00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013 #include <ldns/config.h>
00014
00015 #include <ldns/ldns.h>
00016
00017 #ifdef HAVE_SSL
00018 #include <openssl/ssl.h>
00019 #endif
00020
00021 ldns_lookup_table ldns_signing_algorithms[] = {
00022 { LDNS_SIGN_RSAMD5, "RSAMD5" },
00023 { LDNS_SIGN_RSASHA1, "RSASHA1" },
00024 { LDNS_SIGN_DSA, "DSAMD5" },
00025 { LDNS_SIGN_HMACMD5, "hmac-md5.sig-alg.reg.int" },
00026 { 0, NULL }
00027 };
00028
00029 #ifdef HAVE_SSL
00030 ldns_key_list *
00031 ldns_key_list_new()
00032 {
00033 ldns_key_list *key_list = LDNS_MALLOC(ldns_key_list);
00034 if (!key_list) {
00035 return NULL;
00036 } else {
00037 key_list->_key_count = 0;
00038 key_list->_keys = NULL;
00039 return key_list;
00040 }
00041 }
00042
00043 ldns_key *
00044 ldns_key_new()
00045 {
00046 ldns_key *newkey;
00047
00048 newkey = LDNS_MALLOC(ldns_key);
00049 if (!newkey) {
00050 return NULL;
00051 } else {
00052
00053 ldns_key_set_flags(newkey, LDNS_KEY_ZONE_KEY);
00054 ldns_key_set_origttl(newkey, 0);
00055 ldns_key_set_keytag(newkey, 0);
00056 ldns_key_set_inception(newkey, 0);
00057 ldns_key_set_expiration(newkey, 0);
00058 ldns_key_set_pubkey_owner(newkey, NULL);
00059 ldns_key_set_rsa_key(newkey, NULL);
00060 ldns_key_set_dsa_key(newkey, NULL);
00061 ldns_key_set_hmac_key(newkey, NULL);
00062 return newkey;
00063 }
00064 }
00065
00066 ldns_status
00067 ldns_key_new_frm_fp(ldns_key **k, FILE *fp)
00068 {
00069 return ldns_key_new_frm_fp_l(k, fp, NULL);
00070 }
00071
00072 ldns_status
00073 ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr)
00074 {
00075 ldns_key *k;
00076 char *d;
00077 ldns_signing_algorithm alg;
00078 ldns_rr *key_rr;
00079
00080 k = ldns_key_new();
00081
00082 d = LDNS_XMALLOC(char, LDNS_MAX_LINELEN);
00083 if (!k || !d) {
00084 return LDNS_STATUS_MEM_ERR;
00085 }
00086
00087 alg = 0;
00088
00089
00090
00091
00092
00093
00094
00095
00096 if (ldns_fget_keyword_data_l(fp, "Private-key-format", ": ", d, "\n",
00097 LDNS_MAX_LINELEN, line_nr) == -1) {
00098
00099 return LDNS_STATUS_SYNTAX_ERR;
00100 }
00101 if (strncmp(d, "v1.2", strlen(d)) != 0) {
00102 return LDNS_STATUS_SYNTAX_VERSION_ERR;
00103 }
00104
00105
00106
00107 if (ldns_fget_keyword_data_l(fp, "Algorithm", ": ", d, "\n",
00108 LDNS_MAX_LINELEN, line_nr) == -1) {
00109
00110 return LDNS_STATUS_SYNTAX_ALG_ERR;
00111 }
00112
00113 if (strncmp(d, "1 RSA", 2) == 0) {
00114 alg = LDNS_SIGN_RSAMD5;
00115 }
00116 if (strncmp(d, "3 DSA", 2) == 0) {
00117 alg = LDNS_SIGN_DSA;
00118 }
00119 if (strncmp(d, "5 RSASHA1", 2) == 0) {
00120 alg = LDNS_SIGN_RSASHA1;
00121 }
00122
00123 LDNS_FREE(d);
00124
00125 switch(alg) {
00126 case 0:
00127 default:
00128 return LDNS_STATUS_SYNTAX_ALG_ERR;
00129 case LDNS_SIGN_RSAMD5:
00130 case LDNS_SIGN_RSASHA1:
00131
00132 ldns_key_set_algorithm(k, alg);
00133 ldns_key_set_rsa_key(k, ldns_key_new_frm_fp_rsa_l(fp, line_nr));
00134
00135 break;
00136 case LDNS_SIGN_DSA:
00137 ldns_key_set_algorithm(k, alg);
00138 ldns_key_set_dsa_key(k, ldns_key_new_frm_fp_dsa_l(fp, line_nr));
00139 break;
00140 }
00141
00142 key_rr = ldns_key2rr(k);
00143 ldns_key_set_keytag(k, ldns_calc_keytag(key_rr));
00144 ldns_rr_free(key_rr);
00145 if (key) {
00146 *key = k;
00147 return LDNS_STATUS_OK;
00148 }
00149 return LDNS_STATUS_ERR;
00150 }
00151
00152 RSA *
00153 ldns_key_new_frm_fp_rsa(FILE *f)
00154 {
00155 return ldns_key_new_frm_fp_rsa_l(f, NULL);
00156 }
00157
00158 RSA *
00159 ldns_key_new_frm_fp_rsa_l(FILE *f, int *line_nr)
00160 {
00161
00162
00163
00164
00165
00166
00167
00168
00169
00170
00171
00172
00173
00174
00175
00176
00177
00178
00179
00180
00181
00182
00183
00184
00185
00186 char *d;
00187 RSA *rsa;
00188 uint8_t *buf;
00189 int i;
00190
00191 d = LDNS_XMALLOC(char, LDNS_MAX_LINELEN);
00192 buf = LDNS_XMALLOC(uint8_t, LDNS_MAX_LINELEN);
00193 rsa = RSA_new();
00194 if (!d || !rsa || !buf) {
00195 return NULL;
00196 }
00197
00198
00199
00200
00201
00202
00203 if (ldns_fget_keyword_data_l(f, "Modulus", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
00204 goto error;
00205 }
00206 i = b64_pton((const char*)d, buf, b64_ntop_calculate_size(strlen(d)));
00207 rsa->n = BN_bin2bn((const char unsigned*)buf, i, NULL);
00208 if (!rsa->n) {
00209 goto error;
00210 }
00211
00212
00213 if (ldns_fget_keyword_data_l(f, "PublicExponent", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
00214 goto error;
00215 }
00216 i = b64_pton((const char*)d, buf, b64_ntop_calculate_size(strlen(d)));
00217 rsa->e = BN_bin2bn((const char unsigned*)buf, i, NULL);
00218 if (!rsa->e) {
00219 goto error;
00220 }
00221
00222
00223 if (ldns_fget_keyword_data_l(f, "PrivateExponent", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
00224 goto error;
00225 }
00226 i = b64_pton((const char*)d, buf, b64_ntop_calculate_size(strlen(d)));
00227 rsa->d = BN_bin2bn((const char unsigned*)buf, i, NULL);
00228 if (!rsa->d) {
00229 goto error;
00230 }
00231
00232
00233 if (ldns_fget_keyword_data_l(f, "Prime1", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
00234 goto error;
00235 }
00236 i = b64_pton((const char*)d, buf, b64_ntop_calculate_size(strlen(d)));
00237 rsa->p = BN_bin2bn((const char unsigned*)buf, i, NULL);
00238 if (!rsa->p) {
00239 goto error;
00240 }
00241
00242
00243 if (ldns_fget_keyword_data_l(f, "Prime2", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
00244 goto error;
00245 }
00246 i = b64_pton((const char*)d, buf, b64_ntop_calculate_size(strlen(d)));
00247 rsa->q = BN_bin2bn((const char unsigned*)buf, i, NULL);
00248 if (!rsa->q) {
00249 goto error;
00250 }
00251
00252
00253 if (ldns_fget_keyword_data_l(f, "Exponent1", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
00254 goto error;
00255 }
00256 i = b64_pton((const char*)d, buf, b64_ntop_calculate_size(strlen(d)));
00257 rsa->dmp1 = BN_bin2bn((const char unsigned*)buf, i, NULL);
00258 if (!rsa->dmp1) {
00259 goto error;
00260 }
00261
00262
00263 if (ldns_fget_keyword_data_l(f, "Exponent2", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
00264 goto error;
00265 }
