keydata_65533.c revision 1.3 
1/*
2 * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
9 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
10 * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
11 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
12 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
13 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
14 * PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#ifndef GENERIC_KEYDATA_65533_C
18#define GENERIC_KEYDATA_65533_C 1
19
20#include <isc/time.h>
21#include <isc/stdtime.h>
22
23#include <dst/dst.h>
24
25#define RRTYPE_KEYDATA_ATTRIBUTES (0)
26
27static inline isc_result_t
28fromtext_keydata(ARGS_FROMTEXT) {
29	isc_result_t result;
30	isc_token_t token;
31	dns_secalg_t alg;
32	dns_secproto_t proto;
33	dns_keyflags_t flags;
34	uint32_t refresh, addhd, removehd;
35
36	REQUIRE(type == dns_rdatatype_keydata);
37
38	UNUSED(type);
39	UNUSED(rdclass);
40	UNUSED(origin);
41	UNUSED(options);
42	UNUSED(callbacks);
43
44	/* refresh timer */
45	RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string,
46				      ISC_FALSE));
47	RETTOK(dns_time32_fromtext(DNS_AS_STR(token), &refresh));
48	RETERR(uint32_tobuffer(refresh, target));
49
50	/* add hold-down */
51	RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string,
52				      ISC_FALSE));
53	RETTOK(dns_time32_fromtext(DNS_AS_STR(token), &addhd));
54	RETERR(uint32_tobuffer(addhd, target));
55
56	/* remove hold-down */
57	RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string,
58				      ISC_FALSE));
59	RETTOK(dns_time32_fromtext(DNS_AS_STR(token), &removehd));
60	RETERR(uint32_tobuffer(removehd, target));
61
62	/* flags */
63	RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string,
64				      ISC_FALSE));
65	RETTOK(dns_keyflags_fromtext(&flags, &token.value.as_textregion));
66	RETERR(uint16_tobuffer(flags, target));
67
68	/* protocol */
69	RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string,
70				      ISC_FALSE));
71	RETTOK(dns_secproto_fromtext(&proto, &token.value.as_textregion));
72	RETERR(mem_tobuffer(target, &proto, 1));
73
74	/* algorithm */
75	RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string,
76				      ISC_FALSE));
77	RETTOK(dns_secalg_fromtext(&alg, &token.value.as_textregion));
78	RETERR(mem_tobuffer(target, &alg, 1));
79
80	/* No Key? */
81	if ((flags & 0xc000) == 0xc000)
82		return (ISC_R_SUCCESS);
83
84	result = isc_base64_tobuffer(lexer, target, -1);
85	if (result != ISC_R_SUCCESS)
86		return (result);
87
88	/* Ensure there's at least enough data to compute a key ID for MD5 */
89	if (alg == DST_ALG_RSAMD5 && isc_buffer_usedlength(target) < 19)
90		return (ISC_R_UNEXPECTEDEND);
91
92	return (ISC_R_SUCCESS);
93}
94
95static inline isc_result_t
96totext_keydata(ARGS_TOTEXT) {
97	isc_region_t sr;
98	char buf[sizeof("64000")];
99	unsigned int flags;
100	unsigned char algorithm;
101	unsigned long refresh, add, deltime;
102	char algbuf[DNS_NAME_FORMATSIZE];
103	const char *keyinfo;
104
105	REQUIRE(rdata->type == dns_rdatatype_keydata);
