OpenDNSSEC-libhsm 2.1.10
hsmutil.c
Go to the documentation of this file.
1/*
2 * Copyright (c) 2009 .SE (The Internet Infrastructure Foundation).
3 * Copyright (c) 2009 NLNet Labs.
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
17 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
19 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
21 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
22 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
23 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
24 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
25 * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28#include "config.h"
29
30#include <stdio.h>
31#include <string.h>
32#include <stdlib.h>
33#include <syslog.h>
34#include <unistd.h>
35#include <ldns/ldns.h>
36#include <ldns/util.h>
37
38#include "libhsm.h"
39#include "hsmtest.h"
40
41#include <libhsmdns.h>
42
43extern hsm_repository_t* parse_conf_repositories(const char* cfgfile);
44
45extern char *optarg;
46char *progname = NULL;
47unsigned int verbose = 0;
48hsm_ctx_t *ctx = NULL;
49
50
51static void
52version ()
53{
54 fprintf(stderr, "%s (%s) version %s\n",
55 progname, PACKAGE_NAME, PACKAGE_VERSION);
56}
57
58static void
59usage ()
60{
61 fprintf(stderr,
62 "usage: %s [-c config] [-vVfh] [command [options]]\n",
63 progname);
64
65 fprintf(stderr," -h Print this usage information.\n");
66 fprintf(stderr," -v Increase verbosity.\n");
67 fprintf(stderr," -V Print version and exit.\n");
68 fprintf(stderr," -f Force, Assume yes on all questions.\n");
69 fprintf(stderr," -c <cfg> Use alternative conf.xml.\n");
70
71 fprintf(stderr,"commands\n");
72
73 fprintf(stderr," login\n");
74 fprintf(stderr," logout\n");
75 fprintf(stderr," list [repository]\n");
76 fprintf(stderr," generate <repository> rsa|dsa|gost|ecdsa [keysize]\n");
77 fprintf(stderr," remove <id>\n");
78 fprintf(stderr," purge <repository>\n");
79 fprintf(stderr," dnskey <id> <name> <type> <algo>\n");
80 fprintf(stderr," test <repository>\n");
81 fprintf(stderr," info\n");
82#if 0
83 fprintf(stderr," debug\n");
84#endif
85}
86
87static int
88cmd_login ()
89{
90 printf("The tokens are now logged in.\n");
91
92 return 0;
93}
94
95static int
96cmd_logout ()
97{
98 if (hsm_logout_pin() != HSM_OK) {
99 printf("Failed to erase the credentials.\n");
100 hsm_print_error(NULL);
101 return 1;
102 }
103
104 printf("The credentials has been erased.\n");
105
106 return 0;
107}
108
109#pragma GCC diagnostic push
110#pragma GCC diagnostic ignored "-Wformat-nonliteral"
111static int
112cmd_list (int argc, char *argv[])
113{
114 size_t i;
115 char *repository = NULL;
116
117 size_t key_count = 0;
118 size_t key_count_valid = 0;
119 libhsm_key_t **keys;
120
121 const char *key_info_format = "%-20s %-32s %-10s\n";
122
124
125 if (argc) {
126 repository = argv[0];
127 argc--;
128 argv++;
129
130 /* Check for repository before starting using it */
131 if (hsm_token_attached(ctx, repository) == 0) {
133 return 1;
134 }
135
136 fprintf(stdout, "\nListing keys in repository: %s\n", repository);
137 keys = hsm_list_keys_repository(ctx, &key_count, repository);
138 } else {
139 fprintf(stdout, "\nListing keys in all repositories.\n");
140 keys = hsm_list_keys(ctx, &key_count);
141 }
142
143 fprintf(stdout, "%u %s found.\n\n", (unsigned int) key_count,
144 (key_count > 1 || key_count == 0 ? "keys" : "key"));
145
146 if (!keys) {
147 return -1;
148 }
149
150 /* print fancy header */
151 fprintf(stdout, key_info_format, "Repository", "ID", "Type");
152 fprintf(stdout, key_info_format, "----------", "--", "----");
153
154 for (i = 0; i < key_count; i++) {
155 libhsm_key_info_t *key_info;
156 libhsm_key_t *key = NULL;
157 char key_type[HSM_MAX_ALGONAME + 8];
158 char const * key_id = NULL;
159
160 key = keys[i];
161 if (key == NULL) {
162 /* Skip NULL key for now */
163 continue;
