1/*	$NetBSD: bigkey.c,v 1.9 2024/02/21 22:51:36 christos Exp $	*/
2
3/*
4 * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
5 *
6 * SPDX-License-Identifier: MPL-2.0
7 *
8 * This Source Code Form is subject to the terms of the Mozilla Public
9 * License, v. 2.0. If a copy of the MPL was not distributed with this
10 * file, you can obtain one at https://mozilla.org/MPL/2.0/.
11 *
12 * See the COPYRIGHT file distributed with this work for additional
13 * information regarding copyright ownership.
14 */
15
16#include <stdio.h>
17#include <stdlib.h>
18
19#include <isc/buffer.h>
20#include <isc/mem.h>
21#include <isc/print.h>
22#include <isc/region.h>
23#include <isc/stdio.h>
24#include <isc/string.h>
25#include <isc/util.h>
26
27#define DST_KEY_INTERNAL
28
29#include <openssl/bn.h>
30#include <openssl/err.h>
31#include <openssl/evp.h>
32#include <openssl/objects.h>
33#include <openssl/rsa.h>
34
35#include <isc/result.h>
36
37#include <dns/dnssec.h>
38#include <dns/fixedname.h>
39#include <dns/keyvalues.h>
40#include <dns/log.h>
41#include <dns/name.h>
42#include <dns/rdataclass.h>
43#include <dns/secalg.h>
44
45#include <dst/dst.h>
46
47dst_key_t *key;
48dns_fixedname_t fname;
49dns_name_t *name;
50unsigned int bits = 2048U;
51isc_mem_t *mctx;
52isc_log_t *log_;
53isc_logconfig_t *logconfig;
54int level = ISC_LOG_WARNING;
55isc_logdestination_t destination;
56char filename[255];
57isc_result_t result;
58isc_buffer_t buf;
59RSA *rsa;
60BIGNUM *e;
61EVP_PKEY *pkey;
62
63#define CHECK(op, msg)                                                        \
64	do {                                                                  \
65		result = (op);                                                \
66		if (result != ISC_R_SUCCESS) {                                \
67			fprintf(stderr,                                       \
68				"fatal error: %s returns %s at file %s line " \
69				"%d\n",                                       \
70				msg, isc_result_totext(result), __FILE__,     \
71				__LINE__);                                    \
72			ERR_clear_error();                                    \
73			exit(1);                                              \
74		}                                                             \
75	} while (0)
76
77int
78main(int argc, char **argv) {
79	UNUSED(argc);
80	UNUSED(argv);
81
82	rsa = RSA_new();
83	e = BN_new();
84	pkey = EVP_PKEY_new();
85
86	if ((rsa == NULL) || (e == NULL) || (pkey == NULL) ||
87	    !EVP_PKEY_set1_RSA(pkey, rsa))
88	{
89		fprintf(stderr, "fatal error: basic OpenSSL failure\n");
90		ERR_clear_error();
91		exit(1);
92	}
93
94	/* e = 0x1000000000001 */
95	BN_set_bit(e, 0);
96	BN_set_bit(e, 48);
97
98	if (RSA_generate_key_ex(rsa, bits, e, NULL)) {
99		BN_free(e);
100		RSA_free(rsa);
101	} else {
102		fprintf(stderr,
103			"fatal error: RSA_generate_key_ex() fails "
104			"at file %s line %d\n",
105			__FILE__, __LINE__);
106		ERR_clear_error();
107		exit(1);
108	}
109
110	isc_mem_create(&mctx);
111	CHECK(dst_lib_init(mctx, NULL), "dst_lib_init()");
112	isc_log_create(mctx, &log_, &logconfig);
113	isc_log_setcontext(log_);
114	dns_log_init(log_);
115	dns_log_setcontext(log_);
116	isc_log_settag(logconfig, "bigkey");
117
118	destination.file.stream = stderr;
119	destination.file.name = NULL;
120	destination.file.versions = ISC_LOG_ROLLNEVER;
121	destination.file.maximum_size = 0;
122	isc_log_createchannel(logconfig, "stderr", ISC_LOG_TOFILEDESC, level,
123			      &destination,
124			      ISC_LOG_PRINTTAG | ISC_LOG_PRINTLEVEL);
125
126	CHECK(isc_log_usechannel(logconfig, "stderr", NULL, NULL), "isc_log_"
127								   "usechannel("
128								   ")");
129	name = dns_fixedname_initname(&fname);
130	isc_buffer_constinit(&buf, "example.", strlen("example."));
131	isc_buffer_add(&buf, strlen("example."));
132	CHECK(dns_name_fromtext(name, &buf, dns_rootname, 0, NULL), "dns_name_"
133								    "fromtext("
134								    "\"example."
135								    "\")");
136
137	CHECK(dst_key_buildinternal(name, DNS_KEYALG_RSASHA256, bits,
138				    DNS_KEYOWNER_ZONE, DNS_KEYPROTO_DNSSEC,
139				    dns_rdataclass_in, pkey, mctx, &key),
140	      "dst_key_buildinternal(...)");
141
142	CHECK(dst_key_tofile(key, DST_TYPE_PRIVATE | DST_TYPE_PUBLIC, NULL),
143	      "dst_key_tofile()");
144	isc_buffer_init(&buf, filename, sizeof(filename) - 1);
145	isc_buffer_clear(&buf);
146	CHECK(dst_key_buildfilename(key, 0, NULL, &buf), "dst_key_"
147							 "buildfilename()");
148	printf("%s\n", filename);
149	dst_key_free(&key);
150
151	isc_log_destroy(&log_);
152	isc_log_setcontext(NULL);
153	dns_log_setcontext(NULL);
154	dst_lib_destroy();
155	isc_mem_destroy(&mctx);
156	return (0);
157}
158
159/*! \file */
160