OpenDNSSEC-libhsm  2.1.9
hsmutil.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2009 .SE (The Internet Infrastructure Foundation).
3  * Copyright (c) 2009 NLNet Labs.
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  * notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  * notice, this list of conditions and the following disclaimer in the
13  * documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
17  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
19  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
21  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
22  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
23  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
24  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
25  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26  */
27 
28 #include "config.h"
29 
30 #include <stdio.h>
31 #include <string.h>
32 #include <stdlib.h>
33 #include <syslog.h>
34 #include <unistd.h>
35 #include <ldns/ldns.h>
36 #include <ldns/util.h>
37 
38 #include "libhsm.h"
39 #include "hsmtest.h"
40 
41 #include <libhsmdns.h>
42 
43 extern hsm_repository_t* parse_conf_repositories(const char* cfgfile);
44 
45 extern char *optarg;
46 char *progname = NULL;
47 unsigned int verbose = 0;
48 hsm_ctx_t *ctx = NULL;
49 
50 
51 static void
52 version ()
53 {
54  fprintf(stderr, "%s (%s) version %s\n",
55  progname, PACKAGE_NAME, PACKAGE_VERSION);
56 }
57 
58 static void
59 usage ()
60 {
61  fprintf(stderr,
62  "usage: %s [-c config] [-vVfh] [command [options]]\n",
63  progname);
64 
65  fprintf(stderr," -h Print this usage information.\n");
66  fprintf(stderr," -v Increase verbosity.\n");
67  fprintf(stderr," -V Print version and exit.\n");
68  fprintf(stderr," -f Force, Assume yes on all questions.\n");
69  fprintf(stderr," -c <cfg> Use alternative conf.xml.\n");
70 
71  fprintf(stderr,"commands\n");
72 
73  fprintf(stderr," login\n");
74  fprintf(stderr," logout\n");
75  fprintf(stderr," list [repository]\n");
76  fprintf(stderr," generate <repository> rsa|dsa|gost|ecdsa [keysize]\n");
77  fprintf(stderr," remove <id>\n");
78  fprintf(stderr," purge <repository>\n");
79  fprintf(stderr," dnskey <id> <name> <type> <algo>\n");
80  fprintf(stderr," test <repository>\n");
81  fprintf(stderr," info\n");
82 #if 0
83  fprintf(stderr," debug\n");
84 #endif
85 }
86 
87 static int
88 cmd_login ()
89 {
90  printf("The tokens are now logged in.\n");
91 
92  return 0;
93 }
94 
95 static int
96 cmd_logout ()
97 {
98  if (hsm_logout_pin() != HSM_OK) {
99  printf("Failed to erase the credentials.\n");
100  hsm_print_error(NULL);
101  return 1;
102  }
103 
104  printf("The credentials has been erased.\n");
105 
106  return 0;
107 }
108 
109 #pragma GCC diagnostic push
110 #pragma GCC diagnostic ignored "-Wformat-nonliteral"
111 static int
112 cmd_list (int argc, char *argv[])
113 {
114  size_t i;
115  char *repository = NULL;
116 
117  size_t key_count = 0;
118  size_t key_count_valid = 0;
119  libhsm_key_t **keys;
120 
121  const char *key_info_format = "%-20s %-32s %-10s\n";
122 
124 
125  if (argc) {
126  repository = argv[0];
127  argc--;
128  argv++;
129 
130  /* Check for repository before starting using it */
131  if (hsm_token_attached(ctx, repository) == 0) {
133  return 1;
134  }
135 
136  fprintf(stdout, "\nListing keys in repository: %s\n", repository);
137  keys = hsm_list_keys_repository(ctx, &key_count, repository);
138  } else {
139  fprintf(stdout, "\nListing keys in all repositories.\n");
140  keys = hsm_list_keys(ctx, &key_count);
141  }
142 
143  fprintf(stdout, "%u %s found.\n\n", (unsigned int) key_count,
144  (key_count > 1 || key_count == 0 ? "keys" : "key"));
145 
146  if (!keys) {
147  return -1;
148  }
149 
150  /* print fancy header */
151  fprintf(stdout, key_info_format, "Repository", "ID", "Type");
152  fprintf(stdout, key_info_format, "----------", "--", "----");
153 
154  for (i = 0; i < key_count; i++) {
155  libhsm_key_info_t *key_info;
156  libhsm_key_t *key = NULL;
157  char key_type[HSM_MAX_ALGONAME + 8];
158  char const * key_id = NULL;
159 
160  key = keys[i];
161  if (key == NULL) {
162  /* Skip NULL key for now */
163  continue;
164  }
165 
166  key_count_valid++;
167 
168  key_info = hsm_get_key_info(ctx, key);
169 
170  if (key_info) {
171  snprintf(key_type, sizeof(key_type), "%s/%lu",
172  key_info->algorithm_name, key_info->keysize);
173  key_id = key_info->id;
174  } else {
175  snprintf(key_type, sizeof(key_type), "UNKNOWN");
176  key_id = "UNKNOWN";
177  }
178 
179  printf(key_info_format, key->modulename, key_id, key_type);
180 
181  libhsm_key_info_free(key_info);
182  }
183  libhsm_key_list_free(keys, key_count);
184 
185  if (key_count != key_count_valid) {
186  size_t invalid_keys;
187  invalid_keys = key_count - key_count_valid;
188  printf("\n");
189  fprintf(stderr, "Warning: %u %s not usable by OpenDNSSEC was found.\n",
190  (unsigned int) invalid_keys, invalid_keys > 1 ? "keys" : "key");
191  }
192 
193  return 0;
194 }
195 #pragma GCC diagnostic pop
196 
197 static int
198 cmd_generate (int argc, char *argv[])
199 {
200  const char *repository = NULL;
201  const char *algorithm = NULL;
202  unsigned int keysize = 1024;
203 
204  libhsm_key_t *key = NULL;
205 
206  if (argc < 2 || argc > 3) {
207  usage();
208  return -1;
209  }
210 
211  repository = argv[0];
212 
213  /* Check for repository before starting using it */
214  if (hsm_token_attached(ctx, repository) == 0) {
216  return 1;
217  }
218 
219  algorithm = argv[1];
220  if (argc == 3) {
221  keysize = atoi(argv[2]);
222  }
223 
224  if (!strcasecmp(algorithm, "rsa")) {
225  printf("Generating %d bit RSA key in repository: %s\n",
226  keysize, repository);
227 
228  key = hsm_generate_rsa_key(ctx, repository, keysize);
229  } else if (!strcasecmp(algorithm, "dsa")) {
230  printf("Generating %d bit DSA key in repository: %s\n",
231  keysize, repository);
232 
233  key = hsm_generate_dsa_key(ctx, repository, keysize);
234  } else if (!strcasecmp(algorithm, "gost")) {
235  printf("Generating 512 bit GOST key in repository: %s\n",
236  repository);
237 
238  key = hsm_generate_gost_key(ctx, repository);
239  } else if (!strcasecmp(algorithm, "ecdsa")) {
240  if (keysize == 256) {
241  printf("Generating a P-256 ECDSA key in repository: %s\n",
242  repository);
243 
244  key = hsm_generate_ecdsa_key(ctx, repository, "P-256");
245  } else if (keysize == 384) {
246  printf("Generating a P-384 ECDSA key in repository: %s\n",
247  repository);
248 
249  key = hsm_generate_ecdsa_key(ctx, repository, "P-384");
250  } else {
251  printf("Invalid ECDSA key size: %d\n", keysize);
252  printf("Expecting 256 or 384.\n");
253  return -1;
254  }
255  } else {
256  printf("Unknown algorithm: %s\n", algorithm);
257  return -1;
258  }
259 
260  if (key) {
261  libhsm_key_info_t *key_info;
262 
263  key_info = hsm_get_key_info(ctx, key);
