diff --git a/lib/dns/include/dns/cert.h b/lib/dns/include/dns/cert.h new file mode 100644 index 0000000000..307beb14f3 --- /dev/null +++ b/lib/dns/include/dns/cert.h @@ -0,0 +1,55 @@ +/* + * Copyright (C) 1999 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS + * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE + * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL + * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR + * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS + * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS + * SOFTWARE. + */ + +#ifndef DNS_CERT_H +#define DNS_CERT_H 1 + +#include + +dns_result_t dns_cert_fromtext(dns_cert_t *certp, isc_textregion_t *source); +/* + * Convert the text 'source' refers to into a certificate type. + * + * Requires: + * 'certp' is a valid pointer. + * + * 'source' is a valid text region. + * + * Returns: + * DNS_R_SUCCESS on success + * DNS_R_UNKNOWN type is unknown + */ + +dns_result_t dns_cert_totext(dns_cert_t cert, isc_buffer_t *target); +/* + * Put a textual representation of certificate type 'cert' into 'target'. + * + * Requires: + * 'cert' is a valid cert. + * + * 'target' is a valid text buffer. + * + * Ensures: + * If the result is success: + * The used space in 'target' is updated. + * + * Returns: + * DNS_R_SUCCESS on success + * DNS_R_NOSPACE target buffer is too small + */ + +#endif /* DNS_CERT_H */ diff --git a/lib/dns/include/dns/rcode.h b/lib/dns/include/dns/rcode.h index e6ca90c724..ec70d73e45 100644 --- a/lib/dns/include/dns/rcode.h +++ b/lib/dns/include/dns/rcode.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 1998, 1999 Internet Software Consortium. + * Copyright (C) 1999 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above diff --git a/lib/dns/include/dns/secalg.h b/lib/dns/include/dns/secalg.h new file mode 100644 index 0000000000..41ea809c2b --- /dev/null +++ b/lib/dns/include/dns/secalg.h @@ -0,0 +1,57 @@ +/* + * Copyright (C) 1999 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS + * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE + * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL + * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR + * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS + * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS + * SOFTWARE. + */ + +#ifndef DNS_SECALG_H +#define DNS_SECALG_H 1 + +#include + +dns_result_t dns_secalg_fromtext(dns_secalg_t *secalgp, + isc_textregion_t *source); +/* + * Convert the text 'source' refers to into a DNSSEC security algorithm value. + * + * Requires: + * 'secalgp' is a valid pointer. + * + * 'source' is a valid text region. + * + * Returns: + * DNS_R_SUCCESS on success + * DNS_R_UNKNOWN type is unknown + */ + +dns_result_t dns_secalg_totext(dns_secalg_t secalg, isc_buffer_t *target); +/* + * Put a textual representation of the DNSSEC security algorithm 'secalg' + * into 'target'. + * + * Requires: + * 'secalg' is a valid secalg. + * + * 'target' is a valid text buffer. + * + * Ensures: + * If the result is success: + * The used space in 'target' is updated. + * + * Returns: + * DNS_R_SUCCESS on success + * DNS_R_NOSPACE target buffer is too small + */ + +#endif /* DNS_SECALG_H */ diff --git a/lib/dns/include/dns/types.h b/lib/dns/include/dns/types.h index c31da41605..61b579d6f7 100644 --- a/lib/dns/include/dns/types.h +++ b/lib/dns/include/dns/types.h @@ -39,8 +39,11 @@ typedef void dns_dbversion_t; typedef unsigned char dns_offsets_t[128]; typedef struct dns_compress dns_compress_t; typedef struct dns_decompress dns_decompress_t; +typedef isc_uint8_t dns_secalg_t; typedef isc_uint16_t dns_rdataclass_t; typedef isc_uint16_t dns_rdatatype_t; +typedef isc_uint16_t dns_rcode_t; +typedef isc_uint16_t dns_cert_t; typedef isc_uint32_t dns_ttl_t; typedef struct dns_rdata dns_rdata_t; typedef struct dns_rdatalist