OpenDNSSEC-signer  1.4.6
nsec3params.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2009 NLNet Labs. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  * notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  * notice, this list of conditions and the following disclaimer in the
11  * documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
15  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
17  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
19  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
21  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
22  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
23  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  *
25  */
26 
32 #include "shared/allocator.h"
33 #include "shared/log.h"
34 #include "shared/util.h"
35 #include "signer/backup.h"
36 #include "signer/nsec3params.h"
37 #include "signer/signconf.h"
38 
39 #include <ctype.h>
40 #include <ldns/ldns.h>
41 #include <stdlib.h>
42 #include <string.h>
43 
44 static const char* nsec3_str = "nsec3";
45 
46 
52 nsec3params_create_salt(const char* salt_str, uint8_t* salt_len,
53  uint8_t** salt)
54 {
55  uint8_t c;
56  uint8_t* salt_tmp;
57 
58  if (!salt_str) {
59  *salt_len = 0;
60  *salt = NULL;
61  return ODS_STATUS_OK;
62  }
63  *salt_len = (uint8_t) strlen(salt_str);
64  if (*salt_len == 1 && salt_str[0] == '-') {
65  *salt_len = 0;
66  *salt = NULL;
67  return ODS_STATUS_OK;
68  } else if (*salt_len % 2 != 0) {
69  ods_log_error("[%s] invalid salt %s", nsec3_str, salt_str);
70  *salt = NULL;
71  return ODS_STATUS_ERR;
72  }
73  /* construct salt data */
74  salt_tmp = (uint8_t*) calloc(*salt_len / 2, sizeof(uint8_t));
75  if (!salt_tmp) {
76  ods_log_error("[%s] construct salt data for %s failed", nsec3_str,
77  salt_str);
78  *salt = NULL;
79  return ODS_STATUS_MALLOC_ERR;
80  }
81  for (c = 0; c < *salt_len; c += 2) {
82  if (isxdigit((int) salt_str[c]) && isxdigit((int) salt_str[c+1])) {
83  salt_tmp[c/2] = (uint8_t) ldns_hexdigit_to_int(salt_str[c]) * 16 +
84  ldns_hexdigit_to_int(salt_str[c+1]);
85  } else {
86  ods_log_error("[%s] invalid salt %s", nsec3_str, salt_str);
87  free((void*)salt_tmp);
88  *salt = NULL;
89  return ODS_STATUS_ERR;
90  }
91  }
92  *salt_len = *salt_len / 2; /* update length */
93  *salt = salt_tmp;
94  return ODS_STATUS_OK;
95 }
96 
97 
103 nsec3params_create(void* sc, uint8_t algo, uint8_t flags, uint16_t iter,
104  const char* salt)
105 {
106  nsec3params_type* nsec3params = NULL;
107  signconf_type* signconf = (signconf_type*) sc;
108  uint8_t salt_len; /* calculate salt len */
109  uint8_t* salt_data; /* calculate salt data */
110 
111  if (!sc) {
112  return NULL;
113  }
114  nsec3params = (nsec3params_type*) allocator_alloc(signconf->allocator,
115  sizeof(nsec3params_type));
116  if (!nsec3params) {
117  ods_log_error("[%s] unable to create: allocator_alloc() failed",
118  nsec3_str);
119  return NULL;
120  }
121  nsec3params->sc = sc;
122  nsec3params->algorithm = algo;
123  nsec3params->flags = flags;
124  nsec3params->iterations = iter;
125  /* construct the salt from the string */
126  if (nsec3params_create_salt(salt, &salt_len, &salt_data) != 0) {
127  ods_log_error("[%s] unable to create: create salt failed", nsec3_str);
128  allocator_deallocate(signconf->allocator, (void*)nsec3params);
