer must be large enough (LDNS_MAX_KEYLEN) */</span>
<a name="l01250"></a>01250 <span class="keyword">static</span> <span class="keywordtype">bool</span>
<a name="l01251"></a>01251 ldns_key_rsa2bin(<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *data, RSA *k, uint16_t *size)
<a name="l01252"></a>01252 {
<a name="l01253"></a>01253 <span class="keywordtype">int</span> i,j;
<a name="l01254"></a>01254
<a name="l01255"></a>01255 <span class="keywordflow">if</span> (!k) {
<a name="l01256"></a>01256 <span class="keywordflow">return</span> <span class="keyword">false</span>;
<a name="l01257"></a>01257 }
<a name="l01258"></a>01258
<a name="l01259"></a>01259 <span class="keywordflow">if</span> (BN_num_bytes(k->e) <= 256) {
<a name="l01260"></a>01260 <span class="comment">/* normally only this path is executed (small factors are</span>
<a name="l01261"></a>01261 <span class="comment"> * more common </span>
<a name="l01262"></a>01262 <span class="comment"> */</span>
<a name="l01263"></a>01263 data[0] = (<span class="keywordtype">unsigned</span> char) BN_num_bytes(k->e);
<a name="l01264"></a>01264 i = BN_bn2bin(k->e, data + 1);
<a name="l01265"></a>01265 j = BN_bn2bin(k->n, data + i + 1);
<a name="l01266"></a>01266 *size = (uint16_t) i + j;
<a name="l01267"></a>01267 } <span class="keywordflow">else</span> <span class="keywordflow">if</span> (BN_num_bytes(k->e) <= 65536) {
<a name="l01268"></a>01268 data[0] = 0;
<a name="l01269"></a>01269 <span class="comment">/* BN_bn2bin does bigendian, _uint16 also */</span>
<a name="l01270"></a>01270 ldns_write_uint16(data + 1, (uint16_t) BN_num_bytes(k->e));
<a name="l01271"></a>01271
<a name="l01272"></a>01272 BN_bn2bin(k->e, data + 3);
<a name="l01273"></a>01273 BN_bn2bin(k->n, data + 4 + BN_num_bytes(k->e));
<a name="l01274"></a>01274 *size = (uint16_t) BN_num_bytes(k->n) + 6;
<a name="l01275"></a>01275 } <span class="keywordflow">else</span> {
<a name="l01276"></a>01276 <span class="keywordflow">return</span> <span class="keyword">false</span>;
<a name="l01277"></a>01277 }
<a name="l01278"></a>01278 <span class="keywordflow">return</span> <span class="keyword">true</span>;
<a name="l01279"></a>01279 }
<a name="l01280"></a>01280
<a name="l01281"></a>01281 <span class="comment">/* data pointer must be large enough (LDNS_MAX_KEYLEN) */</span>
<a name="l01282"></a>01282 <span class="keyword">static</span> <span class="keywordtype">bool</span>
<a name="l01283"></a>01283 ldns_key_dsa2bin(<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *data, DSA *k, uint16_t *size)
<a name="l01284"></a>01284 {
<a name="l01285"></a>01285 uint8_t T;
<a name="l01286"></a>01286
<a name="l01287"></a>01287 <span class="keywordflow">if</span> (!k) {
<a name="l01288"></a>01288 <span class="keywordflow">return</span> <span class="keyword">false</span>;
<a name="l01289"></a>01289 }
<a name="l01290"></a>01290
<a name="l01291"></a>01291 <span class="comment">/* See RFC2536 */</span>
<a name="l01292"></a>01292 *size = (uint16_t)BN_num_bytes(k->g);
<a name="l01293"></a>01293 T = (*size - 64) / 8;
<a name="l01294"></a>01294 memcpy(data, &T, 1);
<a name="l01295"></a>01295
<a name="l01296"></a>01296 <span class="keywordflow">if</span> (T > 8) {
<a name="l01297"></a>01297 fprintf(stderr, <span class="stringliteral">"DSA key with T > 8 (ie. > 1024 bits)"</span>);
<a name="l01298"></a>01298 fprintf(stderr, <span class="stringliteral">" not implemented\n"</span>);
<a name="l01299"></a>01299 <span class="keywordflow">return</span> <span class="keyword">false</span>;
<a name="l01300"></a>01300 }
<a name="l01301"></a>01301
<a name="l01302"></a>01302 <span class="comment">/* size = 64 + (T * 8); */</span>
<a name="l01303"></a>01303 data[0] = (<span class="keywordtype">unsigned</span> char)T;
<a name="l01304"></a>01304 BN_bn2bin(k->q, data + 1 ); <span class="comment">/* 20 octects */</span>
<a name="l01305"></a>01305 BN_bn2bin(k->p, data + 21 ); <span class="comment">/* offset octects */</span>
<a name="l01306"></a>01306 BN_bn2bin(k->g, data + 21 + *size); <span class="comment">/* offset octets */</span>
<a name="l01307"></a>01307 BN_bn2bin(k->pub_key, data + 21 + *size + *size); <span class="comment">/* offset octets */</span>
<a name="l01308"></a>01308 *size = 21 + (*size * 3);
<a name="l01309"></a>01309 <span class="keywordflow">return</span> <span class="keyword">true</span>;
<a name="l01310"></a>01310 }
<a name="l01311"></a>01311
<a name="l01312"></a>01312 <span class="preprocessor">#ifdef USE_GOST</span>
<a name="l01313"></a>01313 <span class="preprocessor"></span><span class="keyword">static</span> <span class="keywordtype">bool</span>
<a name="l01314"></a>01314 ldns_key_gost2bin(<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span>* data, EVP_PKEY* k, uint16_t* size)
<a name="l01315"></a>01315 {
<a name="l01316"></a>01316 <span class="keywordtype">int</span> i;
<a name="l01317"></a>01317 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span>* pp = NULL;
<a name="l01318"></a>01318 <span class="keywordflow">if</span>(i2d_PUBKEY(k, &pp) != 37 + 64) {
<a name="l01319"></a>01319 <span class="comment">/* expect 37 byte(ASN header) and 64 byte(X and Y) */</span>
<a name="l01320"></a>01320 CRYPTO_free(pp);
<a name="l01321"></a>01321 <span class="keywordflow">return</span> <span class="keyword">false</span>;
<a name="l01322"></a>01322 }
<a name="l01323"></a>01323 <span class="comment">/* omit ASN header */</span>
<a name="l01324"></a>01324 <span class="keywordflow">for</span>(i=0; i<64; i++)
<a name="l01325"></a>01325 data[i] = pp[i+37];
<a name="l01326"></a>01326 CRYPTO_free(pp);
<a name="l01327"></a>01327 *size = 64;
<a name="l01328"></a>01328 <span class="keywordflow">return</span> <span class="keyword">true</span>;
<a name="l01329"></a>01329 }
<a name="l01330"></a>01330 <span class="preprocessor">#endif </span><span class="comment">/* USE_GOST */</span>
