OpenDNSSEC-signer  1.4.1
Functions
hsm.h File Reference
#include "config.h"
#include "shared/status.h"
#include "signer/keys.h"
#include <ctype.h>
#include <stdint.h>
#include <ldns/ldns.h>
#include <libhsm.h>
#include <libhsmdns.h>
Include dependency graph for hsm.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

int lhsm_open (const char *filename)
 
int lhsm_reopen (const char *filename)
 
void lhsm_check_connection (void *engine)
 
ods_status lhsm_get_key (hsm_ctx_t *ctx, ldns_rdf *owner, key_type *key_id)
 
ldns_rr * lhsm_sign (hsm_ctx_t *ctx, ldns_rr_list *rrset, key_type *key_id, ldns_rdf *owner, time_t inception, time_t expiration)
 

Function Documentation

void lhsm_check_connection ( void *  engine)

Check the HSM connection, reload engine if necessary.

Parameters
[in]enginesigner engine.

Check the HSM connection, reload engine if necessary.

Definition at line 114 of file hsm.c.

References engineconfig_struct::cfg_filename, engine_struct::config, engine_start_drudgers(), engine_stop_drudgers(), lhsm_open(), ods_log_debug(), and ods_log_warning().

ods_status lhsm_get_key ( hsm_ctx_t *  ctx,
ldns_rdf *  owner,
key_type key_id 
)

Get key from one of the HSMs, store the DNSKEY and HSM key.

Parameters
[in]ctxHSM context
[in]ownerthe zone owner name
[in]key_idkey credentials
Returns
ods_status status

Get key from one of the HSMs.

Definition at line 136 of file hsm.c.

References key_struct::algorithm, key_struct::dnskey, key_struct::flags, key_struct::hsmkey, key_struct::locator, ods_log_error(), ODS_STATUS_ASSERT_ERR, ODS_STATUS_ERR, ODS_STATUS_OK, and key_struct::params.

Referenced by lhsm_sign(), and zone_publish_dnskeys().

int lhsm_open ( const char *  filename)

Hardware Security Module support. Open HSM.

Parameters
[in]filenamethe configuration filename
Returns
int hsm status

Open HSM.

Definition at line 46 of file hsm.c.

References ods_log_crit(), ods_log_error(), and ods_log_info().

Referenced by lhsm_check_connection(), and lhsm_reopen().

int lhsm_reopen ( const char *  filename)

Reopen HSM.

Parameters
[in]filenamethe configuration filename
Returns
int hsm status

Reopen HSM.

Definition at line 71 of file hsm.c.

References lhsm_open(), and ods_log_warning().

ldns_rr* lhsm_sign ( hsm_ctx_t *  ctx,
ldns_rr_list *  rrset,
key_type key_id,
ldns_rdf *  owner,
time_t  inception,
time_t  expiration 
)

Get RRSIG from one of the HSMs, given a RRset and a key.

Parameters
[in]ctxHSM context
[in]rrsetRRset to be signed
[in]key_idkey credentials
[in]ownerowner of the keys
[in]inceptionsignature inception
[in]expirationsignature expiration
Returns
ldns_rr* RRSIG record

Get RRSIG from one of the HSMs, given a RRset and a key.

Definition at line 219 of file hsm.c.

References key_struct::algorithm, key_struct::dnskey, key_struct::flags, key_struct::hsmkey, lhsm_get_key(), key_struct::locator, ods_log_assert, ods_log_crit(), ods_log_deeebug(), ods_log_error(), ODS_STATUS_OK, and key_struct::params.

Referenced by rrset_sign().