106
107	if ((tctx->flags & DNS_STYLEFLAG_KEYDATA) == 0 || rdata->length < 16)
108		return (unknown_totext(rdata, tctx, target));
109
110	dns_rdata_toregion(rdata, &sr);
111
112	/* refresh timer */
113	refresh = uint32_fromregion(&sr);
114	isc_region_consume(&sr, 4);
115	RETERR(dns_time32_totext(refresh, target));
116	RETERR(str_totext(" ", target));
117
118	/* add hold-down */
119	add = uint32_fromregion(&sr);
120	isc_region_consume(&sr, 4);
121	RETERR(dns_time32_totext(add, target));
122	RETERR(str_totext(" ", target));
123
124	/* remove hold-down */
125	deltime = uint32_fromregion(&sr);
126	isc_region_consume(&sr, 4);
127	RETERR(dns_time32_totext(deltime, target));
128	RETERR(str_totext(" ", target));
129
130	/* flags */
131	flags = uint16_fromregion(&sr);
132	isc_region_consume(&sr, 2);
133	snprintf(buf, sizeof(buf), "%u", flags);
134	RETERR(str_totext(buf, target));
135	RETERR(str_totext(" ", target));
136	if ((flags & DNS_KEYFLAG_KSK) != 0) {
137		if (flags & DNS_KEYFLAG_REVOKE)
138			keyinfo = "revoked KSK";
139		else
140			keyinfo = "KSK";
141	} else
142		keyinfo = "ZSK";
143
144	/* protocol */
145	snprintf(buf, sizeof(buf), "%u", sr.base[0]);
146	isc_region_consume(&sr, 1);
147	RETERR(str_totext(buf, target));
148	RETERR(str_totext(" ", target));
149
150	/* algorithm */
151	algorithm = sr.base[0];
152	snprintf(buf, sizeof(buf), "%u", algorithm);
153	isc_region_consume(&sr, 1);
154	RETERR(str_totext(buf, target));
155
156	/* No Key? */
157	if ((flags & 0xc000) == 0xc000)
158		return (ISC_R_SUCCESS);
159
160	/* key */
161	if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0)
162		RETERR(str_totext(" (", target));
163	RETERR(str_totext(tctx->linebreak, target));
164	if (tctx->width == 0)   /* No splitting */
165		RETERR(isc_base64_totext(&sr, 60, "", target));
166	else
167		RETERR(isc_base64_totext(&sr, tctx->width - 2,
168					 tctx->linebreak, target));
169
170	if ((tctx->flags & DNS_STYLEFLAG_RRCOMMENT) != 0)
171		RETERR(str_totext(tctx->linebreak, target));
172	else if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0)
173		RETERR(str_totext(" ", target));
174
175	if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0)
176		RETERR(str_totext(")", target));
177
178	if ((tctx->flags & DNS_STYLEFLAG_RRCOMMENT) != 0) {
179		isc_region_t tmpr;
180		char rbuf[ISC_FORMATHTTPTIMESTAMP_SIZE];
181		char abuf[ISC_FORMATHTTPTIMESTAMP_SIZE];
182		char dbuf[ISC_FORMATHTTPTIMESTAMP_SIZE];
183		struct timespec t;
184
185		RETERR(str_totext(" ; ", target));
186		RETERR(str_totext(keyinfo, target));
187		dns_secalg_format((dns_secalg_t) algorithm, algbuf,
188				  sizeof(algbuf));
189		RETERR(str_totext("; alg = ", target));
190		RETERR(str_totext(algbuf, target));
191		RETERR(str_totext("; key id = ", target));
192		dns_rdata_toregion(rdata, &tmpr);
193		/* Skip over refresh, addhd, and removehd */
194		isc_region_consume(&tmpr, 12);
195		snprintf(buf, sizeof(buf), "%u",
196			 dst_region_computeid(&tmpr, algorithm));
197		RETERR(str_totext(buf, target));
198
