36 static const char* hsm_str =
"hsm";
46 int result = hsm_open(filename, hsm_check_pin);
47 if (result != HSM_OK) {
48 char* error = hsm_get_error(NULL);
53 ods_log_crit(
"[%s] error opening libhsm (errno %i)", hsm_str,
58 ods_log_info(
"[%s] libhsm connection opened succesfully", hsm_str);
71 if (hsm_check_context(NULL) != HSM_OK) {
100 hsm_sign_params_free(key->
params);
115 if (hsm_check_context(NULL) != HSM_OK) {
139 if (!owner || !key_id) {
140 ods_log_error(
"[%s] unable to get key: missing required elements",
149 key_id->
params = hsm_sign_params_new();
151 key_id->
params->owner = ldns_rdf_clone(owner);
156 error = hsm_get_error(ctx);
160 }
else if (!retries) {
161 lhsm_clear_key_cache(key_id);
165 ods_log_error(
"[%s] unable to get key: create params for key %s "
175 error = hsm_get_error(ctx);
179 }
else if (!retries) {
180 lhsm_clear_key_cache(key_id);
185 ods_log_error(
"[%s] unable to get key: key %s not found", hsm_str,
194 error = hsm_get_error(ctx);
198 }
else if (!retries) {
199 lhsm_clear_key_cache(key_id);
203 ods_log_error(
"[%s] unable to get key: hsm failed to create dnskey",
207 key_id->
params->keytag = ldns_calc_keytag(key_id->
dnskey);
218 ldns_rdf* owner, time_t inception, time_t expiration)
222 ldns_rr* result = NULL;
223 hsm_sign_params_t* params = NULL;
226 if (!owner || !key_id || !rrset || !inception || !expiration) {
227 ods_log_error(
"[%s] unable to sign: missing required elements",
235 params = hsm_sign_params_new();
236 params->owner = ldns_rdf_clone(key_id->
params->owner);
238 params->flags = key_id->
flags;
239 params->inception = inception;
240 params->expiration = expiration;
241 params->keytag = key_id->
params->keytag;
243 ldns_rr_get_type(ldns_rr_list_rr(rrset, 0)),
245 result = hsm_sign_rrset(ctx, rrset, key_id->
hsmkey, params);
246 hsm_sign_params_free(params);
248 error = hsm_get_error(ctx);
253 ods_log_crit(
"[%s] error signing rrset with libhsm", hsm_str);
const char * cfg_filename
void engine_stop_drudgers(engine_type *engine)
void ods_log_debug(const char *format,...)
void lhsm_check_connection(void *engine)
ldns_rr * lhsm_sign(hsm_ctx_t *ctx, ldns_rr_list *rrset, key_type *key_id, ldns_rdf *owner, time_t inception, time_t expiration)
void ods_log_info(const char *format,...)
enum ods_enum_status ods_status
void ods_log_error(const char *format,...)
void engine_start_drudgers(engine_type *engine)
void ods_log_crit(const char *format,...)
engineconfig_type * config
ods_status lhsm_get_key(hsm_ctx_t *ctx, ldns_rdf *owner, key_type *key_id)
int lhsm_reopen(const char *filename)
hsm_sign_params_t * params
void ods_log_deeebug(const char *format,...)
#define ods_log_assert(x)
void ods_log_warning(const char *format,...)
int lhsm_open(const char *filename)