Commit e186e6cf authored by Daniel Salzman's avatar Daniel Salzman

libdnssec: remove unused keystore listing

parent 3171f32f
......@@ -270,9 +270,6 @@ src/libdnssec/keystore/keystore.c
src/libdnssec/keystore/pkcs11.c
src/libdnssec/keystore/pkcs8.c
src/libdnssec/keytag.h
src/libdnssec/list.h
src/libdnssec/list/list.c
src/libdnssec/list/ucw_clists.h
src/libdnssec/nsec.h
src/libdnssec/nsec/bitmap.c
src/libdnssec/nsec/hash.c
......@@ -485,7 +482,6 @@ tests/libdnssec/test_keyid.c
tests/libdnssec/test_keystore_pkcs11.c
tests/libdnssec/test_keystore_pkcs8.c
tests/libdnssec/test_keytag.c
tests/libdnssec/test_list.c
tests/libdnssec/test_nsec_bitmap.c
tests/libdnssec/test_nsec_hash.c
tests/libdnssec/test_random.c
......
......@@ -53,7 +53,6 @@
- \ref keyid — DNSSEC key ID manipulation
- \ref keystore — DNSSEC private key store
- \ref keytag — DNSSEC key tag computation
- \ref list — Generic list container
- \ref nsec — NSEC and NSEC3 operations
- \ref random — Pseudo-random number generation
- \ref sign — DNSSEC signing and verification
......@@ -66,7 +65,6 @@
\defgroup keyid keyid
\defgroup keystore keystore
\defgroup keytag keytag
\defgroup list list
\defgroup nsec nsec
\defgroup random random
\defgroup sign sign
......
......@@ -34,7 +34,6 @@ include_libdnssec_HEADERS = \
libdnssec/keyid.h \
libdnssec/keystore.h \
libdnssec/keytag.h \
libdnssec/list.h \
libdnssec/nsec.h \
libdnssec/random.h \
libdnssec/sign.h \
......@@ -63,8 +62,6 @@ libdnssec_la_SOURCES = \
libdnssec/keystore/keystore.c \
libdnssec/keystore/pkcs11.c \
libdnssec/keystore/pkcs8.c \
libdnssec/list/list.c \
libdnssec/list/ucw_clists.h \
libdnssec/nsec/bitmap.c \
libdnssec/nsec/hash.c \
libdnssec/nsec/nsec.c \
......
/* Copyright (C) 2018 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
/* Copyright (C) 2019 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
......@@ -28,7 +28,6 @@
#include <libdnssec/keyid.h>
#include <libdnssec/keystore.h>
#include <libdnssec/keytag.h>
#include <libdnssec/list.h>
#include <libdnssec/nsec.h>
#include <libdnssec/random.h>
#include <libdnssec/sign.h>
......
......@@ -88,7 +88,6 @@
#include <libdnssec/binary.h>
#include <libdnssec/key.h>
#include <libdnssec/list.h>
struct dnssec_keystore;
......@@ -145,18 +144,6 @@ int dnssec_keystore_open(dnssec_keystore_t *store, const char *config);
*/
int dnssec_keystore_close(dnssec_keystore_t *store);
/*!
* Get a list of key IDs stored in the key store.
*
* \todo Not implemented.
*
* \param[in] store Key store.
* \param[out] list Resulting list of key IDs.
*
* \return Error code, DNSSEC_EOK if successful.
*/
int dnssec_keystore_list_keys(dnssec_keystore_t *store, dnssec_list_t **list);
/*!
* Generate a new key in the key store.
*
......
......@@ -22,7 +22,6 @@
#include "libdnssec/binary.h"
#include "libdnssec/key.h"
#include "libdnssec/keystore.h"
#include "libdnssec/list.h"
typedef struct keystore_functions {
// construction of internal context
......@@ -33,7 +32,6 @@ typedef struct keystore_functions {
int (*open)(void *ctx, const char *config);
int (*close)(void *ctx);
// keystore access
int (*list_keys)(void *ctx, dnssec_list_t **list);
int (*generate_key)(void *ctx, gnutls_pk_algorithm_t algorithm,
unsigned bits, char **id_ptr);
int (*import_key)(void *ctx, const dnssec_binary_t *pem, char **id_ptr);
......
......@@ -100,16 +100,6 @@ int dnssec_keystore_close(dnssec_keystore_t *store)
return store->functions->close(store->ctx);
}
_public_
int dnssec_keystore_list_keys(dnssec_keystore_t *store, dnssec_list_t **list)
{
if (!store || !list) {
return DNSSEC_EINVAL;
}
return store->functions->list_keys(store->ctx, list);
}
_public_
int dnssec_keystore_generate_key(dnssec_keystore_t *store,
dnssec_key_algorithm_t _algorithm,
......
......@@ -197,62 +197,6 @@ static int pkcs11_close(void *_ctx)
return DNSSEC_EOK;
}
static char *get_object_id(gnutls_pkcs11_obj_t object)
{
assert(object);
uint8_t buffer[DNSSEC_KEYID_BINARY_SIZE] = { 0 };
size_t size = sizeof(buffer);
int r = gnutls_pkcs11_obj_get_info(object, GNUTLS_PKCS11_OBJ_ID, buffer, &size);
if (r != GNUTLS_E_SUCCESS || size != sizeof(buffer)) {
return NULL;
}
char *id = bin_to_hex(buffer, sizeof(buffer));
if (id == NULL) {
return NULL;
}
assert(strlen(id) == DNSSEC_KEYID_SIZE);
return id;
}
static int pkcs11_list_keys(void *_ctx, dnssec_list_t **list)
{
pkcs11_ctx_t *ctx = _ctx;
dnssec_list_t *ids = dnssec_list_new();
if (!ids) {
return DNSSEC_ENOMEM;
}
gnutls_pkcs11_obj_t *objects = NULL;
unsigned count = 0;
int flags = GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY |
GNUTLS_PKCS11_OBJ_FLAG_LOGIN;
int r = gnutls_pkcs11_obj_list_import_url4(&objects, &count, ctx->url, flags);
if (r != GNUTLS_E_SUCCESS) {
dnssec_list_free(ids);
return DNSSEC_P11_TOKEN_NOT_AVAILABLE;
}
for (unsigned i = 0; i < count; i++) {
gnutls_pkcs11_obj_t object = objects[i];
char *id = get_object_id(object);
dnssec_list_append(ids, id);
gnutls_pkcs11_obj_deinit(object);
}
gnutls_free(objects);
*list = ids;
return DNSSEC_EOK;
}
static int pkcs11_generate_key(void *_ctx, gnutls_pk_algorithm_t algorithm,
unsigned bits, char **id_ptr)
{
......@@ -418,7 +362,6 @@ int dnssec_keystore_init_pkcs11(dnssec_keystore_t **store_ptr)
.init = pkcs11_init,
.open = pkcs11_open,
.close = pkcs11_close,
.list_keys = pkcs11_list_keys,
.generate_key = pkcs11_generate_key,
.import_key = pkcs11_import_key,
.remove_key = pkcs11_remove_key,
......
......@@ -239,12 +239,6 @@ static int pkcs8_close(void *ctx)
return DNSSEC_EOK;
}
static int pkcs8_list_keys(void *ctx, dnssec_list_t **list)
{
// NOT IMPLEMENTED
return DNSSEC_EOK;
}
static int pkcs8_generate_key(void *ctx, gnutls_pk_algorithm_t algorithm,
unsigned bits, char **id_ptr)
{
......@@ -421,7 +415,6 @@ int dnssec_keystore_init_pkcs8(dnssec_keystore_t **store_ptr)
.init = pkcs8_init,
.open = pkcs8_open,
.close = pkcs8_close,
.list_keys = pkcs8_list_keys,
.generate_key = pkcs8_generate_key,
.import_key = pkcs8_import_key,
.remove_key = pkcs8_remove_key,
......
/* Copyright (C) 2018 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
/*!
* \file
*
* \addtogroup list
*
* \brief DNSSEC generic lists.
*
* @{
*/
#pragma once
#include <stdbool.h>
#include <stdlib.h>
struct dnssec_list;
typedef struct dnssec_list dnssec_list_t;
struct dnssec_item;
typedef struct dnssec_item dnssec_item_t;
void *dnssec_item_get(const dnssec_item_t *item);
void dnssec_item_set(dnssec_item_t *item, void *data);
dnssec_list_t *dnssec_list_new(void);
void dnssec_list_free(dnssec_list_t *list);
typedef void (*dnssec_item_free_cb)(void *data, void *ctx);
/*!
* Free the list including contained items.
*
* If \c free_cb is NULL, standard libc \c free will used to free the items.
*
* \param list List to be freed.
* \param free_cb Free function called for each item in the list.
* \param free_ctx Context passed to item free.
*/
void dnssec_list_free_full(dnssec_list_t *list, dnssec_item_free_cb free_cb,
void *free_ctx);
void dnssec_list_clear(dnssec_list_t *list);
void dnssec_list_clear_full(dnssec_list_t *list, dnssec_item_free_cb free_cb,
void *free_ctx);
dnssec_item_t *dnssec_list_head(dnssec_list_t *list);
dnssec_item_t *dnssec_list_tail(dnssec_list_t *list);
dnssec_item_t *dnssec_list_next(dnssec_list_t *list, dnssec_item_t *item);
dnssec_item_t *dnssec_list_prev(dnssec_list_t *list, dnssec_item_t *item);
dnssec_item_t *dnssec_list_nth(dnssec_list_t *list, size_t position);
bool dnssec_list_is_empty(dnssec_list_t *list);
size_t dnssec_list_size(dnssec_list_t *list);
int dnssec_list_insert_after(dnssec_item_t *item, void *data);
int dnssec_list_insert_before(dnssec_item_t *item, void *data);
int dnssec_list_append(dnssec_list_t *list, void *data);
int dnssec_list_prepend(dnssec_list_t *list, void *data);
void dnssec_list_remove(dnssec_item_t *item);
dnssec_item_t *dnssec_list_search(dnssec_list_t *list, void *data);
bool dnssec_list_contains(dnssec_list_t *list, void *data);
#define dnssec_list_foreach(var, list) \
for (dnssec_item_t *__tmp, *var = dnssec_list_head(list); \
__tmp = dnssec_list_next(list, var), var != NULL; \
var = __tmp)
/*! @} */
/* Copyright (C) 2018 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
#include <stdlib.h>
#include "libdnssec/list.h"
#include "libdnssec/list/ucw_clists.h"
#include "libdnssec/error.h"
#include "libdnssec/shared/shared.h"
struct dnssec_list {
clist list;
};
struct dnssec_item {
cnode node;
void *data;
};
/*!
* Allocate new list item and set item data.
*/
static dnssec_item_t *item_new(void *data)
{
dnssec_item_t *item = malloc(sizeof(*item));
if (item) {
clear_struct(item);
item->data = data;
}
return item;
}
/*!
* Wrapper around libc free with unused context.
