Commit 0a387227 authored by Libor Peltan's avatar Libor Peltan Committed by Daniel Salzman

keymgr: share key adapted to key-params-per-zone scheme

parent e9ae838b
......@@ -472,6 +472,43 @@ int keymgr_get_key(kdnssec_ctx_t *ctx, const char *key_spec, knot_kasp_key_t **k
return KNOT_EOK;
}
int keymgr_foreign_key_id(int argc, char *argv[], const char *req_action,
knot_dname_t **key_zone, char **key_id)
{
if (argc < 1) {
printf("Key to %s - zone is not specified.\n", req_action);
return KNOT_EINVAL;
}
if (argc < 2) {
printf("Key to %s is not specified.\n", req_action);
return KNOT_EINVAL;
}
*key_zone = knot_dname_from_str_alloc(argv[0]);
if (*key_zone == NULL) {
return KNOT_ENOMEM;
}
(void)knot_dname_to_lower(*key_zone);
kdnssec_ctx_t kctx = { 0 };
int ret = kdnssec_ctx_init(conf(), &kctx, *key_zone, NULL);
if (ret != KNOT_EOK) {
printf("Failed to initialize zone %s (%s)\n", argv[0], knot_strerror(ret));
free(*key_zone);
*key_zone = NULL;
return KNOT_ENOZONE;
}
knot_kasp_key_t *key;
ret = keymgr_get_key(&kctx, argv[1], &key);
if (ret == KNOT_EOK) {
*key_id = strdup(key->id);
if (*key_id == NULL) {
ret = KNOT_ENOMEM;
}
}
kdnssec_ctx_deinit(&kctx);
return ret;
}
int keymgr_set_timing(knot_kasp_key_t *key, int argc, char *argv[])
{
knot_kasp_key_timing_t temp = key->timing;
......
......@@ -24,6 +24,9 @@ int keymgr_generate_tsig(const char *tsig_name, const char *alg_name, int bits);
int keymgr_get_key(kdnssec_ctx_t *ctx, const char *key_spec, knot_kasp_key_t **key);
int keymgr_foreign_key_id(int argc, char *argv[], const char *req_action,
knot_dname_t **key_zone, char **key_id);
int keymgr_set_timing(knot_kasp_key_t *key, int argc, char *argv[]);
int keymgr_list_keys(kdnssec_ctx_t *ctx);
......
......@@ -235,12 +235,13 @@ int main(int argc, char *argv[])
ret = keymgr_generate_ds(zone_name, key2ds);
}
} else if (strcmp(argv[4], "share") == 0) {
if (argc < 6) {
printf("Key ID is not specified.\n");
ret = KNOT_EINVAL;
goto main_end;
knot_dname_t *other_zone = NULL;
char *key_to_share = NULL;
if (keymgr_foreign_key_id(argc - 5, argv + 5, "be shared", &other_zone, &key_to_share) == KNOT_EOK) {
ret = kasp_db_share_key(*kctx.kasp_db, other_zone, kctx.zone->dname, key_to_share);
}
//ret = kasp_db_share_key(*kctx.kasp_db, zone_name, argv[5]); // TODO fix
free(other_zone);
free(key_to_share);
} else if (strcmp(argv[4], "delete") == 0) {
if (argc < 6) {
printf("Key is not specified.\n");
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment