25#if LDNS_BUILD_CONFIG_HAVE_SSL
26#include <openssl/ssl.h>
37#define LDNS_KEY_ZONE_KEY 0x0100
38#define LDNS_KEY_SEP_KEY 0x0001
39#define LDNS_KEY_REVOKE_KEY 0x0080
48#if LDNS_BUILD_CONFIG_USE_DSA
53#if LDNS_BUILD_CONFIG_USE_DSA
62#if LDNS_BUILD_CONFIG_USE_ED25519
65#if LDNS_BUILD_CONFIG_USE_ED448
93#if LDNS_BUILD_CONFIG_USE_DSA
99#if LDNS_BUILD_CONFIG_USE_DSA
105#if LDNS_BUILD_CONFIG_USE_ED25519
108#if LDNS_BUILD_CONFIG_USE_ED448
137#if LDNS_BUILD_CONFIG_HAVE_SSL
234#if LDNS_BUILD_CONFIG_HAVE_SSL
260# if LDNS_BUILD_CONFIG_USE_DSA
309#if LDNS_BUILD_CONFIG_HAVE_SSL
325# if LDNS_BUILD_CONFIG_USE_DSA
343# if LDNS_BUILD_CONFIG_USE_DSA
455#if LDNS_BUILD_CONFIG_HAVE_SSL
469# if LDNS_BUILD_CONFIG_USE_DSA
Common definitions for LDNS.
enum ldns_enum_status ldns_status
void ldns_key_list_set_key_count(ldns_key_list *key, size_t count)
Set the keylist's key count to count.
uint32_t ldns_key_expiration(const ldns_key *k)
return the key's expiration date
ldns_key * ldns_key_list_pop_key(ldns_key_list *key_list)
pops the last rr from a keylist
void ldns_key_list_free(ldns_key_list *key_list)
Frees a key list structure.
bool ldns_key_list_push_key(ldns_key_list *key_list, ldns_key *key)
pushes a key to a keylist
ldns_signing_algorithm ldns_get_signing_algorithm_by_name(const char *name)
Get signing algorithm by name.
int ldns_key_algo_supported(int algo)
See if a key algorithm is supported.
ldns_status ldns_key_new_frm_fp_l(ldns_key **k, FILE *fp, int *line_nr)
Creates a new private key based on the contents of the file pointed by fp.
void ldns_key_set_expiration(ldns_key *k, uint32_t e)
Set the key's expiration date (seconds after epoch)
RSA * ldns_key_rsa_key(const ldns_key *k)
returns the (openssl) RSA struct contained in the key
ldns_status ldns_key_new_frm_fp(ldns_key **k, FILE *fp)
Creates a new priv key based on the contents of the file pointed by fp.
void ldns_key_set_hmac_key(ldns_key *k, unsigned char *hmac)
Set the key's hmac data.
void ldns_key_set_dsa_key(ldns_key *k, DSA *d)
Set the key's dsa data The dsa data should be freed by the user.
EVP_PKEY * ldns_key_evp_key(const ldns_key *k)
returns the (openssl) EVP struct contained in the key
unsigned char * ldns_key_new_frm_fp_hmac_l(FILE *fp, int *line_nr, size_t *hmac_size)
frm_fp helper function.
void ldns_key_set_use(ldns_key *k, bool v)
set the use flag
ldns_key_list * ldns_key_list_new(void)
Creates a new empty key list.
DSA * ldns_key_new_frm_fp_dsa_l(FILE *fp, int *line_nr)
frm_fp helper function.
void ldns_key_list_set_use(ldns_key_list *keys, bool v)
Set the 'use' flag for all keys in the list.
ldns_status ldns_key_new_frm_engine(ldns_key **key, ENGINE *e, char *key_id, ldns_algorithm)
Read the key with the given id from the given engine and store it in the given ldns_key structure.
ldns_key * ldns_key_new_frm_algorithm(ldns_signing_algorithm a, uint16_t size)
Creates a new key based on the algorithm.
void ldns_key_set_pubkey_owner(ldns_key *k, ldns_rdf *r)
Set the key's pubkey owner.
char * ldns_key_get_file_base_name(const ldns_key *key)
Returns the 'default base name' for key files; IE.
unsigned char * ldns_key_new_frm_fp_hmac(FILE *fp, size_t *hmac_size)
frm_fp helper function.
void ldns_key_EVP_unload_gost(void)
Release the engine reference held for the GOST engine.
uint32_t ldns_key_origttl(const ldns_key *k)
return the original ttl of the key
int ldns_key_EVP_load_gost_id(void)
Get the PKEY id for GOST, loads GOST into openssl as a side effect.
ldns_key * ldns_key_new(void)
Creates a new empty key structure.
ldns_enum_algorithm
Algorithms used in dns.
