Add various get functions for kasp

Write functions to access various elements of the kasp structure,
and the kasp keys. This in preparation of code in dnssec-keygen,
dnssec-settime, named...

lib/dns/include/dns/kasp.h

@@ -187,13 +187,27 @@ dns_kasp_getname(dns_kasp_t *kasp);
  *
  * Requires:
  *
- *\li   'kasp' is a valid, frozen kasp.
+ *\li   'kasp' is a valid kasp.
  *
  * Returns:
  *
  *\li   name of 'kasp'.
  */
 
+dns_ttl_t
+dns_kasp_dnskeyttl(dns_kasp_t *kasp);
+/*%<
+ * Get dnskey ttl.
+ *
+ * Requires:
+ *
+ *\li   'kasp' is a valid, frozen kasp.
+ *
+ * Returns:
+ *
+ *\li   DNSKEY TTL.
+ */
+
 isc_result_t
 dns_kasplist_find(dns_kasplist_t *list, const char *name, dns_kasp_t **kaspp);
 /*%<
@@ -236,9 +250,83 @@ dns_kasp_key_destroy(dns_kasp_key_t* key);
  *
  * Requires:
  *
- *\li  'key' is a valid KASP key.
+ *\li  key != NULL
+ */
+
+uint32_t
+dns_kasp_key_algorithm(dns_kasp_key_t *key);
+/*%<
+ * Get the key algorithm.
+ *
+ * Requires:
+ *
+ *\li  key != NULL
+ *
+ * Returns:
+ *
+ *\li  Key algorithm.
+ */
+
+unsigned int
+dns_kasp_key_size(dns_kasp_key_t *key);
+/*%<
+ * Get the key size.
+ *
+ * Requires:
+ *
+ *\li  key != NULL
+ *
+ * Returns:
+ *
+ *\li  Configured key size, or default key size for key algorithm if no size
+ *     configured.
+ */
+
+time_t
+dns_kasp_key_lifetime(dns_kasp_key_t *key);
+/*%<
+ * The lifetime of this key (how long may this key be active?)
+ *
+ * Requires:
+ *
+ *\li  key != NULL
+ *
+ * Returns:
+ *
+ *\li  Lifetime of key.
+ *
+ */
+
+bool
+dns_kasp_key_ksk(dns_kasp_key_t *key);
+/*%<
+ * Does this key act as a KSK?
+ *
+ * Requires:
+ *
+ *\li  key != NULL
+ *
+ * Returns:
+ *
+ *\li  True, if the key role has DNS_KASP_KEY_ROLE_KSK set.
+ *\li  False, otherwise.
+ *
+ */
+
+bool
+dns_kasp_key_zsk(dns_kasp_key_t *key);
+/*%<
+ * Does this key act as a ZSK?
+ *
+ * Requires:
+ *
+ *\li  key != NULL
+ *
+ * Returns:
+ *
+ *\li  True, if the key role has DNS_KASP_KEY_ROLE_ZSK set.
+ *\li  False, otherwise.
  *
- *\li  kasp != NULL && key != NULL
  */
 
 ISC_LANG_ENDDECLS

lib/dns/kasp.c

@@ -21,6 +21,7 @@
 
 #include <dns/log.h>
 #include <dns/kasp.h>
+#include <dns/keyvalues.h>
 
 isc_result_t
 dns_kasp_create(isc_mem_t *mctx, const char *name, dns_kasp_t **kaspp)
@@ -64,6 +65,7 @@ void
 dns_kasp_attach(dns_kasp_t *source, dns_kasp_t **targetp) {
 	REQUIRE(DNS_KASP_VALID(source));
 	REQUIRE(targetp != NULL && *targetp == NULL);
+
 	isc_refcount_increment(&source->references);
 	*targetp = source;
 }
@@ -95,6 +97,12 @@ dns_kasp_detach(dns_kasp_t **kaspp) {
 	}
 }
 
