external/bsd/bind/dist/contrib/zkt/dki.h

   1 /*      $NetBSD$        */
   2
   3 /*****************************************************************
   4 **
   5 **      @(#) dki.h -- Header file for DNSsec Key info/manipulation
   6 **
   7 **      Copyright (c) July 2004 - Jan 2005, Holger Zuleger HZnet. All rights reserved.
   8 **
   9 **      This software is open source.
  10 **
  11 **      Redistribution and use in source and binary forms, with or without
  12 **      modification, are permitted provided that the following conditions
  13 **      are met:
  14 **
  15 **      Redistributions of source code must retain the above copyright notice,
  16 **      this list of conditions and the following disclaimer.
  17 **
  18 **      Redistributions in binary form must reproduce the above copyright notice,
  19 **      this list of conditions and the following disclaimer in the documentation
  20 **      and/or other materials provided with the distribution.
  21 **
  22 **      Neither the name of Holger Zuleger HZnet nor the names of its contributors may
  23 **      be used to endorse or promote products derived from this software without
  24 **      specific prior written permission.
  25 **
  26 **      THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  27 **      "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
  28 **      TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  29 **      PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
  30 **      LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  31 **      CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  32 **      SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  33 **      INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  34 **      CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  35 **      ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  36 **      POSSIBILITY OF SUCH DAMAGE.
  37 **
  38 *****************************************************************/
  39 #ifndef DKI_H
  40 # define DKI_H
  41
  42 # ifndef TYPES_H
  43 #  include <sys/types.h>
  44 #  include <stdio.h>
  45 #  include <time.h>
  46 # endif
  47
  48 # define        MAX_LABELSIZE   (255)
  49 # define        MAX_FNAMESIZE   (1+255+2+3+1+5+1+11)
  50                                 /* Kdomain.+ALG+KEYID.type  */
  51                                 /* domain == FQDN (max 255) */
  52                                 /* ALG == 3; KEYID == 5 chars */
  53                                 /* type == key||published|private|depreciated == 11 chars */
  54 //# define      MAX_DNAMESIZE   (254)
  55 # define        MAX_DNAMESIZE   (1023)
  56                                 /*   /path/name  /   filename  */
  57 # define        MAX_PATHSIZE    (MAX_DNAMESIZE + 1 + MAX_FNAMESIZE)
  58
  59 /* algorithm types */
  60 # define        DK_ALGO_RSA     1       /* RFC2537 */
  61 # define        DK_ALGO_DH      2       /* RFC2539 */
  62 # define        DK_ALGO_DSA     3       /* RFC2536 (mandatory) */
  63 # define        DK_ALGO_EC      4       /* */
  64 # define        DK_ALGO_RSASHA1 5       /* RFC3110 */
  65 # define        DK_ALGO_NSEC3DSA        6       /* symlink to alg 3 RFC5155 */
  66 # define        DK_ALGO_NSEC3RSASHA1    7       /* symlink to alg 5 RFC5155 */
  67
  68 /* protocol types */
  69 # define        DK_PROTO_DNS    3
  70
  71 /* flag bits */
  72 typedef enum {                  /*             11 1111 */
  73                                 /* 0123 4567 8901 2345 */
  74         DK_FLAG_KSK=    01,     /* 0000 0000 0000 0001  Bit 15 RFC4034/RFC3757 */
  75         DK_FLAG_REVOKE= 0200,   /* 0000 0000 1000 0000  Bit 8  RFC5011 */
  76         DK_FLAG_ZONE=   0400,   /* 0000 0001 0000 0000  Bit 7  RFC4034 */
  77 } dk_flag_t;
  78
  79 /* status types */
  80 typedef enum {
  81         DKI_SEP=        'e',
  82         DKI_SECUREENTRYPOINT=   'e',
  83         DKI_PUB=        'p',
  84         DKI_PUBLISHED=  'p',
  85         DKI_ACT=        'a',
  86         DKI_ACTIVE=     'a',
  87         DKI_DEP=        'd',
  88         DKI_DEPRECIATED=        'd',
  89         DKI_REV=        'r',
  90         DKI_REVOKED=    'r',
  91 } dk_status_t;
  92
  93 # define        DKI_KEY_FILEEXT ".key"
  94 # define        DKI_PUB_FILEEXT ".published"
  95 # define        DKI_ACT_FILEEXT ".private"
  96 # define        DKI_DEP_FILEEXT ".depreciated"
  97
  98 # define        DKI_KSK 1
  99 # define        DKI_ZSK 0
 100
 101 typedef struct  dki {
 102         char    dname[MAX_DNAMESIZE+1]; /* directory */
 103         char    fname[MAX_FNAMESIZE+1]; /* file name without extension */
 104         char    name[MAX_LABELSIZE+1];  /* domain name or label */
 105         ushort  algo;                   /* key algorithm */
 106         ushort  proto;                  /* must be 3 (DNSSEC) */
 107         dk_flag_t       flags;          /* ZONE, optional SEP or REVOKE flag */
