4 * Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC")
6 * Permission to use, copy, modify, and/or distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
10 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
11 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
12 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
13 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
14 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
15 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
16 * PERFORMANCE OF THIS SOFTWARE.
19 /* Id: tsec.c,v 1.4 2009/09/02 23:48:02 tbox Exp */
27 #include <dns/result.h>
31 #define DNS_TSEC_MAGIC ISC_MAGIC('T', 's', 'e', 'c')
32 #define DNS_TSEC_VALID(t) ISC_MAGIC_VALID(t, DNS_TSEC_MAGIC)
35 * DNS Transaction Security object. We assume this is not shared by
36 * multiple threads, and so the structure does not contain a lock.
43 dns_tsigkey_t
*tsigkey
;
49 dns_tsec_create(isc_mem_t
*mctx
, dns_tsectype_t type
, dst_key_t
*key
,
54 dns_tsigkey_t
*tsigkey
= NULL
;
57 REQUIRE(mctx
!= NULL
);
58 REQUIRE(tsecp
!= NULL
&& *tsecp
== NULL
);
60 tsec
= isc_mem_get(mctx
, sizeof(*tsec
));
62 return (ISC_R_NOMEMORY
);
68 case dns_tsectype_tsig
:
69 switch (dst_key_alg(key
)) {
71 algname
= dns_tsig_hmacmd5_name
;
73 case DST_ALG_HMACSHA1
:
74 algname
= dns_tsig_hmacsha1_name
;
76 case DST_ALG_HMACSHA224
:
77 algname
= dns_tsig_hmacsha224_name
;
79 case DST_ALG_HMACSHA256
:
80 algname
= dns_tsig_hmacsha256_name
;
82 case DST_ALG_HMACSHA384
:
83 algname
= dns_tsig_hmacsha384_name
;
85 case DST_ALG_HMACSHA512
:
86 algname
= dns_tsig_hmacsha512_name
;
89 isc_mem_put(mctx
, tsec
, sizeof(*tsec
));
90 return (DNS_R_BADALG
);
92 result
= dns_tsigkey_createfromkey(dst_key_name(key
),
93 algname
, key
, ISC_FALSE
,
94 NULL
, 0, 0, mctx
, NULL
,
96 if (result
!= ISC_R_SUCCESS
) {
97 isc_mem_put(mctx
, tsec
, sizeof(*tsec
));
100 tsec
->ukey
.tsigkey
= tsigkey
;
102 case dns_tsectype_sig0
:
103 tsec
->ukey
.key
= key
;
109 tsec
->magic
= DNS_TSEC_MAGIC
;
113 return (ISC_R_SUCCESS
);
117 dns_tsec_destroy(dns_tsec_t
**tsecp
) {
120 REQUIRE(tsecp
!= NULL
&& *tsecp
!= NULL
);
122 REQUIRE(DNS_TSEC_VALID(tsec
));
124 switch (tsec
->type
) {
125 case dns_tsectype_tsig
:
126 dns_tsigkey_detach(&tsec
->ukey
.tsigkey
);
128 case dns_tsectype_sig0
:
129 dst_key_free(&tsec
->ukey
.key
);
136 isc_mem_put(tsec
->mctx
, tsec
, sizeof(*tsec
));
142 dns_tsec_gettype(dns_tsec_t
*tsec
) {
143 REQUIRE(DNS_TSEC_VALID(tsec
));
149 dns_tsec_getkey(dns_tsec_t
*tsec
, void *keyp
) {
150 REQUIRE(DNS_TSEC_VALID(tsec
));
151 REQUIRE(keyp
!= NULL
);
153 switch (tsec
->type
) {
154 case dns_tsectype_tsig
:
155 dns_tsigkey_attach(tsec
->ukey
.tsigkey
, (dns_tsigkey_t
**)keyp
);
157 case dns_tsectype_sig0
:
158 *(dst_key_t
**)keyp
= tsec
->ukey
.key
;