OpenDNSSEC-enforcer  1.3.16
ksm.h
Go to the documentation of this file.
1 /*
2  * $Id: ksm.h 7053 2013-02-21 16:10:40Z sion $
3  *
4  * Copyright (c) 2008-2009 Nominet UK. All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  * notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  * notice, this list of conditions and the following disclaimer in the
13  * documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
17  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
19  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
21  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
22  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
23  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
24  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
25  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26  *
27  */
28 
29 #ifndef KSM_KSM_H
30 #define KSM_KSM_H
31 
32 #ifdef __cplusplus
33 extern "C" {
34 #endif
35 
36 /*+
37  * ksm.h - KSM Definitions
38  *
39  * Description:
40  * Holds definitions and prototypes for the KSM library.
41 -*/
42 
43 #include <time.h>
44 #include <ksm/database.h>
45 #include <ksm/database_statement.h>
46 
47 
48 /* General */
49 
50 typedef int KSM_ID; /* Identifies a KSM entity */
51 
52 #define KSM_NULL_ID ((KSM_ID) -1) /* General invalid ID */
53 
54 /* ksm_common */
55 
56 int KsmInit(void);
57 int KsmRundown(void);
58 
59 #define KSM_NAME_LENGTH 256 /* Includes trailing NULL */
60 #define KSM_MSG_LENGTH 512 /* Includes trailing NULL */
61 #define KSM_PATH_LENGTH 4096 /* Includes trailing NULL */
62 #define KSM_POLICY_DESC_LENGTH 256 /* Includes trailing NULL */
63 #define KSM_POLICY_AUDIT_LENGTH 4096 /* Includes trailing NULL */
64 #define KSM_TIME_LENGTH 32 /* Includes trailing NULL */
65 
66 #define KSM_SQL_SIZE 1024 /* Max size of SQL statement */
67 #define KSM_INT_STR_SIZE 32 /* Max size of int as string */
68 #define KSM_SALT_LENGTH 512 /* Includes trailing NULL */
69 #define KSM_ZONE_NAME_LENGTH 256 /* Includes trailing NULL */
70 #define KSM_ADAPTER_NAME_LENGTH 256 /* Includes trailing NULL */
71 /* ksm_key */
72 
73 /* Key time flag states */
74 
75 #define KEYDATA_M_ID 0x0001
76 #define KEYDATA_M_STATE 0x0002
77 #define KEYDATA_M_KEYTYPE 0x0004
78 #define KEYDATA_M_ALGORITHM 0x0008
79 #define KEYDATA_M_SIGLIFETIME 0x0010
80 #define KEYDATA_M_ACTIVE 0x0020
81 #define KEYDATA_M_DEAD 0x0040
82 #define KEYDATA_M_GENERATE 0x0080
83 #define KEYDATA_M_PUBLISH 0x0100
84 #define KEYDATA_M_READY 0x0200
85 #define KEYDATA_M_RETIRE 0x0400
86 #define KEYDATA_M_LOCATION 0x0800
87 #define KEYDATA_M_SIZE 0x1000
88 #define KEYDATA_M_SMID 0x2000
89 
90 #define KEYDATA_M_TIMES (KEYDATA_M_ACTIVE | KEYDATA_M_DEAD | \
91  KEYDATA_M_GENERATE | KEYDATA_M_PUBLISH | KEYDATA_M_READY | KEYDATA_M_RETIRE)
92 
93 /*
94  * Structure for key information. Note that on the date fields, the
95  * "struct tm" fields are used to insert data into the database, and the
96  * "char*" fields used to retrieve data. In the latter case, a NULL field
97  * will be represented by an empty string.
98  */
99 
100 typedef struct {
102  int state;
103  int keytype;
106  char active[KSM_TIME_LENGTH];
107  char dead[KSM_TIME_LENGTH];
108  char generate[KSM_TIME_LENGTH];
109  char publish[KSM_TIME_LENGTH];
110  char ready[KSM_TIME_LENGTH];
111  char retire[KSM_TIME_LENGTH];
112  char location[KSM_NAME_LENGTH];
114  int size;
116  char HSMKey_id[KSM_NAME_LENGTH]; /* TODO is this long enough ? */
118  int zone_id;
120 
121  /*
122  * The remaining fields are used for data manipulation and are not part of
123  * the KEYDATA table.
124  */
125 
126  int flags; /* States which fields are valid */
127  int roll_scheme; /* Which rollover scheme the key is under */
128 } KSM_KEYDATA;
129 
130 int KsmKeyPairCreate(int policy_id, const char* HSMKeyID, int smID, int size, int alg, const char* generate, DB_ID* id);
131 int KsmDnssecKeyCreate(int zone_id, int keypair_id, int keytype, int state, const char* time, const char* retTime, DB_ID* id);
132 /*int KsmDnssecKeyCreateOnPolicy(int policy_id, int keypair_id, int keytype);*/
133 int KsmKeyInitSql(DB_RESULT* result, const char* sql);
134 int KsmKeyInit(DB_RESULT* result, DQS_QUERY_CONDITION* condition);
135 int KsmKeyInitId(DB_RESULT* result, DB_ID id);
136 int KsmKey(DB_RESULT result, KSM_KEYDATA* data);
137 void KsmKeyEnd(DB_RESULT result);
138 int KsmKeyQuery(const char* sql, DB_RESULT* result);
139 int KsmKeyData(DB_ID id, KSM_KEYDATA* data);