*/
static void wrap_free(void *ptr, void *ctx _unused_)
{
free(ptr);
}
/* -- public API ----------------------------------------------------------- */
_public_
void *dnssec_item_get(const dnssec_item_t *item)
{
return item ? item->data : NULL;
}
_public_
void dnssec_item_set(dnssec_item_t *item, void *data)
{
if (item) {
item->data = data;
}
}
_public_
dnssec_list_t *dnssec_list_new(void)
{
dnssec_list_t *list = malloc(sizeof(*list));
if (list) {
clist_init(&list->list);
}
return list;
}
_public_
void dnssec_list_clear(dnssec_list_t *list)
{
if (!list) {
return;
}
dnssec_list_foreach(item, list) {
free(item);
}
}
_public_
void dnssec_list_clear_full(dnssec_list_t *list, dnssec_item_free_cb free_cb,
void *free_ctx)
{
if (!list) {
return;
}
if (!free_cb) {
free_cb = wrap_free;
}
dnssec_list_foreach(item, list) {
free_cb(item->data, free_ctx);
free(item);
}
}
_public_
void dnssec_list_free(dnssec_list_t *list)
{
if (!list) {
return;
}
dnssec_list_clear(list);
free(list);
}
_public_
void dnssec_list_free_full(dnssec_list_t *list, dnssec_item_free_cb free_cb,
void *free_ctx)
{
if (!list) {
return;
}
dnssec_list_clear_full(list, free_cb, free_ctx);
free(list);
}
_public_
dnssec_item_t *dnssec_list_head(dnssec_list_t *list)
{
if (!list) {
return NULL;
}
return clist_head(&list->list);
}
_public_
dnssec_item_t *dnssec_list_tail(dnssec_list_t *list)
{
if (!list) {
return NULL;
}
return clist_tail(&list->list);
}
_public_
dnssec_item_t *dnssec_list_next(dnssec_list_t *list, dnssec_item_t *item)
{
if (!list || !item) {
return NULL;
}
return clist_next(&list->list, &item->node);
}
_public_
dnssec_item_t *dnssec_list_prev(dnssec_list_t *list, dnssec_item_t *item)
{
if (!list || !item) {
return NULL;
}
return clist_prev(&list->list, &item->node);
}
_public_
dnssec_item_t *dnssec_list_nth(dnssec_list_t *list, size_t position)
{
size_t index = 0;
dnssec_item_t *item = dnssec_list_head(list);
while (item) {
if (index == position) {
return item;
} else {
item = dnssec_list_next(list, item);
index += 1;
}
}
return NULL;
}
_public_
bool dnssec_list_is_empty(dnssec_list_t *list)
{
return !list || clist_empty(&list->list);
}
_public_
size_t dnssec_list_size(dnssec_list_t *list)
{
return list ? clist_size(&list->list) : 0;
}
_public_
int dnssec_list_insert_before(dnssec_item_t *item, void *data)
{
if (!item) {
return DNSSEC_EINVAL;
}
dnssec_item_t *add = item_new(data);
if (!add) {
return DNSSEC_ENOMEM;
}
clist_insert_before(&add->node, &item->node);
return DNSSEC_EOK;
}
_public_
int dnssec_list_insert_after(dnssec_item_t *item, void *data)
{
if (!item) {
return DNSSEC_EINVAL;
}
dnssec_item_t *add = item_new(data);
if (!add) {
return DNSSEC_ENOMEM;
}
clist_insert_after(&add->node, &item->node);
return DNSSEC_EOK;
}
_public_
int dnssec_list_append(dnssec_list_t *list, void *data)
{
if (!list) {
return DNSSEC_EINVAL;
}
dnssec_item_t *add = item_new(data);
if (!add) {
return DNSSEC_ENOMEM;
}
clist_add_tail(&list->list , &add->node);
return DNSSEC_EOK;
}
_public_
int dnssec_list_prepend(dnssec_list_t *list, void *data)
{
if (!list) {
return DNSSEC_EINVAL;
}
dnssec_item_t *add = item_new(data);
if (!add) {
return DNSSEC_ENOMEM;
}
clist_add_head(&list->list , &add->node);
return DNSSEC_EOK;
}
_public_
void dnssec_list_remove(dnssec_item_t *item)
{
if (item) {
clist_remove(&item->node);
free(item);
}
}
_public_
dnssec_item_t *dnssec_list_search(dnssec_list_t *list, void *data)
{
dnssec_list_foreach(item, list) {
if (item->data == data) {
return item;
}
}
return NULL;
}
_public_
bool dnssec_list_contains(dnssec_list_t *list, void *data)
{
return dnssec_list_search(list, data) != NULL;
}
/*
* UCW Library -- Circular Linked Lists
*
* (c) 2003--2010 Martin Mares <mj@ucw.cz>
*
* This software may be freely distributed and used according to the terms
* of the GNU Lesser General Public License.
*/
#ifndef _UCW_CLISTS_H
#define _UCW_CLISTS_H
/**
* Common header for list nodes.
**/
typedef struct cnode {
struct cnode *next, *prev;
} cnode;
/**
* Circular doubly linked list.
**/
typedef struct clist {
struct cnode head;
} clist;
/**
* Initialize a new circular linked list. Must be called before any other function.
**/
static inline void clist_init(clist *l)
{
cnode *head = &l->head;
head->next = head->prev = head;
}
/**
* Return the first node on \p l or NULL if \p l is empty.
**/
static inline void *clist_head(clist *l)
{
return (l->head.next != &l->head) ? l->head.next : NULL;
}
/**
* Return the last node on \p l or NULL if \p l is empty.
**/
static inline void *clist_tail(clist *l)
{
return (l->head.prev != &l->head) ? l->head.prev : NULL;
}
/**
* Find the next node to \p n or NULL if \p n is the last one.
**/
static inline void *clist_next(clist *l, cnode *n)
{
return (n->next != &l->head) ? (void *) n->next : NULL;
}
/**
* Find the previous node to \p n or NULL if \p n is the first one.
**/
static inline void *clist_prev(clist *l, cnode *n)
{
return (n->prev != &l->head) ? (void *) n->prev : NULL;
}
/**
* Return a non-zero value iff \p l is empty.
**/
static inline int clist_empty(clist *l)
{
return (l->head.next == &l->head);
}
/**
* Loop over all nodes in the \ref list and perform the next C statement on them. The current node is stored in \p n which must be defined before as pointer to any type.
* The list should not be changed during this loop command.
**/
#define CLIST_WALK(n,list) for(n=(void*)(list).head.next; (cnode*)(n) != &(list).head; n=(void*)((cnode*)(n))->next)
/**
* Same as \ref CLIST_WALK(), but allows removal of the current node. This macro requires one more variable to store some temporary pointers.
**/
#define CLIST_WALK_DELSAFE(n,list,tmp) for(n=(void*)(list).head.next; tmp=(void*)((cnode*)(n))->next, (cnode*)(n) != &(list).head; n=(void*)tmp)
/**
* Same as \ref CLIST_WALK(), but it defines the variable for the current node in place. \p type should be a pointer type.
**/
#define CLIST_FOR_EACH(type,n,list) for(type n=(void*)(list).head.next; (cnode*)(n) != &(list).head; n=(void*)((cnode*)(n))->next)
/**
* Same as \ref CLIST_WALK_DELSAFE(), but it defines the variable for the current node in place. \p type should be a pointer type. The temporary variable must be still known before.
**/
#define CLIST_FOR_EACH_DELSAFE(type,n,list,tmp) for(type n=(void*)(list).head.next; tmp=(void*)((cnode*)(n))->next, (cnode*)(n) != &(list).head; n=(void*)tmp)
/**
* Reversed version of \ref CLIST_FOR_EACH().
**/
#define CLIST_FOR_EACH_BACKWARDS(type,n,list) for(type n=(void*)(list).head.prev; (cnode*)(n) != &(list).head; n=(void*)((cnode*)(n))->prev)
/**
* Insert a new node just after the node \p after. To insert at the head of the list, use \ref clist_add_head() instead.
**/
static inline void clist_insert_after(cnode *what, cnode *after)
{
cnode *before = after->next;
what->next = before;
what->prev = after;
before->prev = what;
after->next = what;
}
/**
* Insert a new node just before the node \p before. To insert at the tail of the list, use \ref clist_add_tail() instead.
**/
static inline void clist_insert_before(cnode *what, cnode *before)
{
cnode *after = before->prev;
what->next = before;
what->prev = after;
before->prev = what;
after->next = what;
}
/**
* Insert a new node in front of all other nodes.
**/
static inline void clist_add_head(clist *l, cnode *n)
{
clist_insert_after(n, &l->head);
}
/**
* Insert a new node after all other nodes.
**/
static inline void clist_add_tail(clist *l, cnode *n)
{
clist_insert_before(n, &l->head);
}
/**
* Remove node \p n.
**/
static inline void clist_remove(cnode *n)
{
cnode *before = n->prev;
cnode *after = n->next;