hsm.h File Reference

#include "config.h"
#include "shared/status.h"
#include "signer/keys.h"
#include <ctype.h>
#include <stdint.h>
#include <ldns/ldns.h>
#include <libhsm.h>
#include <libhsmdns.h>

Include dependency graph for hsm.h:

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions
int	lhsm_open (const char *filename)
int	lhsm_reopen (const char *filename)
void	lhsm_check_connection (void *engine)
ods_status	lhsm_get_key (hsm_ctx_t *ctx, ldns_rdf *owner, key_type *key_id)
ldns_rr *	lhsm_sign (hsm_ctx_t *ctx, ldns_rr_list *rrset, key_type *key_id, ldns_rdf *owner, time_t inception, time_t expiration)

Function Documentation

void lhsm_check_connection

(

void *

engine

)

Check the HSM connection, reload engine if necessary.

Parameters

[in]

engine

signer engine.

Check the HSM connection, reload engine if necessary.

Definition at line 114 of file hsm.c.

References engineconfig_struct::cfg_filename, engine_struct::config, engine_start_drudgers(), engine_stop_drudgers(), lhsm_open(), ods_log_debug(), and ods_log_warning().

ods_status lhsm_get_key	(	hsm_ctx_t *	ctx,
		ldns_rdf *	owner,
		key_type *	key_id
	)

Get key from one of the HSMs, store the DNSKEY and HSM key.

Parameters

[in]	ctx	HSM context
[in]	owner	the zone owner name
[in]	key_id	key credentials

Returns

ods_status status

Get key from one of the HSMs.

Definition at line 136 of file hsm.c.

References key_struct::algorithm, key_struct::dnskey, key_struct::flags, key_struct::hsmkey, key_struct::locator, ods_log_assert, ods_log_error(), ODS_STATUS_ASSERT_ERR, ODS_STATUS_ERR, ODS_STATUS_OK, and key_struct::params.

Referenced by lhsm_sign(), signconf_compare_keys(), and zone_publish_dnskeys().

int lhsm_open

(

const char *

filename

)

Hardware Security Module support. Open HSM.

Parameters

[in]

filename

the configuration filename

Returns

int hsm status

Open HSM.

Definition at line 46 of file hsm.c.

References ods_log_crit(), ods_log_error(), and ods_log_info().

Referenced by lhsm_check_connection(), and lhsm_reopen().

int lhsm_reopen

(

const char *

filename

)

Reopen HSM.

Parameters

[in]

filename

the configuration filename

Returns

int hsm status

Reopen HSM.

Definition at line 71 of file hsm.c.

References lhsm_open(), and ods_log_warning().

ldns_rr* lhsm_sign	(	hsm_ctx_t *	ctx,
		ldns_rr_list *	rrset,
		key_type *	key_id,
		ldns_rdf *	owner,
		time_t	inception,
		time_t	expiration
	)

Get RRSIG from one of the HSMs, given a RRset and a key.

Parameters

[in]	ctx	HSM context
[in]	rrset	RRset to be signed
[in]	key_id	key credentials
[in]	owner	owner of the keys
[in]	inception	signature inception
[in]	expiration	signature expiration

Returns

ldns_rr* RRSIG record

Get RRSIG from one of the HSMs, given a RRset and a key.

Definition at line 223 of file hsm.c.

References key_struct::algorithm, key_struct::dnskey, key_struct::flags, key_struct::hsmkey, lhsm_get_key(), key_struct::locator, ods_log_assert, ods_log_crit(), ods_log_debug(), ods_log_error(), ODS_STATUS_OK, and key_struct::params.

Referenced by rrset_sign().