2 * Copyright (C) 2009, 2010 Internet Systems Consortium, Inc. ("ISC")
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
9 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
10 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
11 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
12 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
13 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
14 * PERFORMANCE OF THIS SOFTWARE.
17 /* $Id: tsec.c,v 1.7 2010/12/09 00:54:34 marka Exp $ */
25 #include <dns/result.h>
29 #define DNS_TSEC_MAGIC ISC_MAGIC('T', 's', 'e', 'c')
30 #define DNS_TSEC_VALID(t) ISC_MAGIC_VALID(t, DNS_TSEC_MAGIC)
33 * DNS Transaction Security object. We assume this is not shared by
34 * multiple threads, and so the structure does not contain a lock.
41 dns_tsigkey_t *tsigkey;
47 dns_tsec_create(isc_mem_t *mctx, dns_tsectype_t type, dst_key_t *key,
52 dns_tsigkey_t *tsigkey = NULL;
55 REQUIRE(mctx != NULL);
56 REQUIRE(tsecp != NULL && *tsecp == NULL);
58 tsec = isc_mem_get(mctx, sizeof(*tsec));
60 return (ISC_R_NOMEMORY);
66 case dns_tsectype_tsig:
67 switch (dst_key_alg(key)) {
69 algname = dns_tsig_hmacmd5_name;
71 case DST_ALG_HMACSHA1:
72 algname = dns_tsig_hmacsha1_name;
74 case DST_ALG_HMACSHA224:
75 algname = dns_tsig_hmacsha224_name;
77 case DST_ALG_HMACSHA256:
78 algname = dns_tsig_hmacsha256_name;
80 case DST_ALG_HMACSHA384:
81 algname = dns_tsig_hmacsha384_name;
83 case DST_ALG_HMACSHA512:
84 algname = dns_tsig_hmacsha512_name;
87 isc_mem_put(mctx, tsec, sizeof(*tsec));
88 return (DNS_R_BADALG);
90 result = dns_tsigkey_createfromkey(dst_key_name(key),
91 algname, key, ISC_FALSE,
92 NULL, 0, 0, mctx, NULL,
94 if (result != ISC_R_SUCCESS) {
95 isc_mem_put(mctx, tsec, sizeof(*tsec));
98 tsec->ukey.tsigkey = tsigkey;
100 case dns_tsectype_sig0:
101 tsec->ukey.key = key;
107 tsec->magic = DNS_TSEC_MAGIC;
110 return (ISC_R_SUCCESS);
114 dns_tsec_destroy(dns_tsec_t **tsecp) {
117 REQUIRE(tsecp != NULL && *tsecp != NULL);
119 REQUIRE(DNS_TSEC_VALID(tsec));
121 switch (tsec->type) {
122 case dns_tsectype_tsig:
123 dns_tsigkey_detach(&tsec->ukey.tsigkey);
125 case dns_tsectype_sig0:
126 dst_key_free(&tsec->ukey.key);
133 isc_mem_put(tsec->mctx, tsec, sizeof(*tsec));
139 dns_tsec_gettype(dns_tsec_t *tsec) {
140 REQUIRE(DNS_TSEC_VALID(tsec));
146 dns_tsec_getkey(dns_tsec_t *tsec, void *keyp) {
147 REQUIRE(DNS_TSEC_VALID(tsec));
148 REQUIRE(keyp != NULL);
150 switch (tsec->type) {
151 case dns_tsectype_tsig:
152 dns_tsigkey_attach(tsec->ukey.tsigkey, (dns_tsigkey_t **)keyp);
154 case dns_tsectype_sig0:
155 *(dst_key_t **)keyp = tsec->ukey.key;