264  printf("Key generation successful: %s\n",
265  key_info ? key_info->id : "NULL");
266  libhsm_key_info_free(key_info);
267  if (verbose) hsm_print_key(ctx, key);
268  libhsm_key_free(key);
269  } else {
270  printf("Key generation failed.\n");
271  return -1;
272  }
273 
274  return 0;
275 }
276 
277 static int
278 cmd_remove (int argc, char *argv[])
279 {
280  char *id;
281  int result;
282 
283  libhsm_key_t *key = NULL;
284 
285  if (argc != 1) {
286  usage();
287  return -1;
288  }
289 
290  id = argv[0];
291 
292  key = hsm_find_key_by_id(ctx, id);
293 
294  if (!key) {
295  printf("Key not found: %s\n", id);
296  return -1;
297  }
298 
299  result = hsm_remove_key(ctx, key);
300 
301  if (!result) {
302  printf("Key remove successful.\n");
303  } else {
304  printf("Key remove failed.\n");
305  }
306 
307  libhsm_key_free(key);
308 
309  return result;
310 }
311 
312 static int
313 cmd_purge (int argc, char *argv[], int force)
314 {
315  int result;
316  int final_result = 0;
317  char *fresult;
318 
319  size_t i;
320  char *repository = NULL;
321  char confirm[16];
322 
323  size_t key_count = 0;
324  libhsm_key_t **keys;
325 
326  if (argc != 1) {
327  usage();
328  return -1;
329  }
330 
331  repository = argv[0];
332  argc--;
333  argv++;
334 
335  /* Check for repository before starting using it */
336  if (hsm_token_attached(ctx, repository) == 0) {
338  return 1;
339  }
340 
341  printf("Purging all keys from repository: %s\n", repository);
342  keys = hsm_list_keys_repository(ctx, &key_count, repository);
343 
344  printf("%u %s found.\n\n", (unsigned int) key_count,
345  (key_count > 1 || key_count == 0 ? "keys" : "key"));
346 
347  if (!keys) {
348  return -1;
349  }
350 
351  if (key_count == 0) {
352  libhsm_key_list_free(keys, key_count);
353  return -1;
354  }
355 
356  if (!force) {
357  printf("Are you sure you want to remove ALL keys from repository %s ? (YES/NO) ", repository);
358  fresult = fgets(confirm, sizeof(confirm) - 1, stdin);
359  if (fresult == NULL || strncasecmp(confirm, "yes", 3) != 0) {
360  printf("\npurge cancelled.\n");
361  libhsm_key_list_free(keys, key_count);
362  return -1;
363  }
364  }
365  printf("\nStarting purge...\n");
366 
367  for (i = 0; i < key_count; i++) {
368  libhsm_key_info_t *key_info;
369  libhsm_key_t *key = keys[i];
370 
371  key_info = hsm_get_key_info(ctx, key);
372  result = hsm_remove_key(ctx, key);
373 
374  if (!result) {
375  printf("Key remove successful: %s\n",
376  key_info ? key_info->id : "NULL");
377  } else {
378  printf("Key remove failed: %s\n",
379  key_info ? key_info->id : "NULL");
380  final_result++;
381  }
382 
383  libhsm_key_info_free(key_info);
384  }
385  libhsm_key_list_free(keys, key_count);
386 
387  printf("Purge done.\n");
388 
389  return final_result;
390 }
391 
392 static int
393 cmd_dnskey (int argc, char *argv[])
394 {
395  char *id;
396  char *name;
397  int type;
398  int algo;
399 
400  libhsm_key_t *key = NULL;
401  ldns_rr *dnskey_rr;
402  hsm_sign_params_t *sign_params;
403 
404  if (argc != 4) {
405  usage();
406  return -1;
407  }
408 
409  id = strdup(argv[0]);
410  name = strdup(argv[1]);
411  type = atoi(argv[2]);
412  algo = atoi(argv[3]);
413 
414  key = hsm_find_key_by_id(ctx, id);
415 
416  if (!key) {
417  printf("Key not found: %s\n", id);
418  free(name);
419  free(id);
420  return -1;
421  }
422 
423  if (type != LDNS_KEY_ZONE_KEY && type != LDNS_KEY_ZONE_KEY + LDNS_KEY_SEP_KEY) {
