Commit e186e6cf authored by Daniel Salzman's avatar Daniel Salzman

libdnssec: remove unused keystore listing

parent 3171f32f
...@@ -270,9 +270,6 @@ src/libdnssec/keystore/keystore.c ...@@ -270,9 +270,6 @@ src/libdnssec/keystore/keystore.c
src/libdnssec/keystore/pkcs11.c src/libdnssec/keystore/pkcs11.c
src/libdnssec/keystore/pkcs8.c src/libdnssec/keystore/pkcs8.c
src/libdnssec/keytag.h src/libdnssec/keytag.h
src/libdnssec/list.h
src/libdnssec/list/list.c
src/libdnssec/list/ucw_clists.h
src/libdnssec/nsec.h src/libdnssec/nsec.h
src/libdnssec/nsec/bitmap.c src/libdnssec/nsec/bitmap.c
src/libdnssec/nsec/hash.c src/libdnssec/nsec/hash.c
...@@ -485,7 +482,6 @@ tests/libdnssec/test_keyid.c ...@@ -485,7 +482,6 @@ tests/libdnssec/test_keyid.c
tests/libdnssec/test_keystore_pkcs11.c tests/libdnssec/test_keystore_pkcs11.c
tests/libdnssec/test_keystore_pkcs8.c tests/libdnssec/test_keystore_pkcs8.c
tests/libdnssec/test_keytag.c tests/libdnssec/test_keytag.c
tests/libdnssec/test_list.c
tests/libdnssec/test_nsec_bitmap.c tests/libdnssec/test_nsec_bitmap.c
tests/libdnssec/test_nsec_hash.c tests/libdnssec/test_nsec_hash.c
tests/libdnssec/test_random.c tests/libdnssec/test_random.c
......
...@@ -53,7 +53,6 @@ ...@@ -53,7 +53,6 @@
- \ref keyid — DNSSEC key ID manipulation - \ref keyid — DNSSEC key ID manipulation
- \ref keystore — DNSSEC private key store - \ref keystore — DNSSEC private key store
- \ref keytag — DNSSEC key tag computation - \ref keytag — DNSSEC key tag computation
- \ref list — Generic list container
- \ref nsec — NSEC and NSEC3 operations - \ref nsec — NSEC and NSEC3 operations
- \ref random — Pseudo-random number generation - \ref random — Pseudo-random number generation
- \ref sign — DNSSEC signing and verification - \ref sign — DNSSEC signing and verification
...@@ -66,7 +65,6 @@ ...@@ -66,7 +65,6 @@
\defgroup keyid keyid \defgroup keyid keyid
\defgroup keystore keystore \defgroup keystore keystore
\defgroup keytag keytag \defgroup keytag keytag
\defgroup list list
\defgroup nsec nsec \defgroup nsec nsec
\defgroup random random \defgroup random random
\defgroup sign sign \defgroup sign sign
......
...@@ -34,7 +34,6 @@ include_libdnssec_HEADERS = \ ...@@ -34,7 +34,6 @@ include_libdnssec_HEADERS = \
libdnssec/keyid.h \ libdnssec/keyid.h \
libdnssec/keystore.h \ libdnssec/keystore.h \
libdnssec/keytag.h \ libdnssec/keytag.h \
libdnssec/list.h \
libdnssec/nsec.h \ libdnssec/nsec.h \
libdnssec/random.h \ libdnssec/random.h \
libdnssec/sign.h \ libdnssec/sign.h \
...@@ -63,8 +62,6 @@ libdnssec_la_SOURCES = \ ...@@ -63,8 +62,6 @@ libdnssec_la_SOURCES = \
libdnssec/keystore/keystore.c \ libdnssec/keystore/keystore.c \
libdnssec/keystore/pkcs11.c \ libdnssec/keystore/pkcs11.c \
libdnssec/keystore/pkcs8.c \ libdnssec/keystore/pkcs8.c \
libdnssec/list/list.c \
libdnssec/list/ucw_clists.h \
libdnssec/nsec/bitmap.c \ libdnssec/nsec/bitmap.c \
libdnssec/nsec/hash.c \ libdnssec/nsec/hash.c \
libdnssec/nsec/nsec.c \ libdnssec/nsec/nsec.c \
......
