Commit b3ef0634 authored by Brian Wellington's avatar Brian Wellington
Browse files

DST API updates

parent 4441bfbd
......@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THE SOFTWARE.
*/
/* $Id: dnssec-keygen.c,v 1.30 2000/06/02 19:02:48 bwelling Exp $ */
/* $Id: dnssec-keygen.c,v 1.31 2000/06/06 22:01:18 bwelling Exp $ */
#include <config.h>
......@@ -111,6 +111,7 @@ main(int argc, char **argv) {
dns_result_register();
dst_result_register();
dst_lib_init(mctx);
while ((ch = isc_commandline_parse(argc, argv,
"a:b:eg:n:t:p:s:hv:")) != -1)
......@@ -320,7 +321,7 @@ main(int argc, char **argv) {
* case we return failure.
*/
ret = dst_key_fromfile(name, dst_key_id(key), alg,
DST_TYPE_PRIVATE, mctx, &oldkey);
DST_TYPE_PRIVATE, NULL, mctx, &oldkey);
/* do not overwrite an existing key */
if (ret == ISC_R_SUCCESS) {
dst_key_free(&oldkey);
......@@ -331,8 +332,7 @@ main(int argc, char **argv) {
if (conflict == ISC_TRUE) {
if (verbose > 0) {
isc_buffer_clear(&buf);
ret = dst_key_buildfilename(key, 0, &buf);
filename[isc_buffer_usedlength(&buf)] = 0;
ret = dst_key_buildfilename(key, 0, NULL, &buf);
fprintf(stderr,
"%s: %s already exists, "
"generating a new key\n",
......@@ -347,14 +347,13 @@ main(int argc, char **argv) {
fatal("cannot generate a null key when a key with id 0 "
"already exists");
ret = dst_key_tofile(key, DST_TYPE_PUBLIC | DST_TYPE_PRIVATE);
ret = dst_key_tofile(key, DST_TYPE_PUBLIC | DST_TYPE_PRIVATE, NULL);
if (ret != ISC_R_SUCCESS)
fatal("failed to write key %s/%s/%d: %s\n", name,
dst_key_id(key), algtostr(alg), isc_result_totext(ret));
isc_buffer_clear(&buf);
ret = dst_key_buildfilename(key, 0, &buf);
filename[isc_buffer_usedlength(&buf)] = 0;
ret = dst_key_buildfilename(key, 0, NULL, &buf);
printf("%s\n", filename);
isc_mem_free(mctx, algname);
isc_mem_free(mctx, nametype);
......@@ -365,6 +364,7 @@ main(int argc, char **argv) {
if (log != NULL)
isc_log_destroy(&log);
dst_lib_destroy();
if (verbose > 10)
isc_mem_stats(mctx, stdout);
isc_mem_destroy(&mctx);
......
......@@ -128,16 +128,16 @@ main(int argc, char *argv[]) {
isc_region_t r;
isc_log_t *log = NULL;
keynode_t *keynode;
dns_fixedname_t fsavedname;
dns_name_t *savedname = NULL;
dns_result_register();
result = isc_mem_create(0, 0, &mctx);
if (result != ISC_R_SUCCESS)
fatal("failed to create memory context: %s",
isc_result_totext(result));
dns_result_register();
dst_lib_init(mctx);
while ((ch = isc_commandline_parse(argc, argv, "s:e:t:v:")) != -1)
{
switch (ch) {
......@@ -214,29 +214,28 @@ main(int argc, char *argv[]) {
ISC_LIST_INIT(keylist);
for (i = 0; i < argc; i++) {
isc_uint16_t id;
unsigned int alg;
dns_fixedname_t fname;
dns_name_t *name;
char namestr[1025];
isc_buffer_init(&b, argv[i], strlen(argv[i]));
isc_buffer_add(&b, strlen(argv[i]));
dns_fixedname_init(&fname);
name = dns_fixedname_name(&fname);
result = dst_key_parsefilename(&b, mctx, name, &id, &alg,
NULL);
key = NULL;
result = dst_key_fromnamedfile(argv[i], DST_TYPE_PUBLIC,
mctx, &key);
if (result != ISC_R_SUCCESS)
fatal("%s is not a valid key filename", argv[i]);
strncpy(namestr, nametostr(name), sizeof(namestr) - 1);
fatal("error loading key from %s", argv[i]);
strncpy(namestr, nametostr(dst_key_name(key)),
sizeof(namestr) - 1);
namestr[sizeof(namestr) - 1] = 0;
if (savedname == NULL) {
fsavedname = fname;
savedname = dns_fixedname_name(&fsavedname);
}
else {
if (!dns_name_equal(savedname, name) != 0)
savedname = isc_mem_get(mctx, sizeof(dns_name_t));
if (savedname == NULL)
fatal("out of memory");
dns_name_init(savedname, NULL);
result = dns_name_dup(dst_key_name(key), mctx,
savedname);
if (result != ISC_R_SUCCESS)
fatal("out of memory");
} else {
if (!dns_name_equal(savedname, dst_key_name(key)) != 0)
fatal("all keys must have the same owner - %s "
"and %s do not match",
nametostr(savedname), namestr);
......@@ -261,20 +260,14 @@ main(int argc, char *argv[]) {
fatal("%s is not a valid name: %s",
namestr, isc_result_totext(result));
}
key = NULL;
result = dst_key_fromfile(name, id, alg, DST_TYPE_PUBLIC,
mctx, &key);
check_result(result, "dst_key_fromfile");
if (dst_key_iszonekey(key)) {
dst_key_t *zonekey = NULL;
result = dst_key_fromfile(name, id, alg,
DST_TYPE_PRIVATE, mctx,
&zonekey);
result = dst_key_fromnamedfile(argv[i],
DST_TYPE_PRIVATE,
mctx, &zonekey);
if (result != ISC_R_SUCCESS)
fatal("failed to read key %s/%s/%d: %s",
namestr, id, algtostr(alg),
isc_result_totext(result));
fatal("failed to read key %s: %s",
argv[i], isc_result_totext(result));
keynode = isc_mem_get(mctx, sizeof (keynode_t));
if (keynode == NULL)
fatal("out of memory");
......@@ -291,10 +284,8 @@ main(int argc, char *argv[]) {
isc_buffer_init(&b, data, BUFSIZE);
result = dst_key_todns(key, &b);
if (result != ISC_R_SUCCESS)
fatal("failed to convert key %s/%s/%d "
"to a DNS KEY: %s",
namestr, id, algtostr(alg),
isc_result_totext(result));
fatal("failed to convert key %s to a DNS KEY: %s",
argv[i], isc_result_totext(result));
isc_buffer_usedregion(&b, &r);
dns_rdata_fromregion(rdata, dns_rdataclass_in,
dns_rdatatype_key, &r);
......@@ -390,10 +381,16 @@ main(int argc, char *argv[]) {
isc_mem_put(mctx, keynode, sizeof(keynode_t));
}
if (savedname != NULL) {
dns_name_free(savedname, mctx);
isc_mem_put(mctx, savedname, sizeof(dns_name_t));
}
if (log != NULL)
isc_log_destroy(&log);
isc_mem_free(mctx, output);
dst_lib_destroy();
if (verbose > 10)
isc_mem_stats(mctx, stdout);
isc_mem_destroy(&mctx);
......