<a name="l01331"></a>01331 <span class="preprocessor">#endif </span><span class="comment">/* splint */</span>
<a name="l01332"></a>01332 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l01333"></a>01333
<a name="l01334"></a>01334 <a class="code" href="structldns__struct__rr.html" title="Resource Record.">ldns_rr</a> *
<a name="l01335"></a><a class="code" href="keys_8h.html#a45bdcdbe6aac4764bff1ad12a86a6541">01335</a> <a class="code" href="keys_8c.html#a45bdcdbe6aac4764bff1ad12a86a6541" title="converts a ldns_key to a public key rr If the key data exists at an external point, the corresponding rdata field must still be added with ldns_rr_rdf_push() to the result rr of this function">ldns_key2rr</a>(<span class="keyword">const</span> <a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *k)
<a name="l01336"></a>01336 {
<a name="l01337"></a>01337 <span class="comment">/* this function will convert a the keydata contained in</span>
<a name="l01338"></a>01338 <span class="comment"> * rsa/dsa pointers to a DNSKEY rr. It will fill in as</span>
<a name="l01339"></a>01339 <span class="comment"> * much as it can, but it does not know about key-flags</span>
<a name="l01340"></a>01340 <span class="comment"> * for instance</span>
<a name="l01341"></a>01341 <span class="comment"> */</span>
<a name="l01342"></a>01342 <a class="code" href="structldns__struct__rr.html" title="Resource Record.">ldns_rr</a> *pubkey;
<a name="l01343"></a>01343 <a class="code" href="structldns__struct__rdf.html" title="Resource record data field.">ldns_rdf</a> *keybin;
<a name="l01344"></a>01344 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *bin = NULL;
<a name="l01345"></a>01345 uint16_t size = 0;
<a name="l01346"></a>01346 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l01347"></a>01347 <span class="preprocessor"></span> RSA *rsa = NULL;
<a name="l01348"></a>01348 DSA *dsa = NULL;
<a name="l01349"></a>01349 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l01350"></a>01350 <span class="preprocessor">#ifdef USE_ECDSA</span>
<a name="l01351"></a>01351 <span class="preprocessor"></span> EC_KEY* ec;
<a name="l01352"></a>01352 <span class="preprocessor">#endif</span>
<a name="l01353"></a>01353 <span class="preprocessor"></span> <span class="keywordtype">int</span> internal_data = 0;
<a name="l01354"></a>01354
<a name="l01355"></a>01355 pubkey = <a class="code" href="rr_8c.html#af0921b9dc51c173c6e7007c2fcedfce3" title="creates a new rr structure.">ldns_rr_new</a>();
<a name="l01356"></a>01356 <span class="keywordflow">if</span> (!k) {
<a name="l01357"></a>01357 <span class="keywordflow">return</span> NULL;
<a name="l01358"></a>01358 }
<a name="l01359"></a>01359
<a name="l01360"></a>01360 <span class="keywordflow">switch</span> (<a class="code" href="keys_8c.html#a906b7cc79acd016fb1f400aff16b9f1c" title="return the signing alg of the key">ldns_key_algorithm</a>(k)) {
<a name="l01361"></a>01361 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a90eafd9721029814659dce35a33cdede">LDNS_SIGN_HMACMD5</a>:
<a name="l01362"></a>01362 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664ab4bb484126261b3e71183a0d7ae47404">LDNS_SIGN_HMACSHA1</a>:
<a name="l01363"></a>01363 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664afec7895ef19516fe5304601d31d3f117">LDNS_SIGN_HMACSHA256</a>:
<a name="l01364"></a>01364 <a class="code" href="rr_8c.html#a613e90c7efbdbb3da546fe1f244023c0" title="sets the type in the rr.">ldns_rr_set_type</a>(pubkey, <a class="code" href="rr_8h.html#a640100112b0009efe3d61bbf799b33daa68446f9eb39fbde3c655675024529f5a" title="2535typecode">LDNS_RR_TYPE_KEY</a>);
<a name="l01365"></a>01365 <span class="keywordflow">break</span>;
<a name="l01366"></a>01366 <span class="keywordflow">default</span>:
<a name="l01367"></a>01367 <a class="code" href="rr_8c.html#a613e90c7efbdbb3da546fe1f244023c0" title="sets the type in the rr.">ldns_rr_set_type</a>(pubkey, <a class="code" href="rr_8h.html#a640100112b0009efe3d61bbf799b33daa316efb0ac15f31b6891fa6fba833eae8">LDNS_RR_TYPE_DNSKEY</a>);
<a name="l01368"></a>01368 <span class="keywordflow">break</span>;
<a name="l01369"></a>01369 }
<a name="l01370"></a>01370 <span class="comment">/* zero-th rdf - flags */</span>
<a name="l01371"></a>01371 <a class="code" href="rr_8c.html#ab5903437318cd6ad1e4b701587c9842c" title="sets rd_field member, it will be placed in the next available spot.">ldns_rr_push_rdf</a>(pubkey,
<a name="l01372"></a>01372 <a class="code" href="rdata_8c.html#a73fc4d5c6e12d7ac79b0778f51b60e13" title="returns the rdf containing the native uint16_t representation.">ldns_native2rdf_int16</a>(<a class="code" href="rdata_8h.html#aaa92376014f0abbf0110ca6efd587bb9adef66c8791f83ba190e5f5775791e4c6" title="16 bits">LDNS_RDF_TYPE_INT16</a>,
<a name="l01373"></a>01373 <a class="code" href="keys_8c.html#ad4359824295f24c7cef57b616288947d" title="return the flag of the key">ldns_key_flags</a>(k)));
<a name="l01374"></a>01374 <span class="comment">/* first - proto */</span>
<a name="l01375"></a>01375 <a class="code" href="rr_8c.html#ab5903437318cd6ad1e4b701587c9842c" title="sets rd_field member, it will be placed in the next available spot.">ldns_rr_push_rdf</a>(pubkey,
<a name="l01376"></a>01376 <a class="code" href="rdata_8c.html#a422cc4adfa134f9325547abf15bfd925" title="returns the rdf containing the native uint8_t repr.">ldns_native2rdf_int8</a>(<a class="code" href="rdata_8h.html#aaa92376014f0abbf0110ca6efd587bb9ac18c3e598d6a7a85b8eb1d1a047ac557" title="8 bits">LDNS_RDF_TYPE_INT8</a>, <a class="code" href="dnssec_8h.html#a0204ad12a7207e2386d3bec8761f7e67">LDNS_DNSSEC_KEYPROTO</a>));
<a name="l01377"></a>01377
<a name="l01378"></a>01378 <span class="keywordflow">if</span> (<a class="code" href="keys_8c.html#ab8c7cbd30af086afa9046f059bc245c9" title="return the public key's owner">ldns_key_pubkey_owner</a>(k)) {
