1 /* $NetBSD: dki.h,v 1.1.1.1 2015/07/08 15:37:48 christos Exp $ */
3 /*****************************************************************
5 ** @(#) dki.h -- Header file for DNSsec Key info/manipulation
7 ** Copyright (c) July 2004 - Jan 2005, Holger Zuleger HZnet. All rights reserved.
9 ** This software is open source.
11 ** Redistribution and use in source and binary forms, with or without
12 ** modification, are permitted provided that the following conditions
15 ** Redistributions of source code must retain the above copyright notice,
16 ** this list of conditions and the following disclaimer.
18 ** Redistributions in binary form must reproduce the above copyright notice,
19 ** this list of conditions and the following disclaimer in the documentation
20 ** and/or other materials provided with the distribution.
22 ** Neither the name of Holger Zuleger HZnet nor the names of its contributors may
23 ** be used to endorse or promote products derived from this software without
24 ** specific prior written permission.
26 ** THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
27 ** "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
28 ** TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
29 ** PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
30 ** LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
31 ** CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
32 ** SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33 ** INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
34 ** CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
35 ** ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
36 ** POSSIBILITY OF SUCH DAMAGE.
38 *****************************************************************/
43 # include <sys/types.h>
48 # define MAX_LABELSIZE (255)
49 # define MAX_FNAMESIZE (1+255+2+3+1+5+1+11)
50 /* Kdomain.+ALG+KEYID.type */
51 /* domain == FQDN (max 255) */
52 /* ALG == 3; KEYID == 5 chars */
53 /* type == key||published|private|depreciated == 11 chars */
54 //# define MAX_DNAMESIZE (254)
55 # define MAX_DNAMESIZE (1023)
56 /* /path/name / filename */
57 # define MAX_PATHSIZE (MAX_DNAMESIZE + 1 + MAX_FNAMESIZE)
60 # define DK_ALGO_RSA 1 /* RFC2537 */
61 # define DK_ALGO_DH 2 /* RFC2539 */
62 # define DK_ALGO_DSA 3 /* RFC2536 (mandatory) */
63 # define DK_ALGO_EC 4 /* */
64 # define DK_ALGO_RSASHA1 5 /* RFC3110 */
65 # define DK_ALGO_NSEC3DSA 6 /* symlink to alg 3 RFC5155 */
66 # define DK_ALGO_NSEC3RSASHA1 7 /* symlink to alg 5 RFC5155 */
67 # define DK_ALGO_RSASHA256 8 /* RFCxxx */
68 # define DK_ALGO_RSASHA512 10 /* RFCxxx */
69 # define DK_ALGO_NSEC3RSASHA256 DK_ALGO_RSASHA256 /* same as non nsec algorithm RFCxxx */
70 # define DK_ALGO_NSEC3RSASHA512 DK_ALGO_RSASHA512 /* same as non nsec algorithm RFCxxx */
73 # define DK_PROTO_DNS 3
76 typedef enum { /* 11 1111 */
77 /* 0123 4567 8901 2345 */
78 DK_FLAG_KSK
= 01, /* 0000 0000 0000 0001 Bit 15 RFC4034/RFC3757 */
79 DK_FLAG_REVOKE
= 0200, /* 0000 0000 1000 0000 Bit 8 RFC5011 */
80 DK_FLAG_ZONE
= 0400, /* 0000 0001 0000 0000 Bit 7 RFC4034 */
86 DKI_SECUREENTRYPOINT
= 'e',
97 # define DKI_KEY_FILEEXT ".key"
98 # define DKI_PUB_FILEEXT ".published"
99 # define DKI_ACT_FILEEXT ".private"
100 # define DKI_DEP_FILEEXT ".depreciated"
106 char dname
[MAX_DNAMESIZE
+1]; /* directory */
107 char fname
[MAX_FNAMESIZE
+1]; /* file name without extension */
108 char name
[MAX_LABELSIZE
+1]; /* domain name or label */
109 ushort algo
; /* key algorithm */
110 ushort proto
; /* must be 3 (DNSSEC) */
111 dk_flag_t flags
; /* ZONE, optional SEP or REVOKE flag */
112 time_t time
; /* key file time */
113 time_t gentime
; /* key generation time (will be set on key generation and never changed) */
114 time_t exptime
; /* time the key was expired (0L if not) */
115 ulong lifetime
; /* proposed key life time at time of generation */
116 uint tag
; /* key id */
117 dk_status_t status
; /* key exist (".key") and name of private */
118 /* key file is ".published", ".private" */