140 int KsmKeyPredict(int policy_id, int keytype, int shared_keys, int interval, int *count, int rollover_scheme, int zone_count);
141 int KsmKeyCountQueue(int keytype, int* count, int zone_id);
142 int KsmKeyCountStillGood(int policy_id, int sm, int bits, int algorithm, int interval, const char* datetime, int *count, int keytype);
143 int KsmKeyGetUnallocated(int policy_id, int sm, int bits, int algorithm, int zone_id, int share_keys, int *keypair_id);
144 int KsmMarkKeysAsDead(int zone_id);
145 int KsmKillKey(int keypair_id, int zone_id);
146 
147 /* delete */
148 
149 int KsmDeleteKeyRange(int minid, int maxid);
150 int KsmDeleteKeyRanges(int limit[], int size);
151 
152 /* KsmParameter */
153 
154 typedef struct {
155  char name[KSM_NAME_LENGTH];
156  char category[KSM_NAME_LENGTH];
157  int value;
159 } KSM_PARAMETER;
160 
161 int KsmParameterInit(DB_RESULT* result, const char* name, const char* category, int policy_id);
162 int KsmParameterExist(DB_RESULT* result, const char* name, const char* category, int* parameter_id);
163 int KsmParameter(DB_RESULT result, KSM_PARAMETER* data);
164 void KsmParameterEnd(DB_RESULT result);
165 int KsmParameterValue(const char* name, const char* category, int* value, int policy_id, int* parameter_id);
166 int KsmParameterSet(const char* name, const char* category, int value, int policy_id);
167 int KsmParameterShow(const char* name, const char* category, int policy_id);
168 
169 /* ksmPolicy */
170 typedef struct {
171  int refresh;
172  int jitter;
174  int soamin;
175  int soattl;
176  int serial;
178 
179 typedef struct {
181  int resign;
185 
186 typedef struct {
187  int version;
188  int resalt;
191  int optout;
192  int ttl;
194  char salt[KSM_SALT_LENGTH];
195  char salt_stamp[KSM_TIME_LENGTH];
197 
198 typedef struct {
199  int ttl;
203  int purge;
205 
206 typedef struct {
208  int bits;
209  int lifetime;
210  int sm;
211  char sm_name[KSM_NAME_LENGTH];
212  unsigned long sm_capacity;
214  int overlap;
215  int ttl;
216  int rfc5011;
217  int type;
222 
223 typedef struct {
228 
229 typedef struct {
231  int soa_ttl;
232  int soa_min;
233  int serial;
235 
236 typedef struct {
238  int ds_ttl;
239  int soa_ttl;
240  int soa_min;
242 
243 typedef struct {
244  int audit;
246 
247 typedef struct {
248  int id;
249  char name[KSM_NAME_LENGTH];
250  char* description;
260  /*KSM_AUDIT_POLICY* audit;*/
261  char* audit;
263 } KSM_POLICY;
264 
265 typedef struct {
266  char name[KSM_NAME_LENGTH];
267  char category[KSM_NAME_LENGTH];
268  int value;
270 
271 int KsmPolicyInit(DB_RESULT* handle, const char* name);
272 int KsmPolicyExists(const char* name);
273 int KsmPolicyParametersInit(DB_RESULT* handle, const char* name);
274 int KsmPolicyRead(KSM_POLICY* policy);
275 int KsmPolicy(DB_RESULT handle, KSM_POLICY* data);
277 int KsmPolicyReadFromId(KSM_POLICY* policy);
278 int KsmPolicyNameFromId(KSM_POLICY* policy);
279 int KsmPolicyUpdateSalt(KSM_POLICY* policy);
280 int KsmPolicyNullSaltStamp(int policy_id);
283 int KsmPolicyIdFromZoneId(int zone_id, int* policy_id);
284 
286 void KsmPolicyFree(KSM_POLICY *policy);
287 
288 /* ksmZone */
289 typedef struct {
290  int id;
293  char signconf[KSM_PATH_LENGTH];
294  char input[KSM_PATH_LENGTH];
295  char output[KSM_PATH_LENGTH];
296  char policy_name[KSM_NAME_LENGTH];
297 } KSM_ZONE;
298 
299 int KsmZoneInit(DB_RESULT* handle, int policy_id);
300 int KsmZone(DB_RESULT handle, KSM_ZONE *data);
301 int KsmZoneCount(DB_RESULT handle, int* count);
302 int KsmZoneCountInit(DB_RESULT* handle, int id);
303 int KsmZoneIdFromName(const char* zone_name, int* zone_id);
304 int KsmZoneIdAndPolicyFromName(const char* zone_name, int* policy_id, int* zone_id);
305 int KsmDeleteZone(int zone_id);
306 int KsmZoneNameFromId(int zone_id, char** zone_name);
307 
308 #define UNSIGNED 0
309 #define SIGNED 1
310 
311 int KsmDNSSECKeysInSMCountInit(DB_RESULT* handle, int policy_id);
312 int KsmDNSSECKeysInSMCount(DB_RESULT handle, int* count);
313 int KsmDNSSECKeysStateCountInit(DB_RESULT* result, int policy_id, KSM_KEY_POLICY *key_policy, int state);
314 
315 /* Purge */
316 
317 void KsmPurge(void);
318 
319 /*
320  * Constants in the database tables. These are used in the
321  * ksm_keyword module.
322  *
323  * THESE MUST BE KEPT IN STEP WITH THE DATABASE CREATION SCRIPT
324  */
325 
326 /*
327  * The following names and constants are in the SIG(0) Algorithm Numbers
328  * page at IANA - http://www.iana.org/assignments/sig-alg-numbers.