dns_rdatalist_t; @@ -78,7 +81,7 @@ enum { /* dns_rdataclass_any = 255 TSIG is class ANY specific */ } ; -typedef enum { +enum { /* standard rcodes */ dns_rcode_noerror = 0, dns_rcode_formerr = 1, @@ -96,6 +99,6 @@ typedef enum { dns_rcode_badkey = 17, dns_rcode_badtime = 18, dns_rcode_badmode = 19 -} dns_rcode_t; +}; #endif /* DNS_TYPES_H */ diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c index e60aa9c71d..bdcde0d6f4 100644 --- a/lib/dns/rdata.c +++ b/lib/dns/rdata.c @@ -15,7 +15,7 @@ * SOFTWARE. */ - /* $Id: rdata.c,v 1.25 1999/02/04 06:38:42 marka Exp $ */ + /* $Id: rdata.c,v 1.26 1999/02/05 00:05:44 marka Exp $ */ #include @@ -33,6 +33,8 @@ #include #include #include +#include +#include #define RETERR(x) do { \ dns_result_t __r = (x); \ @@ -127,13 +129,33 @@ static const char octdigits[] = "01234567"; { dns_rcode_badmode, "BADMODE", 0}, \ { 0, NULL, 0 } +#define CERTNAMES \ + { 1, "SKIX", 0}, \ + { 2, "SPKI", 0}, \ + { 3, "PGP", 0}, \ + { 253, "URI", 0}, \ + { 254, "OID", 0}, \ + { 0, NULL, 0} + +#define SECALGNAMES \ + { 1, "RSA/MD5", 0}, \ + { 2, "Diffie-Hellman", 0}, \ + { 3, "DSA", 0}, \ + { 4, "Ellyptic-Curve", 0}, \ + { 253, "Private/Domain", 0}, \ + { 254, "Private/OID", 0}, \ + { 0, NULL, 0} + + struct tbl { unsigned int value; char *name; int flags; } types[] = { TYPENAMES METATYPES {0, NULL, 0} }, classes[] = { CLASSNAMES METACLASSES { 0, NULL, 0} }, -rcodes[] = { RCODENAMES }; +rcodes[] = { RCODENAMES }, +certs[] = { CERTNAMES }, +secalgs[] = { SECALGNAMES }; /*** *** Initialization @@ -469,6 +491,70 @@ dns_rcode_totext(dns_rcode_t rcode, isc_buffer_t *target) { return (str_totext(buf, target)); } +dns_result_t +dns_cert_fromtext(dns_cert_t *certp, isc_textregion_t *source) { + int i = 0; + unsigned int n; + + while (certs[i].name != NULL) { + n = strlen(certs[i].name); + if (n == source->length && + strncasecmp(source->base, certs[i].name, n) == 0) { + *certp = certs[i].value; + return (DNS_R_SUCCESS); + } + i++; + } + return (DNS_R_UNKNOWN); +} + +dns_result_t +dns_cert_totext(dns_cert_t cert, isc_buffer_t *target) { + int i = 0; + char buf[sizeof "65000"]; + + while (certs[i].name != NULL) { + if (certs[i].value == cert) { + return (str_totext(certs[i].name, target)); + } + i++; + } + sprintf(buf, "%u", cert); + return (str_totext(buf, target)); +} + +dns_result_t +dns_secalg_fromtext(dns_secalg_t *secalgp, isc_textregion_t *source) { + int i = 0; + unsigned int n; + + while (secalgs[i].name != NULL) { + n = strlen(secalgs[i].name); + if (n == source->length && + strncasecmp(source->base, secalgs[i].name, n) == 0) { + *secalgp = secalgs[i].value; + return (DNS_R_SUCCESS); + } + i++; + } + return (DNS_R_UNKNOWN); +} + +dns_result_t +dns_secalg_totext(dns_secalg_t secalg, isc_buffer_t *target) { + int i = 0; + char buf[sizeof "65000"]; + + while (secalgs[i].name != NULL) { + if (secalgs[i].value == secalg) { + return (str_totext(secalgs[i].name, target)); + } + i++; + } + sprintf(buf, "%u", secalg); + return (str_totext(buf, target)); +} + /* Private function */ static unsigned int diff --git a/lib/dns/rdata/generic/cert_37.c b/lib/dns/rdata/generic/cert_37.c index 630ef5bf17..87311c36aa 100644 --- a/lib/dns/rdata/generic/cert_37.c +++ b/lib/dns/rdata/generic/cert_37.c @@ -15,7 +15,7 @@ * SOFTWARE. */ - /* $Id: cert_37.c,v 1.3 1999/02/04 00:03:29 marka Exp $ */ + /* $Id: cert_37.c,v 1.4 1999/02/05 00:05:46 marka Exp $ */ /* draft-ietf-dnssec-certs-04.txt */ @@ -29,8 +29,9 @@ fromtext_cert(dns_rdataclass_t class, dns_rdatatype_t type, { isc_token_t token; long n; - unsigned char c; + dns_secalg_t secalg; char *e; + dns_cert_t cert; REQUIRE(type == 37); @@ -42,13 +43,13 @@ fromtext_cert(dns_rdataclass_t class, dns_rdatatype_t type, RETERR(gettoken(lexer, &token, isc_tokentype_string, ISC_FALSE)); n = strtol(token.value.as_pointer, &e, 10); if (*e != 0) { - return (DNS_R_NOTIMPLEMENTED); + RETERR(dns_cert_fromtext(&cert, &token.value.as_textregion)); } else { if (n < 0 || n > 0xffff) return (DNS_R_RANGE); - c = n; + cert = n; } - RETERR(uint16_tobuffer(n, target)); + RETERR(uint16_tobuffer(cert, target)); /* key tag */ RETERR(gettoken(lexer, &token, isc_tokentype_number, ISC_FALSE)); @@ -60,13 +61,13 @@ fromtext_cert(dns_rdataclass_t class, dns_rdatatype_t type, RETERR(gettoken(lexer, &token, isc_tokentype_string, ISC_FALSE)); n = strtol(token.value.as_pointer, &e, 10); if (*e != 0) { - return (DNS_R_NOTIMPLEMENTED); + RETERR(dns_secalg_fromtext(&secalg, &token.value.as_textregion)); } else { if (n < 0 || n > 0xff) return (DNS_R_RANGE); - c = n; + secalg = n; } - RETERR(mem_tobuffer(target, &c, 1)); + RETERR(mem_tobuffer(target, &secalg, 1)); return (base64_tobuffer(lexer, target, -1)); } @@ -86,8 +87,7 @@ totext_cert(dns_rdata_t *rdata, dns_name_t *origin, isc_buffer_t *target) { /* type */ n = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, "%u", n); - RETERR(str_totext(buf, target)); + RETERR(dns_cert_totext(n, target)); RETERR(str_totext(" ", target)); /* key tag */ @@ -98,10 +98,9 @@ totext_cert(dns_rdata_t *rdata, dns_name_t *origin, isc_buffer_t *target) { RETERR(str_totext(" ", target)); /* algorithm */ - sprintf(buf, "%u", sr.base[0]); - isc_region_consume(&sr, 1); - RETERR(str_totext(buf, target)); + RETERR(dns_secalg_totext(sr.base[0], target)); RETERR(str_totext(" ", target)); + isc_region_consume(&sr, 1); /* cert */ return (base64_totext(&sr, target)); diff --git a/lib/dns/rdata/generic/cert_37.h b/lib/dns/rdata/generic/cert_37.h index e8deda9dc4..3ade847f8f 100644 --- a/lib/dns/rdata/generic/cert_37.h +++ b/lib/dns/rdata/generic/cert_37.h @@ -15,7 +15,7 @@ * SOFTWARE. */ - /* $Id: cert_37.h,v 1.3 1999/02/04 00:03:29 marka Exp $ */ + /* $Id: cert_37.h,v 1.4 1999/02/05 00:05:46 marka Exp $ */ /* draft-ietf-dnssec-certs-04.txt */ @@ -29,8 +29,9 @@ fromtext_cert(dns_rdataclass_t class, dns_rdatatype_t type, { isc_token_t token; long n; - unsigned char c; + dns_secalg_t secalg; char *e; + dns_cert_t cert; REQUIRE(type == 37); @@ -42,13 +43,13 @@ fromtext_cert(dns_rdataclass_t class, dns_rdatatype_t type, RETERR(gettoken(lexer, &token, isc_tokentype_string, ISC_FALSE)); n = strtol(token.value.as_pointer, &e, 10); if (*e != 0) { - return (DNS_R_NOTIMPLEMENTED); + RETERR(dns_cert_fromtext(&cert, &token.value.as_textregion)); } else { if (n < 0 || n > 0xffff) return (DNS_R_RANGE); - c = n; + cert = n; } - RETERR(uint16_tobuffer(n, target)); + RETERR(uint16_tobuffer(cert, target)); /* key tag */ RETERR(gettoken(lexer, &token, isc_tokentype_number, ISC_FALSE)); @@ -60,13 +61,13 @@ fromtext_cert(dns_rdataclass_t class, dns_rdatatype_t type, RETERR(gettoken(lexer, &token, isc_tokentype_string, ISC_FALSE)); n = strtol(token.value.as_pointer, &e, 10); if (*e != 0) { - return (DNS_R_NOTIMPLEMENTED); + RETERR(dns_secalg_fromtext(&secalg, &token.value.as_textregion)); } else { if (n < 0 || n > 0xff) return (DNS_R_RANGE); - c = n; + secalg = n; } - RETERR(mem_tobuffer(target, &c, 1)); + RETERR(mem_tobuffer(target, &secalg, 1)); return (base64_tobuffer(lexer, target, -1)); } @@ -86,8 +87,7 @@ totext_cert(dns_rdata_t *rdata, dns_name_t *origin, isc_buffer_t *target) { /* type */ n = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, "%u", n); - RETERR(str_totext(buf, target)); + RETERR(dns_cert_totext(n, target)); RETERR(str_totext(" ", target)); /* key tag */ @@ -98,10 +98,9 @@ totext_cert(dns_rdata_t *rdata, dns_name_t *origin, isc_buffer_t *target) { RETERR(str_totext(" ", target)); /* algorithm */ - sprintf(buf, "%u", sr.base[0]); - isc_region_consume(&sr, 1); - RETERR(str_totext(buf, target)); + RETERR(dns_secalg_totext(sr.base[0], target)); RETERR(str_totext(" ", target)); + isc_region_consume(&sr, 1); /* cert */ return (base64_totext(&sr, target));