/src/bind9/lib/dns/rdata/generic/cert_37.c

Source
/*
 * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
 *
 * SPDX-License-Identifier: MPL-2.0
 *
 * This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, you can obtain one at https://mozilla.org/MPL/2.0/.
 *
 * See the COPYRIGHT file distributed with this work for additional
 * information regarding copyright ownership.
 */

/* RFC2538 */

#ifndef RDATA_GENERIC_CERT_37_C
#define RDATA_GENERIC_CERT_37_C

#define RRTYPE_CERT_ATTRIBUTES (0)

static isc_result_t
fromtext_cert(ARGS_FROMTEXT) {
  isc_token_t token;
  dns_secalg_t secalg;
  dns_cert_t cert;

  REQUIRE(type == dns_rdatatype_cert);

  UNUSED(type);
  UNUSED(rdclass);
  UNUSED(origin);
  UNUSED(options);
  UNUSED(callbacks);

  /*
   * Cert type.
   */
  RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string,
              false));
  RETTOK(dns_cert_fromtext(&cert, &token.value.as_textregion));
  RETERR(uint16_tobuffer(cert, target));

  /*
   * Key tag.
   */
  RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_number,
              false));
  if (token.value.as_ulong > 0xffffU) {
    RETTOK(ISC_R_RANGE);
  }
  RETERR(uint16_tobuffer(token.value.as_ulong, target));

  /*
   * Algorithm.
   */
  RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string,
              false));
  RETTOK(dns_secalg_fromtext(&secalg, &token.value.as_textregion));
  RETERR(mem_tobuffer(target, &secalg, 1));

  return isc_base64_tobuffer(lexer, target, -2);
}

static isc_result_t
totext_cert(ARGS_TOTEXT) {
  isc_region_t sr;
  char buf[sizeof("64000 ")];
  unsigned int n;

  REQUIRE(rdata->type == dns_rdatatype_cert);
  REQUIRE(rdata->length != 0);

  UNUSED(tctx);

  dns_rdata_toregion(rdata, &sr);

  /*
   * Type.
   */
  n = uint16_fromregion(&sr);
  isc_region_consume(&sr, 2);
  RETERR(dns_cert_totext((dns_cert_t)n, target));
  RETERR(str_totext(" ", target));

  /*
   * Key tag.
   */
  n = uint16_fromregion(&sr);
  isc_region_consume(&sr, 2);
  snprintf(buf, sizeof(buf), "%u ", n);
  RETERR(str_totext(buf, target));

  /*
   * Algorithm.
   */
  RETERR(dns_secalg_totext(sr.base[0], target));
  isc_region_consume(&sr, 1);

  /*
   * Cert.
   */
  if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0) {
    RETERR(str_totext(" (", target));
  }
  RETERR(str_totext(tctx->linebreak, target));
  if (tctx->width == 0) { /* No splitting */
    RETERR(isc_base64_totext(&sr, 60, "", target));
  } else {
    RETERR(isc_base64_totext(&sr, tctx->width - 2, tctx->linebreak,
           target));
  }
  if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0) {
    RETERR(str_totext(" )", target));
  }
  return ISC_R_SUCCESS;
}

static isc_result_t
fromwire_cert(ARGS_FROMWIRE) {
  isc_region_t sr;

  REQUIRE(type == dns_rdatatype_cert);

  UNUSED(type);
  UNUSED(rdclass);
  UNUSED(dctx);

  isc_buffer_activeregion(source, &sr);
  if (sr.length < 6) {
    return ISC_R_UNEXPECTEDEND;
  }

  isc_buffer_forward(source, sr.length);
  return mem_tobuffer(target, sr.base, sr.length);
}

static isc_result_t
towire_cert(ARGS_TOWIRE) {
  isc_region_t sr;

  REQUIRE(rdata->type == dns_rdatatype_cert);
  REQUIRE(rdata->length != 0);

  UNUSED(cctx);

  dns_rdata_toregion(rdata, &sr);
  return mem_tobuffer(target, sr.base, sr.length);
}

static int
compare_cert(ARGS_COMPARE) {
  isc_region_t r1;
  isc_region_t r2;

  REQUIRE(rdata1->type == rdata2->type);
  REQUIRE(rdata1->rdclass == rdata2->rdclass);
  REQUIRE(rdata1->type == dns_rdatatype_cert);
  REQUIRE(rdata1->length != 0);
  REQUIRE(rdata2->length != 0);

  dns_rdata_toregion(rdata1, &r1);
  dns_rdata_toregion(rdata2, &r2);
  return isc_region_compare(&r1, &r2);
}

static isc_result_t
fromstruct_cert(ARGS_FROMSTRUCT) {
  dns_rdata_cert_t *cert = source;