119 /* or ".depreciated" */
120 char *pubkey
; /* base64 public key */
121 struct dki
*next
; /* ptr to next entry in list */
124 #if defined(USE_TREE) && USE_TREE
126 * Instead of including <search.h>, which contains horrible false function
127 * declarations, we declared it for our usage (Yes, these functions return
128 * the adress of a pointer variable)
132 /* we change the naming to the new, and more predictive one, used by Knuth */
133 PREORDER
, /* preorder, */
134 INORDER
, /* postorder, */
135 POSTORDER
, /* endorder, */
140 dki_t
**tsearch (const dki_t
*dkp
, dki_t
**tree
, int(*compar
)(const dki_t
*, const dki_t
*));
141 dki_t
**tfind (const dki_t
*dkp
, const dki_t
**tree
, int(*compar
)(const dki_t
*, const dki_t
*));
142 dki_t
**tdelete (const dki_t
*dkp
, dki_t
**tree
, int(*compar
)(const dki_t
*, const dki_t
*));
143 void twalk (const dki_t
*root
, void (*action
)(const dki_t
**nodep
, VISIT which
, int depth
));
145 extern void dki_tfree (dki_t
**tree
);
146 extern dki_t
*dki_tadd (dki_t
**tree
, dki_t
*new, int sub_before
);
147 extern int dki_tagcmp (const dki_t
*a
, const dki_t
*b
);
148 extern int dki_namecmp (const dki_t
*a
, const dki_t
*b
);
149 extern int dki_revnamecmp (const dki_t
*a
, const dki_t
*b
);
150 extern int dki_allcmp (const dki_t
*a
, const dki_t
*b
);
153 extern dki_t
*dki_read (const char *dir
, const char *fname
);
154 extern int dki_readdir (const char *dir
, dki_t
**listp
, int recursive
);
155 extern int dki_prt_trustedkey (const dki_t
*dkp
, FILE *fp
);
156 extern int dki_prt_managedkey (const dki_t
*dkp
, FILE *fp
);
157 extern int dki_prt_dnskey (const dki_t
*dkp
, FILE *fp
);
158 extern int dki_prt_dnskeyttl (const dki_t
*dkp
, FILE *fp
, int ttl
);
159 extern int dki_prt_dnskey_raw (const dki_t
*dkp
, FILE *fp
);
160 extern int dki_prt_comment (const dki_t
*dkp
, FILE *fp
);
161 extern int dki_cmp (const dki_t
*a
, const dki_t
*b
);
162 extern int dki_timecmp (const dki_t
*a
, const dki_t
*b
);
163 extern int dki_age (const dki_t
*dkp
, time_t curr
);
164 extern dk_flag_t
dki_getflag (const dki_t
*dkp
, time_t curr
);
165 extern dk_flag_t
dki_setflag (dki_t
*dkp
, dk_flag_t flag
);
166 extern dk_flag_t
dki_unsetflag (dki_t
*dkp
, dk_flag_t flag
);
167 extern dk_status_t
dki_status (const dki_t
*dkp
);
168 extern const char *dki_statusstr (const dki_t
*dkp
);
169 extern int dki_isksk (const dki_t
*dkp
);
170 extern int dki_isdepreciated (const dki_t
*dkp
);
171 extern int dki_isrevoked (const dki_t
*dkp
);
172 extern int dki_isactive (const dki_t
*dkp
);
173 extern int dki_ispublished (const dki_t
*dkp
);
174 extern time_t dki_algo (const dki_t
*dkp
);
175 extern time_t dki_time (const dki_t
*dkp
);
176 extern time_t dki_exptime (const dki_t
*dkp
);
177 extern time_t dki_gentime (const dki_t
*dkp
);
178 extern time_t dki_lifetime (const dki_t
*dkp
);
179 extern ushort
dki_lifetimedays (const dki_t
*dkp
);
180 extern ushort
dki_setlifetime (dki_t
*dkp
, int days
);
181 extern time_t dki_setexptime (dki_t
*dkp
, time_t sec
);
182 extern dki_t
*dki_new (const char *dir
, const char *name
, int ksk
, int algo
, int bitsize
, const char *rfile
, int lf_days
);
183 extern dki_t
*dki_remove (dki_t
*dkp
);
184 extern dki_t
*dki_destroy (dki_t
*dkp
);
185 extern int dki_setstatus (dki_t
*dkp
, int status
);
186 extern int dki_setstatus_preservetime (dki_t
*dkp
, int status
);
187 extern dki_t
*dki_add (dki_t
**dkp
, dki_t
*new);
188 extern const dki_t
*dki_tsearch (const dki_t
*tree
, int tag
, const char *name
);
189 extern const dki_t
*dki_search (const dki_t
*list
, int tag
, const char *name
);
190 extern const dki_t
*dki_find (const dki_t
*list
, int ksk
, int status
, int first
);
191 extern const dki_t
*dki_findalgo (const dki_t
*list
, int ksk
, int alg
, int status
, int no
);
192 extern void dki_free (dki_t
*dkp
);
193 extern void dki_freelist (dki_t
**listp
);
194 extern char *dki_algo2str (int algo
);
195 extern char *dki_algo2sstr (int algo
);
196 extern const char *dki_geterrstr (void);