OpenDNSSEC-signer
1.4.6
|
#include "config.h"
#include "shared/status.h"
#include "signer/keys.h"
#include <ctype.h>
#include <stdint.h>
#include <ldns/ldns.h>
#include <libhsm.h>
#include <libhsmdns.h>
Go to the source code of this file.
Functions | |
int | lhsm_open (const char *filename) |
int | lhsm_reopen (const char *filename) |
void | lhsm_check_connection (void *engine) |
ods_status | lhsm_get_key (hsm_ctx_t *ctx, ldns_rdf *owner, key_type *key_id) |
ldns_rr * | lhsm_sign (hsm_ctx_t *ctx, ldns_rr_list *rrset, key_type *key_id, ldns_rdf *owner, time_t inception, time_t expiration) |
void lhsm_check_connection | ( | void * | engine | ) |
Check the HSM connection, reload engine if necessary.
[in] | engine | signer engine. |
Check the HSM connection, reload engine if necessary.
Definition at line 112 of file hsm.c.
References engineconfig_struct::cfg_filename, engine_struct::config, engine_start_drudgers(), engine_stop_drudgers(), lhsm_open(), ods_log_debug(), and ods_log_warning().
ods_status lhsm_get_key | ( | hsm_ctx_t * | ctx, |
ldns_rdf * | owner, | ||
key_type * | key_id | ||
) |
Get key from one of the HSMs, store the DNSKEY and HSM key.
[in] | ctx | HSM context |
[in] | owner | the zone owner name |
[in] | key_id | key credentials |
Get key from one of the HSMs.
Definition at line 134 of file hsm.c.
References key_struct::algorithm, key_struct::dnskey, key_struct::flags, key_struct::hsmkey, key_struct::locator, ods_log_error(), ODS_STATUS_ASSERT_ERR, ODS_STATUS_ERR, ODS_STATUS_OK, and key_struct::params.
Referenced by zone_prepare_keys(), and zone_publish_dnskeys().
int lhsm_open | ( | const char * | filename | ) |
Hardware Security Module support. Open HSM.
[in] | filename | the configuration filename |
Open HSM.
Definition at line 44 of file hsm.c.
References ods_log_crit(), ods_log_error(), and ods_log_info().
Referenced by lhsm_check_connection(), and lhsm_reopen().
int lhsm_reopen | ( | const char * | filename | ) |
Reopen HSM.
[in] | filename | the configuration filename |
Reopen HSM.
Definition at line 69 of file hsm.c.
References lhsm_open(), and ods_log_warning().
ldns_rr* lhsm_sign | ( | hsm_ctx_t * | ctx, |
ldns_rr_list * | rrset, | ||
key_type * | key_id, | ||
ldns_rdf * | owner, | ||
time_t | inception, | ||
time_t | expiration | ||
) |
Get RRSIG from one of the HSMs, given a RRset and a key.
[in] | ctx | HSM context |
[in] | rrset | RRset to be signed |
[in] | key_id | key credentials |
[in] | owner | owner of the keys |
[in] | inception | signature inception |
[in] | expiration | signature expiration |
Get RRSIG from one of the HSMs, given a RRset and a key.
Definition at line 217 of file hsm.c.
References key_struct::algorithm, key_struct::dnskey, key_struct::flags, key_struct::hsmkey, key_struct::locator, ods_log_assert, ods_log_crit(), ods_log_deeebug(), ods_log_error(), and key_struct::params.
Referenced by rrset_sign().