Lines Matching refs:key
32 * void dst_write_key() Function to write out a key.
35 * int dst_key_to_dnskey() Function to return a public key in DNS
38 * int *dst_key_to_buffer() Writes out DST_KEY key matterial in buffer
39 * void dst_free_key() Releases all memory referenced by key structure
65 const char *key_file_fmt_str = "Private-key-format: v%s\nAlgorithm: %d (%s)\n";
73 static int dst_s_write_public_key(const DST_KEY *key);
74 static int dst_s_write_private_key(const DST_KEY *key);
148 * This function allocates key structure and fills in some of the
151 * name: the name of the key
153 * flags: the dns flags of the key
154 * protocol: the dns protocol of the key
155 * bits: the size of the key
230 * in_key Contains a private key to sign with.
303 * Access a private key. First the list of private keys that have
304 * already been read in is searched, then the key accessed on disk.
305 * If the private key can be found, it is returned. If the key cannot
307 * key characteristics. If the private key requested does not have
310 * in_keyname The private key name.
311 * in_id The id of the private key.
313 * read key.
314 * DST_CAN_SIGN The key must be useable for signing.
315 * DST_NO_AUTHEN The key must be useable for authentication.
316 * DST_STANDARD Return any key
318 * NULL If there is no key found in the current directory or
319 * this key has not been loaded before.
338 EREPORT(("dst_read_private_key(): Null key name passed in\n"));
346 /* before I read in the public key, check if it is allowed to sign */
357 /* Fill in private key and some fields in the general key structure */
367 dst_write_key(const DST_KEY *key, const int type)
371 if (key == NULL)
373 if (!dst_check_algorithm(key->dk_alg)) { /*%< make sure alg is available */
375 key->dk_alg));
382 if ((pub = dst_s_write_public_key(key)) < 0)
385 if ((priv = dst_s_write_private_key(key)) < 0)
392 * Write a private key to disk. The filename will be of the form:
393 * K<key->dk_name>+<key->dk_alg+><key-d>k_id.><private key suffix>.
397 * key A DST managed key structure that contains
398 * all information needed about a key.
400 * >= 0 Correct behavior. Returns length of encoded key value
406 dst_s_write_private_key(const DST_KEY *key)
413 /* First encode the key into the portable key format */
414 if (key == NULL)
416 if (key->dk_KEY_struct == NULL)
417 return (0); /*%< null key has no private key */
418 if (key->dk_func == NULL || key->dk_func->to_file_fmt == NULL) {
420 key->dk_alg));
422 } else if ((len = key->dk_func->to_file_fmt(key, (char *)encoded_block,
424 EREPORT(("dst_write_private_key(): Failed encoding private RSA bsafe key %d\n", len));
428 dst_s_build_filename(file, key->dk_key_name, key->dk_id, key->dk_alg,
453 * Read a public key from disk and store in a DST key structure.
455 * in_name K<in_name><in_id>.<public key suffix> is the
456 * filename of the key file to be read.
458 * NULL If the key does not exist or no name is supplied.
459 * NON-NULL Initialized key structure if the key exists.
472 EREPORT(("dst_read_public_key(): No key name given\n"));
482 * Open the file and read it's formatted contents up to key
484 * domain.name [ttl] [IN] KEY <flags> <protocol> <algorithm> <key>
539 /* read in the key string */
568 /* store key and info in a key structure that is returned */
576 * Write a key to disk in DNS format.
578 * key Pointer to a DST key structure.
585 dst_s_write_public_key(const DST_KEY *key)
595 if (key == NULL) {
596 EREPORT(("dst_write_public_key(): No key specified \n"));
598 } else if ((len = dst_key_to_dnskey(key, out_key, sizeof(out_key)))< 0)
602 if (dst_s_build_filename(filename, key->dk_key_name, key->dk_id,
603 key->dk_alg, PUBLIC_KEY, PATH_MAX) == -1) {
605 key->dk_key_name, key->dk_id, PUBLIC_KEY));
609 mode = (key->dk_alg == KEY_HMAC_MD5) ? 0600 : 0644;
610 /* create public key file */
616 /*write out key first base64 the key data */
617 if (key->dk_flags & DST_EXTEND_FLAG)
622 key->dk_key_name,
623 key->dk_flags, key->dk_proto, key->dk_alg, enc_key);
631 * key structure.
635 * in_name Key name to be stored in key structure.
638 * NON-NULL Success. Pointer to key structure.
675 * of the key
691 * Function to encode a public key into DNS KEY wire format
693 * key Key structure to encode.
694 * out_storage Location to write the encoded key to.
702 dst_key_to_dnskey(const DST_KEY *key, u_char *out_storage,
708 if (key == NULL)
711 if (!dst_check_algorithm(key->dk_alg)) { /*%< make sure alg is available */
713 key->dk_alg));
717 val = (u_int16_t)(key->dk_flags & 0xffff);
721 out_storage[loc++] = (u_char) key->dk_proto;
722 out_storage[loc++] = (u_char) key->dk_alg;
724 if (key->dk_flags > 0xffff) { /*%< Extended flags */
725 val = (u_int16_t)((key->dk_flags >> 16) & 0xffff);
729 if (key->dk_KEY_struct == NULL)
731 if (key->dk_func && key->dk_func->to_dns_key) {
732 enc_len = key->dk_func->to_dns_key(key,
741 key->dk_alg));
747 * Function to encode a string of raw data into a DST key
750 * key A pointer to the data
754 * NON-NULL the DST key
757 dst_buffer_to_key(const char *key_name, /*!< name of the key */
761 const u_char *key_buf, /*!< key in dns wire fmt */
762 const int key_len) /*!< size of key */
791 dst_key_to_buffer(DST_KEY *key, u_char *out_buff, int buf_len)
795 if (key == NULL)
797 if (key->dk_func != NULL && key->dk_func->to_dns_key != NULL) {
798 len = key->dk_func->to_dns_key(key, out_buff, buf_len);
808 * Function reads in private key from a file.
811 * name Name of the key to be read.
812 * pk_key Structure that the key is returned in.
832 EREPORT(("dst_read_private_key_file(): No key name given\n"));
842 /* first check if we can find the key file */
856 /* decrypt key */
858 if (memcmp(in_buff, "Private-key-format: v", 20) != 0)
864 "Private-key-format: v")) {
893 /* allocate and fill in key structure */
904 /* Make sure the actual key tag matches the input tag used in the filename
907 EREPORT(("dst_s_read_private_key_file(): actual tag of key read %d != input tag used to build filename %d.\n", id, in_id));
926 *\par name Name of the new key. Used to create key files
928 *\par bits Size of the new key in bits.
943 *\par out_id The key tag is returned.
947 *\li non-NULL the generated key pair
969 if (bits == 0) /*%< null key we are done */
993 * Release all data structures pointed to by a key structure.
1009 EREPORT(("dst_free_key(): Unknown key alg %d\n",
1023 * Return the maximim size of signature from the key specified in bytes
1026 *\li key
1032 dst_sig_size(DST_KEY *key) {
1033 switch (key->dk_alg) {
1039 return (key->dk_key_size + 7) / 8;
1043 EREPORT(("dst_sig_size(): Unknown key alg %d\n", key->dk_alg));