OpenDNSSEC-signer  1.4.5
tsig.h
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2011 NLNet Labs. All rights reserved.
3  *
4  * Taken from NSD3 and adjusted for OpenDNSSEC, NLnet Labs.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  * notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  * notice, this list of conditions and the following disclaimer in the
13  * documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
17  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
19  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
21  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
22  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
23  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
24  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
25  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26  *
27  */
28 
34 #ifndef WIRE_TSIG_H
35 #define WIRE_TSIG_H
36 
37 #include "config.h"
38 #include "shared/allocator.h"
39 #include "shared/status.h"
40 #include "wire/buffer.h"
41 
42 #include <ldns/ldns.h>
43 
44 #define TSIG_ERROR_BADSIG 16
45 #define TSIG_ERROR_BADKEY 17
46 #define TSIG_ERROR_BADTIME 18
47 
48 #define TSIG_HMAC_MD5 157
49 #define TSIG_HMAC_SHA1 158
50 #define TSIG_HMAC_SHA256 159
51 
60 };
62 
69 {
70  uint8_t id;
71  const char* short_name;
72 };
73 
80  ldns_rdf* dname;
81  size_t size;
82  const uint8_t* data;
83 };
84 
91  const char* txt_name;
92  ldns_rdf* wf_name;
94  const void* data;
95  /* create a new HMAC context */
96  void*(*hmac_create)(allocator_type* allocator);
97  /* initialize an HMAC context */
98  void(*hmac_init)(void* context, tsig_algo_type* algo,
99  tsig_key_type* key);
100  /* update the HMAC context */
101  void(*hmac_update)(void* context, const void* data, size_t size);
102  /* finalize digest */
103  void(*hmac_final)(void* context, uint8_t* digest, size_t* size);
104 };
105 
110 typedef struct tsig_struct tsig_type;
111 struct tsig_struct {
113  const char* name;
114  const char* algorithm;
115  const char* secret;
117 };
118 
127  size_t position;
130  void* context;
134  uint8_t* prior_mac_data;
135 
136  ldns_rdf* key_name;
137  ldns_rdf* algo_name;
139  uint32_t signed_time_low;
141  uint16_t mac_size;
142  uint8_t* mac_data;
144  uint16_t error_code;
145  uint16_t other_size;
146  uint8_t* other_data;
147 };
148 
156 
161 void tsig_handler_cleanup(void);
162 
169 
176 
186 tsig_type* tsig_create(allocator_type* allocator, char* name, char* algo,
187  char* secret);
188 
196 tsig_type* tsig_lookup_by_name(tsig_type* tsig, const char* name);
197 
204 tsig_algo_type* tsig_lookup_algo(const char* name);
205 
213 
222 
230 int tsig_rr_find(tsig_rr_type* trr, buffer_type* buffer);
231 
239 int tsig_rr_parse(tsig_rr_type* trr, buffer_type* buffer);
240 
247 int tsig_rr_lookup(tsig_rr_type* trr);
248 
254 void tsig_rr_prepare(tsig_rr_type* trr);
255 
265 void tsig_rr_update(tsig_rr_type* trr, buffer_type* buffer, size_t length);
266 
272 void tsig_rr_sign(tsig_rr_type* trr);
273 
280 int tsig_rr_verify(tsig_rr_type* trr);
281 
288 void tsig_rr_append(tsig_rr_type* trr, buffer_type* buffer);
289 
290 /*
291  * The amount of space to reserve in the response for the TSIG data.
292  * \param[in] trr TSIG RR
293  * \return size_t reserved space size
294  *
295  */
297 
303 void tsig_rr_error(tsig_rr_type* trr);
304 
311 const char* tsig_status2str(tsig_status status);
312 
319 const char* tsig_strerror(uint16_t error);
320 
326 void tsig_rr_free(tsig_rr_type* trr);
327 
333 void tsig_rr_cleanup(tsig_rr_type* trr);
334 
341 void tsig_cleanup(tsig_type* tsig, allocator_type* allocator);
342 
343 #endif /* WIRE_TSIG_H */