199		if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0) {
200			isc_stdtime_t now;
201
202			isc_stdtime_get(&now);
203
204			RETERR(str_totext(tctx->linebreak, target));
205			RETERR(str_totext("; next refresh: ", target));
206			t.tv_sec = refresh;
207			t.tv_nsec = 0;
208			isc_time_formathttptimestamp(&t, rbuf, sizeof(rbuf));
209			RETERR(str_totext(rbuf, target));
210
211			if (add == 0U) {
212				RETERR(str_totext(tctx->linebreak, target));
213				RETERR(str_totext("; no trust", target));
214			} else {
215				RETERR(str_totext(tctx->linebreak, target));
216				if (add < now) {
217					RETERR(str_totext("; trusted since: ",
218							  target));
219				} else {
220					RETERR(str_totext("; trust pending: ",
221							  target));
222				}
223				t.tv_sec = add;
224				t.tv_nsec = 0;
225				isc_time_formathttptimestamp(&t, abuf,
226							     sizeof(abuf));
227				RETERR(str_totext(abuf, target));
228			}
229
230			if (deltime != 0U) {
231				RETERR(str_totext(tctx->linebreak, target));
232				RETERR(str_totext("; removal pending: ",
233						  target));
234				t.tv_sec = deltime;
235				t.tv_nsec = 0;
236				isc_time_formathttptimestamp(&t, dbuf,
237							     sizeof(dbuf));
238				RETERR(str_totext(dbuf, target));
239			}
240		}
241
242	}
243	return (ISC_R_SUCCESS);
244}
245
246static inline isc_result_t
247fromwire_keydata(ARGS_FROMWIRE) {
248	isc_region_t sr;
249
250	REQUIRE(type == dns_rdatatype_keydata);
251
252	UNUSED(type);
253	UNUSED(rdclass);
254	UNUSED(dctx);
255	UNUSED(options);
256
257	isc_buffer_activeregion(source, &sr);
258	isc_buffer_forward(source, sr.length);
259	return (mem_tobuffer(target, sr.base, sr.length));
260}
261
262static inline isc_result_t
263towire_keydata(ARGS_TOWIRE) {
264	isc_region_t sr;
265
266	REQUIRE(rdata->type == dns_rdatatype_keydata);
267
268	UNUSED(cctx);
269
270	dns_rdata_toregion(rdata, &sr);
271	return (mem_tobuffer(target, sr.base, sr.length));
272}
273
274static inline int
275compare_keydata(ARGS_COMPARE) {
276	isc_region_t r1;
277	isc_region_t r2;
278
279	REQUIRE(rdata1->type == rdata2->type);
280	REQUIRE(rdata1->rdclass == rdata2->rdclass);
281	REQUIRE(rdata1->type == dns_rdatatype_keydata);
282
283	dns_rdata_toregion(rdata1, &r1);
284	dns_rdata_toregion(rdata2, &r2);
285	return (isc_region_compare(&r1, &r2));
286}
287
288static inline isc_result_t
289fromstruct_keydata(ARGS_FROMSTRUCT) {
290	dns_rdata_keydata_t *keydata = source;
291
292	REQUIRE(type == dns_rdatatype_keydata);
293	REQUIRE(source != NULL);
294	REQUIRE(keydata->common.rdtype == type);
295	REQUIRE(keydata->common.rdclass == rdclass);
296
297	UNUSED(type);
298	UNUSED(rdclass);
299
300	/* Refresh timer */
301	RETERR(uint32_tobuffer(keydata->refresh, target));
302
303	/* Add hold-down */
304	RETERR(uint32_tobuffer(keydata->addhd, target));
305
306	/* Remove hold-down */
307	RETERR(uint32_tobuffer(keydata->removehd, target));
308
309	/* Flags */
310	RETERR(uint16_tobuffer(keydata->flags, target));
311
312	/* Protocol */
313	RETERR(uint8_tobuffer(keydata->protocol, target));
314
315	/* Algorithm */
