"Fossies" - the Fresh Open Source Software Archive

Member "bind-9.11.23/lib/dns/tsec.c" (7 Sep 2020, 3398 Bytes) of package /linux/misc/dns/bind9/9.11.23/bind-9.11.23.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "tsec.c" see the Fossies "Dox" file reference documentation.

    1 /*
    2  * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
    3  *
    4  * This Source Code Form is subject to the terms of the Mozilla Public
    5  * License, v. 2.0. If a copy of the MPL was not distributed with this
    6  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
    7  *
    8  * See the COPYRIGHT file distributed with this work for additional
    9  * information regarding copyright ownership.
   10  */
   11 
   12 #include <config.h>
   13 
   14 #include <isc/mem.h>
   15 #include <isc/util.h>
   16 
   17 #include <pk11/site.h>
   18 
   19 #include <dns/tsec.h>
   20 #include <dns/tsig.h>
   21 #include <dns/result.h>
   22 
   23 #include <dst/dst.h>
   24 
   25 #define DNS_TSEC_MAGIC          ISC_MAGIC('T', 's', 'e', 'c')
   26 #define DNS_TSEC_VALID(t)       ISC_MAGIC_VALID(t, DNS_TSEC_MAGIC)
   27 
   28 /*%
   29  * DNS Transaction Security object.  We assume this is not shared by
   30  * multiple threads, and so the structure does not contain a lock.
   31  */
   32 struct dns_tsec {
   33     unsigned int        magic;
   34     dns_tsectype_t      type;
   35     isc_mem_t       *mctx;
   36     union {
   37         dns_tsigkey_t   *tsigkey;
   38         dst_key_t   *key;
   39     } ukey;
   40 };
   41 
   42 isc_result_t
   43 dns_tsec_create(isc_mem_t *mctx, dns_tsectype_t type, dst_key_t *key,
   44         dns_tsec_t **tsecp)
   45 {
   46     isc_result_t result;
   47     dns_tsec_t *tsec;
   48     dns_tsigkey_t *tsigkey = NULL;
   49     dns_name_t *algname;
   50 
   51     REQUIRE(mctx != NULL);
   52     REQUIRE(tsecp != NULL && *tsecp == NULL);
   53 
   54     tsec = isc_mem_get(mctx, sizeof(*tsec));
   55     if (tsec == NULL)
   56         return (ISC_R_NOMEMORY);
   57 
   58     tsec->type = type;
   59     tsec->mctx = mctx;
   60 
   61     switch (type) {
   62     case dns_tsectype_tsig:
   63         switch (dst_key_alg(key)) {
   64 #ifndef PK11_MD5_DISABLE
   65         case DST_ALG_HMACMD5:
   66             algname = dns_tsig_hmacmd5_name;
   67             break;
   68 #endif
   69         case DST_ALG_HMACSHA1:
   70             algname = dns_tsig_hmacsha1_name;
   71             break;
   72         case DST_ALG_HMACSHA224:
   73             algname = dns_tsig_hmacsha224_name;
   74             break;
   75         case DST_ALG_HMACSHA256:
   76             algname = dns_tsig_hmacsha256_name;
   77             break;
   78         case DST_ALG_HMACSHA384:
   79             algname = dns_tsig_hmacsha384_name;
   80             break;
   81         case DST_ALG_HMACSHA512:
   82             algname = dns_tsig_hmacsha512_name;
   83             break;
   84         default:
   85             isc_mem_put(mctx, tsec, sizeof(*tsec));
   86             return (DNS_R_BADALG);
   87         }
   88         result = dns_tsigkey_createfromkey(dst_key_name(key),
   89                            algname, key, false,
   90                            NULL, 0, 0, mctx, NULL,
   91                            &tsigkey);
   92         if (result != ISC_R_SUCCESS) {
   93             isc_mem_put(mctx, tsec, sizeof(*tsec));
   94             return (result);
   95         }
   96         tsec->ukey.tsigkey = tsigkey;
   97         break;
   98     case dns_tsectype_sig0:
   99         tsec->ukey.key = key;
  100         break;
  101     default:
  102         INSIST(0);
  103         ISC_UNREACHABLE();
  104     }
  105 
  106     tsec->magic = DNS_TSEC_MAGIC;
  107 
  108     *tsecp = tsec;
  109     return (ISC_R_SUCCESS);
  110 }
  111 
  112 void
  113 dns_tsec_destroy(dns_tsec_t **tsecp) {
  114     dns_tsec_t *tsec;
  115 
  116     REQUIRE(tsecp != NULL && *tsecp != NULL);
  117     tsec = *tsecp;
  118     REQUIRE(DNS_TSEC_VALID(tsec));
  119 
  120     switch (tsec->type) {
  121     case dns_tsectype_tsig:
  122         dns_tsigkey_detach(&tsec->ukey.tsigkey);
  123         break;
  124     case dns_tsectype_sig0:
  125         dst_key_free(&tsec->ukey.key);
  126         break;
  127     default:
  128         INSIST(0);
  129         ISC_UNREACHABLE();
  130     }
  131 
  132     tsec->magic = 0;
  133     isc_mem_put(tsec->mctx, tsec, sizeof(*tsec));
  134 
  135     *tsecp = NULL;
  136 }
  137 
  138 dns_tsectype_t
  139 dns_tsec_gettype(dns_tsec_t *tsec) {
  140     REQUIRE(DNS_TSEC_VALID(tsec));
  141 
  142     return (tsec->type);
  143 }
  144 
  145 void
  146 dns_tsec_getkey(dns_tsec_t *tsec, void *keyp) {
  147     REQUIRE(DNS_TSEC_VALID(tsec));
  148     REQUIRE(keyp != NULL);
  149 
  150     switch (tsec->type) {
  151     case dns_tsectype_tsig:
  152         dns_tsigkey_attach(tsec->ukey.tsigkey, (dns_tsigkey_t **)keyp);
  153         break;
  154     case dns_tsectype_sig0:
  155         *(dst_key_t **)keyp = tsec->ukey.key;
  156         break;
  157     default:
  158         INSIST(0);
  159         ISC_UNREACHABLE();
  160     }
  161 }