diff options
Diffstat (limited to 'testcode/signit.c')
-rw-r--r-- | testcode/signit.c | 180 |
1 files changed, 107 insertions, 73 deletions
diff --git a/testcode/signit.c b/testcode/signit.c index 49256e707d31..719687b8bd93 100644 --- a/testcode/signit.c +++ b/testcode/signit.c @@ -21,16 +21,16 @@ * specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED - * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ /** @@ -41,9 +41,9 @@ */ #include "config.h" #include <ldns/ldns.h> -#include "util/log.h" -#include "util/config_file.h" -#include "util/net_help.h" +#include <assert.h> + +#define DNSKEY_BIT_ZSK 0x0100 /** * Key settings @@ -74,26 +74,61 @@ usage() exit(1); } +static time_t +convert_timeval(const char* str) +{ + time_t t; + struct tm tm; + memset(&tm, 0, sizeof(tm)); + if(strlen(str) < 14) + return 0; + if(sscanf(str, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon, + &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) != 6) + return 0; + tm.tm_year -= 1900; + tm.tm_mon--; + /* Check values */ + if (tm.tm_year < 70) return 0; + if (tm.tm_mon < 0 || tm.tm_mon > 11) return 0; + if (tm.tm_mday < 1 || tm.tm_mday > 31) return 0; + if (tm.tm_hour < 0 || tm.tm_hour > 23) return 0; + if (tm.tm_min < 0 || tm.tm_min > 59) return 0; + if (tm.tm_sec < 0 || tm.tm_sec > 59) return 0; + /* call ldns conversion function */ + t = sldns_mktime_from_utc(&tm); + return t; +} + +static void fatal_exit(const char* format, ...) +{ + va_list args; + va_start(args, format); + printf("fatal exit: "); + vprintf(format, args); + va_end(args); + exit(1); +} + /** read expi ince keytag owner from cmdline */ static void parse_cmdline(char *argv[], struct keysets* s) { - s->expi = cfg_convert_timeval(argv[1]); - s->incep = cfg_convert_timeval(argv[2]); + s->expi = convert_timeval(argv[1]); + s->incep = convert_timeval(argv[2]); s->keytag = (uint16_t)atoi(argv[3]); s->owner = argv[4]; s->flags = DNSKEY_BIT_ZSK; /* to enforce signing */ } /** read all key files, exit on error */ -static ldns_key_list* +static sldns_key_list* read_keys(int num, char* names[], struct keysets* set) { int i; - ldns_key_list* keys = ldns_key_list_new(); - ldns_key* k; - ldns_rdf* rdf; - ldns_status s; + sldns_key_list* keys = sldns_key_list_new(); + sldns_key* k; + sldns_rdf* rdf; + sldns_status s; int b; FILE* in; @@ -103,45 +138,45 @@ read_keys(int num, char* names[], struct keysets* set) in = fopen(names[i], "r"); if(!in) fatal_exit("could not open %s: %s", names[i], strerror(errno)); - s = ldns_key_new_frm_fp(&k, in); + s = sldns_key_new_frm_fp(&k, in); fclose(in); if(s != LDNS_STATUS_OK) fatal_exit("bad keyfile %s: %s", names[i], - ldns_get_errorstr_by_id(s)); - ldns_key_set_expiration(k, set->expi); - ldns_key_set_inception(k, set->incep); - s = ldns_str2rdf_dname(&rdf, set->owner); + sldns_get_errorstr_by_id(s)); + sldns_key_set_expiration(k, set->expi); + sldns_key_set_inception(k, set->incep); + s = sldns_str2rdf_dname(&rdf, set->owner); if(s != LDNS_STATUS_OK) fatal_exit("bad owner name %s: %s", set->owner, - ldns_get_errorstr_by_id(s)); - ldns_key_set_pubkey_owner(k, rdf); - ldns_key_set_flags(k, set->flags); - ldns_key_set_keytag(k, set->keytag); - b = ldns_key_list_push_key(keys, k); - log_assert(b); + sldns_get_errorstr_by_id(s)); + sldns_key_set_pubkey_owner(k, rdf); + sldns_key_set_flags(k, set->flags); + sldns_key_set_keytag(k, set->keytag); + b = sldns_key_list_push_key(keys, k); + assert(b); } return keys; } /** read list of rrs from the file */ -static ldns_rr_list* +static sldns_rr_list* read_rrs(FILE* in) { uint32_t my_ttl = 3600; - ldns_rdf *my_origin = NULL; - ldns_rdf *my_prev = NULL; - ldns_status s; + sldns_rdf *my_origin = NULL; + sldns_rdf *my_prev = NULL; + sldns_status s; int line_nr = 1; int b; - ldns_rr_list* list; - ldns_rr *rr; + sldns_rr_list* list; + sldns_rr *rr; - list = ldns_rr_list_new(); + list = sldns_rr_list_new(); if(!list) fatal_exit("alloc error"); while(!feof(in)) { - s = ldns_rr_new_frm_fp_l(&rr, in, &my_ttl, &my_origin, + s = sldns_rr_new_frm_fp_l(&rr, in, &my_ttl, &my_origin, &my_prev, &line_nr); if(s == LDNS_STATUS_SYNTAX_TTL || s == LDNS_STATUS_SYNTAX_ORIGIN || @@ -149,9 +184,9 @@ read_rrs(FILE* in) continue; else if(s != LDNS_STATUS_OK) fatal_exit("parse error in line %d: %s", line_nr, - ldns_get_errorstr_by_id(s)); - b = ldns_rr_list_push_rr(list, rr); - log_assert(b); + sldns_get_errorstr_by_id(s)); + b = sldns_rr_list_push_rr(list, rr); + assert(b); } printf("read %d lines\n", line_nr); @@ -160,21 +195,21 @@ read_rrs(FILE* in) /** sign the rrs with the keys */ static void -signit(ldns_rr_list* rrs, ldns_key_list* keys) +signit(sldns_rr_list* rrs, sldns_key_list* keys) { - ldns_rr_list* rrset; - ldns_rr_list* sigs; + sldns_rr_list* rrset; + sldns_rr_list* sigs; - while(ldns_rr_list_rr_count(rrs) > 0) { - rrset = ldns_rr_list_pop_rrset(rrs); + while(sldns_rr_list_rr_count(rrs) > 0) { + rrset = sldns_rr_list_pop_rrset(rrs); if(!rrset) fatal_exit("copy alloc failure"); - sigs = ldns_sign_public(rrset, keys); + sigs = sldns_sign_public(rrset, keys); if(!sigs) fatal_exit("failed to sign"); - ldns_rr_list_print(stdout, rrset); - ldns_rr_list_print(stdout, sigs); + sldns_rr_list_print(stdout, rrset); + sldns_rr_list_print(stdout, sigs); printf("\n"); - ldns_rr_list_free(rrset); - ldns_rr_list_free(sigs); + sldns_rr_list_free(rrset); + sldns_rr_list_free(sigs); } } @@ -182,18 +217,18 @@ signit(ldns_rr_list* rrs, ldns_key_list* keys) static void process_keys(int argc, char* argv[]) { - ldns_rr_list* rrs; - ldns_key_list* keys; + sldns_rr_list* rrs; + sldns_key_list* keys; struct keysets settings; - log_assert(argc == 6); + assert(argc == 6); parse_cmdline(argv, &settings); keys = read_keys(1, argv+5, &settings); rrs = read_rrs(stdin); signit(rrs, keys); - ldns_rr_list_deep_free(rrs); - ldns_key_list_free(keys); + sldns_rr_list_deep_free(rrs); + sldns_key_list_free(keys); } /** process nsec3 params and perform hashing */ @@ -201,43 +236,42 @@ static void process_nsec3(int argc, char* argv[]) { char line[10240]; - ldns_rdf* salt; - ldns_rdf* in, *out; - ldns_status status; - status = ldns_str2rdf_nsec3_salt(&salt, argv[5]); + sldns_rdf* salt; + sldns_rdf* in, *out; + sldns_status status; + status = sldns_str2rdf_nsec3_salt(&salt, argv[5]); if(status != LDNS_STATUS_OK) fatal_exit("Could not parse salt %s: %s", argv[5], - ldns_get_errorstr_by_id(status)); - log_assert(argc == 6); + sldns_get_errorstr_by_id(status)); + assert(argc == 6); while(fgets(line, (int)sizeof(line), stdin)) { if(strlen(line) > 0) line[strlen(line)-1] = 0; /* remove trailing newline */ if(line[0]==0) continue; - status = ldns_str2rdf_dname(&in, line); + status = sldns_str2rdf_dname(&in, line); if(status != LDNS_STATUS_OK) fatal_exit("Could not parse name %s: %s", line, - ldns_get_errorstr_by_id(status)); - ldns_rdf_print(stdout, in); + sldns_get_errorstr_by_id(status)); + sldns_rdf_print(stdout, in); printf(" -> "); /* arg 3 is flags, unused */ - out = ldns_nsec3_hash_name(in, (uint8_t)atoi(argv[2]), + out = sldns_nsec3_hash_name(in, (uint8_t)atoi(argv[2]), (uint16_t)atoi(argv[4]), - ldns_rdf_data(salt)[0], ldns_rdf_data(salt)+1); + sldns_rdf_data(salt)[0], sldns_rdf_data(salt)+1); if(!out) fatal_exit("Could not hash %s", line); - ldns_rdf_print(stdout, out); + sldns_rdf_print(stdout, out); printf("\n"); - ldns_rdf_deep_free(in); - ldns_rdf_deep_free(out); + sldns_rdf_deep_free(in); + sldns_rdf_deep_free(out); } - ldns_rdf_deep_free(salt); + sldns_rdf_deep_free(salt); } /** main program */ int main(int argc, char* argv[]) { - log_init(NULL, 0, NULL); if(argc != 6) { usage(); } |