Commit b11a3348 authored by Jan Včelák's avatar Jan Včelák 🚀
Browse files

keymgr: tsig generate generic algorithm specification

parent c26b4224
......@@ -173,31 +173,14 @@ int value_tsig_algorithm(int argc, char *argv[], const parameter_t *p, void *dat
dnssec_tsig_algorithm_t *algorithm = data + p->offset;
char *input = argv[0];
struct lookup {
const char *name;
dnssec_tsig_algorithm_t algorithm;
};
static const struct lookup names[] = {
{ "md5", DNSSEC_TSIG_HMAC_MD5 },
{ "sha1", DNSSEC_TSIG_HMAC_SHA1 },
{ "sha224", DNSSEC_TSIG_HMAC_SHA224 },
{ "sha256", DNSSEC_TSIG_HMAC_SHA256 },
{ "sha384", DNSSEC_TSIG_HMAC_SHA384 },
{ "sha512", DNSSEC_TSIG_HMAC_SHA512 },
{ NULL }
};
for (const struct lookup *m = names; m->name; m++) {
if (strcasecmp(input, m->name) == 0) {
*algorithm = m->algorithm;
return 1;
}
dnssec_tsig_algorithm_t match = dnssec_tsig_algorithm_from_name(input);
if (match == DNSSEC_TSIG_UNKNOWN) {
error("Invalid value for '%s'.", p->name);
return -1;
}
error("Invalid value for '%s'.", p->name);
return -1;
*algorithm = match;
return 1;
}
int value_key_size(int argc, char *argv[], const parameter_t *p, void *data)
......
......@@ -1085,7 +1085,7 @@ static int cmd_keystore_list(int argc, char *argv[])
}
/*
* keymgr tsig generate <name> [hmac <algorithm>] [size <size>]
* keymgr tsig generate <name> [algorithm <algorithm>] [size <size>]
*/
static int cmd_tsig_generate(int argc, char *argv[])
{
......@@ -1095,20 +1095,20 @@ static int cmd_tsig_generate(int argc, char *argv[])
}
struct config {
dnssec_tsig_algorithm_t hmac;
dnssec_tsig_algorithm_t algorithm;
unsigned size;
};
static const parameter_t params[] = {
#define o(member) offsetof(struct config, member)
{ "hmac", value_tsig_algorithm, .offset = o(hmac) },
{ "size", value_key_size, .offset = o(size) },
{ "algorithm", value_tsig_algorithm, .offset = o(algorithm) },
{ "size", value_key_size, .offset = o(size) },
{ NULL }
#undef o
};
struct config config = {
.hmac = DNSSEC_TSIG_HMAC_SHA256
.algorithm = DNSSEC_TSIG_HMAC_SHA256
};
_cleanup_free_ char *name = dname_ascii_normalize_copy(argv[0]);
......@@ -1124,7 +1124,7 @@ static int cmd_tsig_generate(int argc, char *argv[])
// round up bits to bytes
config.size = (config.size + CHAR_BIT - 1) / CHAR_BIT * CHAR_BIT;
int optimal_size = dnssec_tsig_optimal_key_size(config.hmac);
int optimal_size = dnssec_tsig_optimal_key_size(config.algorithm);
assert(optimal_size > 0);
if (config.size == 0) {
......@@ -1133,7 +1133,7 @@ static int cmd_tsig_generate(int argc, char *argv[])
if (config.size != optimal_size) {
error("Notice: Optimal key size for %s is %d bits.",
dnssec_tsig_algorithm_to_name(config.hmac),
dnssec_tsig_algorithm_to_name(config.algorithm),
optimal_size);
}
......@@ -1160,7 +1160,7 @@ static int cmd_tsig_generate(int argc, char *argv[])
}
printf("%s:%s:%.*s\n",
dnssec_tsig_algorithm_to_name(config.hmac), name,
dnssec_tsig_algorithm_to_name(config.algorithm), name,
(int)key_b64.size, key_b64.data);
return 0;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment