keys.h

Go to the documentation of this file.
00001 /*
00002  * 
00003  * keys.h
00004  *
00005  * priv key definitions
00006  *
00007  * a Net::DNS like library for C
00008  *
00009  * (c) NLnet Labs, 2005-2006
00010  *
00011  * See the file LICENSE for the license
00012  */
00013 
00021 #ifndef LDNS_KEYS_H
00022 #define LDNS_KEYS_H
00023 
00024 #ifdef HAVE_SSL
00025 #include <openssl/ssl.h>
00026 #endif /* HAVE_SSL */
00027 #include <ldns/dnssec.h>
00028 #include <ldns/util.h>
00029 #include <errno.h>
00030 
00031 extern ldns_lookup_table ldns_signing_algorithms[];
00032 
00033 #define LDNS_KEY_ZONE_KEY 0x0100
00034 #define LDNS_KEY_SEP_KEY 0x0001
00035 
00039 enum ldns_enum_algorithm
00040 {
00041         LDNS_RSAMD5             = 1,
00042         LDNS_DH                 = 2,
00043         LDNS_DSA                = 3,
00044         LDNS_ECC                = 4,
00045         LDNS_RSASHA1            = 5,
00046         LDNS_DSA_NSEC3          = 6,
00047         LDNS_RSASHA1_NSEC3      = 7,
00048         LDNS_RSASHA256          = 8, /* not official */
00049         LDNS_RSASHA512          = 9, /* not official */
00050         LDNS_RSASHA256_NSEC3    = 10, /* not official */
00051         LDNS_RSASHA512_NSEC3    = 11, /* not official */
00052         LDNS_INDIRECT           = 252,
00053         LDNS_PRIVATEDNS         = 253,
00054         LDNS_PRIVATEOID         = 254
00055 };
00056 typedef enum ldns_enum_algorithm ldns_algorithm;
00057 
00061 enum ldns_enum_hash
00062 {
00063         LDNS_SHA1               = 1,
00064         LDNS_SHA256             = 2
00065 };
00066 typedef enum ldns_enum_hash ldns_hash;
00067 
00071 enum ldns_enum_signing_algorithm
00072 {
00073         LDNS_SIGN_RSAMD5         = LDNS_RSAMD5,
00074         LDNS_SIGN_RSASHA1        = LDNS_RSASHA1,
00075         LDNS_SIGN_RSASHA256      = LDNS_RSASHA256,
00076         LDNS_SIGN_RSASHA512      = LDNS_RSASHA512,
00077         LDNS_SIGN_DSA            = LDNS_DSA,
00078         LDNS_SIGN_RSASHA1_NSEC3  = LDNS_RSASHA1_NSEC3,
00079         LDNS_SIGN_RSASHA256_NSEC3  = LDNS_RSASHA256_NSEC3,
00080         LDNS_SIGN_RSASHA512_NSEC3  = LDNS_RSASHA512_NSEC3,
00081         LDNS_SIGN_DSA_NSEC3      = LDNS_DSA_NSEC3,      
00082         LDNS_SIGN_HMACMD5        = 157  /* not official! This type is for TSIG, not DNSSEC */
00083 };
00084 typedef enum ldns_enum_signing_algorithm ldns_signing_algorithm;
00085 
00096 struct ldns_struct_key {
00097         ldns_signing_algorithm _alg;
00099         bool _use;
00101         /* TODO remove unions? */
00102         struct {
00103 #ifdef HAVE_SSL
00104 #ifndef S_SPLINT_S
00105                 EVP_PKEY *key;
00106 #endif
00107 #endif /* HAVE_SSL */
00108                 struct {
00109                         unsigned char *key;
00110                         size_t size;
00111                 } hmac;
00112         } _key;
00114         union {
00116                 struct {
00118                         uint32_t orig_ttl;
00120                         uint32_t inception;
00122                         uint32_t expiration;
00124                         uint16_t keytag;
00126                         uint16_t flags;
00127                 }  dnssec;
00128         } _extra;
00130         ldns_rdf *_pubkey_owner;
00131 };
00132 typedef struct ldns_struct_key ldns_key;
00133 
00137 struct ldns_struct_key_list
00138 {
00139         size_t _key_count;
00140         ldns_key **_keys;
00141 };
00142 typedef struct ldns_struct_key_list ldns_key_list;
00143 
00144 
00149 ldns_key_list *ldns_key_list_new();
00150 
00155 ldns_key *ldns_key_new();
00156 
00164 ldns_key *ldns_key_new_frm_algorithm(ldns_signing_algorithm a, uint16_t size);
00165 
00176 ldns_status ldns_key_new_frm_fp(ldns_key **k, FILE *fp);
00177 
