1/* $NetBSD: bigkey.c,v 1.9 2024/02/21 22:51:36 christos Exp $ */ 2 3/* 4 * Copyright (C) Internet Systems Consortium, Inc. ("ISC") 5 * 6 * SPDX-License-Identifier: MPL-2.0 7 * 8 * This Source Code Form is subject to the terms of the Mozilla Public 9 * License, v. 2.0. If a copy of the MPL was not distributed with this 10 * file, you can obtain one at https://mozilla.org/MPL/2.0/. 11 * 12 * See the COPYRIGHT file distributed with this work for additional 13 * information regarding copyright ownership. 14 */ 15 16#include <stdio.h> 17#include <stdlib.h> 18 19#include <isc/buffer.h> 20#include <isc/mem.h> 21#include <isc/print.h> 22#include <isc/region.h> 23#include <isc/stdio.h> 24#include <isc/string.h> 25#include <isc/util.h> 26 27#define DST_KEY_INTERNAL 28 29#include <openssl/bn.h> 30#include <openssl/err.h> 31#include <openssl/evp.h> 32#include <openssl/objects.h> 33#include <openssl/rsa.h> 34 35#include <isc/result.h> 36 37#include <dns/dnssec.h> 38#include <dns/fixedname.h> 39#include <dns/keyvalues.h> 40#include <dns/log.h> 41#include <dns/name.h> 42#include <dns/rdataclass.h> 43#include <dns/secalg.h> 44 45#include <dst/dst.h> 46 47dst_key_t *key; 48dns_fixedname_t fname; 49dns_name_t *name; 50unsigned int bits = 2048U; 51isc_mem_t *mctx; 52isc_log_t *log_; 53isc_logconfig_t *logconfig; 54int level = ISC_LOG_WARNING; 55isc_logdestination_t destination; 56char filename[255]; 57isc_result_t result; 58isc_buffer_t buf; 59RSA *rsa; 60BIGNUM *e; 61EVP_PKEY *pkey; 62 63#define CHECK(op, msg) \ 64 do { \ 65 result = (op); \ 66 if (result != ISC_R_SUCCESS) { \ 67 fprintf(stderr, \ 68 "fatal error: %s returns %s at file %s line " \ 69 "%d\n", \ 70 msg, isc_result_totext(result), __FILE__, \ 71 __LINE__); \ 72 ERR_clear_error(); \ 73 exit(1); \ 74 } \ 75 } while (0) 76 77int 78main(int argc, char **argv) { 79 UNUSED(argc); 80 UNUSED(argv); 81 82 rsa = RSA_new(); 83 e = BN_new(); 84 pkey = EVP_PKEY_new(); 85 86 if ((rsa == NULL) || (e == NULL) || (pkey == NULL) || 87 !EVP_PKEY_set1_RSA(pkey, rsa)) 88 { 89 fprintf(stderr, "fatal error: basic OpenSSL failure\n"); 90 ERR_clear_error(); 91 exit(1); 92 } 93 94 /* e = 0x1000000000001 */ 95 BN_set_bit(e, 0); 96 BN_set_bit(e, 48); 97 98 if (RSA_generate_key_ex(rsa, bits, e, NULL)) { 99 BN_free(e); 100 RSA_free(rsa); 101 } else { 102 fprintf(stderr, 103 "fatal error: RSA_generate_key_ex() fails " 104 "at file %s line %d\n", 105 __FILE__, __LINE__); 106 ERR_clear_error(); 107 exit(1); 108 } 109 110 isc_mem_create(&mctx); 111 CHECK(dst_lib_init(mctx, NULL), "dst_lib_init()"); 112 isc_log_create(mctx, &log_, &logconfig); 113 isc_log_setcontext(log_); 114 dns_log_init(log_); 115 dns_log_setcontext(log_); 116 isc_log_settag(logconfig, "bigkey"); 117 118 destination.file.stream = stderr; 119 destination.file.name = NULL; 120 destination.file.versions = ISC_LOG_ROLLNEVER; 121 destination.file.maximum_size = 0; 122 isc_log_createchannel(logconfig, "stderr", ISC_LOG_TOFILEDESC, level, 123 &destination, 124 ISC_LOG_PRINTTAG | ISC_LOG_PRINTLEVEL); 125 126 CHECK(isc_log_usechannel(logconfig, "stderr", NULL, NULL), "isc_log_" 127 "usechannel(" 128 ")"); 129 name = dns_fixedname_initname(&fname); 130 isc_buffer_constinit(&buf, "example.", strlen("example.")); 131 isc_buffer_add(&buf, strlen("example.")); 132 CHECK(dns_name_fromtext(name, &buf, dns_rootname, 0, NULL), "dns_name_" 133 "fromtext(" 134 "\"example." 135 "\")"); 136 137 CHECK(dst_key_buildinternal(name, DNS_KEYALG_RSASHA256, bits, 138 DNS_KEYOWNER_ZONE, DNS_KEYPROTO_DNSSEC, 139 dns_rdataclass_in, pkey, mctx, &key), 140 "dst_key_buildinternal(...)"); 141 142 CHECK(dst_key_tofile(key, DST_TYPE_PRIVATE | DST_TYPE_PUBLIC, NULL), 143 "dst_key_tofile()"); 144 isc_buffer_init(&buf, filename, sizeof(filename) - 1); 145 isc_buffer_clear(&buf); 146 CHECK(dst_key_buildfilename(key, 0, NULL, &buf), "dst_key_" 147 "buildfilename()"); 148 printf("%s\n", filename); 149 dst_key_free(&key); 150 151 isc_log_destroy(&log_); 152 isc_log_setcontext(NULL); 153 dns_log_setcontext(NULL); 154 dst_lib_destroy(); 155 isc_mem_destroy(&mctx); 156 return (0); 157} 158 159/*! \file */ 160