<a name="l01379"></a>01379 <a class="code" href="rr_8c.html#a2c7374383b168ce0d33b56f43a91c940" title="sets the owner in the rr structure.">ldns_rr_set_owner</a>(pubkey, <a class="code" href="rdata_8c.html#af9a39f2f8b749efa6a20ba91cb696961" title="clones a rdf structure.">ldns_rdf_clone</a>(<a class="code" href="keys_8c.html#ab8c7cbd30af086afa9046f059bc245c9" title="return the public key's owner">ldns_key_pubkey_owner</a>(k)));
<a name="l01380"></a>01380 }
<a name="l01381"></a>01381
<a name="l01382"></a>01382 <span class="comment">/* third - da algorithm */</span>
<a name="l01383"></a>01383 <span class="keywordflow">switch</span>(<a class="code" href="keys_8c.html#a906b7cc79acd016fb1f400aff16b9f1c" title="return the signing alg of the key">ldns_key_algorithm</a>(k)) {
<a name="l01384"></a>01384 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a92e7ccac219c462f054e00c8e6c8321b">LDNS_SIGN_RSAMD5</a>:
<a name="l01385"></a>01385 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a062ab8c29c8f73b28bbb552597975dbc">LDNS_SIGN_RSASHA1</a>:
<a name="l01386"></a>01386 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a7a8b2b416cc65f7637108b6ba35cad69">LDNS_SIGN_RSASHA1_NSEC3</a>:
<a name="l01387"></a>01387 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a9f88342b4f9ce95700a72154b6d30269">LDNS_SIGN_RSASHA256</a>:
<a name="l01388"></a>01388 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a93fc09210171fbecee85ed84ebfc7dbd">LDNS_SIGN_RSASHA512</a>:
<a name="l01389"></a>01389 <a class="code" href="rr_8c.html#ab5903437318cd6ad1e4b701587c9842c" title="sets rd_field member, it will be placed in the next available spot.">ldns_rr_push_rdf</a>(pubkey,
<a name="l01390"></a>01390 <a class="code" href="rdata_8c.html#a422cc4adfa134f9325547abf15bfd925" title="returns the rdf containing the native uint8_t repr.">ldns_native2rdf_int8</a>(<a class="code" href="rdata_8h.html#aaa92376014f0abbf0110ca6efd587bb9ae267872ec0957925bbf1d6720b93597a" title="a key algorithm">LDNS_RDF_TYPE_ALG</a>, <a class="code" href="keys_8c.html#a906b7cc79acd016fb1f400aff16b9f1c" title="return the signing alg of the key">ldns_key_algorithm</a>(k)));
<a name="l01391"></a>01391 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l01392"></a>01392 <span class="preprocessor"></span> rsa = <a class="code" href="keys_8c.html#ab6d8d9d2a11f73c09c83c6ff4cd2bb98" title="returns the (openssl) RSA struct contained in the key">ldns_key_rsa_key</a>(k);
<a name="l01393"></a>01393 <span class="keywordflow">if</span> (rsa) {
<a name="l01394"></a>01394 bin = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span>, <a class="code" href="dnssec_8h.html#a798ad176a54d51307d1c210bfe5877f6">LDNS_MAX_KEYLEN</a>);
<a name="l01395"></a>01395 <span class="keywordflow">if</span> (!bin) {
<a name="l01396"></a>01396 <a class="code" href="rr_8c.html#a277ccb85853d3c527ff3bc963cdde505" title="frees an RR structure">ldns_rr_free</a>(pubkey);
<a name="l01397"></a>01397 <span class="keywordflow">return</span> NULL;
<a name="l01398"></a>01398 }
<a name="l01399"></a>01399 <span class="keywordflow">if</span> (!ldns_key_rsa2bin(bin, rsa, &size)) {
<a name="l01400"></a>01400 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(bin);
<a name="l01401"></a>01401 <a class="code" href="rr_8c.html#a277ccb85853d3c527ff3bc963cdde505" title="frees an RR structure">ldns_rr_free</a>(pubkey);
<a name="l01402"></a>01402 <span class="keywordflow">return</span> NULL;
<a name="l01403"></a>01403 }
<a name="l01404"></a>01404 RSA_free(rsa);
<a name="l01405"></a>01405 internal_data = 1;
<a name="l01406"></a>01406 }
<a name="l01407"></a>01407 <span class="preprocessor">#endif</span>
<a name="l01408"></a>01408 <span class="preprocessor"></span> size++;
<a name="l01409"></a>01409 <span class="keywordflow">break</span>;
<a name="l01410"></a>01410 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a98ae68498fea31062b1d03a861846aa5">LDNS_SIGN_DSA</a>:
<a name="l01411"></a>01411 <a class="code" href="rr_8c.html#ab5903437318cd6ad1e4b701587c9842c" title="sets rd_field member, it will be placed in the next available spot.">ldns_rr_push_rdf</a>(pubkey,
<a name="l01412"></a>01412 <a class="code" href="rdata_8c.html#a422cc4adfa134f9325547abf15bfd925" title="returns the rdf containing the native uint8_t repr.">ldns_native2rdf_int8</a>(<a class="code" href="rdata_8h.html#aaa92376014f0abbf0110ca6efd587bb9ae267872ec0957925bbf1d6720b93597a" title="a key algorithm">LDNS_RDF_TYPE_ALG</a>, <a class="code" href="keys_8h.html#a7263c18ede33d95a849cc07f54bc5b10a50b87d8f1c4d4d1eb8dfd8881955a4f9">LDNS_DSA</a>));
<a name="l01413"></a>01413 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l01414"></a>01414 <span class="preprocessor"></span> dsa = <a class="code" href="keys_8c.html#ae3f85392da83f13ba7556373816b350d" title="returns the (openssl) DSA struct contained in the key">ldns_key_dsa_key</a>(k);
<a name="l01415"></a>01415 <span class="keywordflow">if</span> (dsa) {
<a name="l01416"></a>01416 bin = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span>, <a class="code" href="dnssec_8h.html#a798ad176a54d51307d1c210bfe5877f6">LDNS_MAX_KEYLEN</a>);
<a name="l01417"></a>01417 <span class="keywordflow">if</span> (!bin) {
<a name="l01418"></a>01418 <a class="code" href="rr_8c.html#a277ccb85853d3c527ff3bc963cdde505" title="frees an RR structure">ldns_rr_free</a>(pubkey);
<a name="l01419"></a>01419 <span class="keywordflow">return</span> NULL;
<a name="l01420"></a>01420 }
<a name="l01421"></a>01421 <span class="keywordflow">if</span> (!ldns_key_dsa2bin(bin, dsa, &size)) {
<a name="l01422"></a>01422 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(bin);
<a name="l01423"></a>01423 <a class="code" href="rr_8c.html#a277ccb85853d3c527ff3bc963cdde505" title="frees an RR structure">ldns_rr_free</a>(pubkey);
<a name="l01424"></a>01424 <span class="keywordflow">return</span> NULL;
<a name="l01425"></a>01425 }
<a name="l01426"></a>01426 DSA_free(dsa);
<a name="l01427"></a>01427 internal_data = 1;
<a name="l01428"></a>01428 }