329  */
330 
331 #define KSM_ALGORITHM_RSAMD5 1
332 #define KSM_ALGORITHM_RSAMD5_STRING "rsamd5"
333 #define KSM_ALGORITHM_DH 2
334 #define KSM_ALGORITHM_DH_STRING "dh"
335 #define KSM_ALGORITHM_DSASHA1 3
336 #define KSM_ALGORITHM_DSASHA1_STRING "dsa"
337 #define KSM_ALGORITHM_RSASHA1 5
338 #define KSM_ALGORITHM_RSASHA1_STRING "rsasha1"
339 #define KSM_ALGORITHM_DSA_NSEC3_SHA1 6
340 #define KSM_ALGORITHM_DSA_NSEC3_SHA1_STRING "dsa-nsec3-sha1"
341 #define KSM_ALGORITHM_RSASHA1_NSEC3_SHA1 7
342 #define KSM_ALGORITHM_RSASHA1_NSEC3_SHA1_STRING "rsasha1-nsec3-sha1"
343 #define KSM_ALGORITHM_RSASHA256 8
344 #define KSM_ALGORITHM_RSASHA256_STRING "rsasha256"
345 #define KSM_ALGORITHM_RSASHA512 10
346 #define KSM_ALGORITHM_RSASHA512_STRING "rsasha512"
347 #define KSM_ALGORITHM_INDIRECT 252
348 #define KSM_ALGORITHM_INDIRECT_STRING "indirect"
349 #define KSM_ALGORITHM_PRIVDOM 253
350 #define KSM_ALGORITHM_PRIVDOM_STRING "domain"
351 #define KSM_ALGORITHM_PRIVOID 254
352 #define KSM_ALGORITHM_PRIVOID_STRING "oid"
353 
354 #define KSM_FORMAT_FILE 1
355 #define KSM_FORMAT_FILE_STRING "file"
356 #define KSM_FORMAT_HSM 2
357 #define KSM_FORMAT_HSM_STRING "hsm"
358 #define KSM_FORMAT_URI 3
359 #define KSM_FORMAT_URI_STRING "uri"
360 
361 #define KSM_TYPE_KSK 257
362 #define KSM_TYPE_KSK_STRING "ksk"
363 #define KSM_TYPE_ZSK 256
364 #define KSM_TYPE_ZSK_STRING "zsk"
365 
366 #define KSM_STATE_GENERATE 1
367 #define KSM_STATE_GENERATE_STRING "generate"
368 #define KSM_STATE_PUBLISH 2
369 #define KSM_STATE_PUBLISH_STRING "publish"
370 #define KSM_STATE_READY 3
371 #define KSM_STATE_READY_STRING "ready"
372 #define KSM_STATE_ACTIVE 4
373 #define KSM_STATE_ACTIVE_STRING "active"
374 #define KSM_STATE_RETIRE 5
375 #define KSM_STATE_RETIRE_STRING "retire"
376 #define KSM_STATE_DEAD 6
377 #define KSM_STATE_DEAD_STRING "dead"
378 #define KSM_STATE_DSSUB 7
379 #define KSM_STATE_DSSUB_STRING "dssub"
380 #define KSM_STATE_DSPUBLISH 8
381 #define KSM_STATE_DSPUBLISH_STRING "dspublish"
382 #define KSM_STATE_DSREADY 9
383 #define KSM_STATE_DSREADY_STRING "dsready"
384 #define KSM_STATE_KEYPUBLISH 10
385 #define KSM_STATE_KEYPUBLISH_STRING "keypublish"
386 
387 #define KSM_SERIAL_UNIX_STRING "unixtime"
388 #define KSM_SERIAL_UNIX 1
389 #define KSM_SERIAL_COUNTER_STRING "counter"
390 #define KSM_SERIAL_COUNTER 2
391 #define KSM_SERIAL_DATE_STRING "datecounter"
392 #define KSM_SERIAL_DATE 3
393 #define KSM_SERIAL_KEEP_STRING "keep"
394 #define KSM_SERIAL_KEEP 4
395 
396 #define KSM_KEYS_NOT_SHARED 0
397 #define KSM_KEYS_SHARED 1
398 
399 #define KSM_ROLL_DEFAULT 1 /* DoubleDNSKEY */
400 #define KSM_ROLL_DNSKEY_STRING "DoubleDNSKey"
401 #define KSM_ROLL_DNSKEY 1
402 #define KSM_ROLL_DS_STRING "DoubleDS"
403 #define KSM_ROLL_DS 2
404 #define KSM_ROLL_RRSET_STRING "DoubleRRSet"
405 #define KSM_ROLL_RRSET 3
406 
407 /* Reserved parameters and default values (in seconds) */
408 /* TODO redefine this properly:
409  * have _CAT defines separate
410  * rename to match the new list
411  * add new items ? */
412 #define KSM_PAR_CLOCKSKEW 3600 /* 1 hour */
413 #define KSM_PAR_CLOCKSKEW_STRING "clockskew"
414 #define KSM_PAR_CLOCKSKEW_CAT "signature"
415 #define KSM_PAR_KSKLIFE 63072000 /* 2 years */
416 #define KSM_PAR_KSKLIFE_STRING "lifetime"
417 #define KSM_PAR_KSKLIFE_CAT "ksk"
418 #define KSM_PAR_PROPDELAY 3600 /* 1 hour */
419 #define KSM_PAR_PROPDELAY_STRING "propagationdelay"
420 #define KSM_PAR_PROPDELAY_CAT "zone"
421 #define KSM_PAR_STANDBYKSKS 1
422 #define KSM_PAR_STANDBYKSKS_STRING "standby"
423 #define KSM_PAR_STANDBYKSKS_CAT "ksk"
424 #define KSM_PAR_STANDBYZSKS 1
425 #define KSM_PAR_STANDBYZSKS_STRING "standby"
426 #define KSM_PAR_STANDBYZSKS_CAT "zsk"
427 #define KSM_PAR_SIGNINT 7200 /* 2 hours */
428 #define KSM_PAR_SIGNINT_STRING "resign"
429 #define KSM_PAR_SIGNINT_CAT "signature"
430 #define KSM_PAR_SOAMIN 7200 /* 2 hours */
431 #define KSM_PAR_SOAMIN_STRING "min"
432 #define KSM_PAR_SOAMIN_CAT "zone"
433 #define KSM_PAR_SOATTL 172800 /* 2 days */
434 #define KSM_PAR_SOATTL_STRING "ttl"
435 #define KSM_PAR_SOATTL_CAT "zone"
436 #define KSM_PAR_ZSKSIGLIFE 432000 /* 5 days */
437 #define KSM_PAR_ZSKSIGLIFE_STRING "valdefault"
438 #define KSM_PAR_ZSKSIGLIFE_CAT "signature"
439 #define KSM_PAR_ZSKLIFE 2592000 /* 30 days */
440 #define KSM_PAR_ZSKLIFE_STRING "lifetime"
441 #define KSM_PAR_ZSKLIFE_CAT "zsk"
442 #define KSM_PAR_ZSKTTL 172800 /* 2 days */
443 #define KSM_PAR_ZSKTTL_STRING "ttl"
444 #define KSM_PAR_ZSKTTL_CAT "keys"
445 #define KSM_PAR_KSKTTL 172800 /* 2 days */
446 #define KSM_PAR_KSKTTL_STRING "ttl"
447 #define KSM_PAR_KSKTTL_CAT "keys"
448 #define KSM_PAR_KSKPROPDELAY 3600 /* 1 hour */
449 #define KSM_PAR_KSKPROPDELAY_STRING "propagationdelay"
450 #define KSM_PAR_KSKPROPDELAY_CAT "parent"
451 #define KSM_PAR_REGDELAY 0 /* TODO sort this out */
452 #define KSM_PAR_REGDELAY_STRING "registrationdelay" /* TODO sort this out */
453 #define KSM_PAR_REGDELAY_CAT "parent" /* TODO sort this out */
454 #define KSM_PAR_PUBSAFETY 172800 /* 2 days */
455 #define KSM_PAR_PUBSAFETY_STRING "publishsafety"
456 #define KSM_PAR_PUBSAFETY_CAT "keys"
457 #define KSM_PAR_RETSAFETY 172800 /* 2 days */
458 #define KSM_PAR_RETSAFETY_STRING "retiresafety"
459 #define KSM_PAR_RETSAFETY_CAT "keys"
460 #define KSM_PAR_KSK_MAN_ROLL 0 /* false (i.e. automatic roll) */
461 #define KSM_PAR_KSK_MAN_ROLL_STRING "manual_rollover"
462 #define KSM_PAR_KSK_MAN_ROLL_CAT "ksk"
463 #define KSM_PAR_ZSK_MAN_ROLL 0 /* false (i.e. automatic roll) */
464 #define KSM_PAR_ZSK_MAN_ROLL_STRING "manual_rollover"
465 #define KSM_PAR_ZSK_MAN_ROLL_CAT "zsk"
466 #define KSM_PAR_DSTTL 3600
467 #define KSM_PAR_DSTTL_STRING "ttlds"
468 #define KSM_PAR_DSTTL_CAT "parent"
469 #define KSM_PAR_KSK_ROLL 0
470 #define KSM_PAR_KSK_ROLL_STRING "rollover_scheme"
471 #define KSM_PAR_KSK_ROLL_CAT "ksk"
472 
473 typedef struct { /* Holds collection of parameters */
474  int clockskew; /* Clock skew */
475  int ksklife; /* Lifetime of a KSK */
476  int standbyksks; /* Number of Standby Key Signing keys */
477  int standbyzsks; /* Number of Standby Zone signing keys */
478  int propdelay; /* Propagation delay */
479  int signint; /* Signing interval - how long signing the zone takes */
480  int soamin; /* "Minimum" value from SOA record */
481  int soattl; /* TTL of the SOA record */
482  int zsksiglife; /* Length of signatures signed by this ZSK */
483  int zsklife; /* How long key is used for */
484  int zskttl; /* TTL of ZSK DNSKEY record */
485  int kskttl; /* TTL of KSK DNSKEY record */
486  int kskpropdelay; /* KSK Propagation delay */
487  int regdelay; /* KSK Registration delay */
488  int pub_safety; /* Publish safety margin */
489  int ret_safety; /* Retire safety margin */
490  int kskmanroll; /* Do we only roll the KSK manually? */
491  int zskmanroll; /* Do we only roll the ZSK manually? */
492  int dsttl; /* TTL of the DS record */
493  int kskroll; /* Rollover Scheme for the KSK */
494 } KSM_PARCOLL;
495 
496 int KsmCollectionInit(KSM_PARCOLL* data);
497 int KsmParameterClockskew(KSM_PARCOLL* collection);
498 int KsmParameterKskLifetime(KSM_PARCOLL* collection);
499 int KsmParameterStandbyKSKeys(KSM_PARCOLL* collection);
500 int KsmParameterStandbyZSKeys(KSM_PARCOLL* collection);
503 int KsmParameterSoaMin(KSM_PARCOLL* collection);
504 int KsmParameterSoaTtl(KSM_PARCOLL* collection);
505 int KsmParameterZskLifetime(KSM_PARCOLL* collection);
506 int KsmParameterZskTtl(KSM_PARCOLL* collection);
507 int KsmParameterKskTtl(KSM_PARCOLL* collection);
510 int KsmParameterPubSafety(KSM_PARCOLL* collection);
511 int KsmParameterRetSafety(KSM_PARCOLL* collection);
513 int KsmParameterCollection(KSM_PARCOLL* data, int policy_id);
514 void KsmParameterCollectionCache(int enable);
515 
516 /* ksm_keyword */
517 
518 int KsmKeywordAlgorithmNameToValue(const char* name);
519 int KsmKeywordFormatNameToValue(const char* name);
520 int KsmKeywordParameterNameToValue(const char* name);
521 int KsmKeywordStateNameToValue(const char* name);
522 int KsmKeywordTypeNameToValue(const char* name);
523 int KsmKeywordRollNameToValue(const char* name);
524 
525 const char* KsmKeywordAlgorithmValueToName(int value);
526 const char* KsmKeywordFormatValueToName(int value);
527 const char* KsmKeywordStateValueToName(int value);
528 const char* KsmKeywordTypeValueToName(int value);
529 const char* KsmKeywordSerialValueToName(int value);
530 const char* KsmKeywordRollValueToName(int value);
531 
532 int KsmKeywordParameterExists(const char* name);
533 
534 /* ksm_update */
535 
536 int KsmUpdate(int policy_id, int zone_id);
537 void KsmUpdateKey(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
539 void KsmUpdatePublishKeyTime(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
541 void KsmUpdateActiveKeyTime(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
542 void KsmUpdateRetireKeyTime(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
544 void KsmUpdateDSPublishKeyTime(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
545 void KsmUpdateKEYPublishKeyTime(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
546 int KsmUpdateKeyTime(const KSM_KEYDATA* data, const char* source,
547  const char* destination, int interval, int zone_id);
548 
549 /* ksm_request */
550 
551 typedef int (*KSM_REQUEST_CALLBACK)(void* context, KSM_KEYDATA* key);
552 
553 int KsmRequestKeys(int keytype, int rollover, const char* datetime,
554  KSM_REQUEST_CALLBACK callback, void* context, int policy_id, int zone_id,
555  int run_interval, int* NewDS);
556 int KsmRequestKeysByType(int keytype, int rollover, const char* datetime,
557  KSM_REQUEST_CALLBACK callback, void* context, int policy_id, int zone_id,
558  int run_interval, int* NewDS);
559 int KsmRequestSetActiveExpectedRetire(int keytype, const char* datetime, int zone_id);
560 int KsmRequestChangeStateActiveRetire(int keytype, const char* datetime, int zone_id, int policy_id);
561 int KsmRequestChangeStateRetireDead(int keytype, const char* datetime, int zone_id, int policy_id, int rollover_scheme, int* NewDS);
562 int KsmRequestChangeStatePublishReady(int keytype, const char* datetime, int zone_id, int policy_id, int* NewDS);
563 int KsmRequestChangeStateDSPublishDSReady(int keytype, const char* datetime, int zone_id, int policy_id);
564 int KsmRequestChangeState(int keytype, const char* datetime, int src_state,
565  int dst_state, int zone_id, int policy_id, int rollover_scheme, int* NewDS);