00266 i = b64_pton((const char*)d, buf, b64_ntop_calculate_size(strlen(d)));
00267 rsa->dmq1 = BN_bin2bn((const char unsigned*)buf, i, NULL);
00268 if (!rsa->dmq1) {
00269 goto error;
00270 }
00271
00272
00273 if (ldns_fget_keyword_data_l(f, "Coefficient", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
00274 goto error;
00275 }
00276 i = b64_pton((const char*)d, buf, b64_ntop_calculate_size(strlen(d)));
00277 rsa->iqmp = BN_bin2bn((const char unsigned*)buf, i, NULL);
00278 if (!rsa->iqmp) {
00279 goto error;
00280 }
00281
00282 LDNS_FREE(buf);
00283 LDNS_FREE(d);
00284 return rsa;
00285
00286 error:
00287 LDNS_FREE(d);
00288 LDNS_FREE(buf);
00289 return NULL;
00290 }
00291
00292 DSA *
00293 ldns_key_new_frm_fp_dsa(FILE *f)
00294 {
00295 return ldns_key_new_frm_fp_dsa_l(f, NULL);
00296 }
00297
00298 DSA *
00299 ldns_key_new_frm_fp_dsa_l(FILE *f, int *line_nr)
00300 {
00301 int i;
00302 char *d;
00303 DSA *dsa;
00304 uint8_t *buf;
00305
00306 line_nr = line_nr;
00307
00308 d = LDNS_XMALLOC(char, LDNS_MAX_LINELEN);
00309 buf = LDNS_XMALLOC(uint8_t, LDNS_MAX_LINELEN);
00310 dsa = DSA_new();
00311 if (!d || !dsa) {
00312 return NULL;
00313 }
00314
00315
00316
00317
00318 if (ldns_fget_keyword_data_l(f, "Primep", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
00319 goto error;
00320 }
00321 i = b64_pton((const char*)d, buf, b64_ntop_calculate_size(strlen(d)));
00322 dsa->p = BN_bin2bn((const char unsigned*)buf, i, NULL);
00323 if (!dsa->p) {
00324 goto error;
00325 }
00326
00327
00328 if (ldns_fget_keyword_data_l(f, "Subprimeq", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
00329 goto error;
00330 }
00331 i = b64_pton((const char*)d, buf, b64_ntop_calculate_size(strlen(d)));
00332 dsa->q = BN_bin2bn((const char unsigned*)buf, i, NULL);
00333 if (!dsa->q) {
00334 goto error;
00335 }
00336
00337
00338 if (ldns_fget_keyword_data_l(f, "Baseg", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
00339 goto error;
00340 }
00341 i = b64_pton((const char*)d, buf, b64_ntop_calculate_size(strlen(d)));
00342 dsa->g = BN_bin2bn((const char unsigned*)buf, i, NULL);
00343 if (!dsa->g) {
00344 goto error;
00345 }
00346
00347
00348 if (ldns_fget_keyword_data_l(f, "Private_valuex", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
00349 goto error;
00350 }
00351 i = b64_pton((const char*)d, buf, b64_ntop_calculate_size(strlen(d)));
00352 dsa->priv_key = BN_bin2bn((const char unsigned*)buf, i, NULL);
00353 if (!dsa->priv_key) {
00354 goto error;
00355 }
00356
00357
00358 if (ldns_fget_keyword_data_l(f, "Public_valuey", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
00359 goto error;
00360 }
00361 i = b64_pton((const char*)d, buf, b64_ntop_calculate_size(strlen(d)));
00362 dsa->pub_key = BN_bin2bn((const char unsigned*)buf, i, NULL);
00363 if (!dsa->pub_key) {
00364 goto error;
00365 }
00366
00367 LDNS_FREE(buf);
00368 LDNS_FREE(d);
00369
00370 return dsa;
00371
00372 error:
00373 LDNS_FREE(d);
00374 LDNS_FREE(buf);
00375 return NULL;
00376 }
00377
00378 ldns_key *
00379 ldns_key_new_frm_algorithm(ldns_signing_algorithm alg, uint16_t size)
00380 {
00381 ldns_key *k;
00382 DSA *d;
00383 RSA *r;
00384
00385 k = ldns_key_new();
00386 if (!k) {
00387 return NULL;
00388 }
00389 switch(alg) {
00390 case LDNS_SIGN_RSAMD5:
00391 case LDNS_SIGN_RSASHA1:
00392 r = RSA_generate_key((int)size, RSA_3, NULL, NULL);
00393 if (RSA_check_key(r) != 1) {
00394 return NULL;
00395 }
00396 ldns_key_set_rsa_key(k, r);
00397 break;
00398 case LDNS_SIGN_DSA:
00399 d = DSA_generate_parameters((int)size, NULL, 0, NULL, NULL, NULL, NULL);
00400 if (!d) {
00401 return NULL;
00402 }
00403 if (DSA_generate_key(d) != 1) {
00404 return NULL;
00405 }
00406 ldns_key_set_dsa_key(k, d);
00407 break;
00408 case LDNS_SIGN_HMACMD5:
00409
00410 break;
00411 }
00412 ldns_key_set_algorithm(k, alg);
00413 return k;
00414 }
00415
00416 void
00417 ldns_key_print(FILE *output, const ldns_key *k)
00418 {
00419 char *str = ldns_key2str(k);
00420 if (str) {
00421 fprintf(output, "%s", str);
00422 } else {
00423 fprintf(output, "Unable to convert private key to string\n");
00424 }
00425 LDNS_FREE(str);
00426 }
00427
00428
00429 void
00430 ldns_key_set_algorithm(ldns_key *k, ldns_signing_algorithm l)
00431 {
00432 k->_alg = l;
00433 }
00434
00435 void
00436 ldns_key_set_flags(ldns_key *k, uint16_t f)
00437 {
00438 k->_extra.dnssec.flags = f;
00439 }
00440
00441 void
00442 ldns_key_set_rsa_key(ldns_key *k, RSA *r)
00443 {
00444 k->_key.rsa = r;
00445 }
00446
00447 void
00448 ldns_key_set_dsa_key(ldns_key *k, DSA *d)
00449 {
00450 k->_key.dsa = d;
00451 }
00452
00453 void
00454 ldns_key_set_hmac_key(ldns_key *k, unsigned char *hmac)
00455 {
00456 k->_key.hmac = hmac;
00457 }
00458
00459 void
00460 ldns_key_set_origttl(ldns_key *k, uint32_t t)
00461 {
00462 k->_extra.dnssec.orig_ttl = t;
00463 }
00464
00465 void
00466 ldns_key_set_inception(ldns_key *k, uint32_t i)
00467 {
00468 k->_extra.dnssec.inception = i;
00469 }
00470
00471 void
00472 ldns_key_set_expiration(ldns_key *k, uint32_t e)
00473 {
00474 k->_extra.dnssec.expiration = e;
00475 }
00476
00477 void
00478 ldns_key_set_pubkey_owner(ldns_key *k, ldns_rdf *r)
00479 {
00480 k->_pubkey_owner = r;
00481 }
00482
00483 void
00484 ldns_key_set_keytag(ldns_key *k, uint16_t tag)
00485 {
00486 k->_extra.dnssec.keytag = tag;
00487 }
00488
00489
00490 size_t
00491 ldns_key_list_key_count(const ldns_key_list *key_list)
00492 {
00493 return key_list->_key_count;
00494 }
00495
00496 ldns_key *
00497 ldns_key_list_key(const ldns_key_list *key, size_t nr)
00498 {
00499 if (nr < ldns_key_list_key_count(key)) {
00500 return key->_keys[nr];
00501 } else {
00502 return NULL;
00503 }
00504 }
00505
00506 ldns_signing_algorithm
00507 ldns_key_algorithm(const ldns_key *k)
00508 {
00509 return k->_alg;
00510 }
00511
00512 RSA *
00513 ldns_key_rsa_key(const ldns_key *k)
00514 {
00515 return k->_key.rsa;
00516 }
00517
00518 DSA *
00519 ldns_key_dsa_key(const ldns_key *k)
00520 {
00521 return k->_key.dsa;
00522 }
00523
00524 unsigned char *
00525 ldns_key_hmac_key(const ldns_key *k)
00526 {