<a name="l01429"></a>01429 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l01430"></a>01430 <span class="keywordflow">break</span>;
<a name="l01431"></a>01431 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a28624a25c45025703d05de9984c4ee4a">LDNS_SIGN_DSA_NSEC3</a>:
<a name="l01432"></a>01432 <a class="code" href="rr_8c.html#ab5903437318cd6ad1e4b701587c9842c" title="sets rd_field member, it will be placed in the next available spot.">ldns_rr_push_rdf</a>(pubkey,
<a name="l01433"></a>01433 <a class="code" href="rdata_8c.html#a422cc4adfa134f9325547abf15bfd925" title="returns the rdf containing the native uint8_t repr.">ldns_native2rdf_int8</a>(<a class="code" href="rdata_8h.html#aaa92376014f0abbf0110ca6efd587bb9ae267872ec0957925bbf1d6720b93597a" title="a key algorithm">LDNS_RDF_TYPE_ALG</a>, <a class="code" href="keys_8h.html#a7263c18ede33d95a849cc07f54bc5b10a4e557e9b993e25b374c1620dd9c426d0">LDNS_DSA_NSEC3</a>));
<a name="l01434"></a>01434 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l01435"></a>01435 <span class="preprocessor"></span> dsa = <a class="code" href="keys_8c.html#ae3f85392da83f13ba7556373816b350d" title="returns the (openssl) DSA struct contained in the key">ldns_key_dsa_key</a>(k);
<a name="l01436"></a>01436 <span class="keywordflow">if</span> (dsa) {
<a name="l01437"></a>01437 bin = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span>, <a class="code" href="dnssec_8h.html#a798ad176a54d51307d1c210bfe5877f6">LDNS_MAX_KEYLEN</a>);
<a name="l01438"></a>01438 <span class="keywordflow">if</span> (!bin) {
<a name="l01439"></a>01439 <a class="code" href="rr_8c.html#a277ccb85853d3c527ff3bc963cdde505" title="frees an RR structure">ldns_rr_free</a>(pubkey);
<a name="l01440"></a>01440 <span class="keywordflow">return</span> NULL;
<a name="l01441"></a>01441 }
<a name="l01442"></a>01442 <span class="keywordflow">if</span> (!ldns_key_dsa2bin(bin, dsa, &size)) {
<a name="l01443"></a>01443 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(bin);
<a name="l01444"></a>01444 <a class="code" href="rr_8c.html#a277ccb85853d3c527ff3bc963cdde505" title="frees an RR structure">ldns_rr_free</a>(pubkey);
<a name="l01445"></a>01445 <span class="keywordflow">return</span> NULL;
<a name="l01446"></a>01446 }
<a name="l01447"></a>01447 DSA_free(dsa);
<a name="l01448"></a>01448 internal_data = 1;
<a name="l01449"></a>01449 }
<a name="l01450"></a>01450 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l01451"></a>01451 <span class="keywordflow">break</span>;
<a name="l01452"></a>01452 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a2f5cc1330edd5c11be92509543402f98">LDNS_SIGN_ECC_GOST</a>:
<a name="l01453"></a>01453 <a class="code" href="rr_8c.html#ab5903437318cd6ad1e4b701587c9842c" title="sets rd_field member, it will be placed in the next available spot.">ldns_rr_push_rdf</a>(pubkey, <a class="code" href="rdata_8c.html#a422cc4adfa134f9325547abf15bfd925" title="returns the rdf containing the native uint8_t repr.">ldns_native2rdf_int8</a>(
<a name="l01454"></a>01454 <a class="code" href="rdata_8h.html#aaa92376014f0abbf0110ca6efd587bb9ae267872ec0957925bbf1d6720b93597a" title="a key algorithm">LDNS_RDF_TYPE_ALG</a>, <a class="code" href="keys_8c.html#a906b7cc79acd016fb1f400aff16b9f1c" title="return the signing alg of the key">ldns_key_algorithm</a>(k)));
<a name="l01455"></a>01455 <span class="preprocessor">#if defined(HAVE_SSL) && defined(USE_GOST)</span>
<a name="l01456"></a>01456 <span class="preprocessor"></span> bin = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span>, <a class="code" href="dnssec_8h.html#a798ad176a54d51307d1c210bfe5877f6">LDNS_MAX_KEYLEN</a>);
<a name="l01457"></a>01457 <span class="keywordflow">if</span> (!bin) {
<a name="l01458"></a>01458 <a class="code" href="rr_8c.html#a277ccb85853d3c527ff3bc963cdde505" title="frees an RR structure">ldns_rr_free</a>(pubkey);
<a name="l01459"></a>01459 <span class="keywordflow">return</span> NULL;
<a name="l01460"></a>01460 }
<a name="l01461"></a>01461 <span class="preprocessor">#ifndef S_SPLINT_S</span>
<a name="l01462"></a>01462 <span class="preprocessor"></span> <span class="keywordflow">if</span> (!ldns_key_gost2bin(bin, k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a>, &size)) {
<a name="l01463"></a>01463 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(bin);
<a name="l01464"></a>01464 <a class="code" href="rr_8c.html#a277ccb85853d3c527ff3bc963cdde505" title="frees an RR structure">ldns_rr_free</a>(pubkey);
<a name="l01465"></a>01465 <span class="keywordflow">return</span> NULL;
<a name="l01466"></a>01466 }
<a name="l01467"></a>01467 <span class="preprocessor">#endif </span><span class="comment">/* splint */</span>
<a name="l01468"></a>01468 internal_data = 1;
<a name="l01469"></a>01469 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL and USE_GOST */</span>
<a name="l01470"></a>01470 <span class="keywordflow">break</span>;
<a name="l01471"></a>01471 <span class="preprocessor">#ifdef USE_ECDSA</span>
<a name="l01472"></a>01472 <span class="preprocessor"></span> <span class="keywordflow">case</span> LDNS_SIGN_ECDSAP256SHA256:
<a name="l01473"></a>01473 <span class="keywordflow">case</span> LDNS_SIGN_ECDSAP384SHA384:
<a name="l01474"></a>01474 <a class="code" href="rr_8c.html#ab5903437318cd6ad1e4b701587c9842c" title="sets rd_field member, it will be placed in the next available spot.">ldns_rr_push_rdf</a>(pubkey, <a class="code" href="rdata_8c.html#a422cc4adfa134f9325547abf15bfd925" title="returns the rdf containing the native uint8_t repr.">ldns_native2rdf_int8</a>(
<a name="l01475"></a>01475 <a class="code" href="rdata_8h.html#aaa92376014f0abbf0110ca6efd587bb9ae267872ec0957925bbf1d6720b93597a" title="a key algorithm">LDNS_RDF_TYPE_ALG</a>, <a class="code" href="keys_8c.html#a906b7cc79acd016fb1f400aff16b9f1c" title="return the signing alg of the key">ldns_key_algorithm</a>(k)));
<a name="l01476"></a>01476 bin = NULL;
<a name="l01477"></a>01477 <span class="preprocessor">#ifndef S_SPLINT_S</span>
<a name="l01478"></a>01478 <span class="preprocessor"></span> ec = EVP_PKEY_get1_EC_KEY(k-><a class="code" href="structldns__struct__key.html#ad3ed8dad696362317befe6948fb87be7">_key</a>.<a class="code" href="structldns__struct__key.html#a662c8aa416a359facb8cbe2f1e37707a">key</a>);
<a name="l01479"></a>01479 <span class="preprocessor">#endif</span>
<a name="l01480"></a>01480 <span class="preprocessor"></span> EC_KEY_set_conv_form(ec, POINT_CONVERSION_UNCOMPRESSED);
<a name="l01481"></a>01481 size = (uint16_t)i2o_ECPublicKey(ec, NULL);
<a name="l01482"></a>01482 <span class="keywordflow">if</span>(!i2o_ECPublicKey(ec, &bin)) {
<a name="l01483"></a>01483 EC_KEY_free(ec);
<a name="l01484"></a>01484 <a class="code" href="rr_8c.html#a277ccb85853d3c527ff3bc963cdde505" title="frees an RR structure">ldns_rr_free</a>(pubkey);
<a name="l01485"></a>01485 <span class="keywordflow">return</span> NULL;
<a name="l01486"></a>01486 }
<a name="l01487"></a>01487 <span class="keywordflow">if</span>(size > 1) {
<a name="l01488"></a>01488 <span class="comment">/* move back one byte to shave off the 0x02</span>
<a name="l01489"></a>01489 <span class="comment"> * 'uncompressed' indicator that openssl made</span>
<a name="l01490"></a>01490 <span class="comment"> * Actually its 0x04 (from implementation).</span>
<a name="l01491"></a>01491 <span class="comment"> */</span>
<a name="l01492"></a>01492 assert(bin[0] == POINT_CONVERSION_UNCOMPRESSED);
<a name="l01493"></a>01493 size -= 1;
<a name="l01494"></a>01494 <a class="code" href="config_8h.html#a802c986820d3866639922b6bc9484f90">memmove</a>(bin, bin+1, size);
<a name="l01495"></a>01495 }
<a name="l01496"></a>01496 <span class="comment">/* down the reference count for ec, its still assigned</span>
<a name="l01497"></a>01497 <span class="comment"> * to the pkey */</span>
<a name="l01498"></a>01498 EC_KEY_free(ec);
<a name="l01499"></a>01499 internal_data = 1;
<a name="l01500"></a>01500 <span class="keywordflow">break</span>;
<a name="l01501"></a>01501 <span class="preprocessor">#endif</span>
<a name="l01502"></a>01502 <span class="preprocessor"></span> <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a90eafd9721029814659dce35a33cdede">LDNS_SIGN_HMACMD5</a>:
<a name="l01503"></a>01503 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664ab4bb484126261b3e71183a0d7ae47404">LDNS_SIGN_HMACSHA1</a>:
<a name="l01504"></a>01504 <span class="keywordflow">case</span> <a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664afec7895ef19516fe5304601d31d3f117">LDNS_SIGN_HMACSHA256</a>:
<a name="l01505"></a>01505 bin = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span>, <a class="code" href="keys_8c.html#a84da4a777c99c6e96dea4c4d6e9cb269" title="return the hmac key size">ldns_key_hmac_size</a>(k));
<a name="l01506"></a>01506 <span class="keywordflow">if</span> (!bin) {
<a name="l01507"></a>01507 <a class="code" href="rr_8c.html#a277ccb85853d3c527ff3bc963cdde505" title="frees an RR structure">ldns_rr_free</a>(pubkey);
<a name="l01508"></a>01508 <span class="keywordflow">return</span> NULL;
<a name="l01509"></a>01509 }
<a name="l01510"></a>01510 <a class="code" href="rr_8c.html#ab5903437318cd6ad1e4b701587c9842c" title="sets rd_field member, it will be placed in the next available spot.">ldns_rr_push_rdf</a>(pubkey,
<a name="l01511"></a>01511 <a class="code" href="rdata_8c.html#a422cc4adfa134f9325547abf15bfd925" title="returns the rdf containing the native uint8_t repr.">ldns_native2rdf_int8</a>(<a class="code" href="rdata_8h.html#aaa92376014f0abbf0110ca6efd587bb9ae267872ec0957925bbf1d6720b93597a" title="a key algorithm">LDNS_RDF_TYPE_ALG</a>,
<a name="l01512"></a>01512 <a class="code" href="keys_8c.html#a906b7cc79acd016fb1f400aff16b9f1c" title="return the signing alg of the key">ldns_key_algorithm</a>(k)));
<a name="l01513"></a>01513 size = <a class="code" href="keys_8c.html#a84da4a777c99c6e96dea4c4d6e9cb269" title="return the hmac key size">ldns_key_hmac_size</a>(k);
<a name="l01514"></a>01514 memcpy(bin, <a class="code" href="keys_8c.html#a4ddd291d05ea2a66c7dc8896ffb5bfd0" title="return the hmac key data">ldns_key_hmac_key</a>(k), size);
<a name="l01515"></a>01515 internal_data = 1;
<a name="l01516"></a>01516 <span class="keywordflow">break</span>;
<a name="l01517"></a>01517 }
<a name="l01518"></a>01518 <span class="comment">/* fourth the key bin material */</span>
<a name="l01519"></a>01519 <span class="keywordflow">if</span> (internal_data) {
<a name="l01520"></a>01520 keybin = <a class="code" href="rdata_8c.html#afeaa67dccf9c97ac9209776936279319" title="allocates a new rdf structure and fills it.">ldns_rdf_new_frm_data</a>(<a class="code" href="rdata_8h.html#aaa92376014f0abbf0110ca6efd587bb9a4bbe575feeed4d2e7045962b7262c180" title="b64 string">LDNS_RDF_TYPE_B64</a>, size, bin);
<a name="l01521"></a>01521 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(bin);
<a name="l01522"></a>01522 <a class="code" href="rr_8c.html#ab5903437318cd6ad1e4b701587c9842c" title="sets rd_field member, it will be placed in the next available spot.">ldns_rr_push_rdf</a>(pubkey, keybin);
<a name="l01523"></a>01523 }
<a name="l01524"></a>01524 <span class="keywordflow">return</span> pubkey;
<a name="l01525"></a>01525 }
<a name="l01526"></a>01526
<a name="l01527"></a>01527 <span class="keywordtype">void</span>
<a name="l01528"></a><a class="code" href="keys_8h.html#aa7fa8dda901db59cd5bc66d0da4c0cba">01528</a> <a class="code" href="keys_8c.html#aa7fa8dda901db59cd5bc66d0da4c0cba" title="frees a key structure, but not its internal data structures">ldns_key_free</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *key)
<a name="l01529"></a>01529 {
<a name="l01530"></a>01530 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(key);
<a name="l01531"></a>01531 }
<a name="l01532"></a>01532