566 int KsmRequestChangeStateGeneratePublish(int keytype, const char* datetime,
567  int count, int zone_id);
568 int KsmRequestChangeStateGenerateDSSub(int keytype, const char* datetime,
569  int count, int zone_id);
570 int KsmRequestChangeStateDSReadyKeyPublish(const char* datetime, int zone_id, int policy_id);
571 int KsmRequestChangeStateKeyPublishActive(const char* datetime, int zone_id, int policy_id, int* NewDS);
572 int KsmRequestChangeStateReadyActive(int keytype, const char* datetime,
573  int count, int zone_id);
574 int KsmRequestChangeStateN(int keytype, const char* datetime,
575  int count, int src_state, int dst_state, int zone_id);
577  const char* datetime, KSM_PARCOLL* collection, int zone_id, int* NewDS);
579  const char* datetime, KSM_PARCOLL* collection, int zone_id,
580  int run_interval);
581 int KsmRequestPendingRetireCount(int keytype, const char* datetime,
582  KSM_PARCOLL* parameters, int* count, int zone_id, int interval);
583 int KsmRequestAvailableCount(int keytype, const char* datetime,
584  KSM_PARCOLL* parameters, int* count, int zone_id);
585 int KsmRequestGenerateCount(int keytype, int* count, int zone_id);
586 int KsmRequestStandbyKSKCount(int* count, int zone_id);
587 int KsmRequestCheckActiveKey(int keytype, const char* datetime, int* count, int zone_id);
588 int KsmRequestCountReadyKey(int keytype, const char* datetime, int* count, int zone_id);
589 int KsmRequestCheckFirstPass(int keytype, int* first_pass_flag, int zone_id);
590 int KsmRequestCheckCompromisedFlag(int keytype, int zone_id, int* comp_flag);
591 int KsmRequestIssueKeys(int keytype, KSM_REQUEST_CALLBACK callback,
592  void* context, int zone_id);
593 
594 int KsmRequestPrintKey(void* context, KSM_KEYDATA* data);
595 
596 int KsmRequestDNSSECKeys(const char* datetime, KSM_POLICY* policy);
597 int KsmRequestDNSSECKeysChangeStateRetireDead(KSM_KEY_POLICY *policy, const char* datetime, int verify);
598 int KsmRequestDNSSECKeysChangeState(KSM_KEY_POLICY *policy, const char* datetime, int src_state, int dst_state, int verify);
599 int KsmRequestDNSSECKeysChangeStatePublishReady(KSM_KEY_POLICY *policy, const char* datetime, int verify);
600 int KsmRequestDNSSECKeysChangeStateGeneratePublishConditional(KSM_POLICY *policy, KSM_KEY_POLICY *key_policy, const char* datetime, int verify);
601 int KsmRequestDNSSECKeysSetActiveExpectedRetire(int keytype, const char* datetime, int verify);
602 int KsmRequestDNSSECKeysPendingRetireCount(KSM_KEY_POLICY, const char* datetime, int* count);
603 
608 int KsmPolicySigningInterval(KSM_PARCOLL* collection);
611 int KsmPolicyZskTtl(KSM_PARCOLL* collection);
613 
614 /* KsmImport */
615 int KsmImportRepository(const char* repo_name, const char* repo_capacity, int require_backup);
616 int KsmImportPolicy(const char* policy_name, const char* policy_description);
617 int KsmImportZone(const char* zone_name, int policy_id, int fail_if_exists, int *new_zone, const char* signconf, const char* input, const char* output);
618 int KsmImportAudit(int policy_id, const char* audit_contents);
619 int KsmImportKeyPair(int policy_id, const char* HSMKeyID, int smID, int size, int alg, int state, const char* time, int fixDate, DB_ID* id);
620 int KsmSmIdFromName(const char* name, int *id);
621 int KsmSerialIdFromName(const char* name, int *id);
622 int KsmPolicyIdFromName(const char* name, int *id);
623 int KsmMarkPreBackup(int repo_id, const char* datetime);
624 int KsmRollbackMarkPreBackup(int repo_id);
625 int KsmMarkBackup(int repo_id, const char* datetime);
626 int KsmCheckHSMkeyID(int repo_id, const char* cka_id, int *exists);
627 
628 /* KsmList */
629 int KsmListBackups(int repo_id, int verbose_flag);
630 int KsmListRepos();
631 int KsmListPolicies();
632 int KsmListRollovers(int zone_id);
633 int KsmCheckNextRollover(int keytype, int zone_id, char** datetime);
634 
635 #ifdef __cplusplus
636 };
637 #endif
638 
639 #endif /* KSM_KSM_H */
int KsmCheckHSMkeyID(int repo_id, const char *cka_id, int *exists)
Definition: ksm_import.c:739
int KsmPolicyInit(DB_RESULT *handle, const char *name)
Definition: ksm_policy.c:69
unsigned long sm_capacity
Definition: ksm.h:212
int zone_id
Definition: ksm.h:118
int siglifetime
Definition: ksm.h:105
int KsmZoneIdAndPolicyFromName(const char *zone_name, int *policy_id, int *zone_id)
Definition: ksm_zone.c:308
int KsmRequestChangeStateN(int keytype, const char *datetime, int count, int src_state, int dst_state, int zone_id)
Definition: ksm_request.c:1041
int KsmRequestCheckFirstPass(int keytype, int *first_pass_flag, int zone_id)
Definition: ksm_request.c:1927
char * audit
Definition: ksm.h:261
int overlap
Definition: ksm.h:214
int rfc5011
Definition: ksm.h:216
int backup_interval
Definition: ksm.h:225
int KsmPolicy(DB_RESULT handle, KSM_POLICY *data)
Definition: ksm_policy.c:191
int serial
Definition: ksm.h:233
int KsmDeleteKeyRanges(int limit[], int size)
int KsmPolicyZskTtl(KSM_PARCOLL *collection)
int KsmKeywordParameterExists(const char *name)
Definition: ksm_keyword.c:288
int kskttl
Definition: ksm.h:485
int KsmKeywordTypeNameToValue(const char *name)
Definition: ksm_keyword.c:229
int KsmPolicySoaMin(KSM_SIGNER_POLICY *policy)
int KsmUpdate(int policy_id, int zone_id)