  REQUIRE(type == dns_rdatatype_cert);
  REQUIRE(cert != NULL);
  REQUIRE(cert->common.rdtype == type);
  REQUIRE(cert->common.rdclass == rdclass);

  UNUSED(type);
  UNUSED(rdclass);

  RETERR(uint16_tobuffer(cert->type, target));
  RETERR(uint16_tobuffer(cert->key_tag, target));
  RETERR(uint8_tobuffer(cert->algorithm, target));

  return mem_tobuffer(target, cert->certificate, cert->length);
}

static isc_result_t
tostruct_cert(ARGS_TOSTRUCT) {
  dns_rdata_cert_t *cert = target;
  isc_region_t region;

  REQUIRE(rdata->type == dns_rdatatype_cert);
  REQUIRE(cert != NULL);
  REQUIRE(rdata->length != 0);

  DNS_RDATACOMMON_INIT(cert, rdata->type, rdata->rdclass);

  dns_rdata_toregion(rdata, &region);

  cert->type = uint16_fromregion(&region);
  isc_region_consume(&region, 2);
  cert->key_tag = uint16_fromregion(&region);
  isc_region_consume(&region, 2);
  cert->algorithm = uint8_fromregion(&region);
  isc_region_consume(&region, 1);
  cert->length = region.length;

  cert->certificate = mem_maybedup(mctx, region.base, region.length);
  cert->mctx = mctx;
  return ISC_R_SUCCESS;
}

static void
freestruct_cert(ARGS_FREESTRUCT) {
  dns_rdata_cert_t *cert = source;

  REQUIRE(cert != NULL);
  REQUIRE(cert->common.rdtype == dns_rdatatype_cert);

  if (cert->mctx == NULL) {
    return;
  }

  if (cert->certificate != NULL) {
    isc_mem_free(cert->mctx, cert->certificate);
  }
  cert->mctx = NULL;
}

static isc_result_t
additionaldata_cert(ARGS_ADDLDATA) {
  REQUIRE(rdata->type == dns_rdatatype_cert);

  UNUSED(rdata);
  UNUSED(owner);
  UNUSED(add);
  UNUSED(arg);

  return ISC_R_SUCCESS;
}

static isc_result_t
digest_cert(ARGS_DIGEST) {
  isc_region_t r;

  REQUIRE(rdata->type == dns_rdatatype_cert);

  dns_rdata_toregion(rdata, &r);

  return (digest)(arg, &r);
}

static bool
checkowner_cert(ARGS_CHECKOWNER) {
  REQUIRE(type == dns_rdatatype_cert);

  UNUSED(name);
  UNUSED(type);
  UNUSED(rdclass);
  UNUSED(wildcard);

  return true;
}

static bool
checknames_cert(ARGS_CHECKNAMES) {
  REQUIRE(rdata->type == dns_rdatatype_cert);

  UNUSED(rdata);
  UNUSED(owner);
  UNUSED(bad);

  return true;
}

static int
casecompare_cert(ARGS_COMPARE) {
  return compare_cert(rdata1, rdata2);
}
#endif /* RDATA_GENERIC_CERT_37_C */