<a name="l01533"></a>01533 <span class="keywordtype">void</span>
<a name="l01534"></a><a class="code" href="keys_8h.html#aeff4e77fcf3ef69fc059216305f9d85b">01534</a> <a class="code" href="keys_8c.html#aeff4e77fcf3ef69fc059216305f9d85b" title="frees a key structure and all its internal data structures, except the data set by ldns_key_set_exter...">ldns_key_deep_free</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *key)
<a name="l01535"></a>01535 {
<a name="l01536"></a>01536 <span class="keywordflow">if</span> (<a class="code" href="keys_8c.html#ab8c7cbd30af086afa9046f059bc245c9" title="return the public key's owner">ldns_key_pubkey_owner</a>(key)) {
<a name="l01537"></a>01537 <a class="code" href="rdata_8c.html#a47cb2779f76f2f6561ff8ede8e41afec" title="frees a rdf structure _and_ frees the data.">ldns_rdf_deep_free</a>(<a class="code" href="keys_8c.html#ab8c7cbd30af086afa9046f059bc245c9" title="return the public key's owner">ldns_key_pubkey_owner</a>(key));
<a name="l01538"></a>01538 }
<a name="l01539"></a>01539 <span class="preprocessor">#ifdef HAVE_SSL</span>
<a name="l01540"></a>01540 <span class="preprocessor"></span> <span class="keywordflow">if</span> (<a class="code" href="keys_8c.html#a1b18028c1c2b8bca296f099461dc747a" title="returns the (openssl) EVP struct contained in the key">ldns_key_evp_key</a>(key)) {
<a name="l01541"></a>01541 EVP_PKEY_free(<a class="code" href="keys_8c.html#a1b18028c1c2b8bca296f099461dc747a" title="returns the (openssl) EVP struct contained in the key">ldns_key_evp_key</a>(key));
<a name="l01542"></a>01542 }
<a name="l01543"></a>01543 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_SSL */</span>
<a name="l01544"></a>01544 <span class="keywordflow">if</span> (<a class="code" href="keys_8c.html#a4ddd291d05ea2a66c7dc8896ffb5bfd0" title="return the hmac key data">ldns_key_hmac_key</a>(key)) {
<a name="l01545"></a>01545 free(<a class="code" href="keys_8c.html#a4ddd291d05ea2a66c7dc8896ffb5bfd0" title="return the hmac key data">ldns_key_hmac_key</a>(key));
<a name="l01546"></a>01546 }
<a name="l01547"></a>01547 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(key);
<a name="l01548"></a>01548 }
<a name="l01549"></a>01549
<a name="l01550"></a>01550 <span class="keywordtype">void</span>
<a name="l01551"></a><a class="code" href="keys_8h.html#a11dd420fbf4a79250f1261754fbd139e">01551</a> <a class="code" href="keys_8c.html#a11dd420fbf4a79250f1261754fbd139e" title="Frees a key list structure.">ldns_key_list_free</a>(<a class="code" href="structldns__struct__key__list.html" title="Same as rr_list, but now for keys.">ldns_key_list</a> *key_list)
<a name="l01552"></a>01552 {
<a name="l01553"></a>01553 <span class="keywordtype">size_t</span> i;
<a name="l01554"></a>01554 <span class="keywordflow">for</span> (i = 0; i < <a class="code" href="keys_8c.html#ae89bbcf27c4ff67cda1369b583dec02f" title="returns the number of keys in the key list">ldns_key_list_key_count</a>(key_list); i++) {
<a name="l01555"></a>01555 <a class="code" href="keys_8c.html#aeff4e77fcf3ef69fc059216305f9d85b" title="frees a key structure and all its internal data structures, except the data set by ldns_key_set_exter...">ldns_key_deep_free</a>(<a class="code" href="keys_8c.html#afe06ede6432e59eb7ccc9d57a285060a" title="returns a pointer to the key in the list at the given position">ldns_key_list_key</a>(key_list, i));
<a name="l01556"></a>01556 }
<a name="l01557"></a>01557 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(key_list-><a class="code" href="structldns__struct__key__list.html#ae37a58c4445d1007a6514e3fe4e36320">_keys</a>);
<a name="l01558"></a>01558 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(key_list);
<a name="l01559"></a>01559 }
<a name="l01560"></a>01560
<a name="l01561"></a>01561 <a class="code" href="structldns__struct__rr.html" title="Resource Record.">ldns_rr</a> *
<a name="l01562"></a><a class="code" href="keys_8h.html#a51826a1a298436c885ab77c2afe73bdc">01562</a> <a class="code" href="keys_8c.html#a51826a1a298436c885ab77c2afe73bdc" title="Instantiates a DNSKEY or DS RR from file.">ldns_read_anchor_file</a>(<span class="keyword">const</span> <span class="keywordtype">char</span> *filename)
<a name="l01563"></a>01563 {
<a name="l01564"></a>01564 FILE *fp;
<a name="l01565"></a>01565 <span class="comment">/*char line[LDNS_MAX_PACKETLEN];*/</span>
<a name="l01566"></a>01566 <span class="keywordtype">char</span> *line = <a class="code" href="util_8h.html#aaad6949daea3c6cefd01d19300f6e21a">LDNS_XMALLOC</a>(<span class="keywordtype">char</span>, <a class="code" href="packet_8h.html#a0335fad1ab5f49839cd6c5a71e3d721b">LDNS_MAX_PACKETLEN</a>);
<a name="l01567"></a>01567 <span class="keywordtype">int</span> c;
<a name="l01568"></a>01568 <span class="keywordtype">size_t</span> i = 0;
<a name="l01569"></a>01569 <a class="code" href="structldns__struct__rr.html" title="Resource Record.">ldns_rr</a> *r;
<a name="l01570"></a>01570 <a class="code" href="error_8h.html#aaa6d98f86f535cf87b83b89e91f488f9">ldns_status</a> status;
<a name="l01571"></a>01571 <span class="keywordflow">if</span>(!line) {
<a name="l01572"></a>01572 <span class="keywordflow">return</span> NULL;
<a name="l01573"></a>01573 }
<a name="l01574"></a>01574
<a name="l01575"></a>01575 fp = fopen(filename, <span class="stringliteral">"r"</span>);
<a name="l01576"></a>01576 <span class="keywordflow">if</span> (!fp) {
<a name="l01577"></a>01577 fprintf(stderr, <span class="stringliteral">"Unable to open %s: %s\n"</span>, filename, strerror(errno));
<a name="l01578"></a>01578 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(line);
<a name="l01579"></a>01579 <span class="keywordflow">return</span> NULL;
<a name="l01580"></a>01580 }
<a name="l01581"></a>01581
<a name="l01582"></a>01582 <span class="keywordflow">while</span> ((c = fgetc(fp)) && i+1 < <a class="code" href="packet_8h.html#a0335fad1ab5f49839cd6c5a71e3d721b">LDNS_MAX_PACKETLEN</a> && c != EOF) {
<a name="l01583"></a>01583 line[i] = c;
<a name="l01584"></a>01584 i++;
<a name="l01585"></a>01585 }
<a name="l01586"></a>01586 line[i] = <span class="charliteral">'\0'</span>;
<a name="l01587"></a>01587
<a name="l01588"></a>01588 fclose(fp);
<a name="l01589"></a>01589
<a name="l01590"></a>01590 <span class="keywordflow">if</span> (i <= 0) {
<a name="l01591"></a>01591 fprintf(stderr, <span class="stringliteral">"nothing read from %s"</span>, filename);
<a name="l01592"></a>01592 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(line);
<a name="l01593"></a>01593 <span class="keywordflow">return</span> NULL;
<a name="l01594"></a>01594 } <span class="keywordflow">else</span> {
<a name="l01595"></a>01595 status = <a class="code" href="rr_8c.html#ab11ec785de833bec56e86f406e9f1f08" title="creates an rr from a string.">ldns_rr_new_frm_str</a>(&r, line, 0, NULL, NULL);
<a name="l01596"></a>01596 <span class="keywordflow">if</span> (status == <a class="code" href="error_8h.html#a11f34802bb1624af46054952e3b853afac58492ee3fc8d23f33c79824ed08c465">LDNS_STATUS_OK</a> && (<a class="code" href="rr_8c.html#a849c616b8e8d87b8c047a8b41be21228" title="returns the type of the rr.">ldns_rr_get_type</a>(r) == <a class="code" href="rr_8h.html#a640100112b0009efe3d61bbf799b33daa316efb0ac15f31b6891fa6fba833eae8">LDNS_RR_TYPE_DNSKEY</a> || <a class="code" href="rr_8c.html#a849c616b8e8d87b8c047a8b41be21228" title="returns the type of the rr.">ldns_rr_get_type</a>(r) == <a class="code" href="rr_8h.html#a640100112b0009efe3d61bbf799b33daa6014f51afd4f88ae81c2d0e8afef8894" title="draft-ietf-dnsext-delegation">LDNS_RR_TYPE_DS</a>)) {
<a name="l01597"></a>01597 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(line);
<a name="l01598"></a>01598 <span class="keywordflow">return</span> r;
<a name="l01599"></a>01599 } <span class="keywordflow">else</span> {
<a name="l01600"></a>01600 fprintf(stderr, <span class="stringliteral">"Error creating DNSKEY or DS rr from %s: %s\n"</span>, filename, <a class="code" href="error_8c.html#a4005bb78082a40de485f947470fa5017" title="look up a descriptive text by each error.">ldns_get_errorstr_by_id</a>(status));
<a name="l01601"></a>01601 <a class="code" href="util_8h.html#a5e13054aa9b3843e97514228a0bbe909">LDNS_FREE</a>(line);
<a name="l01602"></a>01602 <span class="keywordflow">return</span> NULL;
<a name="l01603"></a>01603 }
<a name="l01604"></a>01604 }
<a name="l01605"></a>01605 }
<a name="l01606"></a>01606
<a name="l01607"></a>01607 <span class="keywordtype">char</span> *
<a name="l01608"></a><a class="code" href="keys_8h.html#aae718af496f2cc9e2580faa4127d0067">01608</a> <a class="code" href="keys_8c.html#aae718af496f2cc9e2580faa4127d0067" title="Returns the 'default base name' for key files; IE.">ldns_key_get_file_base_name</a>(<a class="code" href="structldns__struct__key.html" title="General key structure, can contain all types of keys that are used in DNSSEC.">ldns_key</a> *key)
<a name="l01609"></a>01609 {
<a name="l01610"></a>01610 <a class="code" href="structldns__struct__buffer.html" title="implementation of buffers to ease operations">ldns_buffer</a> *buffer;
<a name="l01611"></a>01611 <span class="keywordtype">char</span> *file_base_name;
<a name="l01612"></a>01612
<a name="l01613"></a>01613 buffer = <a class="code" href="buffer_8c.html#ac6d413e9a76bf7e7c2022f13e36b9900" title="creates a new buffer with the specified capacity.">ldns_buffer_new</a>(255);
<a name="l01614"></a>01614 <a class="code" href="buffer_8c.html#ad0bd2ed28633df90c9c99974eaae4b5a" title="prints to the buffer, increasing the capacity if required using buffer_reserve().">ldns_buffer_printf</a>(buffer, <span class="stringliteral">"K"</span>);
<a name="l01615"></a>01615 (void)<a class="code" href="host2str_8c.html#ad7f2b2a814e252b4111f3e37f91cd446" title="Print the ldns_rdf containing a dname to the buffer.">ldns_rdf2buffer_str_dname</a>(buffer, <a class="code" href="keys_8c.html#ab8c7cbd30af086afa9046f059bc245c9" title="return the public key's owner">ldns_key_pubkey_owner</a>(key));
<a name="l01616"></a>01616 <a class="code" href="buffer_8c.html#ad0bd2ed28633df90c9c99974eaae4b5a" title="prints to the buffer, increasing the capacity if required using buffer_reserve().">ldns_buffer_printf</a>(buffer,
<a name="l01617"></a>01617 <span class="stringliteral">"+%03u+%05u"</span>,
<a name="l01618"></a>01618 <a class="code" href="keys_8c.html#a906b7cc79acd016fb1f400aff16b9f1c" title="return the signing alg of the key">ldns_key_algorithm</a>(key),
<a name="l01619"></a>01619 <a class="code" href="keys_8c.html#a8cf2ca2fc8d72b28076157beb791b347" title="return the keytag">ldns_key_keytag</a>(key));
<a name="l01620"></a>01620 file_base_name = strdup(<a class="code" href="buffer_8c.html#aedc3ca34290f5faad3cca548bb7125ab" title="Makes the buffer fixed and returns a pointer to the data.">ldns_buffer_export</a>(buffer));
<a name="l01621"></a>01621 <a class="code" href="buffer_8c.html#a1615da957ad5a24a8b5cc1ba2f2b7f44" title="frees the buffer.">ldns_buffer_free</a>(buffer);
<a name="l01622"></a>01622 <span class="keywordflow">return</span> file_base_name;
<a name="l01623"></a>01623 }
<a name="l01624"></a>01624
<a name="l01625"></a><a class="code" href="keys_8h.html#a2368ee62953bdea2620daaa9aa3db8c3">01625</a> <span class="keywordtype">int</span> <a class="code" href="keys_8c.html#a2368ee62953bdea2620daaa9aa3db8c3" title="See if a key algorithm is supported.">ldns_key_algo_supported</a>(<span class="keywordtype">int</span> algo)
<a name="l01626"></a>01626 {
<a name="l01627"></a>01627 <a class="code" href="structldns__struct__lookup__table.html" title="A general purpose lookup table.">ldns_lookup_table</a> *lt = <a class="code" href="keys_8c.html#abe875964254b61807ec7953e478db5bf">ldns_signing_algorithms</a>;
<a name="l01628"></a>01628 <span class="keywordflow">while</span>(lt-><a class="code" href="structldns__struct__lookup__table.html#a45da7ee10e4b7902018fba6dfae2396c">name</a>) {