......@@ -146,11 +146,12 @@ main(int argc, char *argv[]) {
isc_log_t *log = NULL;
keynode_t *keynode;
dns_result_register();
result = isc_mem_create(0, 0, &mctx);
check_result(result, "isc_mem_create()");
dns_result_register();
dst_lib_init(mctx);
while ((ch = isc_commandline_parse(argc, argv, "v:")) != -1)
{
switch (ch) {
......@@ -244,7 +245,8 @@ main(int argc, char *argv[]) {
ISC_TRUE, mctx, &sigrdata);
if (result != ISC_R_SUCCESS)
fatal("signature by key '%s/%s/%d' did not verify: %s",
dst_key_name(key), algtostr(dst_key_alg(key)),
nametostr(dst_key_name(key)),
algtostr(dst_key_alg(key)),
dst_key_id(key), isc_result_totext(result));
dns_rdata_freestruct(&sig);
result = dns_rdataset_next(&sigrdataset);
......@@ -274,27 +276,12 @@ main(int argc, char *argv[]) {
sigrdatalist.ttl = rdataset.ttl;
for (i = 0; i < argc; i++) {
isc_uint16_t id;
unsigned int alg;
dns_fixedname_t fname;
dns_name_t *name;
isc_buffer_init(&b, argv[i], strlen(argv[i]));
isc_buffer_add(&b, strlen(argv[i]));
dns_fixedname_init(&fname);
name = dns_fixedname_name(&fname);
result = dst_key_parsefilename(&b, mctx, name, &id, &alg,
NULL);
if (result != ISC_R_SUCCESS)
usage();
key = NULL;
result = dst_key_fromfile(name, id, alg, DST_TYPE_PRIVATE,
mctx, &key);
result = dst_key_fromnamedfile(argv[i], DST_TYPE_PRIVATE,
mctx, &key);
if (result != ISC_R_SUCCESS)
fatal("failed to read key %s/%s/%d from disk: %s",
dst_key_name(key), algtostr(dst_key_alg(key)),
dst_key_id(key), isc_result_totext(result));
fatal("failed to read key %s from disk: %s",
argv[i], isc_result_totext(result));
rdata = isc_mem_get(mctx, sizeof(dns_rdata_t));
if (rdata == NULL)
......@@ -353,6 +340,7 @@ main(int argc, char *argv[]) {
isc_log_destroy(&log);
isc_mem_free(mctx, output);
dst_lib_destroy();
if (verbose > 10)
isc_mem_stats(mctx, stdout);
isc_mem_destroy(&mctx);
......
......@@ -142,7 +142,7 @@ keythatsigned(dns_rdata_sig_t *sig) {
}
result = dst_key_fromfile(&sig->signer, sig->keyid, sig->algorithm,
DST_TYPE_PUBLIC, mctx, &pubkey);
DST_TYPE_PUBLIC, NULL, mctx, &pubkey);
if (result != ISC_R_SUCCESS)
return (NULL);
......@@ -151,7 +151,7 @@ keythatsigned(dns_rdata_sig_t *sig) {
fatal("out of memory");
result = dst_key_fromfile(&sig->signer, sig->keyid, sig->algorithm,
DST_TYPE_PRIVATE, mctx, &privkey);
DST_TYPE_PRIVATE, NULL, mctx, &privkey);
if (result == ISC_R_SUCCESS) {
key->key = privkey;
dst_key_free(&pubkey);
......@@ -1209,12 +1209,13 @@ main(int argc, char *argv[]) {
isc_result_t result;
isc_log_t *log = NULL;
dns_result_register();
result = isc_mem_create(0, 0, &mctx);
if (result != ISC_R_SUCCESS)
fatal("out of memory");
dns_result_register();
dst_lib_init(mctx);
while ((ch = isc_commandline_parse(argc, argv, "s:e:c:v:o:f:ah"))
!= -1) {
switch (ch) {
......@@ -1343,57 +1344,41 @@ main(int argc, char *argv[]) {
}
else {
for (i = 0; i < argc; i++) {
isc_uint16_t id;
unsigned int alg;
dns_fixedname_t fname;
dns_name_t *name;
isc_buffer_t b;
dst_key_t *newkey = NULL;
isc_buffer_init(&b, argv[i], strlen(argv[i]));
isc_buffer_add(&b, strlen(argv[i]));
dns_fixedname_init(&fname);
name = dns_fixedname_name(&fname);
result = dst_key_parsefilename(&b, mctx, name,
&id, &alg, NULL);
result = dst_key_fromnamedfile(argv[i],
DST_TYPE_PRIVATE,
mctx, &newkey);
if (result != ISC_R_SUCCESS)
usage();
key = ISC_LIST_HEAD(keylist);
while (key != NULL) {
dst_key_t *dkey = key->key;
if (dst_key_id(dkey) == id &&
