OpenDNSSEC-signer  1.4.5
keys.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2009 NLNet Labs. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  * notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  * notice, this list of conditions and the following disclaimer in the
11  * documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
15  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
17  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
19  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
21  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
22  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
23  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  *
25  */
26 
32 #include "shared/file.h"
33 #include "shared/log.h"
34 #include "shared/util.h"
35 #include "signer/backup.h"
36 #include "signer/keys.h"
37 #include "signer/signconf.h"
38 
39 static const char* key_str = "keys";
40 
41 
47 keylist_create(void* sc)
48 {
49  signconf_type* signconf = (signconf_type*) sc;
50  keylist_type* kl = NULL;
51 
52  if (!signconf || !signconf->allocator) {
53  return NULL;
54  }
55  kl = (keylist_type*) allocator_alloc(signconf->allocator,
56  sizeof(keylist_type));
57  if (!kl) {
58  ods_log_error("[%s] create list failed: allocator_alloc() failed",
59  key_str);
60  return NULL;
61  }
62  kl->sc = sc;
63  kl->count = 0;
64  kl->keys = NULL;
65  return kl;
66 }
67 
68 
73 key_type*
74 keylist_lookup_by_locator(keylist_type* kl, const char* locator)
75 {
76  uint16_t i = 0;
77  if (!kl || !locator || kl->count <= 0) {
78  return NULL;
79  }
80  for (i=0; i < kl->count; i++) {
81  if (&kl->keys[i] && kl->keys[i].locator) {
82  if (ods_strcmp(kl->keys[i].locator, locator) == 0) {
83  return &kl->keys[i];
84  }
85  }
86  }
87  return NULL;
88 }
89 
90 
95 key_type*
97 {
98  uint16_t i = 0;
99  if (!kl || !dnskey || kl->count <= 0) {
100  return NULL;
101  }
102  for (i=0; i < kl->count; i++) {
103  if (&kl->keys[i] && kl->keys[i].dnskey) {
104  if (ldns_rr_compare(kl->keys[i].dnskey, dnskey) == 0) {
105  return &kl->keys[i];
106  }
107  }
108  }
109  return NULL;
110 }
111 
112 
117 key_type*
118 keylist_push(keylist_type* kl, const char* locator,
119  uint8_t algorithm, uint32_t flags, int publish, int ksk, int zsk)
120 {
121  key_type* keys_old = NULL;
122  signconf_type* sc = NULL;
123 
124  ods_log_assert(kl);
125  ods_log_assert(locator);
126  ods_log_debug("[%s] add locator %s", key_str, locator);
127 
128  sc = (signconf_type*) kl->sc;
129  keys_old = kl->keys;
130  kl->keys = (key_type*) allocator_alloc(sc->allocator,
131  (kl->count + 1) * sizeof(key_type));
132  if (!kl->keys) {
133  ods_fatal_exit("[%s] unable to add key: allocator_alloc() failed",
134  key_str);
135  }
136  if (keys_old) {
137  memcpy(kl->keys, keys_old, (kl->count) * sizeof(key_type));
138  }
139  allocator_deallocate(sc->allocator, (void*) keys_old);
140  kl->count++;
141  kl->keys[kl->count -1].locator = locator;
142  kl->keys[kl->count -1].algorithm = algorithm;
143  kl->keys[kl->count -1].flags = flags;
144  kl->keys[kl->count -1].publish = publish;
145  kl->keys[kl->count -1].ksk = ksk;
146  kl->keys[kl->count -1].zsk = zsk;
147  kl->keys[kl->count -1].dnskey = NULL;
148  kl->keys[kl->count -1].hsmkey = NULL;
149  kl->keys[kl->count -1].params = NULL;
150  return &kl->keys[kl->count -1];
151 }
152 
153 
158 static void
159 key_print(FILE* fd, key_type* key)
160 {
161  if (!fd || !key) {
162  return;
163  }
164  fprintf(fd, "\t\t\t<Key>\n");
165  fprintf(fd, "\t\t\t\t<Flags>%u</Flags>\n", key->flags);