<a name="l01629"></a>01629 <span class="keywordflow">if</span>(lt-><a class="code" href="structldns__struct__lookup__table.html#aee9c62dd48ab14350f40771c92d2f8db">id</a> == algo)
<a name="l01630"></a>01630 <span class="keywordflow">return</span> 1;
<a name="l01631"></a>01631 lt++;
<a name="l01632"></a>01632 }
<a name="l01633"></a>01633 <span class="keywordflow">return</span> 0;
<a name="l01634"></a>01634 }
<a name="l01635"></a>01635
<a name="l01636"></a><a class="code" href="keys_8h.html#a222c49989b22e5c138adb61ad62b55e4">01636</a> <a class="code" href="keys_8h.html#a760c6c6be2337ff27f2dcf5d3253549a">ldns_signing_algorithm</a> <a class="code" href="keys_8c.html#a222c49989b22e5c138adb61ad62b55e4" title="Get signing algorithm by name.">ldns_get_signing_algorithm_by_name</a>(<span class="keyword">const</span> <span class="keywordtype">char</span>* name)
<a name="l01637"></a>01637 {
<a name="l01638"></a>01638 <span class="comment">/* list of (signing algorithm id, alias_name) */</span>
<a name="l01639"></a>01639 <a class="code" href="structldns__struct__lookup__table.html" title="A general purpose lookup table.">ldns_lookup_table</a> aliases[] = {
<a name="l01640"></a>01640 <span class="comment">/* from bind dnssec-keygen */</span>
<a name="l01641"></a>01641 {<a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a90eafd9721029814659dce35a33cdede">LDNS_SIGN_HMACMD5</a>, <span class="stringliteral">"HMAC-MD5"</span>},
<a name="l01642"></a>01642 {<a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a28624a25c45025703d05de9984c4ee4a">LDNS_SIGN_DSA_NSEC3</a>, <span class="stringliteral">"NSEC3DSA"</span>},
<a name="l01643"></a>01643 {<a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a7a8b2b416cc65f7637108b6ba35cad69">LDNS_SIGN_RSASHA1_NSEC3</a>, <span class="stringliteral">"NSEC3RSASHA1"</span>},
<a name="l01644"></a>01644 <span class="comment">/* old ldns usage, now RFC names */</span>
<a name="l01645"></a>01645 {<a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a28624a25c45025703d05de9984c4ee4a">LDNS_SIGN_DSA_NSEC3</a>, <span class="stringliteral">"DSA_NSEC3"</span> },
<a name="l01646"></a>01646 {<a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a7a8b2b416cc65f7637108b6ba35cad69">LDNS_SIGN_RSASHA1_NSEC3</a>, <span class="stringliteral">"RSASHA1_NSEC3"</span> },
<a name="l01647"></a>01647 <span class="preprocessor">#ifdef USE_GOST</span>
<a name="l01648"></a>01648 <span class="preprocessor"></span> {<a class="code" href="keys_8h.html#aa9c34fead27309e4540a2c4cee3db664a2f5cc1330edd5c11be92509543402f98">LDNS_SIGN_ECC_GOST</a>, <span class="stringliteral">"GOST"</span>},
<a name="l01649"></a>01649 <span class="preprocessor">#endif</span>
<a name="l01650"></a>01650 <span class="preprocessor"></span> <span class="comment">/* compat with possible output */</span>
<a name="l01651"></a>01651 {<a class="code" href="keys_8h.html#a7263c18ede33d95a849cc07f54bc5b10a9c80e013ab6422f81bd5995312d07bf6">LDNS_DH</a>, <span class="stringliteral">"DH"</span>},
<a name="l01652"></a>01652 {<a class="code" href="keys_8h.html#a7263c18ede33d95a849cc07f54bc5b10acb69374043a01c4baded7ba3681e9f6c">LDNS_ECC</a>, <span class="stringliteral">"ECC"</span>},
<a name="l01653"></a>01653 {<a class="code" href="keys_8h.html#a7263c18ede33d95a849cc07f54bc5b10a9e4557670de89a9502b050f08a1d1a13">LDNS_INDIRECT</a>, <span class="stringliteral">"INDIRECT"</span>},
<a name="l01654"></a>01654 {<a class="code" href="keys_8h.html#a7263c18ede33d95a849cc07f54bc5b10a8b4780eac0f9db1b73c547ed63d1b4ae">LDNS_PRIVATEDNS</a>, <span class="stringliteral">"PRIVATEDNS"</span>},
<a name="l01655"></a>01655 {<a class="code" href="keys_8h.html#a7263c18ede33d95a849cc07f54bc5b10a8002ed24f6e433fa1cc884b68953d8d7">LDNS_PRIVATEOID</a>, <span class="stringliteral">"PRIVATEOID"</span>},
<a name="l01656"></a>01656 {0, NULL}};
<a name="l01657"></a>01657 <a class="code" href="structldns__struct__lookup__table.html" title="A general purpose lookup table.">ldns_lookup_table</a>* lt = <a class="code" href="keys_8c.html#abe875964254b61807ec7953e478db5bf">ldns_signing_algorithms</a>;
<a name="l01658"></a>01658 <span class="keywordflow">while</span>(lt-><a class="code" href="structldns__struct__lookup__table.html#a45da7ee10e4b7902018fba6dfae2396c">name</a>) {
<a name="l01659"></a>01659 <span class="keywordflow">if</span>(strcasecmp(lt-><a class="code" href="structldns__struct__lookup__table.html#a45da7ee10e4b7902018fba6dfae2396c">name</a>, name) == 0)
<a name="l01660"></a>01660 <span class="keywordflow">return</span> lt-><a class="code" href="structldns__struct__lookup__table.html#aee9c62dd48ab14350f40771c92d2f8db">id</a>;
<a name="l01661"></a>01661 lt++;
<a name="l01662"></a>01662 }
<a name="l01663"></a>01663 lt = aliases;
<a name="l01664"></a>01664 <span class="keywordflow">while</span>(lt-><a class="code" href="structldns__struct__lookup__table.html#a45da7ee10e4b7902018fba6dfae2396c">name</a>) {
<a name="l01665"></a>01665 <span class="keywordflow">if</span>(strcasecmp(lt-><a class="code" href="structldns__struct__lookup__table.html#a45da7ee10e4b7902018fba6dfae2396c">name</a>, name) == 0)
<a name="l01666"></a>01666 <span class="keywordflow">return</span> lt-><a class="code" href="structldns__struct__lookup__table.html#aee9c62dd48ab14350f40771c92d2f8db">id</a>;
<a name="l01667"></a>01667 lt++;
<a name="l01668"></a>01668 }
<a name="l01669"></a>01669 <span class="keywordflow">if</span>(atoi(name) != 0)
<a name="l01670"></a>01670 <span class="keywordflow">return</span> atoi(name);
<a name="l01671"></a>01671 <span class="keywordflow">return</span> 0;
<a name="l01672"></a>01672 }
</pre></div></div>
</div>
<hr class="footer"/><address class="footer"><small>Generated on Wed Jan 11 2012 for ldns by 
<a href="http://www.doxygen.org/index.html">
<img class="footer" src="doxygen.png" alt="doxygen"/></a> 1.7.4 </small></address>
</body>
</html>
