Commit 65c4736d authored by Brian Wellington's avatar Brian Wellington
Browse files

Added underlying DNSSEC support (dst and crypto libraries)

parent e430659a
......@@ -34,7 +34,7 @@ ISCDEPLIBS = ../../lib/isc/libisc.@A@
LIBS = @LIBS@
SUBDIRS = master names rbt
SUBDIRS = master names rbt dst
TARGETS = res_test \
lex_test \
name_test \
......
test. IN KEY 257 3 1 AQPQjwSpaVzxIgRCpiUoozUQKGh2oX8NIFKDOvtxK+tn536OZg2cROKTlgGEHXJK9YHfW/6nzQULTVpb63P+SQMmjCCidb8IYyhItixRztVeJQ==
Private-key-format: v1.2
Algorithm: 1 (RSA)
Modulus: 0I8EqWlc8SIEQqYlKKM1EChodqF/DSBSgzr7cSvrZ+d+jmYNnETik5YBhB1ySvWB31v+p80FC01aW+tz/kkDJowgonW/CGMoSLYsUc7VXiU=
PublicExponent: Aw==
PrivateExponent: iwoDG5uTS2wC1xluGxd4tXBFpGuqCMA3AidSS3Kc7++ptEQJEtiXC9kfCJMvZhGfQLaujft2OgrmkcuDVtPIbQWEENhyJhb4Lk82kFXbfus=
Prime1: /rSKuzcZY7R5cY2YWD4CiBNyj9WJMq1wWmBnb9+5M08nTl5E9NW5qQ==
Prime2: 0Z5shXQYd16E2Gs6e5WxtO0Oqlly2KkSqXohwTQWDWTb8Pw0WTZmHQ==
Exponent1: qc2x0iS7l82mS7O65X6sWrehtTkGIcj1kZWaSpUmIjTE3umDTePRGw==
Exponent2: i77zA6K6+j8DOvIm/Q52eJ4JxuZMkHC3G6bBK3gOs5iSoKgi5iREEw==
Coefficient: 3+wYZB0SJad7z2EsjzgbSlg6CawoaOvrROGSbwSiW5DCsMFROudOTw==
test. IN KEY 16641 3 3 ANp1//lqDlEfTavcFI+cyudNfgEz73V/K7fSDvkA0eDYcGg/kSvEjAEO/oLWCERltkuC55ZcM/mSv17WF1d/wR6kww/pLI9eXwkjftAYqs5sNxk+mbEGl6zwve9wq5z7IoTY5/J4l7XLCKftg/wGvrzXQhggIkRvEh3myhxd+ouILcpfvTIthWlTKiH59tSJpmgmiSMTE7nDYaf10iVRWN6DMSprgejiH05/fpmyZAt44tyAh4m1wXS5u4tam1PXDJYJozn7EfQ8e2weIv1yC+t6PHSx
Private-key-format: v1.2
Algorithm: 3 (DSA)
Prime(p): 73V/K7fSDvkA0eDYcGg/kSvEjAEO/oLWCERltkuC55ZcM/mSv17WF1d/wR6kww/pLI9eXwkjftAYqs5sNxk+mQ==
Subprime(q): 2nX/+WoOUR9Nq9wUj5zK501+ATM=
Base(g): sQaXrPC973CrnPsihNjn8niXtcsIp+2D/Aa+vNdCGCAiRG8SHebKHF36i4gtyl+9Mi2FaVMqIfn21ImmaCaJIw==
Private_value(x): Nky4tvIwg6xlcyeHXr4k2DEZg0E=
Public_value(y): ExO5w2Gn9dIlUVjegzEqa4Ho4h9Of36ZsmQLeOLcgIeJtcF0ubuLWptT1wyWCaM5+xH0PHtsHiL9cgvrejx0sQ==
# Copyright (C) 1999 Internet Software Consortium.
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
# ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
# CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
# DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
# PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
# SOFTWARE.
srcdir = @srcdir@
VPATH = @srcdir@
top_srcdir = @top_srcdir@
CINCLUDES = -I${srcdir}/../../../lib/isc/unix/include \
-I${srcdir}/../../../lib/isc/pthreads/include \
-I${srcdir}/../../../lib/isc/include \
-I${srcdir}/../../../lib/dns/include \
-I${srcdir}/../../../lib/dns/sec/dst/include \
CDEFINES =
CWARNINGS =
LIBS = ../../../lib/dns/libdns.@A@ \
../../../lib/isc/libisc.@A@ \
@LIBS@
TARGETS = dst_test
@BIND9_MAKE_RULES@
dst_test: dst_test.o
${LIBTOOL} ${CC} -o $@ dst_test.o ${LIBS}
test:
-@ ./dst_test
clean distclean::
rm -f ${TARGETS}
/*
* Copyright (C) 1999 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
* CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
*/
#include <config.h>
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <isc/assertions.h>
#include <isc/error.h>
#include <isc/boolean.h>
#include <isc/region.h>
#include <isc/mem.h>
#include <dst/dst.h>
#include <dst/result.h>
char *current, *tmp = "/tmp";
static void
use(dst_key_t *key, isc_mem_t *mctx) {
dst_result_t ret;
char *data = "This is some data";
unsigned char sig[512];
isc_buffer_t databuf, sigbuf;
isc_region_t datareg, sigreg;
isc_buffer_init(&sigbuf, sig, sizeof(sig), ISC_BUFFERTYPE_BINARY);
/* Advance 1 byte for fun */
isc_buffer_add(&sigbuf, 1);
isc_buffer_init(&databuf, data, strlen(data), ISC_BUFFERTYPE_TEXT);
isc_buffer_add(&databuf, strlen(data));
isc_buffer_used(&databuf, &datareg);
ret = dst_sign(DST_SIG_MODE_ALL, key, NULL, &datareg, &sigbuf, mctx);
printf("sign(%d) returned: %s\n", dst_key_alg(key),
dst_result_totext(ret));
isc_buffer_forward(&sigbuf, 1);
isc_buffer_remaining(&sigbuf, &sigreg);
ret = dst_verify(DST_SIG_MODE_ALL, key, NULL, &datareg, &sigreg, mctx);
printf("verify(%d) returned: %s\n", dst_key_alg(key),
dst_result_totext(ret));
}
static void
io(char *name, int id, int alg, int type, isc_mem_t *mctx) {
dst_key_t *key;
dst_result_t ret;
chdir(current);
ret = dst_key_fromfile(name, id, alg, type, mctx, &key);
printf("read(%d) returned: %s\n", alg, dst_result_totext(ret));
if (ret != 0)
return;
chdir(tmp);
ret = dst_key_tofile(key, type);
printf("write(%d) returned: %s\n", alg, dst_result_totext(ret));
if (ret != 0)
return;
use(key, mctx);
dst_key_free(key, mctx);
}
static void
generate(int alg, isc_mem_t *mctx) {
dst_result_t ret;
dst_key_t *key;
ret = dst_key_generate("test.", alg, 512, 0, 0, 0, mctx, &key);
printf("generate(%d) returned: %s\n", alg, dst_result_totext(ret));
use(key, mctx);
dst_key_free(key, mctx);
}
static void
get_random() {
unsigned char data[25];
isc_buffer_t databuf;
dst_result_t ret;
unsigned int i;
isc_buffer_init(&databuf, data, sizeof data, ISC_BUFFERTYPE_BINARY);
ret = dst_random(sizeof(data), &databuf);
printf("random() returned: %s\n", dst_result_totext(ret));
for (i = 0; i < sizeof data; i++)
printf("%02x ", data[i]);
printf("\n");
}
int
main() {
isc_mem_t *mctx = NULL;
isc_mem_create(0, 0, &mctx);
current = isc_mem_get(mctx, 256);
getcwd(current, 256);
io("test.", 6204, DST_ALG_DSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC, mctx);
io("test.", 54622, DST_ALG_RSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC, mctx);
io("test.", 0, DST_ALG_DSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC, mctx);
io("test.", 0, DST_ALG_RSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC, mctx);
generate(DST_ALG_RSA, mctx);
generate(DST_ALG_DSA, mctx);
generate(DST_ALG_HMAC_MD5, mctx);
get_random();
isc_mem_put(mctx, current, 256);
/* isc_mem_stats(mctx, stdout);*/
isc_mem_destroy(&mctx);
exit(0);
}
......@@ -2850,6 +2850,14 @@ trap 'rm -fr `echo "make/rules
lib/dns/Makefile
lib/dns/include/Makefile
lib/dns/include/dns/Makefile
lib/dns/sec/Makefile
lib/dns/sec/openssl/Makefile
lib/dns/sec/openssl/include/Makefile
lib/dns/sec/openssl/include/openssl/Makefile
lib/dns/sec/dnssafe/Makefile
lib/dns/sec/dst/Makefile
lib/dns/sec/dst/include/Makefile
lib/dns/sec/dst/include/dst/Makefile
lib/tests/Makefile
lib/tests/include/Makefile
lib/tests/include/tests/Makefile
......@@ -2859,6 +2867,7 @@ trap 'rm -fr `echo "make/rules
bin/tests/names/Makefile
bin/tests/master/Makefile
bin/tests/rbt/Makefile
bin/tests/dst/Makefile
config.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15
EOF
cat >> $CONFIG_STATUS <<EOF
......@@ -2991,6 +3000,14 @@ CONFIG_FILES=\${CONFIG_FILES-"make/rules
lib/dns/Makefile
lib/dns/include/Makefile
lib/dns/include/dns/Makefile
lib/dns/sec/Makefile
lib/dns/sec/openssl/Makefile
lib/dns/sec/openssl/include/Makefile
lib/dns/sec/openssl/include/openssl/Makefile
lib/dns/sec/dnssafe/Makefile
lib/dns/sec/dst/Makefile
lib/dns/sec/dst/include/Makefile
lib/dns/sec/dst/include/dst/Makefile
lib/tests/Makefile
lib/tests/include/Makefile
lib/tests/include/tests/Makefile
......@@ -3000,6 +3017,7 @@ CONFIG_FILES=\${CONFIG_FILES-"make/rules
bin/tests/names/Makefile
bin/tests/master/Makefile
bin/tests/rbt/Makefile
bin/tests/dst/Makefile
"}
EOF
cat >> $CONFIG_STATUS <<\EOF
......
......@@ -13,7 +13,7 @@ dnl PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
dnl ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
dnl SOFTWARE.
AC_REVISION($Revision: 1.36 $)
AC_REVISION($Revision: 1.37 $)
AC_PREREQ(2.13)
......@@ -357,6 +357,14 @@ AC_OUTPUT(
lib/dns/Makefile
lib/dns/include/Makefile
lib/dns/include/dns/Makefile
lib/dns/sec/Makefile
lib/dns/sec/openssl/Makefile
lib/dns/sec/openssl/include/Makefile
lib/dns/sec/openssl/include/openssl/Makefile
lib/dns/sec/dnssafe/Makefile
lib/dns/sec/dst/Makefile
lib/dns/sec/dst/include/Makefile
lib/dns/sec/dst/include/dst/Makefile
lib/tests/Makefile
lib/tests/include/Makefile
lib/tests/include/tests/Makefile
......@@ -366,4 +374,5 @@ AC_OUTPUT(
bin/tests/names/Makefile
bin/tests/master/Makefile
bin/tests/rbt/Makefile
bin/tests/dst/Makefile
)
......@@ -35,19 +35,90 @@ CWARNINGS =
LIBS = @LIBS@
# Alphabetically
DSTOBJS = sec/dst/bsafe_link.@O@ sec/dst/dst_api.@O@ \
sec/dst/dst_parse.@O@ sec/dst/hmac_link.@O@ \
sec/dst/openssl_link.@O@ sec/dst/dst_result.@O@ \
sec/dst/dst_support.@O@ sec/dst/dst_lib.@O@
OPENSSLOBJS = sec/openssl/bn_add.@O@ sec/openssl/bn_asm.@O@ \
sec/openssl/bn_comba.@O@ sec/openssl/bn_div.@O@ \
sec/openssl/bn_err.@O@ sec/openssl/bn_exp.@O@ \
sec/openssl/bn_exp2.@O@ sec/openssl/bn_gcd.@O@ \
sec/openssl/bn_lib.@O@ sec/openssl/bn_m.@O@ \
sec/openssl/bn_mont.@O@ sec/openssl/bn_mul.@O@ \
sec/openssl/bn_prime.@O@ sec/openssl/bn_rand.@O@ \
sec/openssl/bn_recp.@O@ sec/openssl/bn_shift.@O@ \
sec/openssl/bn_sqr.@O@ sec/openssl/bn_word.@O@ \
sec/openssl/buffer.@O@ sec/openssl/cryptlib.@O@ \
sec/openssl/dsa_asn1.@O@ sec/openssl/dsa_err.@O@ \
sec/openssl/dsa_gen.@O@ sec/openssl/dsa_key.@O@ \
sec/openssl/dsa_lib.@O@ sec/openssl/dsa_sign.@O@ \
sec/openssl/dsa_vrf.@O@ sec/openssl/err.@O@ \
sec/openssl/lhash.@O@ sec/openssl/md_rand.@O@ \
sec/openssl/md5_dgst.@O@ sec/openssl/mem.@O@ \
sec/openssl/rand_lib.@O@ sec/openssl/sha1_one.@O@ \
sec/openssl/sha1dgst.@O@ sec/openssl/stack.@O@ \
sec/openssl/th-lock.@O@
DNSSAFEOBJS = sec/dnssafe/ahchdig.@O@ sec/dnssafe/ahchencr.@O@ \
sec/dnssafe/ahchgen.@O@ sec/dnssafe/ahchrand.@O@ \
sec/dnssafe/ahdigest.@O@ sec/dnssafe/ahencryp.@O@ \
sec/dnssafe/ahgen.@O@ sec/dnssafe/ahrandom.@O@ \
sec/dnssafe/ahrsaenc.@O@ sec/dnssafe/ahrsaepr.@O@ \
sec/dnssafe/ahrsaepu.@O@ sec/dnssafe/aichdig.@O@ \
sec/dnssafe/aichenc8.@O@ sec/dnssafe/aichencn.@O@ \
sec/dnssafe/aichencr.@O@ sec/dnssafe/aichgen.@O@ \
sec/dnssafe/aichrand.@O@ sec/dnssafe/aimd5.@O@ \
sec/dnssafe/aimd5ran.@O@ sec/dnssafe/ainfotyp.@O@ \
sec/dnssafe/ainull.@O@ sec/dnssafe/airsaepr.@O@ \
sec/dnssafe/airsaepu.@O@ sec/dnssafe/airsakgn.@O@ \
sec/dnssafe/airsaprv.@O@ sec/dnssafe/airsapub.@O@ \
sec/dnssafe/algchoic.@O@ sec/dnssafe/algobj.@O@ \
sec/dnssafe/amcrte.@O@ sec/dnssafe/ammd5.@O@ \
sec/dnssafe/ammd5r.@O@ sec/dnssafe/amrkg.@O@ \
sec/dnssafe/amrsae.@O@ \
sec/dnssafe/balg.@O@ sec/dnssafe/bgclrbit.@O@ \
sec/dnssafe/bgmdmpyx.@O@ sec/dnssafe/bgmdsqx.@O@ \
sec/dnssafe/bgmodexp.@O@ sec/dnssafe/bgpegcd.@O@ \
sec/dnssafe/big2exp.@O@ sec/dnssafe/bigabs.@O@ \
sec/dnssafe/bigacc.@O@ sec/dnssafe/bigarith.@O@ \
sec/dnssafe/bigcmp.@O@ sec/dnssafe/bigconst.@O@ \
sec/dnssafe/biginv.@O@ sec/dnssafe/biglen.@O@ \
sec/dnssafe/bigmodx.@O@ sec/dnssafe/bigmpy.@O@ \
sec/dnssafe/bigpdiv.@O@ sec/dnssafe/bigpmpy.@O@ \
sec/dnssafe/bigpmpyh.@O@ sec/dnssafe/bigpmpyl.@O@ \
sec/dnssafe/bigpsq.@O@ sec/dnssafe/bigqrx.@O@ \
sec/dnssafe/bigsmod.@O@ sec/dnssafe/bigtocan.@O@ \
sec/dnssafe/bigu.@O@ sec/dnssafe/bigunexp.@O@ \
sec/dnssafe/binfocsh.@O@ sec/dnssafe/bkey.@O@ \
sec/dnssafe/bmempool.@O@ sec/dnssafe/cantobig.@O@ \
sec/dnssafe/crt2.@O@ sec/dnssafe/digest.@O@ \
sec/dnssafe/digrand.@O@ sec/dnssafe/encrypt.@O@ \
sec/dnssafe/generate.@O@ sec/dnssafe/intbits.@O@ \
sec/dnssafe/intitem.@O@ sec/dnssafe/keyobj.@O@ \
sec/dnssafe/ki8byte.@O@ sec/dnssafe/kiitem.@O@ \
sec/dnssafe/kinfotyp.@O@ sec/dnssafe/kifulprv.@O@ \
sec/dnssafe/kipkcrpr.@O@ sec/dnssafe/kirsacrt.@O@ \
sec/dnssafe/kirsapub.@O@ sec/dnssafe/md5.@O@ \
sec/dnssafe/md5rand.@O@ sec/dnssafe/prime.@O@ \
sec/dnssafe/random.@O@ sec/dnssafe/rsa.@O@ \
sec/dnssafe/rsakeygn.@O@ sec/dnssafe/seccbcd.@O@ \
sec/dnssafe/seccbce.@O@ sec/dnssafe/surrendr.@O@
OBJS = callbacks.@O@ compress.@O@ db.@O@ dbiterator.@O@ \
dbtable.@O@ dispatch.@O@ lib.@O@ master.@O@ message.@O@ \
name.@O@ rbt.@O@ rbtdb.@O@ rbtdb64.@O@ rdata.@O@ \
rdatalist.@O@ rdataset.@O@ rdatasetiter.@O@ rdataslab.@O@ \
resolver.@O@ result.@O@ version.@O@ masterdump.@O@ time.@O@ \
ttl.@O@ tcpmsg.@O@
ttl.@O@ tcpmsg.@O@ \
${DSTOBJS} ${OPENSSLOBJS} ${DNSSAFEOBJS}
OSRC = callbacks.c compress.c db.c dbiterator.c dbtable.c dispatch.c \
lib.c master.c name.c rbt.c rbtdb.c rbtdb64.c \
rdata.c rdatalist.c rdataset.c rdatasetiter.c rdataslab.c \
resolver.c result.c version.c masterdump.c time.c ttl.c
SUBDIRS = include
SUBDIRS = include sec
TARGETS = include/dns/enumtype.h include/dns/enumclass.h \
include/dns/rdatastruct.h timestamp
......@@ -87,6 +158,8 @@ clean distclean::
rm -f gen code.h include/dns/enumtype.h include/dns/enumclass.h
rm -f include/dns/rdatastruct.h
sec: include/dns/enumtype.h include/dns/enumclass.h include/dns/rdatastruct.h
rdata.@O@: code.h
include/dns/enumtype.h: gen
......
......@@ -20,11 +20,11 @@ top_srcdir = @top_srcdir@
@BIND9_VERSION@
HEADERS = callbacks.h cert.h compress.h db.h dbiterator.h dbtable.h \
events.h dispatch.h events.h fixedname.h lib.h master.h \
masterdump.h message.h name.h rbt.h rcode.h rdata.h \
rdataclass.h rdatalist.h rdataset.h rdatasetiter.h \
rdataslab.h rdatatype.h result.h secalg.h tcpmsg.h time.h \
ttl.h types.h
events.h dispatch.h events.h fixedname.h keyvalues.h \
lib.h master.h masterdump.h message.h name.h rbt.h \
rcode.h rdata.h rdataclass.h rdatalist.h rdataset.h \
rdatasetiter.h rdataslab.h rdatatype.h result.h \
secalg.h tcpmsg.h time.h ttl.h types.h
GENHEADERS = enumclass.h enumtype.h rdatastruct.h
SUBDIRS =
......
#ifndef DNS_KEYVALUES_H
#define DNS_KEYVALUES_H 1
ISC_LANG_BEGINDECLS
/*
* Flags field of the KEY RR rdata
*/
#define NS_KEY_TYPEMASK 0xC000 /* Mask for "type" bits */
#define NS_KEY_TYPE_AUTH_CONF 0x0000 /* Key usable for both */
#define NS_KEY_TYPE_CONF_ONLY 0x8000 /* Key usable for confidentiality */
#define NS_KEY_TYPE_AUTH_ONLY 0x4000 /* Key usable for authentication */
#define NS_KEY_TYPE_NO_KEY 0xC000 /* No key usable for either; no key */
/* The type bits can also be interpreted independently, as single bits: */
#define NS_KEY_NO_AUTH 0x8000 /* Key unusable for authentication */
#define NS_KEY_NO_CONF 0x4000 /* Key unusable for confidentiality */
#define NS_KEY_RESERVED2 0x2000 /* Security is *mandatory* if bit=0 */
#define NS_KEY_EXTENDED_FLAGS 0x1000 /* reserved - must be zero */
#define NS_KEY_RESERVED4 0x0800 /* reserved - must be zero */
#define NS_KEY_RESERVED5 0x0400 /* reserved - must be zero */
#define NS_KEY_NAME_TYPE 0x0300 /* these bits determine the type */
#define NS_KEY_NAME_USER 0x0000 /* key is assoc. with user */
#define NS_KEY_NAME_ENTITY 0x0200 /* key is assoc. with entity eg host */
#define NS_KEY_NAME_ZONE 0x0100 /* key is zone key */
#define NS_KEY_NAME_RESERVED 0x0300 /* reserved meaning */
#define NS_KEY_RESERVED8 0x0080 /* reserved - must be zero */
#define NS_KEY_RESERVED9 0x0040 /* reserved - must be zero */
#define NS_KEY_RESERVED10 0x0020 /* reserved - must be zero */
#define NS_KEY_RESERVED11 0x0010 /* reserved - must be zero */
#define NS_KEY_SIGNATORYMASK 0x000F /* key can sign RR's of same name */
#define NS_KEY_RESERVED_BITMASK ( NS_KEY_RESERVED2 | \
NS_KEY_RESERVED4 | \
NS_KEY_RESERVED5 | \
NS_KEY_RESERVED8 | \
NS_KEY_RESERVED9 | \
NS_KEY_RESERVED10 | \
NS_KEY_RESERVED11 )
#define NS_KEY_RESERVED_BITMASK2 0xFFFF /* no bits defined here */
/* The Algorithm field of the KEY and SIG RR's is an integer, {1..254} */
#define NS_ALG_MD5RSA 1 /* MD5 with RSA */
#define NS_ALG_DH 2 /* Diffie Hellman KEY */
#define NS_ALG_DSA 3 /* DSA KEY */
#define NS_ALG_DSS NS_ALG_DSA
#define NS_ALG_EXPIRE_ONLY 253 /* No alg, no security */
#define NS_ALG_PRIVATE_OID 254 /* Key begins with OID giving alg */
/* Protocol values */
/* value 0 is reserved */
#define NS_KEY_PROT_TLS 1
#define NS_KEY_PROT_EMAIL 2
#define NS_KEY_PROT_DNSSEC 3
#define NS_KEY_PROT_IPSEC 4
#define NS_KEY_PROT_ANY 255
/* Signatures */
#define NS_MD5RSA_MIN_BITS 512 /* Size of a mod or exp in bits */
#define NS_MD5RSA_MAX_BITS 2552
/* Total of binary mod and exp */
#define NS_MD5RSA_MAX_BYTES ((NS_MD5RSA_MAX_BITS+7/8)*2+3)
/* Max length of text sig block */
#define NS_MD5RSA_MAX_BASE64 (((NS_MD5RSA_MAX_BYTES+2)/3)*4)
#define NS_MD5RSA_MIN_SIZE ((NS_MD5RSA_MIN_BITS+7)/8)
#define NS_MD5RSA_MAX_SIZE ((NS_MD5RSA_MAX_BITS+7)/8)
#define NS_DSA_SIG_SIZE 41
#define NS_DSA_MIN_BITS 512
#define NS_DSA_MAX_BITS 1024
#define NS_DSA_MIN_BYTES 213
#define NS_DSA_MAX_BYTES 405
ISC_LANG_ENDDECLS
#endif /* DNS_KEYVALUES_H */
......@@ -64,6 +64,7 @@ typedef struct dns_forwarders dns_forwarders_t;
typedef isc_uint16_t dns_messageid_t;
typedef isc_uint16_t dns_trust_t;
typedef struct dns_dispatch dns_dispatch_t;
typedef struct dns_tsig_key dns_tsig_key_t;
typedef enum {
dns_labeltype_ordinary = 0,
......
# Copyright (C) 1998 Internet Software Consortium.
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
# ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
# CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
# DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
# PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
# SOFTWARE.
srcdir = @srcdir@
VPATH = @srcdir@
top_srcdir = @top_srcdir@
SUBDIRS = dnssafe dst openssl
TARGETS =
@BIND9_MAKE_RULES@
# Copyright (C) 1998, 1999 Internet Software Consortium.
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
# ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
# CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
# DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
# PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
# SOFTWARE.
srcdir = @srcdir@
VPATH = @srcdir@
top_srcdir = @top_srcdir@
@BIND9_VERSION@
@LIBDNS_API@
CINCLUDES = -I${srcdir}/../../../isc/unix/include \
-I${srcdir}/../../../isc/pthreads/include \
-I${srcdir}/../../../isc/include \
-I${srcdir}/include \
-I${srcdir} \
-I./include \
-I.
CDEFINES =
CWARNINGS =
LIBS = @LIBS@
# Alphabetically
OBJS = ahchdig.@O@ ahchencr.@O@ ahchgen.@O@ ahchrand.@O@ \
ahdigest.@O@ ahencryp.@O@ ahgen.@O@ ahrandom.@O@ \
ahrsaenc.@O@ ahrsaepr.@O@ ahrsaepu.@O@ aichdig.@O@ \
aichenc8.@O@ aichencn.@O@ aichencr.@O@ aichgen.@O@ \
aichrand.@O@ aimd5.@O@ aimd5ran.@O@ ainfotyp.@O@ \
ainull.@O@ airsaepr.@O@ airsaepu.@O@ airsakgn.@O@ \
airsaprv.@O@ airsapub.@O@ algchoic.@O@ algobj.@O@ \
amcrte.@O@ ammd5.@O@ ammd5r.@O@ amrkg.@O@ amrsae.@O@ \
balg.@O@ bgclrbit.@O@ bgmdmpyx.@O@ bgmdsqx.@O@ \
bgmodexp.@O@ bgpegcd.@O@ big2exp.@O@ bigabs.@O@ \
bigacc.@O@ bigarith.@O@ bigcmp.@O@ bigconst.@O@ \
biginv.@O@ biglen.@O@ bigmodx.@O@ bigmpy.@O@ \
bigpdiv.@O@ bigpmpy.@O@ bigpmpyh.@O@ bigpmpyl.@O@ \
bigpsq.@O@ bigqrx.@O@ bigsmod.@O@ bigtocan.@O@ \
bigu.@O@ bigunexp.@O@ binfocsh.@O@ bkey.@O@ \
bmempool.@O@ cantobig.@O@ crt2.@O@ digest.@O@ \
digrand.@O@ encrypt.@O@ generate.@O@ intbits.@O@ \
intitem.@O@ keyobj.@O@ ki8byte.@O@ kiitem.@O@ \
kinfotyp.@O@ kifulprv.@O@ kipkcrpr.@O@ kirsacrt.@O@ \
kirsapub.@O@ md5.@O@ md5rand.@O@ prime.@O@ random.@O@ \
rsa.@O@ rsakeygn.@O@ seccbcd.@O@ seccbce.@O@ surrendr.@O@
SUBDIRS =
TARGETS = ${OBJS}
@BIND9_MAKE_RULES@
/* Copyright (C) RSA Data Security, Inc. created 1993, 1996. This is an
unpublished work protected as such under copyright law. This work
contains proprietary, confidential, and trade secret information of
RSA Data Security, Inc. Use, disclosure or reproduction without the
express written authorization of RSA Data Security, Inc. is
prohibited.
*/
/* Define this so that the type of the 'this' pointer in the
virtual functions will be correct for this derived class.
*/
struct AHSecretCBCPad;
#define THIS_ENCRYPT_DECRYPT struct AHSecretCBCPad
#include "global.h"
#include "bsafe2.h"
#include "bkey.h"
#include "balg.h"
#include "ahcbcpad.h"
#define GENERATE_BREAK(type) { \
status = type; \
break; \
}
/* Inherit the base class destructor, block size,
and decrypt init and update routines.
*/
static AHEncryptDecryptVTable V_TABLE = {
AHChooseEncryptDestructor, AHChooseEncryptGetBlockLen,
AHSecretCBCPadEncryptInit, AHChooseEncryptDecryptInit,
AHSecretCBCPadEncryptUpdate, AHChooseEncryptDecryptUpdate,
AHSecretCBCPadEncryptFinal, AHSecretCBCPadDecryptFinal
};
AHSecretCBCPad *AHSecretCBCPadConstructor2 (handler, infoType, info)
AHSecretCBCPad *