DNSSEC: add knot_rdata_rrsig_signature() and use when possible

At some places in signing implementation usage of this function
is not possible, because we are working with plain RDATA and not
RR set.

refs #4

src/libknot/dnssec/rrset-sign.c

@@ -322,17 +322,14 @@ int knot_is_valid_signature(const knot_rrset_t *covered,
 	// identify fields in the signature being validated
 
 	uint8_t *rdata = knot_rrset_get_rdata(rrsigs, pos);
-	const knot_dname_t *signer = knot_rdata_rrsig_signer_name(rrsigs, pos);
-
-	if (!rdata || !signer) {
+	if (!rdata) {
 		return KNOT_EINVAL;
 	}
 
-	size_t header_size = RRSIG_RDATA_SIGNER_OFFSET + knot_dname_size(signer);
-	uint8_t *signature = rdata + header_size;
-	size_t signature_size = rrset_rdata_item_size(rrsigs, pos) - header_size;
-
-	if (signature_size == 0) {
+	uint8_t *signature = NULL;
+	size_t signature_size = 0;
+	knot_rdata_rrsig_signature(rrsigs, pos, &signature, &signature_size);
+	if (!signature) {
 		return KNOT_EINVAL;
 	}
 

src/libknot/rdata.h

@@ -231,6 +231,29 @@ const knot_dname_t *knot_rdata_rrsig_signer_name(const knot_rrset_t *rrset,
 	return knot_rrset_get_rdata(rrset, pos) + 18;
 }
 
+static inline
+void knot_rdata_rrsig_signature(const knot_rrset_t *rrset, size_t pos,
+                                uint8_t **signature, size_t *signature_size)
+{
+	if (!signature || !signature_size) {
+		return;
+	}
+
+	if (rrset == NULL || pos >= rrset->rdata_count) {
+		*signature = NULL;
+		*signature_size = 0;
+		return;
+	}
+
+	uint8_t *rdata = knot_rrset_get_rdata(rrset, pos);
+	uint8_t *signer = rdata + 18;
+	size_t total_size = rrset_rdata_item_size(rrset, pos);
+	size_t header_size = 18 + knot_dname_size(signer);
+
+	*signature = rdata + header_size;
+	*signature_size = total_size - header_size;
+}
+
 static inline
 uint16_t knot_rdata_dnskey_flags(const knot_rrset_t *rrset, size_t pos)
 {