1 /* $NetBSD: tsec.c,v 1.4 2014/12/10 04:37:58 christos Exp $ */ 2 3 /* 4 * Copyright (C) 2009, 2010 Internet Systems Consortium, Inc. ("ISC") 5 * 6 * Permission to use, copy, modify, and/or distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 11 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 12 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 13 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 14 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 15 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 16 * PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 /* Id: tsec.c,v 1.7 2010/12/09 00:54:34 marka Exp */ 20 21 #include <config.h> 22 23 #include <isc/mem.h> 24 25 #include <dns/tsec.h> 26 #include <dns/tsig.h> 27 #include <dns/result.h> 28 29 #include <dst/dst.h> 30 31 #define DNS_TSEC_MAGIC ISC_MAGIC('T', 's', 'e', 'c') 32 #define DNS_TSEC_VALID(t) ISC_MAGIC_VALID(t, DNS_TSEC_MAGIC) 33 34 /*% 35 * DNS Transaction Security object. We assume this is not shared by 36 * multiple threads, and so the structure does not contain a lock. 37 */ 38 struct dns_tsec { 39 unsigned int magic; 40 dns_tsectype_t type; 41 isc_mem_t *mctx; 42 union { 43 dns_tsigkey_t *tsigkey; 44 dst_key_t *key; 45 } ukey; 46 }; 47 48 isc_result_t 49 dns_tsec_create(isc_mem_t *mctx, dns_tsectype_t type, dst_key_t *key, 50 dns_tsec_t **tsecp) 51 { 52 isc_result_t result; 53 dns_tsec_t *tsec; 54 dns_tsigkey_t *tsigkey = NULL; 55 dns_name_t *algname; 56 57 REQUIRE(mctx != NULL); 58 REQUIRE(tsecp != NULL && *tsecp == NULL); 59 60 tsec = isc_mem_get(mctx, sizeof(*tsec)); 61 if (tsec == NULL) 62 return (ISC_R_NOMEMORY); 63 64 tsec->type = type; 65 tsec->mctx = mctx; 66 67 switch (type) { 68 case dns_tsectype_tsig: 69 switch (dst_key_alg(key)) { 70 case DST_ALG_HMACMD5: 71 algname = dns_tsig_hmacmd5_name; 72 break; 73 case DST_ALG_HMACSHA1: 74 algname = dns_tsig_hmacsha1_name; 75 break; 76 case DST_ALG_HMACSHA224: 77 algname = dns_tsig_hmacsha224_name; 78 break; 79 case DST_ALG_HMACSHA256: 80 algname = dns_tsig_hmacsha256_name; 81 break; 82 case DST_ALG_HMACSHA384: 83 algname = dns_tsig_hmacsha384_name; 84 break; 85 case DST_ALG_HMACSHA512: 86 algname = dns_tsig_hmacsha512_name; 87 break; 88 default: 89 isc_mem_put(mctx, tsec, sizeof(*tsec)); 90 return (DNS_R_BADALG); 91 } 92 result = dns_tsigkey_createfromkey(dst_key_name(key), 93 algname, key, ISC_FALSE, 94 NULL, 0, 0, mctx, NULL, 95 &tsigkey); 96 if (result != ISC_R_SUCCESS) { 97 isc_mem_put(mctx, tsec, sizeof(*tsec)); 98 return (result); 99 } 100 tsec->ukey.tsigkey = tsigkey; 101 break; 102 case dns_tsectype_sig0: 103 tsec->ukey.key = key; 104 break; 105 default: 106 INSIST(0); 107 } 108 109 tsec->magic = DNS_TSEC_MAGIC; 110 111 *tsecp = tsec; 112 return (ISC_R_SUCCESS); 113 } 114 115 void 116 dns_tsec_destroy(dns_tsec_t **tsecp) { 117 dns_tsec_t *tsec; 118 119 REQUIRE(tsecp != NULL && *tsecp != NULL); 120 tsec = *tsecp; 121 REQUIRE(DNS_TSEC_VALID(tsec)); 122 123 switch (tsec->type) { 124 case dns_tsectype_tsig: 125 dns_tsigkey_detach(&tsec->ukey.tsigkey); 126 break; 127 case dns_tsectype_sig0: 128 dst_key_free(&tsec->ukey.key); 129 break; 130 default: 131 INSIST(0); 132 } 133 134 tsec->magic = 0; 135 isc_mem_put(tsec->mctx, tsec, sizeof(*tsec)); 136 137 *tsecp = NULL; 138 } 139 140 dns_tsectype_t 141 dns_tsec_gettype(dns_tsec_t *tsec) { 142 REQUIRE(DNS_TSEC_VALID(tsec)); 143 144 return (tsec->type); 145 } 146 147 void 148 dns_tsec_getkey(dns_tsec_t *tsec, void *keyp) { 149 REQUIRE(DNS_TSEC_VALID(tsec)); 150 REQUIRE(keyp != NULL); 151 152 switch (tsec->type) { 153 case dns_tsectype_tsig: 154 dns_tsigkey_attach(tsec->ukey.tsigkey, (dns_tsigkey_t **)keyp); 155 break; 156 case dns_tsectype_sig0: 157 *(dst_key_t **)keyp = tsec->ukey.key; 158 break; 159 default: 160 INSIST(0); 161 } 162 } 163