316	RETERR(uint8_tobuffer(keydata->algorithm, target));
317
318	/* Data */
319	return (mem_tobuffer(target, keydata->data, keydata->datalen));
320}
321
322static inline isc_result_t
323tostruct_keydata(ARGS_TOSTRUCT) {
324	dns_rdata_keydata_t *keydata = target;
325	isc_region_t sr;
326
327	REQUIRE(rdata->type == dns_rdatatype_keydata);
328	REQUIRE(target != NULL);
329
330	keydata->common.rdclass = rdata->rdclass;
331	keydata->common.rdtype = rdata->type;
332	ISC_LINK_INIT(&keydata->common, link);
333
334	dns_rdata_toregion(rdata, &sr);
335
336	/* Refresh timer */
337	if (sr.length < 4)
338		return (ISC_R_UNEXPECTEDEND);
339	keydata->refresh = uint32_fromregion(&sr);
340	isc_region_consume(&sr, 4);
341
342	/* Add hold-down */
343	if (sr.length < 4)
344		return (ISC_R_UNEXPECTEDEND);
345	keydata->addhd = uint32_fromregion(&sr);
346	isc_region_consume(&sr, 4);
347
348	/* Remove hold-down */
349	if (sr.length < 4)
350		return (ISC_R_UNEXPECTEDEND);
351	keydata->removehd = uint32_fromregion(&sr);
352	isc_region_consume(&sr, 4);
353
354	/* Flags */
355	if (sr.length < 2)
356		return (ISC_R_UNEXPECTEDEND);
357	keydata->flags = uint16_fromregion(&sr);
358	isc_region_consume(&sr, 2);
359
360	/* Protocol */
361	if (sr.length < 1)
362		return (ISC_R_UNEXPECTEDEND);
363	keydata->protocol = uint8_fromregion(&sr);
364	isc_region_consume(&sr, 1);
365
366	/* Algorithm */
367	if (sr.length < 1)
368		return (ISC_R_UNEXPECTEDEND);
369	keydata->algorithm = uint8_fromregion(&sr);
370	isc_region_consume(&sr, 1);
371
372	/* Data */
373	keydata->datalen = sr.length;
374	keydata->data = mem_maybedup(sr.base, keydata->datalen);
375	if (keydata->data == NULL)
376		return (ISC_R_NOMEMORY);
377
378	return (ISC_R_SUCCESS);
379}
380
381static inline void
382freestruct_keydata(ARGS_FREESTRUCT) {
383	dns_rdata_keydata_t *keydata = (dns_rdata_keydata_t *) source;
384
385	REQUIRE(source != NULL);
386	REQUIRE(keydata->common.rdtype == dns_rdatatype_keydata);
387
388	free(keydata->data);
389}
390
391static inline isc_result_t
392additionaldata_keydata(ARGS_ADDLDATA) {
393	REQUIRE(rdata->type == dns_rdatatype_keydata);
394
395	UNUSED(rdata);
396	UNUSED(add);
397	UNUSED(arg);
398
399	return (ISC_R_SUCCESS);
400}
401
402static inline isc_result_t
403digest_keydata(ARGS_DIGEST) {
404	isc_region_t r;
405
406	REQUIRE(rdata->type == dns_rdatatype_keydata);
407
408	dns_rdata_toregion(rdata, &r);
409
410	return ((digest)(arg, &r));
411}
412
413static inline isc_boolean_t
414checkowner_keydata(ARGS_CHECKOWNER) {
415
416	REQUIRE(type == dns_rdatatype_keydata);
417
418	UNUSED(name);
419	UNUSED(type);
420	UNUSED(rdclass);
421	UNUSED(wildcard);
422
423	return (ISC_TRUE);
424}
425
426static inline isc_boolean_t
427checknames_keydata(ARGS_CHECKNAMES) {
428
429	REQUIRE(rdata->type == dns_rdatatype_keydata);
430
431	UNUSED(rdata);
432	UNUSED(owner);
433	UNUSED(bad);
434
435	return (ISC_TRUE);
436}
437
438static inline int
439casecompare_keydata(ARGS_COMPARE) {
440	return (compare_keydata(rdata1, rdata2));
441}
442
443#endif /* GENERIC_KEYDATA_65533_C */
444