dst_key_alg(dkey) == alg &&
dns_name_equal(name, dst_key_name(dkey)))
if (dst_key_id(dkey) == dst_key_id(newkey) &&
dst_key_alg(dkey) == dst_key_alg(newkey) &&
dns_name_equal(dst_key_name(dkey),
dst_key_name(newkey)))
{
key->isdefault = ISC_TRUE;
if (!dst_key_isprivate(dkey))
fatal("cannot sign zone with "
"non-private key "
"'%s/%s/%d'",
nametostr(dst_key_name(dkey)),
algtostr(dst_key_alg(dkey)),
dst_key_id(dkey));
"non-private key %s",
argv[i]);
break;
}
key = ISC_LIST_NEXT(key, link);
}
if (key == NULL) {
dst_key_t *dkey = NULL;
result = dst_key_fromfile(name, id, alg,
DST_TYPE_PRIVATE,
mctx, &dkey);
if (result != ISC_R_SUCCESS)
fatal("failed to load key '%s/%s/%d' "
"from disk: %s",
nametostr(name), algtostr(alg),
id, isc_result_totext(result));
key = isc_mem_get(mctx, sizeof(signer_key_t));
if (key == NULL)
fatal("out of memory");
key->key = dkey;
key->key = newkey;
key->isdefault = ISC_TRUE;
ISC_LIST_APPEND(keylist, key, link);
}
else
dst_key_free(&newkey);
}
}
......@@ -1425,6 +1410,7 @@ main(int argc, char *argv[]) {
if (log != NULL)
isc_log_destroy(&log);
dst_lib_destroy();
if (verbose > 10)
isc_mem_stats(mctx, stdout);
isc_mem_destroy(&mctx);
......
......@@ -62,7 +62,7 @@ dns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx,
dns_name_fromtext(&keyname, &b, dns_rootname, ISC_FALSE, &namebuf);
RETERR(dst_key_fromfile(&keyname, n, DNS_KEYALG_DH,
DST_TYPE_PUBLIC|DST_TYPE_PRIVATE,
mctx, &tctx->dhkey));
NULL, mctx, &tctx->dhkey));
s = NULL;
RETERR(dns_c_ctx_gettkeydomain(cfg, &s));
dns_name_init(&domain, NULL);
......
......@@ -125,13 +125,11 @@ io(dns_name_t *name, int id, int alg, int type, isc_mem_t *mctx) {
dst_key_t *key = NULL;
isc_result_t ret;
chdir(current);
ret = dst_key_fromfile(name, id, alg, type, mctx, &key);
ret = dst_key_fromfile(name, id, alg, type, current, mctx, &key);
printf("read(%d) returned: %s\n", alg, isc_result_totext(ret));
if (ret != 0)
return;
chdir(tmp);
ret = dst_key_tofile(key, type);
ret = dst_key_tofile(key, type, tmp);
printf("write(%d) returned: %s\n", alg, isc_result_totext(ret));
if (ret != 0)
return;
......@@ -150,22 +148,20 @@ dh(dns_name_t *name1, int id1, dns_name_t *name2, int id2, isc_mem_t *mctx) {
int alg = DST_ALG_DH;
int type = DST_TYPE_PUBLIC|DST_TYPE_PRIVATE;
chdir(current);
ret = dst_key_fromfile(name1, id1, alg, type, mctx, &key1);
ret = dst_key_fromfile(name1, id1, alg, type, current, mctx, &key1);
printf("read(%d) returned: %s\n", alg, isc_result_totext(ret));
if (ret != 0)
return;
ret = dst_key_fromfile(name2, id2, alg, type, mctx, &key2);
ret = dst_key_fromfile(name2, id2, alg, type, current, mctx, &key2);
printf("read(%d) returned: %s\n", alg, isc_result_totext(ret));
if (ret != 0)
return;
chdir(tmp);
ret = dst_key_tofile(key1, type);
ret = dst_key_tofile(key1, type, tmp);
printf("write(%d) returned: %s\n", alg, isc_result_totext(ret));
if (ret != 0)
return;
ret = dst_key_tofile(key2, type);
ret = dst_key_tofile(key2, type, tmp);
printf("write(%d) returned: %s\n", alg, isc_result_totext(ret));
if (ret != 0)
return;
......@@ -245,6 +241,7 @@ main(void) {
dns_result_register();
dst_result_register();
dst_lib_init(mctx);
dns_fixedname_init(&fname);
name = dns_fixedname_name(&fname);
......@@ -269,6 +266,8 @@ main(void) {
get_random();
dst_lib_destroy();
isc_mem_put(mctx, current, 256);
/* isc_mem_stats(mctx, stdout);*/
isc_mem_destroy(&mctx);
......