129  return NULL;
130  }
131  nsec3params->salt_len = salt_len;
132  nsec3params->salt_data = salt_data;
133  nsec3params->rr = NULL;
134  return nsec3params;
135 }
136 
137 
142 void
143 nsec3params_backup(FILE* fd, uint8_t algo, uint8_t flags,
144  uint16_t iter, const char* salt, ldns_rr* rr, const char* version)
145 {
146  if (!fd) {
147  return;
148  }
149  fprintf(fd, ";;Nsec3parameters: salt %s algorithm %u optout %u "
150  "iterations %u\n", salt?salt:"-", (unsigned) algo,
151  (unsigned) flags, (unsigned) iter);
152  if (strcmp(version, ODS_SE_FILE_MAGIC_V2) == 0) {
153  if (rr) {
154  (void)util_rr_print(fd, rr);
155  }
156  fprintf(fd, ";;Nsec3done\n");
157  fprintf(fd, ";;\n");
158  }
159  return;
160 }
161 
162 
167 const char*
169 {
170  uint8_t *data;
171  uint8_t salt_length = 0;
172  uint8_t salt_pos = 0;
173  int written = 0;
174  char* str = NULL;
175  ldns_buffer* buffer = NULL;
176 
177  salt_length = nsec3params->salt_len;
178  data = nsec3params->salt_data;
179  /* from now there are variable length entries so remember pos */
180  if (salt_length == 0) {
181  buffer = ldns_buffer_new(2);
182  written = ldns_buffer_printf(buffer, "-");
183  } else {
184  buffer = ldns_buffer_new(salt_pos+1);
185  for (salt_pos = 0; salt_pos < salt_length; salt_pos++) {
186  written = ldns_buffer_printf(buffer, "%02x", data[salt_pos]);
187  }
188  }
189  if (ldns_buffer_status(buffer) == LDNS_STATUS_OK) {
190  str = ldns_buffer2str(buffer);
191  } else if (written) {
192  ods_log_error("[%s] unable to convert nsec3 salt to string: %s",
193  nsec3_str, ldns_get_errorstr_by_id(ldns_buffer_status(buffer)));
194  } else {
195  ods_log_error("[%s] unable to convert nsec3 salt to string: zero "
196  "bytes written", nsec3_str);
197  }
198  ldns_buffer_free(buffer);
199  return (const char*) str;
200 }
201 
202 
207 void
209 {
210  signconf_type* sc = NULL;
211  if (!nsec3params) {
212  return;
213  }
214  sc = (signconf_type*) nsec3params->sc;
215  allocator_deallocate(sc->allocator, (void*) nsec3params->salt_data);
216  allocator_deallocate(sc->allocator, (void*) nsec3params);
217  return;
218 }
void * allocator_alloc(allocator_type *allocator, size_t size)
Definition: allocator.c:66
uint16_t iterations
Definition: nsec3params.h:57
enum ods_enum_status ods_status
Definition: status.h:90
void ods_log_error(const char *format,...)
Definition: log.c:334
void nsec3params_backup(FILE *fd, uint8_t algo, uint8_t flags, uint16_t iter, const char *salt, ldns_rr *rr, const char *version)
Definition: nsec3params.c:143
ods_status util_rr_print(FILE *fd, const ldns_rr *rr)
Definition: util.c:378
const char * nsec3params_salt2str(nsec3params_type *nsec3params)
Definition: nsec3params.c:168
nsec3params_type * nsec3params_create(void *sc, uint8_t algo, uint8_t flags, uint16_t iter, const char *salt)
Definition: nsec3params.c:103
ods_status nsec3params_create_salt(const char *salt_str, uint8_t *salt_len, uint8_t **salt)
Definition: nsec3params.c:52
uint8_t * salt_data
Definition: nsec3params.h:59
allocator_type * allocator
Definition: signconf.h:53
void allocator_deallocate(allocator_type *allocator, void *data)
Definition: allocator.c:135
void nsec3params_cleanup(nsec3params_type *nsec3params)
Definition: nsec3params.c:208