Definition: ksm_update.c:72
int(* KSM_REQUEST_CALLBACK)(void *context, KSM_KEYDATA *key)
Definition: ksm.h:551
int KsmPolicyPropagationDelay(KSM_SIGNER_POLICY *policy)
int soa_min
Definition: ksm.h:232
void KsmUpdateDeadKeyTime(KSM_KEYDATA *data)
Definition: ksm_update.c:428
int KsmRequestIssueKeys(int keytype, KSM_REQUEST_CALLBACK callback, void *context, int zone_id)
Definition: ksm_request.c:2045
int flags
Definition: ksm.h:126
int KsmMarkPreBackup(int repo_id, const char *datetime)
Definition: ksm_import.c:533
int KsmKeyCountQueue(int keytype, int *count, int zone_id)
Definition: ksm_key.c:655
int pub_safety
Definition: ksm.h:488
KSM_POLICY * KsmPolicyAlloc()
Definition: ksm_policy.c:906
int KsmParameterZskTtl(KSM_PARCOLL *collection)
int KsmParameter(DB_RESULT result, KSM_PARAMETER *data)
KSM_COMMON_KEY_POLICY * keys
Definition: ksm.h:254
int KsmZoneInit(DB_RESULT *handle, int policy_id)
Definition: ksm_zone.c:68
int KsmRequestChangeStateDSReadyKeyPublish(const char *datetime, int zone_id, int policy_id)
Definition: ksm_request.c:701
int state
Definition: ksm.h:102
int KsmParameterCollection(KSM_PARCOLL *data, int policy_id)
int soa_ttl
Definition: ksm.h:231
#define KSM_TIME_LENGTH
Definition: ksm.h:64
int KsmSerialIdFromName(const char *name, int *id)
Definition: ksm_import.c:443
KSM_KEY_POLICY * zsk
Definition: ksm.h:256
int KsmRequestDNSSECKeys(const char *datetime, KSM_POLICY *policy)
int KsmPolicyKeyLifetime(KSM_KEY_POLICY *policy)
#define KSM_ZONE_NAME_LENGTH
Definition: ksm.h:69
int bits
Definition: ksm.h:208
int KsmPolicySetIdFromName(KSM_POLICY *policy)
Definition: ksm_policy.c:810
int dsttl
Definition: ksm.h:492
int KsmImportAudit(int policy_id, const char *audit_contents)
Definition: ksm_import.c:311
int KsmParameterKskLifetime(KSM_PARCOLL *collection)
int zsksiglife
Definition: ksm.h:482
int KsmKeyPairCreate(int policy_id, const char *HSMKeyID, int smID, int size, int alg, const char *generate, DB_ID *id)
Definition: ksm_key.c:86
int KsmZone(DB_RESULT handle, KSM_ZONE *data)
Definition: ksm_zone.c:152
int KsmKeywordRollNameToValue(const char *name)
Definition: ksm_keyword.c:259
int manual_rollover
Definition: ksm.h:219
int KsmZoneCount(DB_RESULT handle, int *count)
Definition: ksm_zone.c:204
int value
Definition: ksm.h:157
int KsmPolicyUpdateSalt(KSM_POLICY *policy)
Definition: ksm_policy.c:498
int KsmRollbackMarkPreBackup(int repo_id)
Definition: ksm_import.c:596
int shared_keys
Definition: ksm.h:262
int KsmListPolicies()
Definition: ksm_list.c:308
void KsmUpdateActiveKeyTime(KSM_KEYDATA *data, KSM_PARCOLL *collection, int zone_id)
Definition: ksm_update.c:325
int KsmPolicyRead(KSM_POLICY *policy)
Definition: ksm_policy.c:232
int KsmRequestStandbyKSKCount(int *count, int zone_id)
Definition: ksm_request.c:1733
int clockskew
Definition: ksm.h:474
int KsmParameterSoaMin(KSM_PARCOLL *collection)
int regdelay
Definition: ksm.h:487
int ret_safety
Definition: ksm.h:489
const char * KsmKeywordRollValueToName(int value)
Definition: ksm_keyword.c:264
int KsmRundown(void)
int ksklife
Definition: ksm.h:475
int KsmRequestSetActiveExpectedRetire(int keytype, const char *datetime, int zone_id)
Definition: ksm_request.c:521
int KsmImportZone(const char *zone_name, int policy_id, int fail_if_exists, int *new_zone, const char *signconf, const char *input, const char *output)
Definition: ksm_import.c:205
int algorithm
Definition: ksm.h:207
int KsmParameterKskTtl(KSM_PARCOLL *collection)
int KsmRequestChangeStatePublishReady(int keytype, const char *datetime, int zone_id, int policy_id, int *NewDS)
Definition: ksm_request.c:688
int KsmKeyQuery(const char *sql, DB_RESULT *result)
const char * KsmKeywordStateValueToName(int value)
Definition: ksm_keyword.c:244
void KsmUpdateKEYPublishKeyTime(KSM_KEYDATA *data, KSM_PARCOLL *collection, int zone_id)
Definition: ksm_update.c:493
int KsmCheckNextRollover(int keytype, int zone_id, char **datetime)
Definition: ksm_list.c:448
int KsmParameterZskLifetime(KSM_PARCOLL *collection)
int KsmPolicyIdFromName(const char *name, int *id)
Definition: ksm_import.c:486
int roll_scheme
Definition: ksm.h:127
#define KSM_NAME_LENGTH
Definition: ksm.h:59
int KsmKeyInitId(DB_RESULT *result, DB_ID id)
Definition: ksm_key.c:328
int KsmDNSSECKeysInSMCountInit(DB_RESULT *handle, int policy_id)
int KsmRequestCheckActiveKey(int keytype, const char *datetime, int *count, int zone_id)
Definition: ksm_request.c:1811
int KsmPolicyParameter(DB_RESULT handle, KSM_POLICY_PARAMETER *data)
Definition: ksm_policy.c:369
int KsmParameterKskPropagationDelay(KSM_PARCOLL *collection)
int KsmRequestDNSSECKeysChangeState(KSM_KEY_POLICY *policy, const char *datetime, int src_state, int dst_state, int verify)
int KsmSmIdFromName(const char *name, int *id)
Definition: ksm_import.c:414
int keygeninterval
Definition: ksm.h:226
int KsmPolicyReadFromId(KSM_POLICY *policy)
Definition: ksm_policy.c:417
int saltlength
Definition: ksm.h:193
int KsmRequestChangeStateReadyActive(int keytype, const char *datetime, int count, int zone_id)
Definition: ksm_request.c:1000
int policy_id
Definition: ksm.h:291
int KsmPolicyIdFromZoneId(int zone_id, int *policy_id)
Definition: ksm_policy.c:860
int kskmanroll
Definition: ksm.h:490
