Export dst_key_buildfilename and make various dst functions call it.

94a7e858 · Brian Wellington · c5c3b17a · 94a7e858 · 94a7e858 · 94a7e858
Commit 94a7e858 authored May 15, 2000 by Brian Wellington
--- a/lib/dns/sec/dst/bsafe_link.c
+++ b/lib/dns/sec/dst/bsafe_link.c
@@ -19,7 +19,7 @@

 /*
 * Principal Author: Brian Wellington
- * $Id: bsafe_link.c,v 1.17 2000/05/13 19:28:15 tale Exp $
+ * $Id: bsafe_link.c,v 1.18 2000/05/15 21:02:27 bwelling Exp $
 */

 #if defined(BSAFE) || defined(DNSSAFE)
@@ -592,8 +592,7 @@ dst_bsafe_to_file(const dst_key_t *key) {
 	priv.elements[cnt++].length = private->coefficient.len;

 	priv.nelements = cnt;
-	return (dst_s_write_private_key_file(key->key_name, key->key_alg,
-					     key->key_id, &priv));
+	return (dst_s_write_private_key_file(key, &priv));
 }


@@ -624,8 +623,7 @@ dst_bsafe_from_file(dst_key_t *key, const isc_uint16_t id, isc_mem_t *mctx) {
 	/*
 	 * Read private key file.
 	 */
-	ret = dst_s_parse_private_key_file(key->key_name, key->key_alg, 
-					   id, &priv, mctx);
+	ret = dst_s_parse_private_key_file(key, &priv, mctx);
 	if (ret != ISC_R_SUCCESS)
 		return (ret);
 	/*

--- a/lib/dns/sec/dst/dst_api.c
+++ b/lib/dns/sec/dst/dst_api.c
@@ -19,11 +19,12 @@

 /*
 * Principal Author: Brian Wellington
- * $Id: dst_api.c,v 1.34 2000/05/11 02:11:44 gson Exp $
+ * $Id: dst_api.c,v 1.35 2000/05/15 21:02:28 bwelling Exp $
 */

 #include <config.h>

+#include <isc/buffer.h>
 #include <isc/dir.h>
 #include <isc/lex.h>
 #include <isc/mem.h>
@@ -743,6 +744,35 @@ dst_key_isnullkey(const dst_key_t *key) {
 	return (ISC_TRUE);
 }

+isc_result_t
+dst_key_buildfilename(const dst_key_t *key, const int type, isc_buffer_t *out) {
+	char *suffix;
+	unsigned int namelen;
+	isc_region_t r;
+
+	REQUIRE(VALID_KEY(key));
+	REQUIRE(type == DST_TYPE_PRIVATE || type == DST_TYPE_PUBLIC ||
+		type == 0);
+	REQUIRE(out != NULL);
+	if (type == 0)
+		suffix = "";
+	else if (type == DST_TYPE_PRIVATE)
+		suffix = ".private";
+	else
+		suffix = ".key";
+	namelen =  1 + strlen(key->key_name) + 1 + 3 + 1 + 5 + 1 +
+		   strlen(suffix);
+	isc_buffer_availableregion(out, &r);
+	if (namelen >= r.length)
+		return (ISC_R_NOSPACE);
+	if (namelen >= ISC_DIR_NAMEMAX)
+		return (ISC_R_INVALIDFILE);
+	sprintf((char *) r.base, "K%s+%03d+%05d%s", key->key_name,
+		key->key_alg, key->key_id, suffix);
+	isc_buffer_add(out, namelen);
+	return (ISC_R_SUCCESS);
+}
+
 /*
 * dst_sig_size
 *	Computes the maximum size of a signature generated by the given key
@@ -967,7 +997,7 @@ get_key_struct(const char *name, const int alg, const int flags,

 static isc_result_t
 read_public_key(const char *name, const isc_uint16_t id, int alg,
-		      isc_mem_t *mctx, dst_key_t **keyp)
+		isc_mem_t *mctx, dst_key_t **keyp)
 {
 	char filename[ISC_DIR_NAMEMAX];
 	u_char rdatabuf[DST_KEY_MAXSIZE];
@@ -977,10 +1007,17 @@ read_public_key(const char *name, const isc_uint16_t id, int alg,
 	isc_result_t ret;
 	dns_rdata_t rdata;
 	unsigned int opt = ISC_LEXOPT_DNSMULTILINE;
+	dst_key_t *tempkey;