164 }
165
166 key_count_valid++;
167
168 key_info = hsm_get_key_info(ctx, key);
169
170 if (key_info) {
171 snprintf(key_type, sizeof(key_type), "%s/%lu",
172 key_info->algorithm_name, key_info->keysize);
173 key_id = key_info->id;
174 } else {
175 snprintf(key_type, sizeof(key_type), "UNKNOWN");
176 key_id = "UNKNOWN";
177 }
178
179 printf(key_info_format, key->modulename, key_id, key_type);
180
181 libhsm_key_info_free(key_info);
182 }
183 libhsm_key_list_free(keys, key_count);
184
185 if (key_count != key_count_valid) {
186 size_t invalid_keys;
187 invalid_keys = key_count - key_count_valid;
188 printf("\n");
189 fprintf(stderr, "Warning: %u %s not usable by OpenDNSSEC was found.\n",
190 (unsigned int) invalid_keys, invalid_keys > 1 ? "keys" : "key");
191 }
192
193 return 0;
194}
195#pragma GCC diagnostic pop
196
197static int
198cmd_generate (int argc, char *argv[])
199{
200 const char *repository = NULL;
201 const char *algorithm = NULL;
202 unsigned int keysize = 1024;
203
204 libhsm_key_t *key = NULL;
205
206 if (argc < 2 || argc > 3) {
207 usage();
208 return -1;
209 }
210
211 repository = argv[0];
212
213 /* Check for repository before starting using it */
214 if (hsm_token_attached(ctx, repository) == 0) {
216 return 1;
217 }
218
219 algorithm = argv[1];
220 if (argc == 3) {
221 keysize = atoi(argv[2]);
222 }
223
224 if (!strcasecmp(algorithm, "rsa")) {
225 printf("Generating %d bit RSA key in repository: %s\n",
226 keysize, repository);
227
228 key = hsm_generate_rsa_key(ctx, repository, keysize);
229 } else if (!strcasecmp(algorithm, "dsa")) {
230 printf("Generating %d bit DSA key in repository: %s\n",
231 keysize, repository);
232
233 key = hsm_generate_dsa_key(ctx, repository, keysize);
234 } else if (!strcasecmp(algorithm, "gost")) {
235 printf("Generating 512 bit GOST key in repository: %s\n",
236 repository);
237
238 key = hsm_generate_gost_key(ctx, repository);
239 } else if (!strcasecmp(algorithm, "ecdsa")) {
240 if (keysize == 256) {
241 printf("Generating a P-256 ECDSA key in repository: %s\n",
242 repository);
243
244 key = hsm_generate_ecdsa_key(ctx, repository, "P-256");
245 } else if (keysize == 384) {
246 printf("Generating a P-384 ECDSA key in repository: %s\n",
247 repository);
248
249 key = hsm_generate_ecdsa_key(ctx, repository, "P-384");
250 } else {
251 printf("Invalid ECDSA key size: %d\n", keysize);
252 printf("Expecting 256 or 384.\n");
253 return -1;
254 }
255 } else {
256 printf("Unknown algorithm: %s\n", algorithm);
257 return -1;
258 }
259
260 if (key) {
261 libhsm_key_info_t *key_info;
262
263 key_info = hsm_get_key_info(ctx, key);
264 printf("Key generation successful: %s\n",
265 key_info ? key_info->id : "NULL");
266 libhsm_key_info_free(key_info);
267 if (verbose) hsm_print_key(ctx, key);
268 libhsm_key_free(key);
269 } else {
270 printf("Key generation failed.\n");
271 return -1;
272 }
273
274 return 0;
275}
276
277static int
278cmd_remove (int argc, char *argv[])
279{
280 char *id;
281 int result;
282
283 libhsm_key_t *key = NULL;
284
285 if (argc != 1) {
286 usage();
287 return -1;
288 }
289
290 id = argv[0];
291
292 key = hsm_find_key_by_id(ctx, id);
293
294 if (!key) {
295 printf("Key not found: %s\n", id);
296 return -1;
297 }
298
299 result = hsm_remove_key(ctx, key);
300
301 if (!result) {
302 printf("Key remove successful.\n");
303 } else {
304 printf("Key remove failed.\n");
305 }
306
307 libhsm_key_free(key);
308
309 return result;
310}
311
312static int
313cmd_purge (int argc, char *argv[], int force)
314{
315 int result;
316 int final_result = 0;
317 char *fresult;
318
319 size_t i;
320 char *repository = NULL;
321 char confirm[16];
322
323 size_t key_count = 0;
324 libhsm_key_t **keys;
325
326 if (argc != 1) {
327 usage();
328 return -1;
329 }
330
331 repository = argv[0];
332 argc--;
333 argv++;
334