/* Copyright (C) 2018 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz> /* Copyright (C) 2019 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
This program is free software: you can redistribute it and/or modify This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -28,7 +28,6 @@ ...@@ -28,7 +28,6 @@
#include <libdnssec/keyid.h> #include <libdnssec/keyid.h>
#include <libdnssec/keystore.h> #include <libdnssec/keystore.h>
#include <libdnssec/keytag.h> #include <libdnssec/keytag.h>
#include <libdnssec/list.h>
#include <libdnssec/nsec.h> #include <libdnssec/nsec.h>
#include <libdnssec/random.h> #include <libdnssec/random.h>
#include <libdnssec/sign.h> #include <libdnssec/sign.h>
......
...@@ -88,7 +88,6 @@ ...@@ -88,7 +88,6 @@
#include <libdnssec/binary.h> #include <libdnssec/binary.h>
#include <libdnssec/key.h> #include <libdnssec/key.h>
#include <libdnssec/list.h>
struct dnssec_keystore; struct dnssec_keystore;
...@@ -145,18 +144,6 @@ int dnssec_keystore_open(dnssec_keystore_t *store, const char *config); ...@@ -145,18 +144,6 @@ int dnssec_keystore_open(dnssec_keystore_t *store, const char *config);
*/ */
int dnssec_keystore_close(dnssec_keystore_t *store); int dnssec_keystore_close(dnssec_keystore_t *store);
/*!
* Get a list of key IDs stored in the key store.
*
* \todo Not implemented.
*
* \param[in] store Key store.
* \param[out] list Resulting list of key IDs.
*
* \return Error code, DNSSEC_EOK if successful.
*/
int dnssec_keystore_list_keys(dnssec_keystore_t *store, dnssec_list_t **list);
/*! /*!
* Generate a new key in the key store. * Generate a new key in the key store.
* *
......
...@@ -22,7 +22,6 @@ ...@@ -22,7 +22,6 @@
#include "libdnssec/binary.h" #include "libdnssec/binary.h"
#include "libdnssec/key.h" #include "libdnssec/key.h"
#include "libdnssec/keystore.h" #include "libdnssec/keystore.h"
#include "libdnssec/list.h"
typedef struct keystore_functions { typedef struct keystore_functions {
// construction of internal context // construction of internal context
...@@ -33,7 +32,6 @@ typedef struct keystore_functions { ...@@ -33,7 +32,6 @@ typedef struct keystore_functions {
int (*open)(void *ctx, const char *config); int (*open)(void *ctx, const char *config);
int (*close)(void *ctx); int (*close)(void *ctx);
// keystore access // keystore access
int (*list_keys)(void *ctx, dnssec_list_t **list);
int (*generate_key)(void *ctx, gnutls_pk_algorithm_t algorithm, int (*generate_key)(void *ctx, gnutls_pk_algorithm_t algorithm,
unsigned bits, char **id_ptr); unsigned bits, char **id_ptr);
int (*import_key)(void *ctx, const dnssec_binary_t *pem, char **id_ptr); int (*import_key)(void *ctx, const dnssec_binary_t *pem, char **id_ptr);
......
...@@ -100,16 +100,6 @@ int dnssec_keystore_close(dnssec_keystore_t *store) ...@@ -100,16 +100,6 @@ int dnssec_keystore_close(dnssec_keystore_t *store)
return store->functions->close(store->ctx); return store->functions->close(store->ctx);
} }
_public_
int dnssec_keystore_list_keys(dnssec_keystore_t *store, dnssec_list_t **list)
{
if (!store || !list) {
return DNSSEC_EINVAL;
}
return store->functions->list_keys(store->ctx, list);
}
_public_ _public_
int dnssec_keystore_generate_key(dnssec_keystore_t *store, int dnssec_keystore_generate_key(dnssec_keystore_t *store,
dnssec_key_algorithm_t _algorithm, dnssec_key_algorithm_t _algorithm,
......
...@@ -197,62 +197,6 @@ static int pkcs11_close(void *_ctx) ...@@ -197,62 +197,6 @@ static int pkcs11_close(void *_ctx)
return DNSSEC_EOK; return DNSSEC_EOK;
} }
static char *get_object_id(gnutls_pkcs11_obj_t object)
{
assert(object);
uint8_t buffer[DNSSEC_KEYID_BINARY_SIZE] = { 0 };
size_t size = sizeof(buffer);
int r = gnutls_pkcs11_obj_get_info(object, GNUTLS_PKCS11_OBJ_ID, buffer, &size);
if (r != GNUTLS_E_SUCCESS || size != sizeof(buffer)) {
return NULL;
}
char *id = bin_to_hex(buffer, sizeof(buffer));
if (id == NULL) {
return NULL;
}
assert(strlen(id) == DNSSEC_KEYID_SIZE);
return id;
}
static int pkcs11_list_keys(void *_ctx, dnssec_list_t **list)
{
pkcs11_ctx_t *ctx = _ctx;
dnssec_list_t *ids = dnssec_list_new();
if (!ids) {
return DNSSEC_ENOMEM;
}
gnutls_pkcs11_obj_t *objects = NULL;
unsigned count = 0;
int flags = GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY |
GNUTLS_PKCS11_OBJ_FLAG_LOGIN;
int r = gnutls_pkcs11_obj_list_import_url4(&objects, &count, ctx->url, flags);
if (r != GNUTLS_E_SUCCESS) {
dnssec_list_free(ids);
return DNSSEC_P11_TOKEN_NOT_AVAILABLE;
}
for (unsigned i = 0; i < count; i++) {
gnutls_pkcs11_obj_t object = objects[i];
char *id = get_object_id(object);
dnssec_list_append(ids, id);
gnutls_pkcs11_obj_deinit(object);
}
gnutls_free(objects);
*list = ids;
return DNSSEC_EOK;
}
static int pkcs11_generate_key(void *_ctx, gnutls_pk_algorithm_t algorithm, static int pkcs11_generate_key(void *_ctx, gnutls_pk_algorithm_t algorithm,
unsigned bits, char **id_ptr) unsigned bits, char **id_ptr)
{ {
...@@ -418,7 +362,6 @@ int dnssec_keystore_init_pkcs11(dnssec_keystore_t **store_ptr) ...@@ -418,7 +362,6 @@ int dnssec_keystore_init_pkcs11(dnssec_keystore_t **store_ptr)
.init = pkcs11_init, .init = pkcs11_init,
.open = pkcs11_open, .open = pkcs11_open,
.close = pkcs11_close, .close = pkcs11_close,
.list_keys = pkcs11_list_keys,
.generate_key = pkcs11_generate_key, .generate_key = pkcs11_generate_key,
.import_key = pkcs11_import_key, .import_key = pkcs11_import_key,
.remove_key = pkcs11_remove_key, .remove_key = pkcs11_remove_key,
......
...@@ -239,12 +239,6 @@ static int pkcs8_close(void *ctx) ...@@ -239,12 +239,6 @@ static int pkcs8_close(void *ctx)
return DNSSEC_EOK; return DNSSEC_EOK;
} }
static int pkcs8_list_keys(void *ctx, dnssec_list_t **list)
{
// NOT IMPLEMENTED
return DNSSEC_EOK;
}
static int pkcs8_generate_key(void *ctx, gnutls_pk_algorithm_t algorithm, static int pkcs8_generate_key(void *ctx, gnutls_pk_algorithm_t algorithm,
unsigned bits, char **id_ptr) unsigned bits, char **id_ptr)
{ {
...@@ -421,7 +415,6 @@ int dnssec_keystore_init_pkcs8(dnssec_keystore_t **store_ptr) ...@@ -421,7 +415,6 @@ int dnssec_keystore_init_pkcs8(dnssec_keystore_t **store_ptr)
.init = pkcs8_init, .init = pkcs8_init,
.open = pkcs8_open, .open = pkcs8_open,
.close = pkcs8_close, .close = pkcs8_close,
.list_keys = pkcs8_list_keys,
.generate_key = pkcs8_generate_key, .generate_key = pkcs8_generate_key,
.import_key = pkcs8_import_key, .import_key = pkcs8_import_key,
.remove_key = pkcs8_remove_key, .remove_key = pkcs8_remove_key,
......
/* Copyright (C) 2018 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
/*!
* \file
*
* \addtogroup list
*
* \brief DNSSEC generic lists.
*
* @{
*/
#pragma once
#include <stdbool.h>
#include <stdlib.h>
struct dnssec_list;
typedef struct dnssec_list dnssec_list_t;
struct dnssec_item;
typedef struct dnssec_item dnssec_item_t;
void *dnssec_item_get(const dnssec_item_t *item);
void dnssec_item_set(dnssec_item_t *item, void *data);
dnssec_list_t *dnssec_list_new(void);
void dnssec_list_free(dnssec_list_t *list);
typedef void (*dnssec_item_free_cb)(void *data, void *ctx);
/*!
* Free the list including contained items.
*
* If \c free_cb is NULL, standard libc \c free will used to free the items.
*
* \param list List to be freed.
* \param free_cb Free function called for each item in the list.
* \param free_ctx Context passed to item free.
*/
void dnssec_list_free_full(dnssec_list_t *list, dnssec_item_free_cb free_cb,
void *free_ctx);
void dnssec_list_clear(dnssec_list_t *list);
void dnssec_list_clear_full(dnssec_list_t *list, dnssec_item_free_cb free_cb,
void *free_ctx);
dnssec_item_t *dnssec_list_head(dnssec_list_t *list);
dnssec_item_t *dnssec_list_tail(dnssec_list_t *list);
dnssec_item_t *dnssec_list_next(dnssec_list_t *list, dnssec_item_t *item);
dnssec_item_t *dnssec_list_prev(dnssec_list_t *list, dnssec_item_t *item);
dnssec_item_t *dnssec_list_nth(dnssec_list_t *list, size_t position);
bool dnssec_list_is_empty(dnssec_list_t *list);
size_t dnssec_list_size(dnssec_list_t *list);
int dnssec_list_insert_after(dnssec_item_t *item, void *data);
int dnssec_list_insert_before(dnssec_item_t *item, void *data);
int dnssec_list_append(dnssec_list_t *list, void *data);
int dnssec_list_prepend(dnssec_list_t *list, void *data);
void dnssec_list_remove(dnssec_item_t *item);
dnssec_item_t *dnssec_list_search(dnssec_list_t *list, void *data);
bool dnssec_list_contains(dnssec_list_t *list, void *data);
#define dnssec_list_foreach(var, list) \
for (dnssec_item_t *__tmp, *var = dnssec_list_head(list); \
__tmp = dnssec_list_next(list, var), var != NULL; \
var = __tmp)
/*! @} */
/* Copyright (C) 2018 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
#include <stdlib.h>
#include "libdnssec/list.h"
#include "libdnssec/list/ucw_clists.h"
#include "libdnssec/error.h"
#include "libdnssec/shared/shared.h"
struct dnssec_list {
clist list;
};
struct dnssec_item {
cnode node;
void *data;
};
/*!
* Allocate new list item and set item data.
*/
static dnssec_item_t *item_new(void *data)
{
dnssec_item_t *item = malloc(sizeof(*item));
if (item) {
clear_struct(item);
item->data = data;
}
return item;
}
/*!
* Wrapper around libc free with unused context.
*/
static void wrap_free(void *ptr, void *ctx _unused_)
{
free(ptr);
}
/* -- public API ----------------------------------------------------------- */
_public_
void *dnssec_item_get(const dnssec_item_t *item)
{
return item ? item->data : NULL;
}
_public_
void dnssec_item_set(dnssec_item_t *item, void *data)
{
if (item) {
item->data = data;
}
}
_public_
dnssec_list_t *dnssec_list_new(void)
{
dnssec_list_t *list = malloc(sizeof(*list));
if (list) {
clist_init(&list->list);
}
return list;
}
_public_
void dnssec_list_clear(dnssec_list_t *list)
{
if (!list) {
return;
}
dnssec_list_foreach(item, list) {
free(item);
}
}
_public_
void dnssec_list_clear_full(dnssec_list_t *list, dnssec_item_free_cb free_cb,
void *free_ctx)
{
if (!list) {
return;
}
if (!free_cb) {
free_cb = wrap_free;
}
dnssec_list_foreach(item, list) {
free_cb(item->data, free_ctx);
free(item);
}
}
_public_
void dnssec_list_free(dnssec_list_t *list)
{
if (!list) {
return;
}
dnssec_list_clear(list);
free(list);
}
_public_
void dnssec_list_free_full(dnssec_list_t *list, dnssec_item_free_cb free_cb,
void *free_ctx)
{
if (!list) {
return;
}
dnssec_list_clear_full(list, free_cb, free_ctx);
free(list);
}
_public_
dnssec_item_t *dnssec_list_head(dnssec_list_t *list)
{
if (!list) {
return NULL;
}
return clist_head(&list->list);
}
_public_
dnssec_item_t *dnssec_list_tail(dnssec_list_t *list)
{
if (!list) {
return NULL;
}
return clist_tail(&list->list);
}
_public_
dnssec_item_t *dnssec_list_next(dnssec_list_t *list, dnssec_item_t *item)
{
if (!list || !item) {
return NULL;
}
return clist_next(&list->list, &item->node);
}
_public_
dnssec_item_t *dnssec_list_prev(dnssec_list_t *list, dnssec_item_t *item)
