aboutsummaryrefslogtreecommitdiff
path: root/external/unbound/testcode/signit.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--external/unbound/testcode/signit.c284
1 files changed, 0 insertions, 284 deletions
diff --git a/external/unbound/testcode/signit.c b/external/unbound/testcode/signit.c
deleted file mode 100644
index 0eca0e088..000000000
--- a/external/unbound/testcode/signit.c
+++ /dev/null
@@ -1,284 +0,0 @@
-/*
- * testcode/signit.c - debug tool to sign rrsets with given keys.
- *
- * Copyright (c) 2007, NLnet Labs. All rights reserved.
- *
- * This software is open source.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above copyright notice,
- * this list of conditions and the following disclaimer in the documentation
- * and/or other materials provided with the distribution.
- *
- * Neither the name of the NLNET LABS nor the names of its contributors may
- * be used to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
- * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/**
- * \file
- *
- * This program signs rrsets with the given keys. It can be used to
- * construct input to test the validator with.
- */
-#include "config.h"
-#include <ldns/ldns.h>
-#include <assert.h>
-
-#define DNSKEY_BIT_ZSK 0x0100
-
-/**
- * Key settings
- */
-struct keysets {
- /** signature inception */
- uint32_t incep;
- /** signature expiration */
- uint32_t expi;
- /** owner name */
- char* owner;
- /** keytag */
- uint16_t keytag;
- /** DNSKEY flags */
- uint16_t flags;
-};
-
-/** print usage and exit */
-static void
-usage(void)
-{
- printf("usage: signit expi ince keytag owner keyfile\n");
- printf("present rrset data on stdin.\n");
- printf("signed data is printed to stdout.\n");
- printf("\n");
- printf("Or use: signit NSEC3PARAM hash flags iter salt\n");
- printf("present names on stdin, hashed names are printed to stdout.\n");
- exit(1);
-}
-
-static time_t
-convert_timeval(const char* str)
-{
- time_t t;
- struct tm tm;
- memset(&tm, 0, sizeof(tm));
- if(strlen(str) < 14)
- return 0;
- if(sscanf(str, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon,
- &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) != 6)
- return 0;
- tm.tm_year -= 1900;
- tm.tm_mon--;
- /* Check values */
- if (tm.tm_year < 70) return 0;
- if (tm.tm_mon < 0 || tm.tm_mon > 11) return 0;
- if (tm.tm_mday < 1 || tm.tm_mday > 31) return 0;
- if (tm.tm_hour < 0 || tm.tm_hour > 23) return 0;
- if (tm.tm_min < 0 || tm.tm_min > 59) return 0;
- if (tm.tm_sec < 0 || tm.tm_sec > 59) return 0;
- /* call ldns conversion function */
- t = ldns_mktime_from_utc(&tm);
- return t;
-}
-
-static void fatal_exit(const char* format, ...)
-{
- va_list args;
- va_start(args, format);
- printf("fatal exit: ");
- vprintf(format, args);
- va_end(args);
- exit(1);
-}
-
-/** read expi ince keytag owner from cmdline */
-static void
-parse_cmdline(char *argv[], struct keysets* s)
-{
- s->expi = convert_timeval(argv[1]);
- s->incep = convert_timeval(argv[2]);
- s->keytag = (uint16_t)atoi(argv[3]);
- s->owner = argv[4];
- s->flags = DNSKEY_BIT_ZSK; /* to enforce signing */
-}
-
-/** read all key files, exit on error */
-static ldns_key_list*
-read_keys(int num, char* names[], struct keysets* set)
-{
- int i;
- ldns_key_list* keys = ldns_key_list_new();
- ldns_key* k;
- ldns_rdf* rdf;
- ldns_status s;
- int b;
- FILE* in;
-
- if(!keys) fatal_exit("alloc failure");
- for(i=0; i<num; i++) {
- printf("read keyfile %s\n", names[i]);
- in = fopen(names[i], "r");
- if(!in) fatal_exit("could not open %s: %s", names[i],
- strerror(errno));
- s = ldns_key_new_frm_fp(&k, in);
- fclose(in);
- if(s != LDNS_STATUS_OK)
- fatal_exit("bad keyfile %s: %s", names[i],
- ldns_get_errorstr_by_id(s));
- ldns_key_set_expiration(k, set->expi);
- ldns_key_set_inception(k, set->incep);
- s = ldns_str2rdf_dname(&rdf, set->owner);
- if(s != LDNS_STATUS_OK)
- fatal_exit("bad owner name %s: %s", set->owner,
- ldns_get_errorstr_by_id(s));
- ldns_key_set_pubkey_owner(k, rdf);
- ldns_key_set_flags(k, set->flags);
- ldns_key_set_keytag(k, set->keytag);
- b = ldns_key_list_push_key(keys, k);
- assert(b);
- }
- return keys;
-}
-
-/** read list of rrs from the file */
-static ldns_rr_list*
-read_rrs(FILE* in)
-{
- uint32_t my_ttl = 3600;
- ldns_rdf *my_origin = NULL;
- ldns_rdf *my_prev = NULL;
- ldns_status s;
- int line_nr = 1;
- int b;
-
- ldns_rr_list* list;
- ldns_rr *rr;
-
- list = ldns_rr_list_new();
- if(!list) fatal_exit("alloc error");
-
- while(!feof(in)) {
- s = ldns_rr_new_frm_fp_l(&rr, in, &my_ttl, &my_origin,
- &my_prev, &line_nr);
- if(s == LDNS_STATUS_SYNTAX_TTL ||
- s == LDNS_STATUS_SYNTAX_ORIGIN ||
- s == LDNS_STATUS_SYNTAX_EMPTY)
- continue;
- else if(s != LDNS_STATUS_OK)
- fatal_exit("parse error in line %d: %s", line_nr,
- ldns_get_errorstr_by_id(s));
- b = ldns_rr_list_push_rr(list, rr);
- assert(b);
- }
- printf("read %d lines\n", line_nr);
-
- return list;
-}
-
-/** sign the rrs with the keys */
-static void
-signit(ldns_rr_list* rrs, ldns_key_list* keys)
-{
- ldns_rr_list* rrset;
- ldns_rr_list* sigs;
-
- while(ldns_rr_list_rr_count(rrs) > 0) {
- rrset = ldns_rr_list_pop_rrset(rrs);
- if(!rrset) fatal_exit("copy alloc failure");
- sigs = ldns_sign_public(rrset, keys);
- if(!sigs) fatal_exit("failed to sign");
- ldns_rr_list_print(stdout, rrset);
- ldns_rr_list_print(stdout, sigs);
- printf("\n");
- ldns_rr_list_free(rrset);
- ldns_rr_list_free(sigs);
- }
-}
-
-/** process keys and signit */
-static void
-process_keys(int argc, char* argv[])
-{
- ldns_rr_list* rrs;
- ldns_key_list* keys;
- struct keysets settings;
- assert(argc == 6);
-
- parse_cmdline(argv, &settings);
- keys = read_keys(1, argv+5, &settings);
- rrs = read_rrs(stdin);
- signit(rrs, keys);
-
- ldns_rr_list_deep_free(rrs);
- ldns_key_list_free(keys);
-}
-
-/** process nsec3 params and perform hashing */
-static void
-process_nsec3(int argc, char* argv[])
-{
- char line[10240];
- ldns_rdf* salt;
- ldns_rdf* in, *out;
- ldns_status status;
- status = ldns_str2rdf_nsec3_salt(&salt, argv[5]);
- if(status != LDNS_STATUS_OK)
- fatal_exit("Could not parse salt %s: %s", argv[5],
- ldns_get_errorstr_by_id(status));
- assert(argc == 6);
- while(fgets(line, (int)sizeof(line), stdin)) {
- if(strlen(line) > 0)
- line[strlen(line)-1] = 0; /* remove trailing newline */
- if(line[0]==0)
- continue;
- status = ldns_str2rdf_dname(&in, line);
- if(status != LDNS_STATUS_OK)
- fatal_exit("Could not parse name %s: %s", line,
- ldns_get_errorstr_by_id(status));
- ldns_rdf_print(stdout, in);
- printf(" -> ");
- /* arg 3 is flags, unused */
- out = ldns_nsec3_hash_name(in, (uint8_t)atoi(argv[2]),
- (uint16_t)atoi(argv[4]),
- ldns_rdf_data(salt)[0], ldns_rdf_data(salt)+1);
- if(!out)
- fatal_exit("Could not hash %s", line);
- ldns_rdf_print(stdout, out);
- printf("\n");
- ldns_rdf_deep_free(in);
- ldns_rdf_deep_free(out);
- }
- ldns_rdf_deep_free(salt);
-}
-
-/** main program */
-int main(int argc, char* argv[])
-{
- if(argc != 6) {
- usage();
- }
- if(strcmp(argv[1], "NSEC3PARAM") == 0) {
- process_nsec3(argc, argv);
- return 0;
- }
- process_keys(argc, argv);
- return 0;
-}