key_25.c 9.48 KB
Newer Older
1
/*
2
 * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
3
 *
4 5 6
 * This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
7 8 9
 *
 * See the COPYRIGHT file distributed with this work for additional
 * information regarding copyright ownership.
10 11
 */

12
/* RFC2535 */
13

14 15
#ifndef RDATA_GENERIC_KEY_25_C
#define RDATA_GENERIC_KEY_25_C
16

17 18
#include <dst/dst.h>

19 20
#define RRTYPE_KEY_ATTRIBUTES \
	( DNS_RDATATYPEATTR_ATCNAME | DNS_RDATATYPEATTR_ZONECUTAUTH )
21

22
static inline isc_result_t
23
generic_fromtext_key(ARGS_FROMTEXT) {
24
	isc_token_t token;
25 26 27
	dns_secalg_t alg;
	dns_secproto_t proto;
	dns_keyflags_t flags;
28

29
	UNUSED(type);
Bob Halley's avatar
Bob Halley committed
30 31
	UNUSED(rdclass);
	UNUSED(origin);
32
	UNUSED(options);
33
	UNUSED(callbacks);
34

35
	/* flags */
36
	RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string,
37
				      false));
38
	RETTOK(dns_keyflags_fromtext(&flags, &token.value.as_textregion));
39
	RETERR(uint16_tobuffer(flags, target));
40

41
	/* protocol */
42
	RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string,
43
				      false));
44
	RETTOK(dns_secproto_fromtext(&proto, &token.value.as_textregion));
45
	RETERR(mem_tobuffer(target, &proto, 1));
46

47
	/* algorithm */
48
	RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string,
49
				      false));
50
	RETTOK(dns_secalg_fromtext(&alg, &token.value.as_textregion));
51
	RETERR(mem_tobuffer(target, &alg, 1));
52

53 54
	/* No Key? */
	if ((flags & 0xc000) == 0xc000)
55
		return (ISC_R_SUCCESS);
56

57
	return (isc_base64_tobuffer(lexer, target, -2));
58 59
}

60
static inline isc_result_t
61
generic_totext_key(ARGS_TOTEXT) {
62
	isc_region_t sr;
63
	char buf[sizeof("[key id = 64000]")];
64
	unsigned int flags;
65
	unsigned char algorithm;
66 67 68
	char algbuf[DNS_NAME_FORMATSIZE];
	const char *keyinfo;
	isc_region_t tmpr;
69

70
	REQUIRE(rdata->length != 0);
71 72 73 74 75 76

	dns_rdata_toregion(rdata, &sr);

	/* flags */
	flags = uint16_fromregion(&sr);
	isc_region_consume(&sr, 2);
77
	snprintf(buf, sizeof(buf), "%u", flags);
78 79
	RETERR(str_totext(buf, target));
	RETERR(str_totext(" ", target));
80 81 82 83 84 85 86 87
	if ((flags & DNS_KEYFLAG_KSK) != 0) {
		if (flags & DNS_KEYFLAG_REVOKE)
			keyinfo = "revoked KSK";
		else
			keyinfo = "KSK";
	} else
		keyinfo = "ZSK";

88 89

	/* protocol */
90
	snprintf(buf, sizeof(buf), "%u", sr.base[0]);
91 92 93 94 95
	isc_region_consume(&sr, 1);
	RETERR(str_totext(buf, target));
	RETERR(str_totext(" ", target));

	/* algorithm */
96
	algorithm = sr.base[0];
97
	snprintf(buf, sizeof(buf), "%u", algorithm);
98 99 100 101
	isc_region_consume(&sr, 1);
	RETERR(str_totext(buf, target));

	/* No Key? */
102
	if ((flags & 0xc000) == 0xc000)
103
		return (ISC_R_SUCCESS);
104

105
	if ((tctx->flags & DNS_STYLEFLAG_RRCOMMENT) != 0 &&
106 107 108 109
	     algorithm == DNS_KEYALG_PRIVATEDNS) {
		dns_name_t name;
		dns_name_init(&name, NULL);
		dns_name_fromregion(&name, &sr);
110 111 112 113 114
		dns_name_format(&name, algbuf, sizeof(algbuf));
	} else {
		dns_secalg_format((dns_secalg_t) algorithm, algbuf,
				  sizeof(algbuf));
	}
Automatic Updater's avatar
Automatic Updater committed
115

116
	/* key */
117 118
	if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0)
		RETERR(str_totext(" (", target));
119
	RETERR(str_totext(tctx->linebreak, target));
120 121 122 123 124 125 126 127 128 129

	if ((tctx->flags & DNS_STYLEFLAG_NOCRYPTO) == 0) {
		if (tctx->width == 0)   /* No splitting */
			RETERR(isc_base64_totext(&sr, 60, "", target));
		else
			RETERR(isc_base64_totext(&sr, tctx->width - 2,
						 tctx->linebreak, target));
	} else {
		dns_rdata_toregion(rdata, &tmpr);
		snprintf(buf, sizeof(buf), "[key id = %u]",
Ondřej Surý's avatar
Ondřej Surý committed
130
			 dst_region_computeid(&tmpr));
131 132
		RETERR(str_totext(buf, target));
	}
133

134
	if ((tctx->flags & DNS_STYLEFLAG_RRCOMMENT) != 0)
135 136 137 138
		RETERR(str_totext(tctx->linebreak, target));
	else if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0)
		RETERR(str_totext(" ", target));

139
	if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0)
140
		RETERR(str_totext(")", target));
141

142
	if ((tctx->flags & DNS_STYLEFLAG_RRCOMMENT) != 0) {
143

144 145 146 147 148 149 150
		if (rdata->type == dns_rdatatype_dnskey ||
		    rdata->type == dns_rdatatype_cdnskey) {
			RETERR(str_totext(" ; ", target));
			RETERR(str_totext(keyinfo, target));
		}
		RETERR(str_totext("; alg = ", target));
		RETERR(str_totext(algbuf, target));
151 152
		RETERR(str_totext(" ; key id = ", target));
		dns_rdata_toregion(rdata, &tmpr);
153
		snprintf(buf, sizeof(buf), "%u",
Ondřej Surý's avatar
Ondřej Surý committed
154
			 dst_region_computeid(&tmpr));
155 156 157
		RETERR(str_totext(buf, target));
	}
	return (ISC_R_SUCCESS);
158 159
}

160
static inline isc_result_t
161
generic_fromwire_key(ARGS_FROMWIRE) {
162
	unsigned char algorithm;
163 164
	isc_region_t sr;

165
	UNUSED(type);
Bob Halley's avatar
Bob Halley committed
166 167
	UNUSED(rdclass);
	UNUSED(dctx);
168
	UNUSED(options);
Bob Halley's avatar
Bob Halley committed
169

170
	isc_buffer_activeregion(source, &sr);
171
	if (sr.length < 4)
172
		return (ISC_R_UNEXPECTEDEND);
173

174 175 176 177 178 179 180 181 182 183 184
	algorithm = sr.base[3];
	RETERR(mem_tobuffer(target, sr.base, 4));
	isc_region_consume(&sr, 4);
	isc_buffer_forward(source, 4);

	if (algorithm == DNS_KEYALG_PRIVATEDNS) {
		dns_name_t name;
		dns_decompress_setmethods(dctx, DNS_COMPRESS_NONE);
		dns_name_init(&name, NULL);
		RETERR(dns_name_fromwire(&name, source, dctx, options, target));
	}
185

186
	isc_buffer_activeregion(source, &sr);
187 188 189 190
	isc_buffer_forward(source, sr.length);
	return (mem_tobuffer(target, sr.base, sr.length));
}

191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217
static inline isc_result_t
fromtext_key(ARGS_FROMTEXT) {

	REQUIRE(type == dns_rdatatype_key);

	return (generic_fromtext_key(rdclass, type, lexer, origin,
				     options, target, callbacks));
}

static inline isc_result_t
totext_key(ARGS_TOTEXT) {

	REQUIRE(rdata != NULL);
	REQUIRE(rdata->type == dns_rdatatype_key);

	return (generic_totext_key(rdata, tctx, target));
}

static inline isc_result_t
fromwire_key(ARGS_FROMWIRE) {

	REQUIRE(type == dns_rdatatype_key);

	return (generic_fromwire_key(rdclass, type, source, dctx,
				     options, target));
}

218
static inline isc_result_t
David Lawrence's avatar
David Lawrence committed
219
towire_key(ARGS_TOWIRE) {
220 221
	isc_region_t sr;

222
	REQUIRE(rdata != NULL);
223
	REQUIRE(rdata->type == dns_rdatatype_key);
224
	REQUIRE(rdata->length != 0);
225

226 227
	UNUSED(cctx);

228 229 230 231
	dns_rdata_toregion(rdata, &sr);
	return (mem_tobuffer(target, sr.base, sr.length));
}

232
static inline int
David Lawrence's avatar
David Lawrence committed
233
compare_key(ARGS_COMPARE) {
234 235 236
	isc_region_t r1;
	isc_region_t r2;

237 238
	REQUIRE(rdata1 != NULL);
	REQUIRE(rdata2 != NULL);
239
	REQUIRE(rdata1->type == rdata2->type);
240
	REQUIRE(rdata1->rdclass == rdata2->rdclass);
241
	REQUIRE(rdata1->type == dns_rdatatype_key);
242 243
	REQUIRE(rdata1->length != 0);
	REQUIRE(rdata2->length != 0);
244 245 246

	dns_rdata_toregion(rdata1, &r1);
	dns_rdata_toregion(rdata2, &r2);
247
	return (isc_region_compare(&r1, &r2));
248 249
}

250
static inline isc_result_t
251
generic_fromstruct_key(ARGS_FROMSTRUCT) {
252
	dns_rdata_key_t *key = source;
Bob Halley's avatar
Bob Halley committed
253

254
	REQUIRE(key != NULL);
255 256
	REQUIRE(key->common.rdtype == type);
	REQUIRE(key->common.rdclass == rdclass);
257

258
	UNUSED(type);
259 260
	UNUSED(rdclass);

261 262 263 264 265 266 267 268 269 270
	/* Flags */
	RETERR(uint16_tobuffer(key->flags, target));

	/* Protocol */
	RETERR(uint8_tobuffer(key->protocol, target));

	/* Algorithm */
	RETERR(uint8_tobuffer(key->algorithm, target));

	/* Data */
271
	return (mem_tobuffer(target, key->data, key->datalen));
272 273
}

274
static inline isc_result_t
275
generic_tostruct_key(ARGS_TOSTRUCT) {
276
	dns_rdata_key_t *key = target;
277
	isc_region_t sr;
278

279
	REQUIRE(rdata != NULL);
280
	REQUIRE(rdata->length != 0);
281

282 283 284 285
	REQUIRE(key != NULL);
	REQUIRE(key->common.rdclass == rdata->rdclass);
	REQUIRE(key->common.rdtype == rdata->type);
	REQUIRE(!ISC_LINK_LINKED(&key->common, link));
286

287 288 289 290 291 292 293 294 295 296 297
	dns_rdata_toregion(rdata, &sr);

	/* Flags */
	if (sr.length < 2)
		return (ISC_R_UNEXPECTEDEND);
	key->flags = uint16_fromregion(&sr);
	isc_region_consume(&sr, 2);

	/* Protocol */
	if (sr.length < 1)
		return (ISC_R_UNEXPECTEDEND);
Brian Wellington's avatar
Brian Wellington committed
298
	key->protocol = uint8_fromregion(&sr);
299 300 301 302 303
	isc_region_consume(&sr, 1);

	/* Algorithm */
	if (sr.length < 1)
		return (ISC_R_UNEXPECTEDEND);
Brian Wellington's avatar
Brian Wellington committed
304
	key->algorithm = uint8_fromregion(&sr);
305 306 307 308
	isc_region_consume(&sr, 1);

	/* Data */
	key->datalen = sr.length;
309 310 311
	key->data = mem_maybedup(mctx, sr.base, key->datalen);
	if (key->data == NULL)
		return (ISC_R_NOMEMORY);
312

313
	key->mctx = mctx;
314
	return (ISC_R_SUCCESS);
315
}
316

317
static inline void
318
generic_freestruct_key(ARGS_FREESTRUCT) {
319
	dns_rdata_key_t *key = (dns_rdata_key_t *) source;
320

321
	REQUIRE(key != NULL);
322

323 324 325 326 327 328
	if (key->mctx == NULL)
		return;

	if (key->data != NULL)
		isc_mem_free(key->mctx, key->data);
	key->mctx = NULL;
329
}
330

331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363
static inline isc_result_t
fromstruct_key(ARGS_FROMSTRUCT) {

	REQUIRE(type == dns_rdatatype_key);

	return (generic_fromstruct_key(rdclass, type, source, target));
}

static inline isc_result_t
tostruct_key(ARGS_TOSTRUCT) {
	dns_rdata_key_t *key = target;

	REQUIRE(key != NULL);
	REQUIRE(rdata != NULL);
	REQUIRE(rdata->type == dns_rdatatype_key);

	key->common.rdclass = rdata->rdclass;
	key->common.rdtype = rdata->type;
	ISC_LINK_INIT(&key->common, link);

	return (generic_tostruct_key(rdata, target, mctx));
}

static inline void
freestruct_key(ARGS_FREESTRUCT) {
	dns_rdata_key_t *key = (dns_rdata_key_t *) source;

	REQUIRE(key != NULL);
	REQUIRE(key->common.rdtype == dns_rdatatype_key);

	generic_freestruct_key(source);
}

364
static inline isc_result_t
David Lawrence's avatar
David Lawrence committed
365
additionaldata_key(ARGS_ADDLDATA) {
366 367

	REQUIRE(rdata != NULL);
368
	REQUIRE(rdata->type == dns_rdatatype_key);
369

370
	UNUSED(rdata);
Bob Halley's avatar
Bob Halley committed
371 372
	UNUSED(add);
	UNUSED(arg);
373

374
	return (ISC_R_SUCCESS);
375 376
}

377
static inline isc_result_t
David Lawrence's avatar
David Lawrence committed
378
digest_key(ARGS_DIGEST) {
Bob Halley's avatar
Bob Halley committed
379 380
	isc_region_t r;

381
	REQUIRE(rdata != NULL);
382
	REQUIRE(rdata->type == dns_rdatatype_key);
Bob Halley's avatar
Bob Halley committed
383 384 385 386 387 388

	dns_rdata_toregion(rdata, &r);

	return ((digest)(arg, &r));
}

389
static inline bool
390 391
checkowner_key(ARGS_CHECKOWNER) {

392
	REQUIRE(type == dns_rdatatype_key);
393 394 395 396 397 398

	UNUSED(name);
	UNUSED(type);
	UNUSED(rdclass);
	UNUSED(wildcard);

399
	return (true);
400 401
}

402
static inline bool
403 404
checknames_key(ARGS_CHECKNAMES) {

405
	REQUIRE(rdata != NULL);
406
	REQUIRE(rdata->type == dns_rdatatype_key);
407 408 409 410 411

	UNUSED(rdata);
	UNUSED(owner);
	UNUSED(bad);

412
	return (true);
413 414
}

415 416 417 418 419
static inline int
casecompare_key(ARGS_COMPARE) {
	return (compare_key(rdata1, rdata2));
}

420
#endif	/* RDATA_GENERIC_KEY_25_C */