int KsmParameterSoaTtl(KSM_PARCOLL *collection)
int KsmPolicyParametersInit(DB_RESULT *handle, const char *name)
Definition: ksm_policy.c:110
KSM_PARENT_POLICY * parent
Definition: ksm.h:259
int KsmPolicySoaTtl(KSM_SIGNER_POLICY *policy)
int KsmRequestDNSSECKeysChangeStatePublishReady(KSM_KEY_POLICY *policy, const char *datetime, int verify)
KSM_DENIAL_POLICY * denial
Definition: ksm.h:253
int KsmParameterStandbyZSKeys(KSM_PARCOLL *collection)
int KsmZoneIdFromName(const char *zone_name, int *zone_id)
Definition: ksm_zone.c:245
KSM_KEY_POLICY * ksk
Definition: ksm.h:255
void KsmUpdateGenerateKeyTime(KSM_KEYDATA *data)
Definition: ksm_update.c:223
int KsmInit(void)
unsigned long DB_ID
Definition: database.h:80
void KsmUpdatePublishKeyTime(KSM_KEYDATA *data, KSM_PARCOLL *collection, int zone_id)
Definition: ksm_update.c:241
KSM_ZONE_POLICY * zone
Definition: ksm.h:258
int KsmParameterValue(const char *name, const char *category, int *value, int policy_id, int *parameter_id)
int KsmKeywordStateNameToValue(const char *name)
Definition: ksm_keyword.c:224
int KsmListRepos()
Definition: ksm_list.c:244
int KsmParameterClockskew(KSM_PARCOLL *collection)
int KsmKeyInitSql(DB_RESULT *result, const char *sql)
Definition: ksm_key.c:219
int KsmRequestCountReadyKey(int keytype, const char *datetime, int *count, int zone_id)
Definition: ksm_request.c:1875
int propdelay
Definition: ksm.h:230
int KsmCollectionInit(KSM_PARCOLL *data)
int securitymodule_id
Definition: ksm.h:113
int KsmRequestChangeState(int keytype, const char *datetime, int src_state, int dst_state, int zone_id, int policy_id, int rollover_scheme, int *NewDS)
Definition: ksm_request.c:766
int KsmParameterRegistrationDelay(KSM_PARCOLL *collection)
int type
Definition: ksm.h:217
int KsmImportPolicy(const char *policy_name, const char *policy_description)
Definition: ksm_import.c:149
int propdelay
Definition: ksm.h:478
void KsmPolicyFree(KSM_POLICY *policy)
Definition: ksm_policy.c:943
#define KSM_PATH_LENGTH
Definition: ksm.h:61
int KsmKey(DB_RESULT result, KSM_KEYDATA *data)
Definition: ksm_key.c:368
KSM_SIGNER_POLICY * signer
Definition: ksm.h:251
int KsmParameterPropagationDelay(KSM_PARCOLL *collection)
int KsmParameterInitialPublicationInterval(KSM_PARCOLL *collection)
int size
Definition: ksm.h:114
int standby_keys
Definition: ksm.h:218
#define KSM_SALT_LENGTH
Definition: ksm.h:68
int KsmPolicyStandbyKeys(KSM_KEY_POLICY *policy)
int KsmRequestAvailableCount(int keytype, const char *datetime, KSM_PARCOLL *parameters, int *count, int zone_id)
Definition: ksm_request.c:1614
int KsmKeyPredict(int policy_id, int keytype, int shared_keys, int interval, int *count, int rollover_scheme, int zone_count)
Definition: ksm_key.c:564
int KsmMarkKeysAsDead(int zone_id)
Definition: ksm_key.c:948
const char * KsmKeywordSerialValueToName(int value)
Definition: ksm_keyword.c:254
int KsmDNSSECKeysStateCountInit(DB_RESULT *result, int policy_id, KSM_KEY_POLICY *key_policy, int state)
int KsmDnssecKeyCreate(int zone_id, int keypair_id, int keytype, int state, const char *time, const char *retTime, DB_ID *id)
Definition: ksm_key.c:143
int KsmRequestChangeStateDSPublishDSReady(int keytype, const char *datetime, int zone_id, int policy_id)
Definition: ksm_request.c:694
int KsmPolicyNullSaltStamp(int policy_id)
Definition: ksm_policy.c:676
DB_ID dnsseckey_id
Definition: ksm.h:117
int keytype
Definition: ksm.h:103
int KsmRequestGenerateCount(int keytype, int *count, int zone_id)
Definition: ksm_request.c:1683
int KsmRequestChangeStateRetireDead(int keytype, const char *datetime, int zone_id, int policy_id, int rollover_scheme, int *NewDS)
Definition: ksm_request.c:721
int KsmKeyInit(DB_RESULT *result, DQS_QUERY_CONDITION *condition)
Definition: ksm_key.c:251
int KsmRequestDNSSECKeysChangeStateRetireDead(KSM_KEY_POLICY *policy, const char *datetime, int verify)
int KsmRequestChangeStateGeneratePublish(int keytype, const char *datetime, int count, int zone_id)
Definition: ksm_request.c:986
int KsmRequestDNSSECKeysSetActiveExpectedRetire(int keytype, const char *datetime, int verify)
int propdelay
Definition: ksm.h:237
int fixedDate
Definition: ksm.h:119
char * description
Definition: ksm.h:250
int KsmParameterShow(const char *name, const char *category, int policy_id)
int algorithm
Definition: ksm.h:104
int propdelay
Definition: ksm.h:173
int KsmRequestChangeStateGenerateDSSubConditional(int keytype, const char *datetime, KSM_PARCOLL *collection, int zone_id, int *NewDS)
Definition: ksm_request.c:1260
int zskttl
Definition: ksm.h:484
int KsmDNSSECKeysInSMCount(DB_RESULT handle, int *count)
int KsmRequestKeysByType(int keytype, int rollover, const char *datetime, KSM_REQUEST_CALLBACK callback, void *context, int policy_id, int zone_id, int run_interval, int *NewDS)
Definition: ksm_request.c:212
int KsmRequestChangeStateGeneratePublishConditional(int keytype, const char *datetime, KSM_PARCOLL *collection, int zone_id, int run_interval)
Definition: ksm_request.c:1365
int KsmDeleteZone(int zone_id)
Definition: ksm_zone.c:370
void KsmParameterCollectionCache(int enable)
int KsmPolicySigningInterval(KSM_PARCOLL *collection)
int parameter_id
Definition: ksm.h:158
int KsmZoneNameFromId(int zone_id, char **zone_name)