424  printf("Invalid key type: %i\n", type);
425  printf("Please use: %i or %i\n", LDNS_KEY_ZONE_KEY, LDNS_KEY_ZONE_KEY + LDNS_KEY_SEP_KEY);
426  free(name);
427  free(id);
428  free(key);
429  return -1;
430  }
431 
432  libhsm_key_info_t *key_info = hsm_get_key_info(ctx, key);
433  switch (algo) {
434  case LDNS_SIGN_RSAMD5:
435  case LDNS_SIGN_RSASHA1:
436  case LDNS_SIGN_RSASHA1_NSEC3:
437  case LDNS_SIGN_RSASHA256:
438  case LDNS_SIGN_RSASHA512:
439  if (strcmp(key_info->algorithm_name, "RSA") != 0) {
440  printf("Not an RSA key, the key is of algorithm %s.\n", key_info->algorithm_name);
441  libhsm_key_info_free(key_info);
442  free(key);
443  free(name);
444  free(id);
445  return -1;
446  }
447  break;
448  case LDNS_SIGN_DSA:
449  case LDNS_SIGN_DSA_NSEC3:
450  if (strcmp(key_info->algorithm_name, "DSA") != 0) {
451  printf("Not a DSA key, the key is of algorithm %s.\n", key_info->algorithm_name);
452  libhsm_key_info_free(key_info);
453  free(key);
454  free(name);
455  free(id);
456  return -1;
457  }
458  break;
459  case LDNS_SIGN_ECC_GOST:
460  if (strcmp(key_info->algorithm_name, "GOST") != 0) {
461  printf("Not a GOST key, the key is of algorithm %s.\n", key_info->algorithm_name);
462  libhsm_key_info_free(key_info);
463  free(key);
464  free(name);
465  free(id);
466  return -1;
467  }
468  break;
469  case LDNS_SIGN_ECDSAP256SHA256:
470  if (strcmp(key_info->algorithm_name, "ECDSA") != 0) {
471  printf("Not an ECDSA key, the key is of algorithm %s.\n", key_info->algorithm_name);
472  libhsm_key_info_free(key_info);
473  free(key);
474  free(name);
475  free(id);
476  return -1;
477  }
478  if (key_info->keysize != 256) {
479  printf("The key is a ECDSA/%lu, expecting ECDSA/256 for this algorithm.\n", key_info->keysize);
480  libhsm_key_info_free(key_info);
481  free(key);
482  free(name);
483  free(id);
484  return -1;
485  }
486  break;
487  case LDNS_SIGN_ECDSAP384SHA384:
488  if (strcmp(key_info->algorithm_name, "ECDSA") != 0) {
489  printf("Not an ECDSA key, the key is of algorithm %s.\n", key_info->algorithm_name);
490  libhsm_key_info_free(key_info);
491  free(key);
492  free(name);
493  free(id);
494  return -1;
495  }
496  if (key_info->keysize != 384) {
497  printf("The key is a ECDSA/%lu, expecting ECDSA/384 for this algorithm.\n", key_info->keysize);
498  libhsm_key_info_free(key_info);
499  free(key);
500  free(name);
501  free(id);
502  return -1;
503  }
504  break;
505 #if (LDNS_REVISION >= ((1<<16)|(7<<8)|(0)))
506  case LDNS_SIGN_ED25519:
507  if (strcmp(key_info->algorithm_name, "EDDSA") != 0) {
508  printf("Not an EDDSA key, the key is of algorithm %s.\n", key_info->algorithm_name);
509  libhsm_key_info_free(key_info);
510  free(key);
511  free(name);
512  free(id);
513  return -1;
514  }
515  if (key_info->keysize != 255) {
516  printf("The key is EDDSA/%lu, expecting EDDSA/255 for this algorithm.\n", key_info->keysize);
517  libhsm_key_info_free(key_info);
518  free(key);
519  free(name);
520  free(id);
521  return -1;
522  }
523  break;
524  case LDNS_SIGN_ED448:
525  if (strcmp(key_info->algorithm_name, "EDDSA") != 0) {
526  printf("Not an EDDSA key, the key is of algorithm %s.\n", key_info->algorithm_name);
527  libhsm_key_info_free(key_info);
528  free(key);
529  free(name);
530  free(id);
531  return -1;
532  }
533  if (key_info->keysize != 448) {
534  printf("The key is EDDSA/%lu, expecting EDDSA/448 for this algorithm.\n", key_info->keysize);
535  libhsm_key_info_free(key_info);
536  free(key);
537  free(name);
538  free(id);
539  return -1;
540  }
541  break;
542 #endif
543  default:
544  printf("Invalid algorithm: %i\n", algo);
545  libhsm_key_info_free(key_info);
546  free(key);
547  free(name);
548  free(id);
549  return -1;
550  }
551  libhsm_key_info_free(key_info);
552 
553  sign_params = hsm_sign_params_new();
554  sign_params->algorithm = algo;
555  sign_params->flags = type;
556  sign_params->owner = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, name);
557  dnskey_rr = hsm_get_dnskey(ctx, key, sign_params);
558  sign_params->keytag = ldns_calc_keytag(dnskey_rr);
559 
560  ldns_rr_print(stdout, dnskey_rr);
561 
562  hsm_sign_params_free(sign_params);
563  ldns_rr_free(dnskey_rr);
564  libhsm_key_free(key);
565  free(name);
566  free(id);
567 
568  return 0;
569 }
570 
571 static int
572 cmd_test (int argc, char *argv[], hsm_ctx_t* ctx)
573 {
574  char *repository = NULL;
575 
576  if (argc) {
577  repository = strdup(argv[0]);
578  argc--;
579  argv++;
580 
581  printf("Testing repository: %s\n\n", repository);
582  int rv = hsm_test(repository, ctx);
583  if (repository) free(repository);
584  return rv;
585  } else {
586  usage();
587  }
588 
589  return 0;
590 }
591 
592 static int
593 cmd_info (hsm_ctx_t* ctx)
594 {
596 
597  return 0;
598 }
599 
600 static int
601 cmd_debug (hsm_ctx_t* ctx)
602 {
604 
605  return 0;
606 }
607 
608 int
609 main (int argc, char *argv[])
610 {
611  int result;
612 
613  char *config = NULL;
614 
615  int ch;
616  int force = 0;
617  progname = argv[0];
618 
619  while ((ch = getopt(argc, argv, "c:vVhf")) != -1) {
620  switch (ch) {
621  case 'c':
622  config = strdup(optarg);
623  break;
624  case 'f':
625  force = 1;
626  break;
627  case 'v':
628  verbose++;
629  break;
630  case 'V':
631  version();
632  exit(0);
633  break;
634  case 'h':
635  usage();
636  exit(0);
637  break;
638  default:
639  usage();
640  exit(1);
641  }
642  }
643  argc -= optind;
644  argv += optind;
645 
646  if (!argc) {
647  usage();
648  exit(1);
649  }
650 
651 
652  if (!strcasecmp(argv[0], "logout")) {
653  if (config) free(config);
654  exit(cmd_logout());
655  }
656 
657  result = hsm_open2(parse_conf_repositories(config?config:HSM_DEFAULT_CONFIG), hsm_prompt_pin);
658  if (result != HSM_OK) {
659  char* error = hsm_get_error(NULL);
660  if (error != NULL) {
661  fprintf(stderr,"%s\n", error);
662  free(error);
663  }
664  exit(-1);
665  }
667 
668  openlog("hsmutil", LOG_PID, LOG_USER);
669 
670  if (!strcasecmp(argv[0], "login")) {
671  argc --;
672  argv ++;
673  result = cmd_login();
674  } else if (!strcasecmp(argv[0], "list")) {
675  argc --;
676  argv ++;
677  result = cmd_list(argc, argv);
678  } else if (!strcasecmp(argv[0], "generate")) {
679  argc --;
680  argv ++;
681  result = cmd_generate(argc, argv);
682  } else if (!strcasecmp(argv[0], "remove")) {
683  argc --;
684  argv ++;
685  result = cmd_remove(argc, argv);
686  } else if (!strcasecmp(argv[0], "purge")) {
687  argc --;
688  argv ++;
689  result = cmd_purge(argc, argv, force);
690  } else if (!strcasecmp(argv[0], "dnskey")) {
691  argc --;
692  argv ++;
693  result = cmd_dnskey(argc, argv);
694  } else if (!strcasecmp(argv[0], "test")) {
695  argc --;
696  argv ++;
697  result = cmd_test(argc, argv, ctx);
698  } else if (!strcasecmp(argv[0], "info")) {
699  argc --;
700  argv ++;
701  result = cmd_info(ctx);