-	if (dst_s_build_filename(filename, name, id, alg, PUBLIC_KEY,
-				 sizeof(filename)) != ISC_R_SUCCESS)
-		return (DST_R_NAMETOOLONG);
+	tempkey = get_key_struct(name, alg, 0, 0, 0, mctx);
+	if (tempkey == NULL)
+		return (ISC_R_NOMEMORY);
+	tempkey->key_id = id;
+	isc_buffer_init(&b, filename, sizeof(filename));
+	ret = dst_key_buildfilename(tempkey, DST_TYPE_PUBLIC, &b);
+	dst_key_free(tempkey);
+	if (ret != ISC_R_SUCCESS)
+		return (ret);

 	/*
 	 * Open the file and read its formatted contents
@@ -1070,7 +1107,7 @@ cleanup:
 static isc_result_t
 write_public_key(const dst_key_t *key) {
 	FILE *fp;
-	isc_buffer_t keyb, textb;
+	isc_buffer_t keyb, textb, fileb;
 	isc_region_t r;
 	char filename[ISC_DIR_NAMEMAX];
 	unsigned char key_array[DST_KEY_MAXSIZE];
@@ -1102,10 +1139,10 @@ write_public_key(const dst_key_t *key) {
 	/*
 	 * Make the filename.
 	 */
-	if (dst_s_build_filename(filename,
-				 key->key_name, key->key_id, key->key_alg,
-				 PUBLIC_KEY, sizeof(filename)) < 0)
-		return (DST_R_NAMETOOLONG);
+	isc_buffer_init(&fileb, filename, sizeof(filename));
+	ret = dst_key_buildfilename(key, DST_TYPE_PUBLIC, &fileb);
+	if (ret != ISC_R_SUCCESS)
+		return (ret);

 	/*
 	 * Create public key file.

--- a/lib/dns/sec/dst/dst_internal.h
+++ b/lib/dns/sec/dst/dst_internal.h
@@ -85,12 +85,6 @@ struct dst_func {

 extern dst_func *dst_t_func[DST_MAX_ALGS];

-/*
- * Suffixes for key file names.
- */
-#define PRIVATE_KEY		"private"
-#define PUBLIC_KEY		"key"
-
 #ifndef DST_HASH_SIZE
 #define DST_HASH_SIZE 20	/* RIPEMD160 & SHA-1 are 20 bytes, MD5 is 16 */
 #endif
@@ -111,9 +105,6 @@ int
 dst_s_calculate_bits(const unsigned char *str, const int max_bits); 
 isc_uint16_t
 dst_s_id_calc(const unsigned char *key, const int keysize);
-int
-dst_s_build_filename(char *filename, const char *name, isc_uint16_t id,
-		     int alg, const char *suffix, size_t filename_length);

 /*
 * Digest functions.

--- a/lib/dns/sec/dst/dst_parse.c
+++ b/lib/dns/sec/dst/dst_parse.c
@@ -19,7 +19,7 @@

 /*
 * Principal Author: Brian Wellington
- * $Id: dst_parse.c,v 1.13 2000/05/13 19:30:19 tale Exp $
+ * $Id: dst_parse.c,v 1.14 2000/05/15 21:02:32 bwelling Exp $
 */

 #include <config.h>
@@ -187,8 +187,7 @@ dst_s_free_private_structure_fields(dst_private_t *priv, isc_mem_t *mctx) {
 }

 int
-dst_s_parse_private_key_file(const char *name, const int alg,
-			     const isc_uint16_t id, dst_private_t *priv,
+dst_s_parse_private_key_file(const dst_key_t *key, dst_private_t *priv,
 			     isc_mem_t *mctx)
 {
 	char filename[ISC_DIR_NAMEMAX];
@@ -203,10 +202,10 @@ dst_s_parse_private_key_file(const char *name, const int alg,

 	priv->nelements = 0;

-	ret = dst_s_build_filename(filename, name, id, alg, PRIVATE_KEY,
-				   sizeof(filename));
-	if (ret < 0)
-		return (DST_R_NAMETOOLONG);
+	isc_buffer_init(&b, filename, sizeof(filename));
+	ret = dst_key_buildfilename(key, DST_TYPE_PRIVATE, &b);
+	if (ret != ISC_R_SUCCESS)
+		return (ret);

 	iret = isc_lex_create(mctx, 1024, &lex);
 	if (iret != ISC_R_SUCCESS)
@@ -259,7 +258,7 @@ dst_s_parse_private_key_file(const char *name, const int alg,

 	NEXTTOKEN(lex, opt | ISC_LEXOPT_NUMBER, &token);
 	if (token.type != isc_tokentype_number ||
-	    token.value.as_ulong != (unsigned long) alg)
+	    token.value.as_ulong != (unsigned long) dst_key_alg(key))
 		goto fail;

 	READLINE(lex, opt, &token);
@@ -281,8 +280,8 @@ dst_s_parse_private_key_file(const char *name, const int alg,
 			goto fail;

 		memset(&priv->elements[n], 0, sizeof(dst_private_element_t));
-		tag = find_value(token.value.as_pointer, alg);
-		if (tag < 0 || TAG_ALG(tag) != alg)
+		tag = find_value(token.value.as_pointer, dst_key_alg(key));
+		if (tag < 0 || TAG_ALG(tag) != dst_key_alg(key))
 			goto fail;
 		priv->elements[n].tag = tag;

@@ -303,7 +302,7 @@ dst_s_parse_private_key_file(const char *name, const int alg,

 	priv->nelements = n;

-	if (check_data(priv, alg) < 0)
+	if (check_data(priv, dst_key_alg(key)) < 0)
 		goto fail;

 	isc_lex_close(lex);
@@ -323,24 +322,23 @@ fail:
 }

 int
-dst_s_write_private_key_file(const char *name, const int alg,
-			     const isc_uint16_t id, const dst_private_t *priv)
-{
+dst_s_write_private_key_file(const dst_key_t *key, const dst_private_t *priv) {
 	FILE *fp;
 	int ret, i;
 	isc_result_t iret;
 	char filename[ISC_DIR_NAMEMAX];
 	char buffer[MAXFIELDSIZE * 2];
+	isc_buffer_t b;

 	REQUIRE(priv != NULL);

-	if (check_data(priv, alg) < 0)
+	if (check_data(priv, dst_key_alg(key)) < 0)
 		return (DST_R_INVALIDPRIVATEKEY);

-	ret = dst_s_build_filename(filename, name, id, alg, PRIVATE_KEY,
-				   sizeof(filename));
-	if (ret < 0)
-		return (DST_R_NAMETOOLONG);
+	isc_buffer_init(&b, filename, sizeof(filename));
+	ret = dst_key_buildfilename(key, DST_TYPE_PRIVATE, &b);
+	if (ret != ISC_R_SUCCESS)
+		return (ret);

 	if ((fp = fopen(filename, "w")) == NULL)
 		return (DST_R_WRITEERROR);
@@ -351,8 +349,8 @@ dst_s_write_private_key_file(const char *name, const int alg,
 	fprintf(fp, "%s v%d.%d\n", PRIVATE_KEY_STR, MAJOR_VERSION,
 		MINOR_VERSION);

-	fprintf(fp, "%s %d ", ALGORITHM_STR, alg);
-	switch (alg) {
+	fprintf(fp, "%s %d ", ALGORITHM_STR, dst_key_alg(key));
+	switch (dst_key_alg(key)) {
 		case DST_ALG_RSA: fprintf(fp, "(RSA)\n"); break;
 		case DST_ALG_DH: fprintf(fp, "(DH)\n"); break;
 		case DST_ALG_DSA: fprintf(fp, "(DSA)\n"); break;

--- a/lib/dns/sec/dst/dst_parse.h
+++ b/lib/dns/sec/dst/dst_parse.h
@@ -78,13 +78,11 @@ void
 dst_s_free_private_structure_fields(dst_private_t *priv, isc_mem_t *mctx);

 int
-dst_s_parse_private_key_file(const char *name, const int alg,
-			     const isc_uint16_t id, dst_private_t *priv,
+dst_s_parse_private_key_file(const dst_key_t *key, dst_private_t *priv,
 			     isc_mem_t *mctx);

 int
-dst_s_write_private_key_file(const char *name, const int alg,
-			     const isc_uint16_t id, const dst_private_t *priv);
+dst_s_write_private_key_file(const dst_key_t *key, const dst_private_t *priv);

 ISC_LANG_ENDDECLS


--- a/lib/dns/sec/dst/dst_support.c
+++ b/lib/dns/sec/dst/dst_support.c
@@ -19,7 +19,7 @@

 /*
 * Principal Author: Brian Wellington
- * $Id: dst_support.c,v 1.4 2000/05/08 14:37:06 tale Exp $
+ * $Id: dst_support.c,v 1.5 2000/05/15 21:02:34 bwelling Exp $
 */

 #include <config.h>
@@ -81,48 +81,3 @@ dst_s_id_calc(const unsigned char *key, const int keysize) {

 	return ((isc_uint16_t)(ac & 0xffff));
 }
-
-/*
- *  dst_s_build_filename
- *	Builds a key filename from the key name, its id, and a
- *	suffix.  '\', '/' and ':' are not allowed. fA filename is of the
- *	form:  K<keyname><id>.<suffix>
- *	form: K<keyname>+<alg>+<id>.<suffix>
- *
- *	Returns -1 if the conversion fails:
- *	  if the filename would be too long for space allotted
- *	  if the filename would contain a '\', '/' or ':'
- *	Returns 0 on success
- */
-
-int
-dst_s_build_filename(char *filename, const char *name, isc_uint16_t id,
-		     int alg, const char *suffix, size_t filename_length)
-{
-	isc_uint32_t my_id;
-	char *dot;
-	if (filename == NULL)
-		return (-1);
-	memset(filename, 0, filename_length);
-	if (name == NULL)
-		return (-1);
-	if (suffix == NULL)
-		return (-1);
-	if (filename_length <
-	    1 + strlen(name) + 1 + 4 + 6 + 1 + strlen(suffix))
-		return (-1);
-	my_id = id;
-	if (name[strlen(name) - 1] == '.')
-		dot = "";
-	else
-		dot = ".";
-	sprintf(filename, "K%s%s+%03d+%05d.%s", name, dot, alg, my_id,
-		(char *) suffix);
-	if (strrchr(filename, '/'))
-		return (-1);
-	if (strrchr(filename, '\\'))
-		return (-1);
-	if (strrchr(filename, ':'))
-		return (-1);
-	return (0);
-}
--- a/lib/dns/sec/dst/hmac_link.c
+++ b/lib/dns/sec/dst/hmac_link.c
@@ -19,7 +19,7 @@

 /*
 * Principal Author: Brian Wellington
- * $Id: hmac_link.c,v 1.24 2000/05/13 19:31:35 tale Exp $
+ * $Id: hmac_link.c,v 1.25 2000/05/15 21:02:35 bwelling Exp $
 */

 #include <config.h>
@@ -375,8 +375,7 @@ dst_hmacmd5_to_file(const dst_key_t *key) {
 	priv.elements[cnt++].data = keydata;

 	priv.nelements = cnt;
-	return (dst_s_write_private_key_file(key->key_name, key->key_alg,
-					     key->key_id, &priv));
+	return (dst_s_write_private_key_file(key, &priv));
 }


@@ -400,8 +399,7 @@ dst_hmacmd5_from_file(dst_key_t *key, const isc_uint16_t id, isc_mem_t *mctx) {
 #define DST_RET(a) {ret = a; goto err;}

 	/* read private key file */
-	ret = dst_s_parse_private_key_file(key->key_name, key->key_alg, 
-					   id, &priv, mctx);
+	ret = dst_s_parse_private_key_file(key, &priv, mctx);
 	if (ret != ISC_R_SUCCESS)
 		return (ret);


--- a/lib/dns/sec/dst/include/dst/dst.h
+++ b/lib/dns/sec/dst/include/dst/dst.h
@@ -135,7 +135,7 @@ dst_key_fromfile(const char *name, const isc_uint16_t id, const int alg,
 		 const int type, isc_mem_t *mctx, dst_key_t **keyp);
 /*
 * Reads a key from permanent storage.
- *
+ G*
 * Requires:
 *	"name" is not NULL.
 *	"id" is a valid key tag identifier.
@@ -302,6 +302,21 @@ dst_key_iszonekey(const dst_key_t *key);
 isc_boolean_t
 dst_key_isnullkey(const dst_key_t *key);

+isc_result_t
+dst_key_buildfilename(const dst_key_t *key, const int type, isc_buffer_t *out);
+/*
+ * Generates the filename used by dst to store the specified key.
+ *
+ * Requires:
+ *	"key" is a valid key
+ *	"type" is either DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or 0
+ *	"out" is a valid buffer
+ *
+ * Ensures:
+ *	the file name will be written to "out", and the used pointer will
+ *		be advanced.
+ */
+
 isc_result_t
 dst_sig_size(const dst_key_t *key, unsigned int *n);
 /*

--- a/lib/dns/sec/dst/openssl_link.c
+++ b/lib/dns/sec/dst/openssl_link.c
@@ -19,7 +19,7 @@

 /*
 * Principal Author: Brian Wellington
- * $Id: openssl_link.c,v 1.21 2000/05/11 22:48:12 gson Exp $
+ * $Id: openssl_link.c,v 1.22 2000/05/15 21:02:36 bwelling Exp $
 */
 #if defined(OPENSSL)

@@ -422,8 +422,7 @@ dst_openssl_to_file(const dst_key_t *key) {
 	cnt++;

 	priv.nelements = cnt;
-	return (dst_s_write_private_key_file(key->key_name, key->key_alg,
-					     key->key_id, &priv));
+	return (dst_s_write_private_key_file(key, &priv));
 }


@@ -451,8 +450,7 @@ dst_openssl_from_file(dst_key_t *key, const isc_uint16_t id, isc_mem_t *mctx) {
 #define DST_RET(a) {ret = a; goto err;}

 	/* read private key file */
-	ret = dst_s_parse_private_key_file(key->key_name, key->key_alg, 
-					   id, &priv, mctx);
+	ret = dst_s_parse_private_key_file(key, &priv, mctx);
 	if (ret != ISC_R_SUCCESS)
 		return (ret);


--- a/lib/dns/sec/dst/openssldh_link.c
+++ b/lib/dns/sec/dst/openssldh_link.c
@@ -19,7 +19,7 @@

 /*
 * Principal Author: Brian Wellington
- * $Id: openssldh_link.c,v 1.14 2000/05/11 22:47:02 gson Exp $
+ * $Id: openssldh_link.c,v 1.15 2000/05/15 21:02:37 bwelling Exp $
 */

 #if defined(OPENSSL)
@@ -412,8 +412,7 @@ dst_openssldh_to_file(const dst_key_t *key) {
 	cnt++;

 	priv.nelements = cnt;
-	return (dst_s_write_private_key_file(key->key_name, key->key_alg,
-					     key->key_id, &priv));
+	return (dst_s_write_private_key_file(key, &priv));
 }


@@ -442,8 +441,7 @@ dst_openssldh_from_file(dst_key_t *key, const isc_uint16_t id,
 #define DST_RET(a) {ret = a; goto err;}

 	/* read private key file */
-	ret = dst_s_parse_private_key_file(key->key_name, key->key_alg, 
-					   id, &priv, mctx);
+	ret = dst_s_parse_private_key_file(key, &priv, mctx);
 	if (ret != ISC_R_SUCCESS)
 		return (ret);