upstream/knot-dns
1
0
Fork 0
mirror of https://gitlab.nic.cz/knot/knot-dns.git synced 2026-05-28 04:02:31 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

dnssec: allow params2dnskey() to be used with incomplete (i.e. trash) keys

Browse source
This commit is contained in:
David Vašek 2026-03-25 16:21:57 +01:00
parent 67ff9a6192
commit abfd3689bf
2 changed files with 25 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
src/knot/dnssec/kasp/kasp_zone.c
View file

@ -59,15 +59,20 @@ static int dnskey_guess_flags(dnssec_key_t *key, uint16_t keytag)
}
static int params2dnskey(const knot_dname_t *dname, key_params_t *params,
dnssec_key_t **key_ptr)
dnssec_key_t **key_ptr)
{
assert(dname);
assert(params);
assert(key_ptr);
int ret = key_params_check(params);
if (ret != KNOT_EOK) {
return ret;
const bool trash = (params->dname != NULL);
int ret;
if (!trash) {
// Trash keys don't contain pubkey data.
ret = key_params_check(params);
if (ret != KNOT_EOK) {
return ret;
}
}
dnssec_key_t *key = NULL;
@ -84,16 +89,18 @@ static int params2dnskey(const knot_dname_t *dname, key_params_t *params,
dnssec_key_set_algorithm(key, params->algorithm);
ret = dnssec_key_set_pubkey(key, &params->public_key);
if (ret != KNOT_EOK) {
dnssec_key_free(key);
return ret;
}
if (!trash) {
ret = dnssec_key_set_pubkey(key, &params->public_key);
if (ret != KNOT_EOK) {
dnssec_key_free(key);
return ret;
}
ret = dnskey_guess_flags(key, params->keytag);
if (ret != KNOT_EOK) {
dnssec_key_free(key);
return ret;
ret = dnskey_guess_flags(key, params->keytag);
if (ret != KNOT_EOK) {
dnssec_key_free(key);
return ret;
}
}
*key_ptr = key;
@ -101,8 +108,8 @@ static int params2dnskey(const knot_dname_t *dname, key_params_t *params,
return KNOT_EOK;
}
static int params2kaspkey(const knot_dname_t *dname, key_params_t *params,
knot_kasp_key_t *key)
int params2kaspkey(const knot_dname_t *dname, key_params_t *params,
knot_kasp_key_t *key)
{
assert(dname != NULL);
assert(params != NULL);

3
src/knot/dnssec/kasp/kasp_zone.h
View file

@ -19,6 +19,9 @@ typedef struct {
knot_time_t nsec3_salt_created;
} knot_kasp_zone_t;
int params2kaspkey(const knot_dname_t *dname, key_params_t *params,
knot_kasp_key_t *key);
int kasp_zone_load(knot_kasp_zone_t *zone,
const knot_dname_t *zone_name,
knot_lmdb_db_t *kdb,