00189 ldns_status ldns_key_new_frm_fp_l(ldns_key **k, FILE *fp, int *line_nr);
00190 
00191 #ifdef HAVE_SSL
00192 
00196 ldns_status ldns_key_new_frm_engine(ldns_key **key, ENGINE *e, char *key_id, ldns_algorithm);
00197 
00198 
00205 RSA *ldns_key_new_frm_fp_rsa(FILE *fp);
00206 #endif /* HAVE_SSL */
00207 
00208 #ifdef HAVE_SSL
00209 
00216 RSA *ldns_key_new_frm_fp_rsa_l(FILE *fp, int *line_nr);
00217 #endif /* HAVE_SSL */
00218 
00219 #ifdef HAVE_SSL
00220 
00226 DSA *ldns_key_new_frm_fp_dsa(FILE *fp);
00227 #endif /* HAVE_SSL */
00228 
00229 #ifdef HAVE_SSL
00230 
00237 DSA *ldns_key_new_frm_fp_dsa_l(FILE *fp, int *line_nr);
00238 #endif /* HAVE_SSL */
00239 
00240 #ifdef HAVE_SSL
00241 
00249 unsigned char *ldns_key_new_frm_fp_hmac(FILE *fp, size_t *hmac_size);
00250 #endif
00251 
00252 #ifdef HAVE_SSL
00253 
00262 unsigned char *ldns_key_new_frm_fp_hmac_l(FILE *fp, int *line_nr, size_t *hmac_size);
00263 #endif /* HAVE_SSL */
00264 
00265 /* acces write functions */
00271 void ldns_key_set_algorithm(ldns_key *k, ldns_signing_algorithm l);
00272 #ifdef HAVE_SSL
00273 
00278 void ldns_key_set_evp_key(ldns_key *k, EVP_PKEY *e);
00284 void ldns_key_set_rsa_key(ldns_key *k, RSA *r);
00290 void ldns_key_set_dsa_key(ldns_key *k, DSA *d);
00291 #endif /* HAVE_SSL */
00292 
00297 void ldns_key_set_hmac_key(ldns_key *k, unsigned char *hmac);
00298 /*
00299  * Set the key's hmac size
00300  * \param[in] k the key
00301  * \param[in] hmac the hmac data
00302  */
00303 void ldns_key_set_hmac_size(ldns_key *k, size_t hmac_size);
00304 
00310 void ldns_key_set_hmac_size(ldns_key *k, size_t hmac_size);
00316 void ldns_key_set_origttl(ldns_key *k, uint32_t t);
00322 void ldns_key_set_inception(ldns_key *k, uint32_t i);
00328 void ldns_key_set_expiration(ldns_key *k, uint32_t e);
00334 void ldns_key_set_pubkey_owner(ldns_key *k, ldns_rdf *r);
00340 void ldns_key_set_keytag(ldns_key *k, uint16_t tag);
00346 void ldns_key_set_flags(ldns_key *k, uint16_t flags);
00352 void ldns_key_list_set_key_count(ldns_key_list *key, size_t count);
00353 
00360 bool ldns_key_list_push_key(ldns_key_list *key_list, ldns_key *key);
00361 
00367 size_t ldns_key_list_key_count(const ldns_key_list *key_list);
00368 
00375 ldns_key *ldns_key_list_key(const ldns_key_list *key, size_t nr);
00376 
00377 #ifdef HAVE_SSL
00378 
00383 RSA *ldns_key_rsa_key(const ldns_key *k);
00389 EVP_PKEY *ldns_key_evp_key(const ldns_key *k);
00390 #endif /* HAVE_SSL */
00391 
00395 #ifdef HAVE_SSL
00396 DSA *ldns_key_dsa_key(const ldns_key *k);
00397 #endif /* HAVE_SSL */
00398 
00404 ldns_signing_algorithm ldns_key_algorithm(const ldns_key *k);
00410 void ldns_key_set_use(ldns_key *k, bool v);
00416 bool ldns_key_use(const ldns_key *k);
00422 unsigned char *ldns_key_hmac_key(const ldns_key *k);
00428 size_t ldns_key_hmac_size(const ldns_key *k);
00434 uint32_t ldns_key_origttl(const ldns_key *k);
00440 uint32_t ldns_key_inception(const ldns_key *k);
00446 uint32_t ldns_key_expiration(const ldns_key *k);
00452 uint16_t ldns_key_keytag(const ldns_key *k);
00458 ldns_rdf *ldns_key_pubkey_owner(const ldns_key *k);
00464 void
00465 ldns_key_list_set_use(ldns_key_list *keys, bool v);
00466 
00472 uint16_t ldns_key_flags(const ldns_key *k);
00473 
00479 ldns_key *ldns_key_list_pop_key(ldns_key_list *key_list);
00480 
00487 ldns_rr *ldns_key2rr(const ldns_key *k);
00488 
00495 void ldns_key_print(FILE *output, const ldns_key *k);
00496 
00502 void ldns_key_free(ldns_key *key);
00503 
00509 void ldns_key_deep_free(ldns_key *key);
00510 
00515 void ldns_key_list_free(ldns_key_list *key_list);
00516 
00522 ldns_rr * ldns_read_anchor_file(const char *filename);
00523 #endif /* LDNS_KEYS_H */

Generated on Fri Aug 8 03:40:19 2008 for ldns by  doxygen 1.5.6