......@@ -104,6 +104,7 @@ use(dst_key_t *key, isc_mem_t *mctx, isc_result_t exp_result, int *nfails) {
t_info("dst_context_adddata(%d) returned (%s)\n",
dst_key_alg(key), dst_result_totext(ret));
++*nfails;
dst_context_destroy(&ctx);
return;
}
ret = dst_context_sign(ctx, &sigbuf);
......@@ -112,6 +113,7 @@ use(dst_key_t *key, isc_mem_t *mctx, isc_result_t exp_result, int *nfails) {
dst_key_alg(key), dst_result_totext(ret),
dst_result_totext(exp_result));
++*nfails;
dst_context_destroy(&ctx);
return;
}
dst_context_destroy(&ctx);
......@@ -129,6 +131,7 @@ use(dst_key_t *key, isc_mem_t *mctx, isc_result_t exp_result, int *nfails) {
t_info("dst_context_adddata(%d) returned (%s)\n",
dst_key_alg(key), dst_result_totext(ret));
++*nfails;
dst_context_destroy(&ctx);
return;
}
ret = dst_context_verify(ctx, &sigreg);
......@@ -137,6 +140,7 @@ use(dst_key_t *key, isc_mem_t *mctx, isc_result_t exp_result, int *nfails) {
dst_key_alg(key), dst_result_totext(ret),
dst_result_totext(exp_result));
++*nfails;
dst_context_destroy(&ctx);
return;
}
dst_context_destroy(&ctx);
......@@ -167,7 +171,7 @@ dh(dns_name_t *name1, int id1, dns_name_t *name2, int id2, isc_mem_t *mctx,
return;
}
ret = dst_key_fromfile(name1, id1, alg, type, mctx, &key1);
ret = dst_key_fromfile(name1, id1, alg, type, current, mctx, &key1);
if (ret != ISC_R_SUCCESS) {
t_info("dst_key_fromfile(%d) returned: %s\n",
alg, dst_result_totext(ret));
......@@ -175,7 +179,7 @@ dh(dns_name_t *name1, int id1, dns_name_t *name2, int id2, isc_mem_t *mctx,
return;
}
ret = dst_key_fromfile(name2, id2, alg, type, mctx, &key2);
ret = dst_key_fromfile(name2, id2, alg, type, current, mctx, &key2);
if (ret != ISC_R_SUCCESS) {
t_info("dst_key_fromfile(%d) returned: %s\n",
alg, dst_result_totext(ret));
......@@ -197,37 +201,22 @@ dh(dns_name_t *name1, int id1, dns_name_t *name2, int id2, isc_mem_t *mctx,
return;
}
if (chdir(tmp)) {
t_info("chdir failed %d\n", errno);
(void) rmdir(tmp);
++*nprobs;
return;
}
ret = dst_key_tofile(key1, type);
ret = dst_key_tofile(key1, type, tmp);
if (ret != 0) {
t_info("dst_key_tofile(%d) returned: %s\n",
alg, dst_result_totext(ret));
(void) chdir(current);
++*nfails;
return;
}
ret = dst_key_tofile(key2, type);
ret = dst_key_tofile(key2, type, tmp);
if (ret != 0) {
t_info("dst_key_tofile(%d) returned: %s\n",
alg, dst_result_totext(ret));
(void) chdir(current);
++*nfails;
return;
}
if (chdir(current)) {
t_info("chdir failed %d\n", errno);
++*nprobs;
return;
}
cleandir(tmp);
isc_buffer_init(&b1, array1, sizeof(array1));
......@@ -279,7 +268,7 @@ io(dns_name_t *name, int id, int alg, int type, isc_mem_t *mctx,
return;
}
ret = dst_key_fromfile(name, id, alg, type, mctx, &key);
ret = dst_key_fromfile(name, id, alg, type, current, mctx, &key);
if (ret != ISC_R_SUCCESS) {