{
if (!list || !item) {
return NULL;
}
return clist_prev(&list->list, &item->node);
}
_public_
dnssec_item_t *dnssec_list_nth(dnssec_list_t *list, size_t position)
{
size_t index = 0;
dnssec_item_t *item = dnssec_list_head(list);
while (item) {
if (index == position) {
return item;
} else {
item = dnssec_list_next(list, item);
index += 1;
}
}
return NULL;
}
_public_
bool dnssec_list_is_empty(dnssec_list_t *list)
{
return !list || clist_empty(&list->list);
}
_public_
size_t dnssec_list_size(dnssec_list_t *list)
{
return list ? clist_size(&list->list) : 0;
}
_public_
int dnssec_list_insert_before(dnssec_item_t *item, void *data)
{
if (!item) {
return DNSSEC_EINVAL;
}
dnssec_item_t *add = item_new(data);
if (!add) {
return DNSSEC_ENOMEM;
}
clist_insert_before(&add->node, &item->node);
return DNSSEC_EOK;
}
_public_
int dnssec_list_insert_after(dnssec_item_t *item, void *data)
{
if (!item) {
return DNSSEC_EINVAL;
}
dnssec_item_t *add = item_new(data);
if (!add) {
return DNSSEC_ENOMEM;
}
clist_insert_after(&add->node, &item->node);
return DNSSEC_EOK;
}
_public_
int dnssec_list_append(dnssec_list_t *list, void *data)
{
if (!list) {
return DNSSEC_EINVAL;
}
dnssec_item_t *add = item_new(data);
if (!add) {
return DNSSEC_ENOMEM;
}
clist_add_tail(&list->list , &add->node);
return DNSSEC_EOK;
}
_public_
int dnssec_list_prepend(dnssec_list_t *list, void *data)
{
if (!list) {
return DNSSEC_EINVAL;
}
dnssec_item_t *add = item_new(data);
if (!add) {
return DNSSEC_ENOMEM;
}
clist_add_head(&list->list , &add->node);
return DNSSEC_EOK;
}
_public_
void dnssec_list_remove(dnssec_item_t *item)
{
if (item) {
clist_remove(&item->node);
free(item);
}
}
_public_
dnssec_item_t *dnssec_list_search(dnssec_list_t *list, void *data)
{
dnssec_list_foreach(item, list) {
if (item->data == data) {
return item;
}
}
return NULL;
}
_public_
bool dnssec_list_contains(dnssec_list_t *list, void *data)
{
return dnssec_list_search(list, data) != NULL;
}
/*
* UCW Library -- Circular Linked Lists
*
* (c) 2003--2010 Martin Mares <mj@ucw.cz>
*
* This software may be freely distributed and used according to the terms
* of the GNU Lesser General Public License.
*/
#ifndef _UCW_CLISTS_H
#define _UCW_CLISTS_H
/**
* Common header for list nodes.
**/
typedef struct cnode {
struct cnode *next, *prev;
} cnode;
/**
* Circular doubly linked list.
**/
typedef struct clist {
struct cnode head;
} clist;
/**
* Initialize a new circular linked list. Must be called before any other function.
**/
static inline void clist_init(clist *l)
{
cnode *head = &l->head;
head->next = head->prev = head;
}
/**
* Return the first node on \p l or NULL if \p l is empty.
**/
static inline void *clist_head(clist *l)
{
return (l->head.next != &l->head) ? l->head.next : NULL;
}
/**
* Return the last node on \p l or NULL if \p l is empty.
**/
static inline void *clist_tail(clist *l)
{
return (l->head.prev != &l->head) ? l->head.prev : NULL;
}
/**
* Find the next node to \p n or NULL if \p n is the last one.
**/
static inline void *clist_next(clist *l, cnode *n)
{
return (n->next != &l->head) ? (void *) n->next : NULL;
}
/**
* Find the previous node to \p n or NULL if \p n is the first one.
**/
static inline void *clist_prev(clist *l, cnode *n)
{
return (n->prev != &l->head) ? (void *) n->prev : NULL;
}
/**
* Return a non-zero value iff \p l is empty.
**/
static inline int clist_empty(clist *l)
{
return (l->head.next == &l->head);
}
/**
* Loop over all nodes in the \ref list and perform the next C statement on them. The current node is stored in \p n which must be defined before as pointer to any type.
* The list should not be changed during this loop comma