void ldns_key_print(FILE *output, const ldns_key *k)
print a private key to the file output
enum ldns_enum_signing_algorithm ldns_signing_algorithm
void ldns_key_assign_dsa_key(ldns_key *k, DSA *d)
Assign the key's dsa data The dsa data will be freed automatically when the key is freed.
ldns_key * ldns_key_list_key(const ldns_key_list *key, size_t nr)
returns a pointer to the key in the list at the given position
size_t ldns_key_hmac_size(const ldns_key *k)
return the hmac key size
DSA * ldns_key_dsa_key(const ldns_key *k)
returns the (openssl) DSA struct contained in the key
RSA * ldns_key_new_frm_fp_rsa_l(FILE *fp, int *line_nr)
frm_fp helper function.
uint16_t ldns_key_keytag(const ldns_key *k)
return the keytag
void ldns_key_set_origttl(ldns_key *k, uint32_t t)
Set the key's original ttl.
ldns_signing_algorithm ldns_key_algorithm(const ldns_key *k)
return the signing alg of the key
void ldns_key_set_evp_key(ldns_key *k, EVP_PKEY *e)
Set the key's evp key.
void ldns_key_set_keytag(ldns_key *k, uint16_t tag)
Set the key's key tag.
ldns_rr * ldns_key2rr(const ldns_key *k)
converts a ldns_key to a public key rr If the key data exists at an external point,...
void ldns_key_set_flags(ldns_key *k, uint16_t flags)
Set the key's flags.
void ldns_key_set_external_key(ldns_key *key, void *external_key)
Set the key id data.
void ldns_key_free(ldns_key *key)
frees a key structure, but not its internal data structures
ldns_enum_signing_algorithm
Algorithms used in dns for signing.
@ LDNS_SIGN_ECDSAP256SHA256
@ LDNS_SIGN_RSASHA1_NSEC3
@ LDNS_SIGN_ECDSAP384SHA384
uint32_t ldns_key_inception(const ldns_key *k)
return the key's inception date
ldns_rdf * ldns_key_pubkey_owner(const ldns_key *k)
return the public key's owner
enum ldns_enum_hash ldns_hash
void ldns_key_set_hmac_size(ldns_key *k, size_t hmac_size)
Set the key's hmac size.
unsigned char * ldns_key_hmac_key(const ldns_key *k)
return the hmac key data
ldns_lookup_table ldns_signing_algorithms[]
void * ldns_key_external_key(const ldns_key *k)
return the key id key data
ldns_enum_hash
Hashing algorithms used in the DS record.
ldns_rr * ldns_read_anchor_file(const char *filename)
Instantiates a DNSKEY or DS RR from file.
uint16_t ldns_key_flags(const ldns_key *k)
return the flag of the key
void ldns_key_set_algorithm(ldns_key *k, ldns_signing_algorithm l)
Set the key's algorithm.
void ldns_key_assign_rsa_key(ldns_key *k, RSA *r)
Assign the key's rsa data The rsa data will be freed automatically when the key is freed.
size_t ldns_key_list_key_count(const ldns_key_list *key_list)
returns the number of keys in the key list
RSA * ldns_key_new_frm_fp_rsa(FILE *fp)
frm_fp helper function.
void ldns_key_set_rsa_key(ldns_key *k, RSA *r)
Set the key's rsa data.
void ldns_key_deep_free(ldns_key *key)
frees a key structure and all its internal data structures, except the data set by ldns_key_set_exter...
void ldns_key_set_inception(ldns_key *k, uint32_t i)
Set the key's inception date (seconds after epoch)
enum ldns_enum_algorithm ldns_algorithm
DSA * ldns_key_new_frm_fp_dsa(FILE *fp)
frm_fp helper function.
bool ldns_key_use(const ldns_key *k)
return the use flag
Same as rr_list, but now for keys.
General key structure, can contain all types of keys that are used in DNSSEC.
uint32_t inception
The inception date of signatures made with this key.
struct ldns_struct_key::@1::@3 dnssec
Some values that influence generated signatures.
uint16_t keytag
The keytag of this key.
struct ldns_struct_key::@0::@2 hmac
The key can be an HMAC key.
uint32_t expiration
The expiration date of signatures made with this key.
bool _use
Whether to use this key when signing.
ldns_rdf * _pubkey_owner
Owner name of the key.
ldns_signing_algorithm _alg
union ldns_struct_key::@1 _extra
Depending on the key we can have extra data.
void * external_key
the key structure can also just point to some external key data
uint16_t flags
The dnssec key flags as specified in RFC4035, like ZSK and KSK.
uint32_t orig_ttl
The TTL of the rrset that is currently signed.
struct ldns_struct_key::@0 _key
Storage pointers for the types of keys supported.
A general purpose lookup table.
Resource record data field.
1.11.0