t_info("dst_key_fromfile(%d) returned: %s\n",
alg, dst_result_totext(ret));
......@@ -301,18 +290,10 @@ io(dns_name_t *name, int id, int alg, int type, isc_mem_t *mctx,
return;
}
if (chdir(tmp)) {
t_info("chdir failed %d\n", errno);
(void) rmdir(tmp);
++*nprobs;
return;
}
ret = dst_key_tofile(key, type);
ret = dst_key_tofile(key, type, tmp);
if (ret != 0) {
t_info("dst_key_tofile(%d) returned: %s\n",
alg, dst_result_totext(ret));
(void)chdir(current);
++*nfails;
return;
}
......@@ -320,12 +301,6 @@ io(dns_name_t *name, int id, int alg, int type, isc_mem_t *mctx,
if (dst_key_alg(key) != DST_ALG_DH)
use(key, mctx, exp_result, nfails);
if (chdir(current)) {
t_info("chdir failed %d\n", errno);
++*nprobs;
return;
}
cleandir(tmp);
dst_key_free(&key);
......@@ -421,6 +396,7 @@ t1(void) {
t_result(T_UNRESOLVED);
return;
}
dst_lib_init(mctx);
t_info("testing use of stored keys [1]\n");
......@@ -461,6 +437,8 @@ t1(void) {
t_info("testing random number sequence generation\n");
get_random(&nfails);
dst_lib_destroy();
isc_mem_destroy(&mctx);
result = T_UNRESOLVED;
......@@ -697,7 +675,7 @@ t2_sigchk(char *datapath, char *sigpath, char *keyname,
isc_buffer_init(&b, keyname, strlen(keyname));
isc_buffer_add(&b, strlen(keyname));
dns_name_fromtext(name, &b, dns_rootname, ISC_FALSE, NULL);
isc_result = dst_key_fromfile(name, id, alg, type, mctx, &key);
isc_result = dst_key_fromfile(name, id, alg, type, NULL, mctx, &key);
if (isc_result != ISC_R_SUCCESS) {
t_info("dst_key_fromfile failed %s\n",
isc_result_totext(isc_result));
......@@ -735,6 +713,7 @@ t2_sigchk(char *datapath, char *sigpath, char *keyname,
dst_result_totext(isc_result));
(void) free(data);
dst_key_free(&key);
dst_context_destroy(&ctx);
++*nprobs;
return;
}
......@@ -744,6 +723,7 @@ t2_sigchk(char *datapath, char *sigpath, char *keyname,
dst_result_totext(isc_result));
(void) free(data);
dst_key_free(&key);
dst_context_destroy(&ctx);
++*nprobs;
return;
}
......@@ -794,6 +774,7 @@ t2_sigchk(char *datapath, char *sigpath, char *keyname,
if (isc_result != ISC_R_SUCCESS) {
t_info("dst_context_adddata returned %s\n",
isc_result_totext(isc_result));
dst_context_destroy(&ctx);
++*nfails;
}
isc_result = dst_context_verify(ctx, &sigreg);
......@@ -803,6 +784,7 @@ t2_sigchk(char *datapath, char *sigpath, char *keyname,
t_info("dst_context_verify returned %s, expected %s\n",
isc_result_totext(isc_result),
expected_result);
dst_context_destroy(&ctx);
++*nfails;
}
......@@ -867,6 +849,7 @@ t2_vfy(char **av) {
isc_result_totext(isc_result));
return(T_UNRESOLVED);
}
dst_lib_init(mctx);
t_info("testing %s, %s, %s, %s, %s, %s\n",
datapath, sigpath, keyname, key, alg, exp_result);
......@@ -875,6 +858,8 @@ t2_vfy(char **av) {
mctx, exp_result,
&nfails, &nprobs);
dst_lib_destroy();