diff options
Diffstat (limited to 'contrib/bind9/lib/dns/hmac_link.c')
| -rw-r--r-- | contrib/bind9/lib/dns/hmac_link.c | 337 |
1 files changed, 178 insertions, 159 deletions
diff --git a/contrib/bind9/lib/dns/hmac_link.c b/contrib/bind9/lib/dns/hmac_link.c index 9655c89..fce98d7 100644 --- a/contrib/bind9/lib/dns/hmac_link.c +++ b/contrib/bind9/lib/dns/hmac_link.c @@ -1,9 +1,22 @@ /* - * Portions Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 1999-2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS + * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE + * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR + * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * * Portions Copyright (C) 1995-2000 by Network Associates, Inc. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -18,7 +31,7 @@ /* * Principal Author: Brian Wellington - * $Id: hmac_link.c,v 1.1.6.5 2006/01/27 23:57:44 marka Exp $ + * $Id: hmac_link.c,v 1.11 2008/04/01 23:47:10 tbox Exp $ */ #include <config.h> @@ -43,9 +56,9 @@ static isc_result_t hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data); -typedef struct hmackey { +struct dst_hmacmd5_key { unsigned char key[HMAC_LEN]; -} HMAC_Key; +}; static isc_result_t getkeybits(dst_key_t *key, struct dst_private_element *element) { @@ -61,30 +74,30 @@ getkeybits(dst_key_t *key, struct dst_private_element *element) { static isc_result_t hmacmd5_createctx(dst_key_t *key, dst_context_t *dctx) { isc_hmacmd5_t *hmacmd5ctx; - HMAC_Key *hkey = key->opaque; + dst_hmacmd5_key_t *hkey = key->keydata.hmacmd5; hmacmd5ctx = isc_mem_get(dctx->mctx, sizeof(isc_hmacmd5_t)); if (hmacmd5ctx == NULL) return (ISC_R_NOMEMORY); isc_hmacmd5_init(hmacmd5ctx, hkey->key, HMAC_LEN); - dctx->opaque = hmacmd5ctx; + dctx->ctxdata.hmacmd5ctx = hmacmd5ctx; return (ISC_R_SUCCESS); } static void hmacmd5_destroyctx(dst_context_t *dctx) { - isc_hmacmd5_t *hmacmd5ctx = dctx->opaque; + isc_hmacmd5_t *hmacmd5ctx = dctx->ctxdata.hmacmd5ctx; if (hmacmd5ctx != NULL) { isc_hmacmd5_invalidate(hmacmd5ctx); isc_mem_put(dctx->mctx, hmacmd5ctx, sizeof(isc_hmacmd5_t)); - dctx->opaque = NULL; + dctx->ctxdata.hmacmd5ctx = NULL; } } static isc_result_t hmacmd5_adddata(dst_context_t *dctx, const isc_region_t *data) { - isc_hmacmd5_t *hmacmd5ctx = dctx->opaque; + isc_hmacmd5_t *hmacmd5ctx = dctx->ctxdata.hmacmd5ctx; isc_hmacmd5_update(hmacmd5ctx, data->base, data->length); return (ISC_R_SUCCESS); @@ -92,7 +105,7 @@ hmacmd5_adddata(dst_context_t *dctx, const isc_region_t *data) { static isc_result_t hmacmd5_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_hmacmd5_t *hmacmd5ctx = dctx->opaque; + isc_hmacmd5_t *hmacmd5ctx = dctx->ctxdata.hmacmd5ctx; unsigned char *digest; if (isc_buffer_availablelength(sig) < ISC_MD5_DIGESTLENGTH) @@ -106,7 +119,7 @@ hmacmd5_sign(dst_context_t *dctx, isc_buffer_t *sig) { static isc_result_t hmacmd5_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_hmacmd5_t *hmacmd5ctx = dctx->opaque; + isc_hmacmd5_t *hmacmd5ctx = dctx->ctxdata.hmacmd5ctx; if (sig->length > ISC_MD5_DIGESTLENGTH) return (DST_R_VERIFYFAILURE); @@ -119,10 +132,10 @@ hmacmd5_verify(dst_context_t *dctx, const isc_region_t *sig) { static isc_boolean_t hmacmd5_compare(const dst_key_t *key1, const dst_key_t *key2) { - HMAC_Key *hkey1, *hkey2; + dst_hmacmd5_key_t *hkey1, *hkey2; - hkey1 = (HMAC_Key *)key1->opaque; - hkey2 = (HMAC_Key *)key2->opaque; + hkey1 = key1->keydata.hmacmd5; + hkey2 = key2->keydata.hmacmd5; if (hkey1 == NULL && hkey2 == NULL) return (ISC_TRUE); @@ -170,20 +183,20 @@ hmacmd5_isprivate(const dst_key_t *key) { static void hmacmd5_destroy(dst_key_t *key) { - HMAC_Key *hkey = key->opaque; - memset(hkey, 0, sizeof(HMAC_Key)); - isc_mem_put(key->mctx, hkey, sizeof(HMAC_Key)); - key->opaque = NULL; + dst_hmacmd5_key_t *hkey = key->keydata.hmacmd5; + memset(hkey, 0, sizeof(dst_hmacmd5_key_t)); + isc_mem_put(key->mctx, hkey, sizeof(dst_hmacmd5_key_t)); + key->keydata.hmacmd5 = NULL; } static isc_result_t hmacmd5_todns(const dst_key_t *key, isc_buffer_t *data) { - HMAC_Key *hkey; + dst_hmacmd5_key_t *hkey; unsigned int bytes; - REQUIRE(key->opaque != NULL); + REQUIRE(key->keydata.hmacmd5 != NULL); - hkey = (HMAC_Key *) key->opaque; + hkey = key->keydata.hmacmd5; bytes = (key->key_size + 7) / 8; if (isc_buffer_availablelength(data) < bytes) @@ -195,7 +208,7 @@ hmacmd5_todns(const dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data) { - HMAC_Key *hkey; + dst_hmacmd5_key_t *hkey; int keylen; isc_region_t r; isc_md5_t md5ctx; @@ -204,7 +217,7 @@ hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data) { if (r.length == 0) return (ISC_R_SUCCESS); - hkey = (HMAC_Key *) isc_mem_get(key->mctx, sizeof(HMAC_Key)); + hkey = isc_mem_get(key->mctx, sizeof(dst_hmacmd5_key_t)); if (hkey == NULL) return (ISC_R_NOMEMORY); @@ -222,7 +235,7 @@ hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data) { } key->key_size = keylen * 8; - key->opaque = hkey; + key->keydata.hmacmd5 = hkey; return (ISC_R_SUCCESS); } @@ -230,15 +243,15 @@ hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacmd5_tofile(const dst_key_t *key, const char *directory) { int cnt = 0; - HMAC_Key *hkey; + dst_hmacmd5_key_t *hkey; dst_private_t priv; int bytes = (key->key_size + 7) / 8; unsigned char buf[2]; - if (key->opaque == NULL) + if (key->keydata.hmacmd5 == NULL) return (DST_R_NULLKEY); - hkey = (HMAC_Key *) key->opaque; + hkey = key->keydata.hmacmd5; priv.elements[cnt].tag = TAG_HMACMD5_KEY; priv.elements[cnt].length = bytes; @@ -272,7 +285,7 @@ hmacmd5_parse(dst_key_t *key, isc_lex_t *lexer) { switch (priv.elements[i].tag) { case TAG_HMACMD5_KEY: isc_buffer_init(&b, priv.elements[i].data, - priv.elements[i].length); + priv.elements[i].length); isc_buffer_add(&b, priv.elements[i].length); tresult = hmacmd5_fromdns(key, &b); if (tresult != ISC_R_SUCCESS) @@ -310,6 +323,7 @@ static dst_func_t hmacmd5_functions = { hmacmd5_tofile, hmacmd5_parse, NULL, /*%< cleanup */ + NULL, /*%< fromlabel */ }; isc_result_t @@ -322,37 +336,37 @@ dst__hmacmd5_init(dst_func_t **funcp) { static isc_result_t hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data); -typedef struct { +struct dst_hmacsha1_key { unsigned char key[ISC_SHA1_DIGESTLENGTH]; -} HMACSHA1_Key; +}; static isc_result_t hmacsha1_createctx(dst_key_t *key, dst_context_t *dctx) { isc_hmacsha1_t *hmacsha1ctx; - HMACSHA1_Key *hkey = key->opaque; + dst_hmacsha1_key_t *hkey = key->keydata.hmacsha1; hmacsha1ctx = isc_mem_get(dctx->mctx, sizeof(isc_hmacsha1_t)); if (hmacsha1ctx == NULL) return (ISC_R_NOMEMORY); isc_hmacsha1_init(hmacsha1ctx, hkey->key, ISC_SHA1_DIGESTLENGTH); - dctx->opaque = hmacsha1ctx; + dctx->ctxdata.hmacsha1ctx = hmacsha1ctx; return (ISC_R_SUCCESS); } static void hmacsha1_destroyctx(dst_context_t *dctx) { - isc_hmacsha1_t *hmacsha1ctx = dctx->opaque; + isc_hmacsha1_t *hmacsha1ctx = dctx->ctxdata.hmacsha1ctx; if (hmacsha1ctx != NULL) { isc_hmacsha1_invalidate(hmacsha1ctx); isc_mem_put(dctx->mctx, hmacsha1ctx, sizeof(isc_hmacsha1_t)); - dctx->opaque = NULL; + dctx->ctxdata.hmacsha1ctx = NULL; } } static isc_result_t hmacsha1_adddata(dst_context_t *dctx, const isc_region_t *data) { - isc_hmacsha1_t *hmacsha1ctx = dctx->opaque; + isc_hmacsha1_t *hmacsha1ctx = dctx->ctxdata.hmacsha1ctx; isc_hmacsha1_update(hmacsha1ctx, data->base, data->length); return (ISC_R_SUCCESS); @@ -360,7 +374,7 @@ hmacsha1_adddata(dst_context_t *dctx, const isc_region_t *data) { static isc_result_t hmacsha1_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_hmacsha1_t *hmacsha1ctx = dctx->opaque; + isc_hmacsha1_t *hmacsha1ctx = dctx->ctxdata.hmacsha1ctx; unsigned char *digest; if (isc_buffer_availablelength(sig) < ISC_SHA1_DIGESTLENGTH) @@ -374,7 +388,7 @@ hmacsha1_sign(dst_context_t *dctx, isc_buffer_t *sig) { static isc_result_t hmacsha1_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_hmacsha1_t *hmacsha1ctx = dctx->opaque; + isc_hmacsha1_t *hmacsha1ctx = dctx->ctxdata.hmacsha1ctx; if (sig->length > ISC_SHA1_DIGESTLENGTH || sig->length == 0) return (DST_R_VERIFYFAILURE); @@ -387,10 +401,10 @@ hmacsha1_verify(dst_context_t *dctx, const isc_region_t *sig) { static isc_boolean_t hmacsha1_compare(const dst_key_t *key1, const dst_key_t *key2) { - HMACSHA1_Key *hkey1, *hkey2; + dst_hmacsha1_key_t *hkey1, *hkey2; - hkey1 = (HMACSHA1_Key *)key1->opaque; - hkey2 = (HMACSHA1_Key *)key2->opaque; + hkey1 = key1->keydata.hmacsha1; + hkey2 = key2->keydata.hmacsha1; if (hkey1 == NULL && hkey2 == NULL) return (ISC_TRUE); @@ -438,20 +452,20 @@ hmacsha1_isprivate(const dst_key_t *key) { static void hmacsha1_destroy(dst_key_t *key) { - HMACSHA1_Key *hkey = key->opaque; - memset(hkey, 0, sizeof(HMACSHA1_Key)); - isc_mem_put(key->mctx, hkey, sizeof(HMACSHA1_Key)); - key->opaque = NULL; + dst_hmacsha1_key_t *hkey = key->keydata.hmacsha1; + memset(hkey, 0, sizeof(dst_hmacsha1_key_t)); + isc_mem_put(key->mctx, hkey, sizeof(dst_hmacsha1_key_t)); + key->keydata.hmacsha1 = NULL; } static isc_result_t hmacsha1_todns(const dst_key_t *key, isc_buffer_t *data) { - HMACSHA1_Key *hkey; + dst_hmacsha1_key_t *hkey; unsigned int bytes; - REQUIRE(key->opaque != NULL); + REQUIRE(key->keydata.hmacsha1 != NULL); - hkey = (HMACSHA1_Key *) key->opaque; + hkey = key->keydata.hmacsha1; bytes = (key->key_size + 7) / 8; if (isc_buffer_availablelength(data) < bytes) @@ -463,7 +477,7 @@ hmacsha1_todns(const dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data) { - HMACSHA1_Key *hkey; + dst_hmacsha1_key_t *hkey; int keylen; isc_region_t r; isc_sha1_t sha1ctx; @@ -472,7 +486,7 @@ hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data) { if (r.length == 0) return (ISC_R_SUCCESS); - hkey = (HMACSHA1_Key *) isc_mem_get(key->mctx, sizeof(HMACSHA1_Key)); + hkey = isc_mem_get(key->mctx, sizeof(dst_hmacsha1_key_t)); if (hkey == NULL) return (ISC_R_NOMEMORY); @@ -490,7 +504,7 @@ hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data) { } key->key_size = keylen * 8; - key->opaque = hkey; + key->keydata.hmacsha1 = hkey; return (ISC_R_SUCCESS); } @@ -498,15 +512,15 @@ hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacsha1_tofile(const dst_key_t *key, const char *directory) { int cnt = 0; - HMACSHA1_Key *hkey; + dst_hmacsha1_key_t *hkey; dst_private_t priv; int bytes = (key->key_size + 7) / 8; unsigned char buf[2]; - if (key->opaque == NULL) + if (key->keydata.hmacsha1 == NULL) return (DST_R_NULLKEY); - hkey = (HMACSHA1_Key *) key->opaque; + hkey = key->keydata.hmacsha1; priv.elements[cnt].tag = TAG_HMACSHA1_KEY; priv.elements[cnt].length = bytes; @@ -541,7 +555,7 @@ hmacsha1_parse(dst_key_t *key, isc_lex_t *lexer) { switch (priv.elements[i].tag) { case TAG_HMACSHA1_KEY: isc_buffer_init(&b, priv.elements[i].data, - priv.elements[i].length); + priv.elements[i].length); isc_buffer_add(&b, priv.elements[i].length); tresult = hmacsha1_fromdns(key, &b); if (tresult != ISC_R_SUCCESS) @@ -579,6 +593,7 @@ static dst_func_t hmacsha1_functions = { hmacsha1_tofile, hmacsha1_parse, NULL, /* cleanup */ + NULL, /* fromlabel */ }; isc_result_t @@ -591,37 +606,37 @@ dst__hmacsha1_init(dst_func_t **funcp) { static isc_result_t hmacsha224_fromdns(dst_key_t *key, isc_buffer_t *data); -typedef struct { +struct dst_hmacsha224_key { unsigned char key[ISC_SHA224_DIGESTLENGTH]; -} HMACSHA224_Key; +}; static isc_result_t hmacsha224_createctx(dst_key_t *key, dst_context_t *dctx) { isc_hmacsha224_t *hmacsha224ctx; - HMACSHA224_Key *hkey = key->opaque; + dst_hmacsha224_key_t *hkey = key->keydata.hmacsha224; hmacsha224ctx = isc_mem_get(dctx->mctx, sizeof(isc_hmacsha224_t)); if (hmacsha224ctx == NULL) return (ISC_R_NOMEMORY); isc_hmacsha224_init(hmacsha224ctx, hkey->key, ISC_SHA224_DIGESTLENGTH); - dctx->opaque = hmacsha224ctx; + dctx->ctxdata.hmacsha224ctx = hmacsha224ctx; return (ISC_R_SUCCESS); } static void hmacsha224_destroyctx(dst_context_t *dctx) { - isc_hmacsha224_t *hmacsha224ctx = dctx->opaque; + isc_hmacsha224_t *hmacsha224ctx = dctx->ctxdata.hmacsha224ctx; if (hmacsha224ctx != NULL) { isc_hmacsha224_invalidate(hmacsha224ctx); isc_mem_put(dctx->mctx, hmacsha224ctx, sizeof(isc_hmacsha224_t)); - dctx->opaque = NULL; + dctx->ctxdata.hmacsha224ctx = NULL; } } static isc_result_t hmacsha224_adddata(dst_context_t *dctx, const isc_region_t *data) { - isc_hmacsha224_t *hmacsha224ctx = dctx->opaque; + isc_hmacsha224_t *hmacsha224ctx = dctx->ctxdata.hmacsha224ctx; isc_hmacsha224_update(hmacsha224ctx, data->base, data->length); return (ISC_R_SUCCESS); @@ -629,7 +644,7 @@ hmacsha224_adddata(dst_context_t *dctx, const isc_region_t *data) { static isc_result_t hmacsha224_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_hmacsha224_t *hmacsha224ctx = dctx->opaque; + isc_hmacsha224_t *hmacsha224ctx = dctx->ctxdata.hmacsha224ctx; unsigned char *digest; if (isc_buffer_availablelength(sig) < ISC_SHA224_DIGESTLENGTH) @@ -643,7 +658,7 @@ hmacsha224_sign(dst_context_t *dctx, isc_buffer_t *sig) { static isc_result_t hmacsha224_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_hmacsha224_t *hmacsha224ctx = dctx->opaque; + isc_hmacsha224_t *hmacsha224ctx = dctx->ctxdata.hmacsha224ctx; if (sig->length > ISC_SHA224_DIGESTLENGTH || sig->length == 0) return (DST_R_VERIFYFAILURE); @@ -656,10 +671,10 @@ hmacsha224_verify(dst_context_t *dctx, const isc_region_t *sig) { static isc_boolean_t hmacsha224_compare(const dst_key_t *key1, const dst_key_t *key2) { - HMACSHA224_Key *hkey1, *hkey2; + dst_hmacsha224_key_t *hkey1, *hkey2; - hkey1 = (HMACSHA224_Key *)key1->opaque; - hkey2 = (HMACSHA224_Key *)key2->opaque; + hkey1 = key1->keydata.hmacsha224; + hkey2 = key2->keydata.hmacsha224; if (hkey1 == NULL && hkey2 == NULL) return (ISC_TRUE); @@ -707,20 +722,20 @@ hmacsha224_isprivate(const dst_key_t *key) { static void hmacsha224_destroy(dst_key_t *key) { - HMACSHA224_Key *hkey = key->opaque; - memset(hkey, 0, sizeof(HMACSHA224_Key)); - isc_mem_put(key->mctx, hkey, sizeof(HMACSHA224_Key)); - key->opaque = NULL; + dst_hmacsha224_key_t *hkey = key->keydata.hmacsha224; + memset(hkey, 0, sizeof(dst_hmacsha224_key_t)); + isc_mem_put(key->mctx, hkey, sizeof(dst_hmacsha224_key_t)); + key->keydata.hmacsha224 = NULL; } static isc_result_t hmacsha224_todns(const dst_key_t *key, isc_buffer_t *data) { - HMACSHA224_Key *hkey; + dst_hmacsha224_key_t *hkey; unsigned int bytes; - REQUIRE(key->opaque != NULL); + REQUIRE(key->keydata.hmacsha224 != NULL); - hkey = (HMACSHA224_Key *) key->opaque; + hkey = key->keydata.hmacsha224; bytes = (key->key_size + 7) / 8; if (isc_buffer_availablelength(data) < bytes) @@ -732,7 +747,7 @@ hmacsha224_todns(const dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacsha224_fromdns(dst_key_t *key, isc_buffer_t *data) { - HMACSHA224_Key *hkey; + dst_hmacsha224_key_t *hkey; int keylen; isc_region_t r; isc_sha224_t sha224ctx; @@ -741,7 +756,7 @@ hmacsha224_fromdns(dst_key_t *key, isc_buffer_t *data) { if (r.length == 0) return (ISC_R_SUCCESS); - hkey = (HMACSHA224_Key *) isc_mem_get(key->mctx, sizeof(HMACSHA224_Key)); + hkey = isc_mem_get(key->mctx, sizeof(dst_hmacsha224_key_t)); if (hkey == NULL) return (ISC_R_NOMEMORY); @@ -759,7 +774,7 @@ hmacsha224_fromdns(dst_key_t *key, isc_buffer_t *data) { } key->key_size = keylen * 8; - key->opaque = hkey; + key->keydata.hmacsha224 = hkey; return (ISC_R_SUCCESS); } @@ -767,15 +782,15 @@ hmacsha224_fromdns(dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacsha224_tofile(const dst_key_t *key, const char *directory) { int cnt = 0; - HMACSHA224_Key *hkey; + dst_hmacsha224_key_t *hkey; dst_private_t priv; int bytes = (key->key_size + 7) / 8; unsigned char buf[2]; - if (key->opaque == NULL) + if (key->keydata.hmacsha224 == NULL) return (DST_R_NULLKEY); - hkey = (HMACSHA224_Key *) key->opaque; + hkey = key->keydata.hmacsha224; priv.elements[cnt].tag = TAG_HMACSHA224_KEY; priv.elements[cnt].length = bytes; @@ -810,7 +825,7 @@ hmacsha224_parse(dst_key_t *key, isc_lex_t *lexer) { switch (priv.elements[i].tag) { case TAG_HMACSHA224_KEY: isc_buffer_init(&b, priv.elements[i].data, - priv.elements[i].length); + priv.elements[i].length); isc_buffer_add(&b, priv.elements[i].length); tresult = hmacsha224_fromdns(key, &b); if (tresult != ISC_R_SUCCESS) @@ -848,6 +863,7 @@ static dst_func_t hmacsha224_functions = { hmacsha224_tofile, hmacsha224_parse, NULL, /* cleanup */ + NULL, /* fromlabel */ }; isc_result_t @@ -860,37 +876,37 @@ dst__hmacsha224_init(dst_func_t **funcp) { static isc_result_t hmacsha256_fromdns(dst_key_t *key, isc_buffer_t *data); -typedef struct { +struct dst_hmacsha256_key { unsigned char key[ISC_SHA256_DIGESTLENGTH]; -} HMACSHA256_Key; +}; static isc_result_t hmacsha256_createctx(dst_key_t *key, dst_context_t *dctx) { isc_hmacsha256_t *hmacsha256ctx; - HMACSHA256_Key *hkey = key->opaque; + dst_hmacsha256_key_t *hkey = key->keydata.hmacsha256; hmacsha256ctx = isc_mem_get(dctx->mctx, sizeof(isc_hmacsha256_t)); if (hmacsha256ctx == NULL) return (ISC_R_NOMEMORY); isc_hmacsha256_init(hmacsha256ctx, hkey->key, ISC_SHA256_DIGESTLENGTH); - dctx->opaque = hmacsha256ctx; + dctx->ctxdata.hmacsha256ctx = hmacsha256ctx; return (ISC_R_SUCCESS); } static void hmacsha256_destroyctx(dst_context_t *dctx) { - isc_hmacsha256_t *hmacsha256ctx = dctx->opaque; + isc_hmacsha256_t *hmacsha256ctx = dctx->ctxdata.hmacsha256ctx; if (hmacsha256ctx != NULL) { isc_hmacsha256_invalidate(hmacsha256ctx); isc_mem_put(dctx->mctx, hmacsha256ctx, sizeof(isc_hmacsha256_t)); - dctx->opaque = NULL; + dctx->ctxdata.hmacsha256ctx = NULL; } } static isc_result_t hmacsha256_adddata(dst_context_t *dctx, const isc_region_t *data) { - isc_hmacsha256_t *hmacsha256ctx = dctx->opaque; + isc_hmacsha256_t *hmacsha256ctx = dctx->ctxdata.hmacsha256ctx; isc_hmacsha256_update(hmacsha256ctx, data->base, data->length); return (ISC_R_SUCCESS); @@ -898,7 +914,7 @@ hmacsha256_adddata(dst_context_t *dctx, const isc_region_t *data) { static isc_result_t hmacsha256_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_hmacsha256_t *hmacsha256ctx = dctx->opaque; + isc_hmacsha256_t *hmacsha256ctx = dctx->ctxdata.hmacsha256ctx; unsigned char *digest; if (isc_buffer_availablelength(sig) < ISC_SHA256_DIGESTLENGTH) @@ -912,7 +928,7 @@ hmacsha256_sign(dst_context_t *dctx, isc_buffer_t *sig) { static isc_result_t hmacsha256_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_hmacsha256_t *hmacsha256ctx = dctx->opaque; + isc_hmacsha256_t *hmacsha256ctx = dctx->ctxdata.hmacsha256ctx; if (sig->length > ISC_SHA256_DIGESTLENGTH || sig->length == 0) return (DST_R_VERIFYFAILURE); @@ -925,10 +941,10 @@ hmacsha256_verify(dst_context_t *dctx, const isc_region_t *sig) { static isc_boolean_t hmacsha256_compare(const dst_key_t *key1, const dst_key_t *key2) { - HMACSHA256_Key *hkey1, *hkey2; + dst_hmacsha256_key_t *hkey1, *hkey2; - hkey1 = (HMACSHA256_Key *)key1->opaque; - hkey2 = (HMACSHA256_Key *)key2->opaque; + hkey1 = key1->keydata.hmacsha256; + hkey2 = key2->keydata.hmacsha256; if (hkey1 == NULL && hkey2 == NULL) return (ISC_TRUE); @@ -976,20 +992,20 @@ hmacsha256_isprivate(const dst_key_t *key) { static void hmacsha256_destroy(dst_key_t *key) { - HMACSHA256_Key *hkey = key->opaque; - memset(hkey, 0, sizeof(HMACSHA256_Key)); - isc_mem_put(key->mctx, hkey, sizeof(HMACSHA256_Key)); - key->opaque = NULL; + dst_hmacsha256_key_t *hkey = key->keydata.hmacsha256; + memset(hkey, 0, sizeof(dst_hmacsha256_key_t)); + isc_mem_put(key->mctx, hkey, sizeof(dst_hmacsha256_key_t)); + key->keydata.hmacsha256 = NULL; } static isc_result_t hmacsha256_todns(const dst_key_t *key, isc_buffer_t *data) { - HMACSHA256_Key *hkey; + dst_hmacsha256_key_t *hkey; unsigned int bytes; - REQUIRE(key->opaque != NULL); + REQUIRE(key->keydata.hmacsha256 != NULL); - hkey = (HMACSHA256_Key *) key->opaque; + hkey = key->keydata.hmacsha256; bytes = (key->key_size + 7) / 8; if (isc_buffer_availablelength(data) < bytes) @@ -1001,7 +1017,7 @@ hmacsha256_todns(const dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacsha256_fromdns(dst_key_t *key, isc_buffer_t *data) { - HMACSHA256_Key *hkey; + dst_hmacsha256_key_t *hkey; int keylen; isc_region_t r; isc_sha256_t sha256ctx; @@ -1010,7 +1026,7 @@ hmacsha256_fromdns(dst_key_t *key, isc_buffer_t *data) { if (r.length == 0) return (ISC_R_SUCCESS); - hkey = (HMACSHA256_Key *) isc_mem_get(key->mctx, sizeof(HMACSHA256_Key)); + hkey = isc_mem_get(key->mctx, sizeof(dst_hmacsha256_key_t)); if (hkey == NULL) return (ISC_R_NOMEMORY); @@ -1028,7 +1044,7 @@ hmacsha256_fromdns(dst_key_t *key, isc_buffer_t *data) { } key->key_size = keylen * 8; - key->opaque = hkey; + key->keydata.hmacsha256 = hkey; return (ISC_R_SUCCESS); } @@ -1036,15 +1052,15 @@ hmacsha256_fromdns(dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacsha256_tofile(const dst_key_t *key, const char *directory) { int cnt = 0; - HMACSHA256_Key *hkey; + dst_hmacsha256_key_t *hkey; dst_private_t priv; int bytes = (key->key_size + 7) / 8; unsigned char buf[2]; - if (key->opaque == NULL) + if (key->keydata.hmacsha256 == NULL) return (DST_R_NULLKEY); - hkey = (HMACSHA256_Key *) key->opaque; + hkey = key->keydata.hmacsha256; priv.elements[cnt].tag = TAG_HMACSHA256_KEY; priv.elements[cnt].length = bytes; @@ -1079,7 +1095,7 @@ hmacsha256_parse(dst_key_t *key, isc_lex_t *lexer) { switch (priv.elements[i].tag) { case TAG_HMACSHA256_KEY: isc_buffer_init(&b, priv.elements[i].data, - priv.elements[i].length); + priv.elements[i].length); isc_buffer_add(&b, priv.elements[i].length); tresult = hmacsha256_fromdns(key, &b); if (tresult != ISC_R_SUCCESS) @@ -1117,6 +1133,7 @@ static dst_func_t hmacsha256_functions = { hmacsha256_tofile, hmacsha256_parse, NULL, /* cleanup */ + NULL, /* fromlabel */ }; isc_result_t @@ -1129,37 +1146,37 @@ dst__hmacsha256_init(dst_func_t **funcp) { static isc_result_t hmacsha384_fromdns(dst_key_t *key, isc_buffer_t *data); -typedef struct { +struct dst_hmacsha384_key { unsigned char key[ISC_SHA384_DIGESTLENGTH]; -} HMACSHA384_Key; +}; static isc_result_t hmacsha384_createctx(dst_key_t *key, dst_context_t *dctx) { isc_hmacsha384_t *hmacsha384ctx; - HMACSHA384_Key *hkey = key->opaque; + dst_hmacsha384_key_t *hkey = key->keydata.hmacsha384; hmacsha384ctx = isc_mem_get(dctx->mctx, sizeof(isc_hmacsha384_t)); if (hmacsha384ctx == NULL) return (ISC_R_NOMEMORY); isc_hmacsha384_init(hmacsha384ctx, hkey->key, ISC_SHA384_DIGESTLENGTH); - dctx->opaque = hmacsha384ctx; + dctx->ctxdata.hmacsha384ctx = hmacsha384ctx; return (ISC_R_SUCCESS); } static void hmacsha384_destroyctx(dst_context_t *dctx) { - isc_hmacsha384_t *hmacsha384ctx = dctx->opaque; + isc_hmacsha384_t *hmacsha384ctx = dctx->ctxdata.hmacsha384ctx; if (hmacsha384ctx != NULL) { isc_hmacsha384_invalidate(hmacsha384ctx); isc_mem_put(dctx->mctx, hmacsha384ctx, sizeof(isc_hmacsha384_t)); - dctx->opaque = NULL; + dctx->ctxdata.hmacsha384ctx = NULL; } } static isc_result_t hmacsha384_adddata(dst_context_t *dctx, const isc_region_t *data) { - isc_hmacsha384_t *hmacsha384ctx = dctx->opaque; + isc_hmacsha384_t *hmacsha384ctx = dctx->ctxdata.hmacsha384ctx; isc_hmacsha384_update(hmacsha384ctx, data->base, data->length); return (ISC_R_SUCCESS); @@ -1167,7 +1184,7 @@ hmacsha384_adddata(dst_context_t *dctx, const isc_region_t *data) { static isc_result_t hmacsha384_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_hmacsha384_t *hmacsha384ctx = dctx->opaque; + isc_hmacsha384_t *hmacsha384ctx = dctx->ctxdata.hmacsha384ctx; unsigned char *digest; if (isc_buffer_availablelength(sig) < ISC_SHA384_DIGESTLENGTH) @@ -1181,7 +1198,7 @@ hmacsha384_sign(dst_context_t *dctx, isc_buffer_t *sig) { static isc_result_t hmacsha384_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_hmacsha384_t *hmacsha384ctx = dctx->opaque; + isc_hmacsha384_t *hmacsha384ctx = dctx->ctxdata.hmacsha384ctx; if (sig->length > ISC_SHA384_DIGESTLENGTH || sig->length == 0) return (DST_R_VERIFYFAILURE); @@ -1194,10 +1211,10 @@ hmacsha384_verify(dst_context_t *dctx, const isc_region_t *sig) { static isc_boolean_t hmacsha384_compare(const dst_key_t *key1, const dst_key_t *key2) { - HMACSHA384_Key *hkey1, *hkey2; + dst_hmacsha384_key_t *hkey1, *hkey2; - hkey1 = (HMACSHA384_Key *)key1->opaque; - hkey2 = (HMACSHA384_Key *)key2->opaque; + hkey1 = key1->keydata.hmacsha384; + hkey2 = key2->keydata.hmacsha384; if (hkey1 == NULL && hkey2 == NULL) return (ISC_TRUE); @@ -1245,20 +1262,20 @@ hmacsha384_isprivate(const dst_key_t *key) { static void hmacsha384_destroy(dst_key_t *key) { - HMACSHA384_Key *hkey = key->opaque; - memset(hkey, 0, sizeof(HMACSHA384_Key)); - isc_mem_put(key->mctx, hkey, sizeof(HMACSHA384_Key)); - key->opaque = NULL; + dst_hmacsha384_key_t *hkey = key->keydata.hmacsha384; + memset(hkey, 0, sizeof(dst_hmacsha384_key_t)); + isc_mem_put(key->mctx, hkey, sizeof(dst_hmacsha384_key_t)); + key->keydata.hmacsha384 = NULL; } static isc_result_t hmacsha384_todns(const dst_key_t *key, isc_buffer_t *data) { - HMACSHA384_Key *hkey; + dst_hmacsha384_key_t *hkey; unsigned int bytes; - REQUIRE(key->opaque != NULL); + REQUIRE(key->keydata.hmacsha384 != NULL); - hkey = (HMACSHA384_Key *) key->opaque; + hkey = key->keydata.hmacsha384; bytes = (key->key_size + 7) / 8; if (isc_buffer_availablelength(data) < bytes) @@ -1270,7 +1287,7 @@ hmacsha384_todns(const dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacsha384_fromdns(dst_key_t *key, isc_buffer_t *data) { - HMACSHA384_Key *hkey; + dst_hmacsha384_key_t *hkey; int keylen; isc_region_t r; isc_sha384_t sha384ctx; @@ -1279,7 +1296,7 @@ hmacsha384_fromdns(dst_key_t *key, isc_buffer_t *data) { if (r.length == 0) return (ISC_R_SUCCESS); - hkey = (HMACSHA384_Key *) isc_mem_get(key->mctx, sizeof(HMACSHA384_Key)); + hkey = isc_mem_get(key->mctx, sizeof(dst_hmacsha384_key_t)); if (hkey == NULL) return (ISC_R_NOMEMORY); @@ -1297,7 +1314,7 @@ hmacsha384_fromdns(dst_key_t *key, isc_buffer_t *data) { } key->key_size = keylen * 8; - key->opaque = hkey; + key->keydata.hmacsha384 = hkey; return (ISC_R_SUCCESS); } @@ -1305,15 +1322,15 @@ hmacsha384_fromdns(dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacsha384_tofile(const dst_key_t *key, const char *directory) { int cnt = 0; - HMACSHA384_Key *hkey; + dst_hmacsha384_key_t *hkey; dst_private_t priv; int bytes = (key->key_size + 7) / 8; unsigned char buf[2]; - if (key->opaque == NULL) + if (key->keydata.hmacsha384 == NULL) return (DST_R_NULLKEY); - hkey = (HMACSHA384_Key *) key->opaque; + hkey = key->keydata.hmacsha384; priv.elements[cnt].tag = TAG_HMACSHA384_KEY; priv.elements[cnt].length = bytes; @@ -1348,7 +1365,7 @@ hmacsha384_parse(dst_key_t *key, isc_lex_t *lexer) { switch (priv.elements[i].tag) { case TAG_HMACSHA384_KEY: isc_buffer_init(&b, priv.elements[i].data, - priv.elements[i].length); + priv.elements[i].length); isc_buffer_add(&b, priv.elements[i].length); tresult = hmacsha384_fromdns(key, &b); if (tresult != ISC_R_SUCCESS) @@ -1386,6 +1403,7 @@ static dst_func_t hmacsha384_functions = { hmacsha384_tofile, hmacsha384_parse, NULL, /* cleanup */ + NULL, /* fromlabel */ }; isc_result_t @@ -1398,37 +1416,37 @@ dst__hmacsha384_init(dst_func_t **funcp) { static isc_result_t hmacsha512_fromdns(dst_key_t *key, isc_buffer_t *data); -typedef struct { +struct dst_hmacsha512_key { unsigned char key[ISC_SHA512_DIGESTLENGTH]; -} HMACSHA512_Key; +}; static isc_result_t hmacsha512_createctx(dst_key_t *key, dst_context_t *dctx) { isc_hmacsha512_t *hmacsha512ctx; - HMACSHA512_Key *hkey = key->opaque; + dst_hmacsha512_key_t *hkey = key->keydata.hmacsha512; hmacsha512ctx = isc_mem_get(dctx->mctx, sizeof(isc_hmacsha512_t)); if (hmacsha512ctx == NULL) return (ISC_R_NOMEMORY); isc_hmacsha512_init(hmacsha512ctx, hkey->key, ISC_SHA512_DIGESTLENGTH); - dctx->opaque = hmacsha512ctx; + dctx->ctxdata.hmacsha512ctx = hmacsha512ctx; return (ISC_R_SUCCESS); } static void hmacsha512_destroyctx(dst_context_t *dctx) { - isc_hmacsha512_t *hmacsha512ctx = dctx->opaque; + isc_hmacsha512_t *hmacsha512ctx = dctx->ctxdata.hmacsha512ctx; if (hmacsha512ctx != NULL) { isc_hmacsha512_invalidate(hmacsha512ctx); isc_mem_put(dctx->mctx, hmacsha512ctx, sizeof(isc_hmacsha512_t)); - dctx->opaque = NULL; + dctx->ctxdata.hmacsha512ctx = NULL; } } static isc_result_t hmacsha512_adddata(dst_context_t *dctx, const isc_region_t *data) { - isc_hmacsha512_t *hmacsha512ctx = dctx->opaque; + isc_hmacsha512_t *hmacsha512ctx = dctx->ctxdata.hmacsha512ctx; isc_hmacsha512_update(hmacsha512ctx, data->base, data->length); return (ISC_R_SUCCESS); @@ -1436,7 +1454,7 @@ hmacsha512_adddata(dst_context_t *dctx, const isc_region_t *data) { static isc_result_t hmacsha512_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_hmacsha512_t *hmacsha512ctx = dctx->opaque; + isc_hmacsha512_t *hmacsha512ctx = dctx->ctxdata.hmacsha512ctx; unsigned char *digest; if (isc_buffer_availablelength(sig) < ISC_SHA512_DIGESTLENGTH) @@ -1450,7 +1468,7 @@ hmacsha512_sign(dst_context_t *dctx, isc_buffer_t *sig) { static isc_result_t hmacsha512_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_hmacsha512_t *hmacsha512ctx = dctx->opaque; + isc_hmacsha512_t *hmacsha512ctx = dctx->ctxdata.hmacsha512ctx; if (sig->length > ISC_SHA512_DIGESTLENGTH || sig->length == 0) return (DST_R_VERIFYFAILURE); @@ -1463,10 +1481,10 @@ hmacsha512_verify(dst_context_t *dctx, const isc_region_t *sig) { static isc_boolean_t hmacsha512_compare(const dst_key_t *key1, const dst_key_t *key2) { - HMACSHA512_Key *hkey1, *hkey2; + dst_hmacsha512_key_t *hkey1, *hkey2; - hkey1 = (HMACSHA512_Key *)key1->opaque; - hkey2 = (HMACSHA512_Key *)key2->opaque; + hkey1 = key1->keydata.hmacsha512; + hkey2 = key2->keydata.hmacsha512; if (hkey1 == NULL && hkey2 == NULL) return (ISC_TRUE); @@ -1514,20 +1532,20 @@ hmacsha512_isprivate(const dst_key_t *key) { static void hmacsha512_destroy(dst_key_t *key) { - HMACSHA512_Key *hkey = key->opaque; - memset(hkey, 0, sizeof(HMACSHA512_Key)); - isc_mem_put(key->mctx, hkey, sizeof(HMACSHA512_Key)); - key->opaque = NULL; + dst_hmacsha512_key_t *hkey = key->keydata.hmacsha512; + memset(hkey, 0, sizeof(dst_hmacsha512_key_t)); + isc_mem_put(key->mctx, hkey, sizeof(dst_hmacsha512_key_t)); + key->keydata.hmacsha512 = NULL; } static isc_result_t hmacsha512_todns(const dst_key_t *key, isc_buffer_t *data) { - HMACSHA512_Key *hkey; + dst_hmacsha512_key_t *hkey; unsigned int bytes; - REQUIRE(key->opaque != NULL); + REQUIRE(key->keydata.hmacsha512 != NULL); - hkey = (HMACSHA512_Key *) key->opaque; + hkey = key->keydata.hmacsha512; bytes = (key->key_size + 7) / 8; if (isc_buffer_availablelength(data) < bytes) @@ -1539,7 +1557,7 @@ hmacsha512_todns(const dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacsha512_fromdns(dst_key_t *key, isc_buffer_t *data) { - HMACSHA512_Key *hkey; + dst_hmacsha512_key_t *hkey; int keylen; isc_region_t r; isc_sha512_t sha512ctx; @@ -1548,7 +1566,7 @@ hmacsha512_fromdns(dst_key_t *key, isc_buffer_t *data) { if (r.length == 0) return (ISC_R_SUCCESS); - hkey = (HMACSHA512_Key *) isc_mem_get(key->mctx, sizeof(HMACSHA512_Key)); + hkey = isc_mem_get(key->mctx, sizeof(dst_hmacsha512_key_t)); if (hkey == NULL) return (ISC_R_NOMEMORY); @@ -1566,7 +1584,7 @@ hmacsha512_fromdns(dst_key_t *key, isc_buffer_t *data) { } key->key_size = keylen * 8; - key->opaque = hkey; + key->keydata.hmacsha512 = hkey; return (ISC_R_SUCCESS); } @@ -1574,15 +1592,15 @@ hmacsha512_fromdns(dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacsha512_tofile(const dst_key_t *key, const char *directory) { int cnt = 0; - HMACSHA512_Key *hkey; + dst_hmacsha512_key_t *hkey; dst_private_t priv; int bytes = (key->key_size + 7) / 8; unsigned char buf[2]; - if (key->opaque == NULL) + if (key->keydata.hmacsha512 == NULL) return (DST_R_NULLKEY); - hkey = (HMACSHA512_Key *) key->opaque; + hkey = key->keydata.hmacsha512; priv.elements[cnt].tag = TAG_HMACSHA512_KEY; priv.elements[cnt].length = bytes; @@ -1617,7 +1635,7 @@ hmacsha512_parse(dst_key_t *key, isc_lex_t *lexer) { switch (priv.elements[i].tag) { case TAG_HMACSHA512_KEY: isc_buffer_init(&b, priv.elements[i].data, - priv.elements[i].length); + priv.elements[i].length); isc_buffer_add(&b, priv.elements[i].length); tresult = hmacsha512_fromdns(key, &b); if (tresult != ISC_R_SUCCESS) @@ -1655,6 +1673,7 @@ static dst_func_t hmacsha512_functions = { hmacsha512_tofile, hmacsha512_parse, NULL, /* cleanup */ + NULL, /* fromlabel */ }; isc_result_t |