166  fprintf(fd, "\t\t\t\t<Algorithm>%u</Algorithm>\n", key->algorithm);
167  if (key->locator) {
168  fprintf(fd, "\t\t\t\t<Locator>%s</Locator>\n", key->locator);
169  }
170  if (key->ksk) {
171  fprintf(fd, "\t\t\t\t<KSK />\n");
172  }
173  if (key->zsk) {
174  fprintf(fd, "\t\t\t\t<ZSK />\n");
175  }
176  if (key->publish) {
177  fprintf(fd, "\t\t\t\t<Publish />\n");
178  }
179  fprintf(fd, "\t\t\t</Key>\n");
180  fprintf(fd, "\n");
181  return;
182 }
183 
184 
189 static void
190 key_log(key_type* key, const char* name)
191 {
192  if (!key) {
193  return;
194  }
195  ods_log_debug("[%s] zone %s key: LOCATOR[%s] FLAGS[%u] ALGORITHM[%u] "
196  "KSK[%i] ZSK[%i] PUBLISH[%i]", key_str, name?name:"(null)", key->locator,
197  key->flags, key->algorithm, key->ksk, key->zsk, key->publish);
198  return;
199 }
200 
201 
206 void
208 {
209  uint16_t i = 0;
210  if (!fd || !kl || kl->count <= 0) {
211  return;
212  }
213  for (i=0; i < kl->count; i++) {
214  key_print(fd, &kl->keys[i]);
215  }
216  return;
217 }
218 
219 
224 void
225 keylist_log(keylist_type* kl, const char* name)
226 {
227  uint16_t i = 0;
228  if (!kl || kl->count <= 0) {
229  return;
230  }
231  for (i=0; i < kl->count; i++) {
232  key_log(&kl->keys[i], name);
233  }
234  return;
235 }
236 
237 
242 static void
243 key_delfunc(key_type* key)
244 {
245  if (!key) {
246  return;
247  }
248  /* ldns_rr_free(key->dnskey); */
249  hsm_key_free(key->hsmkey);
250  hsm_sign_params_free(key->params);
251  free((void*) key->locator);
252  return;
253 }
254 
255 
260 void
262 {
263  uint16_t i = 0;
264  signconf_type* sc = NULL;
265  if (!kl) {
266  return;
267  }
268  for (i=0; i < kl->count; i++) {
269  key_delfunc(&kl->keys[i]);
270  }
271  sc = (signconf_type*) kl->sc;
272  allocator_deallocate(sc->allocator, (void*) kl->keys);
273  allocator_deallocate(sc->allocator, (void*) kl);
274 }
275 
276 
281 static void
282 key_backup(FILE* fd, key_type* key, const char* version)
283 {
284  if (!fd || !key) {
285  return;
286  }
287  fprintf(fd, ";;Key: locator %s algorithm %u flags %u publish %i ksk %i "
288  "zsk %i\n", key->locator, (unsigned) key->algorithm,
289  (unsigned) key->flags, key->publish, key->ksk, key->zsk);
290  if (strcmp(version, ODS_SE_FILE_MAGIC_V2) == 0) {
291  if (key->dnskey) {
292  (void)util_rr_print(fd, key->dnskey);
293  }
294  fprintf(fd, ";;Keydone\n");
295  }
296  return;
297 }
298 
299 
304 key_type*
306 {
307  const char* locator = NULL;
308  uint8_t algorithm = 0;
309  uint32_t flags = 0;
310  int publish = 0;
311  int ksk = 0;
312  int zsk = 0;
313 
314  ods_log_assert(fd);
315 
316  if (!backup_read_check_str(fd, "locator") ||
317  !backup_read_str(fd, &locator) ||
318  !backup_read_check_str(fd, "algorithm") ||
319  !backup_read_uint8_t(fd, &algorithm) ||
320  !backup_read_check_str(fd, "flags") ||
321  !backup_read_uint32_t(fd, &flags) ||
322  !backup_read_check_str(fd, "publish") ||
323  !backup_read_int(fd, &publish) ||
324  !backup_read_check_str(fd, "ksk") ||
325  !backup_read_int(fd, &ksk) ||
326  !backup_read_check_str(fd, "zsk") ||
327  !backup_read_int(fd, &zsk)) {
328  if (locator) {
329  free((void*)locator);
330  locator = NULL;
331  }
332  return NULL;
333  }
334  /* key ok */
335  return keylist_push(kl, locator, algorithm, flags, publish, ksk, zsk);
336 }
337 
338 
343 void
344 keylist_backup(FILE* fd, keylist_type* kl, const char* version)
345 {
346  uint16_t i = 0;
347  if (!fd || !kl || kl->count <= 0) {
348  return;
349  }
350  for (i=0; i < kl->count; i++) {
351  key_backup(fd, &kl->keys[i], version);
352  }
353  return;
354 }