00527 return k->_key.hmac;
00528 }
00529
00530 uint32_t
00531 ldns_key_origttl(const ldns_key *k)
00532 {
00533 return k->_extra.dnssec.orig_ttl;
00534 }
00535
00536 uint16_t
00537 ldns_key_flags(const ldns_key *k)
00538 {
00539 return k->_extra.dnssec.flags;
00540 }
00541
00542 uint32_t
00543 ldns_key_inception(const ldns_key *k)
00544 {
00545 return k->_extra.dnssec.inception;
00546 }
00547
00548 uint32_t
00549 ldns_key_expiration(const ldns_key *k)
00550 {
00551 return k->_extra.dnssec.expiration;
00552 }
00553
00554 uint16_t
00555 ldns_key_keytag(const ldns_key *k)
00556 {
00557 return k->_extra.dnssec.keytag;
00558 }
00559
00560 ldns_rdf *
00561 ldns_key_pubkey_owner(const ldns_key *k)
00562 {
00563 return k->_pubkey_owner;
00564 }
00565
00566
00567 void
00568 ldns_key_list_set_key_count(ldns_key_list *key, size_t count)
00569 {
00570 key->_key_count = count;
00571 }
00572
00573 bool
00574 ldns_key_list_push_key(ldns_key_list *key_list, ldns_key *key)
00575 {
00576 size_t key_count;
00577 ldns_key **keys;
00578
00579 key_count = ldns_key_list_key_count(key_list);
00580 keys = key_list->_keys;
00581
00582
00583 keys = LDNS_XREALLOC(
00584 key_list->_keys, ldns_key *, key_count + 1);
00585 if (!keys) {
00586 return false;
00587 }
00588
00589
00590 key_list->_keys = keys;
00591 key_list->_keys[key_count] = key;
00592
00593 ldns_key_list_set_key_count(key_list, key_count + 1);
00594 return true;
00595 }
00596
00597 ldns_key *
00598 ldns_key_list_pop_key(ldns_key_list *key_list)
00599 {
00600 size_t key_count;
00601 ldns_key *pop;
00602
00603 if (!key_list) {
00604 return NULL;
00605 }
00606
00607 key_count = ldns_key_list_key_count(key_list);
00608 if (key_count == 0) {
00609 return NULL;
00610 }
00611
00612 pop = ldns_key_list_key(key_list, key_count);
00613
00614
00615 key_list->_keys = LDNS_XREALLOC(
00616 key_list->_keys, ldns_key *, key_count - 1);
00617
00618 ldns_key_list_set_key_count(key_list, key_count - 1);
00619
00620 return pop;
00621 }
00622
00623 static bool
00624 ldns_key_rsa2bin(unsigned char *data, RSA *k, uint16_t *size)
00625 {
00626 int i,j;
00627
00628 if (!k) {
00629 return false;
00630 }
00631
00632 if (BN_num_bytes(k->e) <= 256) {
00633
00634
00635
00636 data[0] = (unsigned char) BN_num_bytes(k->e);
00637 i = BN_bn2bin(k->e, data + 1);
00638 j = BN_bn2bin(k->n, data + i + 1);
00639 *size = (uint16_t) i + j;
00640 } else if (BN_num_bytes(k->e) <= 65536) {
00641 data[0] = 0;
00642
00643 ldns_write_uint16(data + 1, (uint16_t) BN_num_bytes(k->e));
00644
00645 BN_bn2bin(k->e, data + 3);
00646 BN_bn2bin(k->n, data + 4 + BN_num_bytes(k->e));
00647 *size = (uint16_t) BN_num_bytes(k->n) + 6;
00648 } else {
00649 return false;
00650 }
00651 return true;
00652 }
00653
00654 static bool
00655 ldns_key_dsa2bin(unsigned char *data, DSA *k, uint16_t *size)
00656 {
00657 uint8_t T;
00658
00659 if (!k) {
00660 return false;
00661 }
00662
00663
00664 *size = (uint16_t)BN_num_bytes(k->g);
00665 T = (*size - 64) / 8;
00666 memcpy(data, &T, 1);
00667
00668 if (T > 8) {
00669 return false;
00670 }
00671
00672
00673 data[0] = (unsigned char)T;
00674 BN_bn2bin(k->q, data + 1 );
00675 BN_bn2bin(k->p, data + 21 );
00676 BN_bn2bin(k->g, data + 21 + *size);
00677 BN_bn2bin(k->pub_key, data + 21 + *size + *size);
00678 *size = 20 + (*size * 3);
00679 return true;
00680 }
00681
00682 ldns_rr *
00683 ldns_key2rr(const ldns_key *k)
00684 {
00685
00686
00687
00688
00689
00690 ldns_rr *pubkey;
00691 ldns_rdf *keybin;
00692 unsigned char *bin;
00693 uint16_t size;
00694
00695 pubkey = ldns_rr_new();
00696 if (!k) {
00697 return NULL;
00698 }
00699
00700 bin = LDNS_XMALLOC(unsigned char, LDNS_MAX_KEYLEN);
00701 if (!bin) {
00702 return NULL;
00703 }
00704
00705 ldns_rr_set_type(pubkey, LDNS_RR_TYPE_DNSKEY);
00706
00707 ldns_rr_push_rdf(pubkey,
00708 ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16,
00709 ldns_key_flags(k)));
00710
00711 ldns_rr_push_rdf(pubkey,
00712 ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, LDNS_DNSSEC_KEYPROTO));
00713
00714 if (ldns_key_pubkey_owner(k)) {
00715 ldns_rr_set_owner(pubkey, ldns_rdf_clone(ldns_key_pubkey_owner(k)));
00716 }
00717
00718
00719 switch(ldns_key_algorithm(k)) {
00720 case LDNS_SIGN_RSAMD5:
00721 ldns_rr_push_rdf(pubkey,
00722 ldns_native2rdf_int8(LDNS_RDF_TYPE_ALG, LDNS_RSAMD5));
00723 if (!ldns_key_rsa2bin(bin, ldns_key_rsa_key(k), &size)) {
00724 return NULL;
00725 }
00726 break;
00727 case LDNS_SIGN_RSASHA1:
00728 ldns_rr_push_rdf(pubkey,
00729 ldns_native2rdf_int8(LDNS_RDF_TYPE_ALG, LDNS_RSASHA1));
00730 if (!ldns_key_rsa2bin(bin, ldns_key_rsa_key(k), &size)) {
00731 return NULL;
00732 }
00733 break;
00734 case LDNS_SIGN_DSA:
00735 ldns_rr_push_rdf(pubkey,
00736 ldns_native2rdf_int8(LDNS_RDF_TYPE_ALG, LDNS_DSA));
00737 if (!ldns_key_dsa2bin(bin, ldns_key_dsa_key(k), &size)) {
00738 return NULL;
00739 }
00740 break;
00741 case LDNS_SIGN_HMACMD5:
00742
00743 break;
00744 }
00745
00746
00747 keybin = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, size + 1, bin);
00748 LDNS_FREE(bin);
00749 ldns_rr_push_rdf(pubkey, keybin);
00750 return pubkey;
00751 }
00752
00753 void
00754 ldns_key_free(ldns_key *key)
00755 {
00756 LDNS_FREE(key);
00757 }
00758
00759 void
00760 ldns_key_deep_free(ldns_key *key)
00761 {
00762 if (ldns_key_pubkey_owner(key)) {
00763 ldns_rdf_deep_free(ldns_key_pubkey_owner(key));
00764 }
00765 switch(ldns_key_algorithm(key)) {
00766 case LDNS_SIGN_RSASHA1:
00767 case LDNS_SIGN_RSAMD5:
00768 if (ldns_key_rsa_key(key)) {
00769 RSA_free(ldns_key_rsa_key(key));
00770 }
00771 break;
00772 case LDNS_SIGN_DSA:
00773 if (ldns_key_dsa_key(key)) {
00774 DSA_free(ldns_key_dsa_key(key));
00775 }
00776 break;
00777 case LDNS_SIGN_HMACMD5:
00778 break;
00779 }
00780 LDNS_FREE(key);
00781 }
00782
00783 void
00784 ldns_key_list_free(ldns_key_list *key_list)
00785 {
00786 size_t i;
00787 for (i = 0; i < ldns_key_list_key_count(key_list); i++) {
00788 ldns_key_deep_free(ldns_key_list_key(key_list, i));
00789 }
00790 LDNS_FREE(key_list->_keys);
00791 LDNS_FREE(key_list);
00792 }
00793 #endif