 108         time_t  time;                   /* key file time */
 109         time_t  gentime;                /* key generation time (will be set on key generation and never changed) */
 110         time_t  exptime;                /* time the key was expired (0L if not) */
 111         ulong   lifetime;               /* proposed key life time at time of generation */
 112         uint    tag;                    /* key id */
 113         dk_status_t     status;         /* key exist (".key") and name of private */
 114                                         /* key file is ".published", ".private" */
 115                                         /* or ".depreciated" */
 116         char    *pubkey;                /* base64 public key */
 117         struct  dki     *next;          /* ptr to next entry in list */
 118 } dki_t;
 119
 120 #if defined(USE_TREE) && USE_TREE
 121 /*
 122  *      Instead of including <search.h>, which contains horrible false function
 123  *      declarations, we declared it for our usage (Yes, these functions return
 124  *      the adress of a pointer variable)
 125  */
 126 typedef enum
 127 {
 128         /* we change the naming to the new, and more predictive one, used by Knuth */
 129         PREORDER,       /* preorder,    */
 130         INORDER,        /* postorder,   */
 131         POSTORDER,      /* endorder,    */
 132         LEAF            /* leaf         */
 133 }
 134 VISIT;
 135
 136 dki_t   **tsearch (const dki_t *dkp, dki_t **tree, int(*compar)(const dki_t *, const dki_t *));
 137 dki_t   **tfind (const dki_t *dkp, const dki_t **tree, int(*compar)(const dki_t *, const dki_t *));
 138 dki_t   **tdelete (const dki_t *dkp, dki_t **tree, int(*compar)(const dki_t *, const dki_t *));
 139 void    twalk (const dki_t *root, void (*action)(const dki_t **nodep, VISIT which, int depth));
 140
 141 extern  void    dki_tfree (dki_t **tree);
 142 extern  dki_t   *dki_tadd (dki_t **tree, dki_t *new);
 143 extern  int     dki_tagcmp (const dki_t *a, const dki_t *b);
 144 extern  int     dki_namecmp (const dki_t *a, const dki_t *b);
 145 extern  int     dki_allcmp (const dki_t *a, const dki_t *b);
 146 #endif
 147
 148 extern  dki_t   *dki_read (const char *dir, const char *fname);
 149 extern  int     dki_readdir (const char *dir, dki_t **listp, int recursive);
 150 extern  int     dki_prt_trustedkey (const dki_t *dkp, FILE *fp);
 151 extern  int     dki_prt_dnskey (const dki_t *dkp, FILE *fp);
 152 extern  int     dki_prt_dnskeyttl (const dki_t *dkp, FILE *fp, int ttl);
 153 extern  int     dki_prt_dnskey_raw (const dki_t *dkp, FILE *fp);
 154 extern  int     dki_prt_comment (const dki_t *dkp, FILE *fp);
 155 extern  int     dki_cmp (const dki_t *a, const dki_t *b);
 156 extern  int     dki_timecmp (const dki_t *a, const dki_t *b);
 157 extern  int     dki_age (const dki_t *dkp, time_t curr);
 158 extern  dk_flag_t       dki_getflag (const dki_t *dkp, time_t curr);
 159 extern  dk_flag_t       dki_setflag (dki_t *dkp, dk_flag_t flag);
 160 extern  dk_flag_t       dki_unsetflag (dki_t *dkp, dk_flag_t flag);
 161 extern  dk_status_t     dki_status (const dki_t *dkp);
 162 extern  const   char    *dki_statusstr (const dki_t *dkp);
 163 extern  int     dki_isksk (const dki_t *dkp);
 164 extern  int     dki_isdepreciated (const dki_t *dkp);
 165 extern  int     dki_isrevoked (const dki_t *dkp);
 166 extern  int     dki_isactive (const dki_t *dkp);
 167 extern  int     dki_ispublished (const dki_t *dkp);
 168 extern  time_t  dki_algo (const dki_t *dkp);
 169 extern  time_t  dki_time (const dki_t *dkp);
 170 extern  time_t  dki_exptime (const dki_t *dkp);
 171 extern  time_t  dki_gentime (const dki_t *dkp);
 172 extern  time_t  dki_lifetime (const dki_t *dkp);
 173 extern  ushort  dki_lifetimedays (const dki_t *dkp);
 174 extern  ushort  dki_setlifetime (dki_t *dkp, int days);
 175 extern  time_t  dki_setexptime (dki_t *dkp, time_t sec);
 176 extern  dki_t   *dki_new (const char *dir, const char *name, int ksk, int algo, int bitsize, const char *rfile, int lf_days);
 177 extern  dki_t   *dki_remove (dki_t *dkp);
 178 extern  dki_t   *dki_destroy (dki_t *dkp);
 179 extern  int     dki_setstatus (dki_t *dkp, int status);
 180 extern  int     dki_setstatus_preservetime (dki_t *dkp, int status);
 181 extern  dki_t   *dki_add (dki_t **dkp, dki_t *new);
 182 extern  const dki_t     *dki_tsearch (const dki_t *tree, int tag, const char *name);
 183 extern  const dki_t     *dki_search (const dki_t *list, int tag, const char *name);
 184 extern  const dki_t     *dki_find (const dki_t *list, int ksk, int status, int first);
 185 extern  const dki_t     *dki_findalgo (const dki_t *list, int ksk, int alg, int status, int no);
 186 extern  void    dki_free (dki_t *dkp);
 187 extern  void    dki_freelist (dki_t **listp);
 188 extern  char    *dki_algo2str (int algo);
 189 extern  char    *dki_algo2sstr (int algo);
 190 extern  const char      *dki_geterrstr (void);
 191
 192 #endif