Coverage Report

Created: 2025-11-11 07:03

Line	Count	Source
1		/*
2		* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
3		*
4		* SPDX-License-Identifier: MPL-2.0
5		*
6		* This Source Code Form is subject to the terms of the Mozilla Public
7		* License, v. 2.0. If a copy of the MPL was not distributed with this
8		* file, you can obtain one at https://mozilla.org/MPL/2.0/.
9		*
10		* See the COPYRIGHT file distributed with this work for additional
11		* information regarding copyright ownership.
12		*/
13
14		/* RFC2538 */
15
16		#ifndef RDATA_GENERIC_CERT_37_C
17		#define RDATA_GENERIC_CERT_37_C
18
19	14.7k	#define RRTYPE_CERT_ATTRIBUTES (0)
20
21		static isc_result_t
22	975	fromtext_cert(ARGS_FROMTEXT) {
23	975	isc_token_t token;
24	975	dns_secalg_t secalg;
25	975	dns_cert_t cert;
26
27	975	REQUIRE(type == dns_rdatatype_cert);
28
29	975	UNUSED(type);
30	975	UNUSED(rdclass);
31	975	UNUSED(origin);
32	975	UNUSED(options);
33	975	UNUSED(callbacks);
34
35		/*
36		* Cert type.
37		*/
38	975	RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string,
39	975	false));
40	968	RETTOK(dns_cert_fromtext(&cert, &token.value.as_textregion));
41	859	RETERR(uint16_tobuffer(cert, target));
42
43		/*
44		* Key tag.
45		*/
46	859	RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_number,
47	859	false));
48	843	if (token.value.as_ulong > 0xffffU) {
49	26	RETTOK(ISC_R_RANGE);
50	26	}
51	817	RETERR(uint16_tobuffer(token.value.as_ulong, target));
52
53		/*
54		* Algorithm.
55		*/
56	817	RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string,
57	817	false));
58	773	RETTOK(dns_secalg_fromtext(&secalg, &token.value.as_textregion));
59	765	RETERR(mem_tobuffer(target, &secalg, 1));
60
61	765	return isc_base64_tobuffer(lexer, target, -2);
62	765	}
63
64		static isc_result_t
65	3.04k	totext_cert(ARGS_TOTEXT) {
66	3.04k	isc_region_t sr;
67	3.04k	char buf[sizeof("64000 ")];
68	3.04k	unsigned int n;
69
70	3.04k	REQUIRE(rdata->type == dns_rdatatype_cert);
71	3.04k	REQUIRE(rdata->length != 0);
72
73	3.04k	UNUSED(tctx);
74
75	3.04k	dns_rdata_toregion(rdata, &sr);
76
77		/*
78		* Type.
79		*/
80	3.04k	n = uint16_fromregion(&sr);
81	3.04k	isc_region_consume(&sr, 2);
82	3.04k	RETERR(dns_cert_totext((dns_cert_t)n, target));
83	3.04k	RETERR(str_totext(" ", target));
84
85		/*
86		* Key tag.
87		*/
88	3.04k	n = uint16_fromregion(&sr);
89	3.04k	isc_region_consume(&sr, 2);
90	3.04k	snprintf(buf, sizeof(buf), "%u ", n);
91	3.04k	RETERR(str_totext(buf, target));
92
93		/*
94		* Algorithm.
95		*/
96	3.04k	RETERR(dns_secalg_totext(sr.base[0], target));
97	3.04k	isc_region_consume(&sr, 1);
98
99		/*
100		* Cert.
101		*/
102	3.04k	if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0) {
103	37	RETERR(str_totext(" (", target));
104	37	}
105	3.04k	RETERR(str_totext(tctx->linebreak, target));
106	3.04k	if (tctx->width == 0) { /* No splitting */
107	0	RETERR(isc_base64_totext(&sr, 60, "", target));
108	3.04k	} else {
109	3.04k	RETERR(isc_base64_totext(&sr, tctx->width - 2, tctx->linebreak,
110	3.04k	target));
111	3.04k	}
112	3.04k	if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0) {
113	37	RETERR(str_totext(" )", target));
114	37	}
115	3.04k	return ISC_R_SUCCESS;
116	3.04k	}
117
118		static isc_result_t
119	3.63k	fromwire_cert(ARGS_FROMWIRE) {
120	3.63k	isc_region_t sr;
121
122	3.63k	REQUIRE(type == dns_rdatatype_cert);
123
124	3.63k	UNUSED(type);
125	3.63k	UNUSED(rdclass);
126	3.63k	UNUSED(dctx);
127
128	3.63k	isc_buffer_activeregion(source, &sr);
129	3.63k	if (sr.length < 6) {
130	12	return ISC_R_UNEXPECTEDEND;
131	12	}
132
133	3.61k	isc_buffer_forward(source, sr.length);
134	3.61k	return mem_tobuffer(target, sr.base, sr.length);
135	3.63k	}
136
137		static isc_result_t
138	1.54k	towire_cert(ARGS_TOWIRE) {
139	1.54k	isc_region_t sr;
140
141	1.54k	REQUIRE(rdata->type == dns_rdatatype_cert);
142	1.54k	REQUIRE(rdata->length != 0);
143
144	1.54k	UNUSED(cctx);
145
146	1.54k	dns_rdata_toregion(rdata, &sr);
147	1.54k	return mem_tobuffer(target, sr.base, sr.length);
148	1.54k	}
149
150		static int
151	1.47k	compare_cert(ARGS_COMPARE) {
152	1.47k	isc_region_t r1;
153	1.47k	isc_region_t r2;
154
155	1.47k	REQUIRE(rdata1->type == rdata2->type);
156	1.47k	REQUIRE(rdata1->rdclass == rdata2->rdclass);
157	1.47k	REQUIRE(rdata1->type == dns_rdatatype_cert);
158	1.47k	REQUIRE(rdata1->length != 0);
159	1.47k	REQUIRE(rdata2->length != 0);
160
161	1.47k	dns_rdata_toregion(rdata1, &r1);
162	1.47k	dns_rdata_toregion(rdata2, &r2);
163	1.47k	return isc_region_compare(&r1, &r2);
164	1.47k	}
165
166		static isc_result_t
167	0	fromstruct_cert(ARGS_FROMSTRUCT) {
168	0	dns_rdata_cert_t *cert = source;
169
170	0	REQUIRE(type == dns_rdatatype_cert);
171	0	REQUIRE(cert != NULL);
172	0	REQUIRE(cert->common.rdtype == type);
173	0	REQUIRE(cert->common.rdclass == rdclass);
174
175	0	UNUSED(type);
176	0	UNUSED(rdclass);
177
178	0	RETERR(uint16_tobuffer(cert->type, target));
179	0	RETERR(uint16_tobuffer(cert->key_tag, target));
180	0	RETERR(uint8_tobuffer(cert->algorithm, target));
181
182	0	return mem_tobuffer(target, cert->certificate, cert->length);
183	0	}
184
185		static isc_result_t
186	0	tostruct_cert(ARGS_TOSTRUCT) {
187	0	dns_rdata_cert_t *cert = target;
188	0	isc_region_t region;
189
190	0	REQUIRE(rdata->type == dns_rdatatype_cert);
191	0	REQUIRE(cert != NULL);
192	0	REQUIRE(rdata->length != 0);
193
194	0	DNS_RDATACOMMON_INIT(cert, rdata->type, rdata->rdclass);
195
196	0	dns_rdata_toregion(rdata, &region);
197
198	0	cert->type = uint16_fromregion(&region);
199	0	isc_region_consume(&region, 2);
200	0	cert->key_tag = uint16_fromregion(&region);
201	0	isc_region_consume(&region, 2);
202	0	cert->algorithm = uint8_fromregion(&region);
203	0	isc_region_consume(&region, 1);
204	0	cert->length = region.length;
205
206	0	cert->certificate = mem_maybedup(mctx, region.base, region.length);
207	0	cert->mctx = mctx;
208	0	return ISC_R_SUCCESS;
209	0	}
210
211		static void
212	0	freestruct_cert(ARGS_FREESTRUCT) {
213	0	dns_rdata_cert_t *cert = source;
214
215	0	REQUIRE(cert != NULL);
216	0	REQUIRE(cert->common.rdtype == dns_rdatatype_cert);
217
218	0	if (cert->mctx == NULL) {
219	0	return;
220	0	}
221
222	0	if (cert->certificate != NULL) {
223	0	isc_mem_free(cert->mctx, cert->certificate);
224	0	}
225	0	cert->mctx = NULL;
226	0	}
227
228		static isc_result_t
229	0	additionaldata_cert(ARGS_ADDLDATA) {
230	0	REQUIRE(rdata->type == dns_rdatatype_cert);
231
232	0	UNUSED(rdata);
233	0	UNUSED(owner);
234	0	UNUSED(add);
235	0	UNUSED(arg);
236
237	0	return ISC_R_SUCCESS;
238	0	}
239
240		static isc_result_t
241	0	digest_cert(ARGS_DIGEST) {
242	0	isc_region_t r;
243
244	0	REQUIRE(rdata->type == dns_rdatatype_cert);
245
246	0	dns_rdata_toregion(rdata, &r);
247
248	0	return (digest)(arg, &r);
249	0	}
250
251		static bool
252	0	checkowner_cert(ARGS_CHECKOWNER) {
253	0	REQUIRE(type == dns_rdatatype_cert);
254
255	0	UNUSED(name);
256	0	UNUSED(type);
257	0	UNUSED(rdclass);
258	0	UNUSED(wildcard);
259
260	0	return true;
261	0	}
262
263		static bool
264	0	checknames_cert(ARGS_CHECKNAMES) {
265	0	REQUIRE(rdata->type == dns_rdatatype_cert);
266
267	0	UNUSED(rdata);
268	0	UNUSED(owner);
269	0	UNUSED(bad);
270
271	0	return true;
272	0	}
273
274		static int
275	0	casecompare_cert(ARGS_COMPARE) {
276	0	return compare_cert(rdata1, rdata2);
277	0	}
278		#endif /* RDATA_GENERIC_CERT_37_C */