702  } else if (!strcasecmp(argv[0], "debug")) {
703  argc --;
704  argv ++;
705  result = cmd_debug(ctx);
706  } else {
707  usage();
708  result = -1;
709  }
710 
712  hsm_close();
713  if (config) free(config);
714 
715  closelog();
716 
717  exit(result);
718 }
ldns_algorithm algorithm
Definition: hsmspeed.c:43
int hsm_test(const char *repository, hsm_ctx_t *ctx)
Definition: hsmtest.c:109
int main(int argc, char *argv[])
Definition: hsmutil.c:609
unsigned int verbose
Definition: hsmutil.c:47
hsm_repository_t * parse_conf_repositories(const char *cfgfile)
Definition: confparser.c:51
char * progname
Definition: hsmutil.c:46
char * optarg
hsm_ctx_t * ctx
Definition: hsmutil.c:48
char * hsm_get_error(hsm_ctx_t *gctx)
Definition: libhsm.c:3512
void libhsm_key_list_free(libhsm_key_t **key_list, size_t count)
Definition: libhsm.c:3147
libhsm_key_info_t * hsm_get_key_info(hsm_ctx_t *ctx, const libhsm_key_t *key)
Definition: libhsm.c:3187
libhsm_key_t * hsm_generate_gost_key(hsm_ctx_t *ctx, const char *repository)
Definition: libhsm.c:2846
void hsm_print_error(hsm_ctx_t *gctx)
Definition: libhsm.c:3595
hsm_ctx_t * hsm_create_context()
Definition: libhsm.c:2465
int hsm_token_attached(hsm_ctx_t *ctx, const char *repository)
Definition: libhsm.c:3495
ldns_rr * hsm_get_dnskey(hsm_ctx_t *ctx, const libhsm_key_t *key, const hsm_sign_params_t *sign_params)
Definition: libhsm.c:3365
void hsm_print_key(hsm_ctx_t *ctx, libhsm_key_t *key)
Definition: libhsm.c:3569
void hsm_print_ctx(hsm_ctx_t *ctx)
Definition: libhsm.c:3558
libhsm_key_t * hsm_generate_rsa_key(hsm_ctx_t *ctx, const char *repository, unsigned long keysize)
Definition: libhsm.c:2644
libhsm_key_t * hsm_generate_ecdsa_key(hsm_ctx_t *ctx, const char *repository, const char *curve)
Definition: libhsm.c:2926
void libhsm_key_info_free(libhsm_key_info_t *key_info)
Definition: libhsm.c:3238
libhsm_key_t ** hsm_list_keys_repository(hsm_ctx_t *ctx, size_t *count, const char *repository)
Definition: libhsm.c:2598
int hsm_open2(hsm_repository_t *rlist, char *(pin_callback)(unsigned int, const char *, unsigned int))
Definition: libhsm.c:2388
libhsm_key_t ** hsm_list_keys(hsm_ctx_t *ctx, size_t *count)
Definition: libhsm.c:2572
void hsm_close()
Definition: libhsm.c:2455
libhsm_key_t * hsm_find_key_by_id(hsm_ctx_t *ctx, const char *id)
Definition: libhsm.c:2615
libhsm_key_t * hsm_generate_dsa_key(hsm_ctx_t *ctx, const char *repository, unsigned long keysize)
Definition: libhsm.c:2732
int hsm_remove_key(hsm_ctx_t *ctx, libhsm_key_t *key)
Definition: libhsm.c:3118
void hsm_print_tokeninfo(hsm_ctx_t *ctx)
Definition: libhsm.c:3610
void hsm_destroy_context(hsm_ctx_t *ctx)
Definition: libhsm.c:2530
hsm_sign_params_t * hsm_sign_params_new()
Definition: libhsm.c:2539
void libhsm_key_free(libhsm_key_t *key)
Definition: libhsm.c:2565
void hsm_sign_params_free(hsm_sign_params_t *params)
Definition: libhsm.c:2556
#define HSM_MAX_ALGONAME
Definition: libhsm.h:47
#define HSM_OK
Definition: libhsm.h:65
int hsm_logout_pin(void)
Definition: pin.c:413
char * hsm_prompt_pin(unsigned int id, const char *repository, unsigned int mode)
Definition: pin.c:228
ldns_algorithm algorithm
Definition: libhsmdns.h:36
ldns_rdf * owner
Definition: libhsmdns.h:46
uint16_t flags
Definition: libhsmdns.h:38
uint16_t keytag
Definition: libhsmdns.h:44
char * algorithm_name
Definition: libhsm.h:112
unsigned long keysize
Definition: libhsm.h:113
char * modulename
Definition: libhsm.h:103