Definition: ksm_zone.c:410
int KsmParameterSigningInterval(KSM_PARCOLL *collection)
int KsmPolicyPopulateSMFromIds(KSM_POLICY *policy)
Definition: ksm_policy.c:709
int KsmParameterPubSafety(KSM_PARCOLL *collection)
int standbyzsks
Definition: ksm.h:477
DB_ID keypair_id
Definition: ksm.h:101
int KsmParameterExist(DB_RESULT *result, const char *name, const char *category, int *parameter_id)
void KsmParameterEnd(DB_RESULT result)
int KsmImportKeyPair(int policy_id, const char *HSMKeyID, int smID, int size, int alg, int state, const char *time, int fixDate, DB_ID *id)
Definition: ksm_import.c:360
int sm
Definition: ksm.h:210
int KsmKeyGetUnallocated(int policy_id, int sm, int bits, int algorithm, int zone_id, int share_keys, int *keypair_id)
Definition: ksm_key.c:872
int KsmKeyData(DB_ID id, KSM_KEYDATA *data)
Definition: ksm_key.c:500
const char * KsmKeywordTypeValueToName(int value)
Definition: ksm_keyword.c:249
void KsmUpdateKey(KSM_KEYDATA *data, KSM_PARCOLL *collection, int zone_id)
Definition: ksm_update.c:152
int signint
Definition: ksm.h:479
void KsmUpdateReadyKeyTime(KSM_KEYDATA *data)
Definition: ksm_update.c:307
int KsmParameterInit(DB_RESULT *result, const char *name, const char *category, int policy_id)
Definition: ksm_parameter.c:85
void KsmUpdateDSPublishKeyTime(KSM_KEYDATA *data, KSM_PARCOLL *collection, int zone_id)
Definition: ksm_update.c:447
int kskpropdelay
Definition: ksm.h:486
int KsmPolicyExists(const char *name)
Definition: ksm_policy.c:151
int policy_id
Definition: ksm.h:115
int KsmRequestChangeStateKeyPublishActive(const char *datetime, int zone_id, int policy_id, int *NewDS)
Definition: ksm_request.c:708
int KsmRequestChangeStateActiveRetire(int keytype, const char *datetime, int zone_id, int policy_id)
Definition: ksm_request.c:714
int KsmParameterRetSafety(KSM_PARCOLL *collection)
int KsmRequestPrintKey(void *context, KSM_KEYDATA *data)
Definition: ksm_request.c:2124
int id
Definition: ksm.h:248
int KsmKeywordParameterNameToValue(const char *name)
Definition: ksm_keyword.c:219
const char * KsmKeywordFormatValueToName(int value)
Definition: ksm_keyword.c:239
int ttl
Definition: ksm.h:215
int require_backup
Definition: ksm.h:213
int KsmRequestPendingRetireCount(int keytype, const char *datetime, KSM_PARCOLL *parameters, int *count, int zone_id, int interval)
Definition: ksm_request.c:1482
int zsklife
Definition: ksm.h:483
int KsmZoneCountInit(DB_RESULT *handle, int id)
Definition: ksm_zone.c:109
int KsmKeywordFormatNameToValue(const char *name)
Definition: ksm_keyword.c:214
int KsmParameterSet(const char *name, const char *category, int value, int policy_id)
KSM_ENFORCER_POLICY * enforcer
Definition: ksm.h:257
int KsmImportRepository(const char *repo_name, const char *repo_capacity, int require_backup)
Definition: ksm_import.c:72
int KsmRequestCheckCompromisedFlag(int keytype, int zone_id, int *comp_flag)
Definition: ksm_request.c:1983
int KsmPolicyClockskew(KSM_SIGNATURE_POLICY *policy)
int KsmKeywordAlgorithmNameToValue(const char *name)
Definition: ksm_keyword.c:209
int KsmParameterStandbyKSKeys(KSM_PARCOLL *collection)
int KsmDeleteKeyRange(int minid, int maxid)
int algorithm
Definition: ksm.h:189
int KsmListBackups(int repo_id, int verbose_flag)
Definition: ksm_list.c:66
void KsmUpdateRetireKeyTime(KSM_KEYDATA *data, KSM_PARCOLL *collection, int zone_id)
Definition: ksm_update.c:375
int KSM_ID
Definition: ksm.h:50
int rollover_scheme
Definition: ksm.h:220
void KsmKeyEnd(DB_RESULT result)
Definition: ksm_key.c:471
int id
Definition: ksm.h:290
int standbyksks
Definition: ksm.h:476
int KsmPolicyNameFromId(KSM_POLICY *policy)
Definition: ksm_policy.c:430
int KsmRequestKeys(int keytype, int rollover, const char *datetime, KSM_REQUEST_CALLBACK callback, void *context, int policy_id, int zone_id, int run_interval, int *NewDS)
Definition: ksm_request.c:97
int lifetime
Definition: ksm.h:209
int KsmMarkBackup(int repo_id, const char *datetime)
Definition: ksm_import.c:666
int iteration
Definition: ksm.h:190
Definition: ksm.h:289
int soattl
Definition: ksm.h:481
int zskmanroll
Definition: ksm.h:491
int KsmListRollovers(int zone_id)
Definition: ksm_list.c:371
int KsmKeyCountStillGood(int policy_id, int sm, int bits, int algorithm, int interval, const char *datetime, int *count, int keytype)
Definition: ksm_key.c:734
int KsmKillKey(int keypair_id, int zone_id)
Definition: ksm_key.c:1009
int KsmUpdateKeyTime(const KSM_KEYDATA *data, const char *source, const char *destination, int interval, int zone_id)
Definition: ksm_update.c:557
int KsmPolicyInitialPublicationInterval(KSM_POLICY *policy)
void KsmPurge(void)
Definition: ksm_purge.c:54
KSM_SIGNATURE_POLICY * signature
Definition: ksm.h:252
int KsmRequestChangeStateGenerateDSSub(int keytype, const char *datetime, int count, int zone_id)
Definition: ksm_request.c:993
int soamin
Definition: ksm.h:480
int KsmRequestDNSSECKeysPendingRetireCount(KSM_KEY_POLICY, const char *datetime, int *count)
int KsmRequestDNSSECKeysChangeStateGeneratePublishConditional(KSM_POLICY *policy, KSM_KEY_POLICY *key_policy, const char *datetime, int verify)
int kskroll
Definition: ksm.h:493
const char * KsmKeywordAlgorithmValueToName(int value)
Definition: ksm_keyword.c:234