+const char*
+dns_kasp_getname(dns_kasp_t *kasp) {
+	REQUIRE(DNS_KASP_VALID(kasp));
+	return kasp->name;
+}
+
 void
 dns_kasp_freeze(dns_kasp_t *kasp) {
 	REQUIRE(DNS_KASP_VALID(kasp));
@@ -109,16 +117,17 @@ dns_kasp_thaw(dns_kasp_t *kasp) {
 	kasp->frozen = false;
 }
 
-const char*
-dns_kasp_getname(dns_kasp_t *kasp) {
+dns_ttl_t
+dns_kasp_dnskeyttl(dns_kasp_t *kasp) {
 	REQUIRE(DNS_KASP_VALID(kasp));
-	return kasp->name;
+	REQUIRE(kasp->frozen);
+	return kasp->dnskey_ttl;
 }
 
 isc_result_t
 dns_kasplist_find(dns_kasplist_t *list, const char *name, dns_kasp_t **kaspp)
 {
-	dns_kasp_t *kasp;
+	dns_kasp_t *kasp = NULL;
 
 	if (list == NULL) {
 		return (ISC_R_NOTFOUND);
@@ -166,3 +175,77 @@ dns_kasp_key_destroy(dns_kasp_key_t* key)
 	REQUIRE(key != NULL);
 	isc_mem_putanddetach(&key->mctx, key, sizeof(*key));
 }
+
+uint32_t
+dns_kasp_key_algorithm(dns_kasp_key_t *key) {
+
+	REQUIRE(key != NULL);
+	return key->algorithm;
+}
+
+unsigned int
+dns_kasp_key_size(dns_kasp_key_t *key) {
+	unsigned int size = 0;
+	unsigned int min = 0;
+
+	REQUIRE(key != NULL);
+
+	switch (key->algorithm) {
+	case DNS_KEYALG_RSASHA1:
+	case DNS_KEYALG_NSEC3RSASHA1:
+	case DNS_KEYALG_RSASHA256:
+	case DNS_KEYALG_RSASHA512:
+		min = DNS_KEYALG_RSASHA512 ? 1024 : 512;
+		if (key->length > -1) {
+			size = (unsigned int) key->length;
+			if (size < min) {
+				size = min;
+			}
+			if (size > 4096) {
+				size = 4096;
+			}
+		} else if (key->role & DNS_KASP_KEY_ROLE_KSK) {
+			size = 2048;
+		} else {
+			size = 1024;
+		}
+		break;
+	case DNS_KEYALG_ECDSA256:
+		size = 256;
+		break;
+	case DNS_KEYALG_ECDSA384:
+		size = 384;
+		break;
+	case DNS_KEYALG_ED25519:
+		size = 32;
+		break;
+	case DNS_KEYALG_ED448:
+		size = 57;
+		break;
+	default:
+		/* unsupported */
+		break;
+	}
+	return size;
+}
+
+time_t
+dns_kasp_key_lifetime(dns_kasp_key_t *key) {
+
+	REQUIRE(key != NULL);
+	return (key->lifetime);
+}
+
+bool
+dns_kasp_key_ksk(dns_kasp_key_t *key) {
+
+	REQUIRE(key != NULL);
+	return (key->role & DNS_KASP_KEY_ROLE_KSK);
+}
+
+bool
+dns_kasp_key_zsk(dns_kasp_key_t *key) {
+
+	REQUIRE(key != NULL);
+	return (key->role & DNS_KASP_KEY_ROLE_ZSK);
+}

lib/dns/win32/libdns.def.in

@@ -416,10 +416,16 @@ dns_journal_writediff
 dns_kasp_create
 dns_kasp_attach
 dns_kasp_detach
+dns_kasp_dnskeyttl
 dns_kasp_freeze
 dns_kasp_getname
+dns_kasp_key_algorithm
 dns_kasp_key_create
 dns_kasp_key_destroy
+dns_kasp_key_ksk
+dns_kasp_key_lifetime
+dns_kasp_key_size
+dns_kasp_key_zsk
 dns_kasp_thaw
 dns_kasplist_find
 dns_keydata_fromdnskey