335 /* Check for repository before starting using it */
336 if (hsm_token_attached(ctx, repository) == 0) {
338 return 1;
339 }
340
341 printf("Purging all keys from repository: %s\n", repository);
342 keys = hsm_list_keys_repository(ctx, &key_count, repository);
343
344 printf("%u %s found.\n\n", (unsigned int) key_count,
345 (key_count > 1 || key_count == 0 ? "keys" : "key"));
346
347 if (!keys) {
348 return -1;
349 }
350
351 if (key_count == 0) {
352 libhsm_key_list_free(keys, key_count);
353 return -1;
354 }
355
356 if (!force) {
357 printf("Are you sure you want to remove ALL keys from repository %s ? (YES/NO) ", repository);
358 fresult = fgets(confirm, sizeof(confirm) - 1, stdin);
359 if (fresult == NULL || strncasecmp(confirm, "yes", 3) != 0) {
360 printf("\npurge cancelled.\n");
361 libhsm_key_list_free(keys, key_count);
362 return -1;
363 }
364 }
365 printf("\nStarting purge...\n");
366
367 for (i = 0; i < key_count; i++) {
368 libhsm_key_info_t *key_info;
369 libhsm_key_t *key = keys[i];
370
371 key_info = hsm_get_key_info(ctx, key);
372 result = hsm_remove_key(ctx, key);
373
374 if (!result) {
375 printf("Key remove successful: %s\n",
376 key_info ? key_info->id : "NULL");
377 } else {
378 printf("Key remove failed: %s\n",
379 key_info ? key_info->id : "NULL");
380 final_result++;
381 }
382
383 libhsm_key_info_free(key_info);
384 }
385 libhsm_key_list_free(keys, key_count);
386
387 printf("Purge done.\n");
388
389 return final_result;
390}
391
392static int
393cmd_dnskey (int argc, char *argv[])
394{
395 char *id;
396 char *name;
397 int type;
398 int algo;
399
400 libhsm_key_t *key = NULL;
401 ldns_rr *dnskey_rr;
402 hsm_sign_params_t *sign_params;
403
404 if (argc != 4) {
405 usage();
406 return -1;
407 }
408
409 id = strdup(argv[0]);
410 name = strdup(argv[1]);
411 type = atoi(argv[2]);
412 algo = atoi(argv[3]);
413
414 key = hsm_find_key_by_id(ctx, id);
415
416 if (!key) {
417 printf("Key not found: %s\n", id);
418 free(name);
419 free(id);
420 return -1;
421 }
422
423 if (type != LDNS_KEY_ZONE_KEY && type != LDNS_KEY_ZONE_KEY + LDNS_KEY_SEP_KEY) {
424 printf("Invalid key type: %i\n", type);
425 printf("Please use: %i or %i\n", LDNS_KEY_ZONE_KEY, LDNS_KEY_ZONE_KEY + LDNS_KEY_SEP_KEY);
426 free(name);
427 free(id);
428 free(key);
429 return -1;
430 }
431
432 libhsm_key_info_t *key_info = hsm_get_key_info(ctx, key);
433 switch (algo) {
434 case LDNS_SIGN_RSAMD5:
435 case LDNS_SIGN_RSASHA1:
436 case LDNS_SIGN_RSASHA1_NSEC3:
437 case LDNS_SIGN_RSASHA256:
438 case LDNS_SIGN_RSASHA512:
439 if (strcmp(key_info->algorithm_name, "RSA") != 0) {
440 printf("Not an RSA key, the key is of algorithm %s.\n", key_info->algorithm_name);
441 libhsm_key_info_free(key_info);
442 free(key);
443 free(name);
444 free(id);
445 return -1;
446 }
447 break;
448 case LDNS_SIGN_DSA:
449 case LDNS_SIGN_DSA_NSEC3:
450 if (strcmp(key_info->algorithm_name, "DSA") != 0) {
451 printf("Not a DSA key, the key is of algorithm %s.\n", key_info->algorithm_name);
452 libhsm_key_info_free(key_info);
453 free(key);
454 free(name);
455 free(id);
456 return -1;
457 }
458 break;
459 case LDNS_SIGN_ECC_GOST:
460 if (strcmp(key_info->algorithm_name, "GOST") != 0) {
461 printf("Not a GOST key, the key is of algorithm %s.\n", key_info->algorithm_name);
462 libhsm_key_info_free(key_info);
463 free(key);
464 free(name);
465 free(id);
466 return -1;
467 }
468 break;
469 case LDNS_SIGN_ECDSAP256SHA256:
470 if (strcmp(key_info->algorithm_name, "ECDSA") != 0) {
471 printf("Not an ECDSA key, the key is of algorithm %s.\n", key_info->algorithm_name);
472 libhsm_key_info_free(key_info);
473 free(key);
474 free(name);
475 free(id);
476 return -1;
477 }
478 if (key_info->keysize != 256) {
479 printf("The key is a ECDSA/%lu, expecting ECDSA/256 for this algorithm.\n", key_info->keysize);
480 libhsm_key_info_free(key_info);
481 free(key);
482 free(name);
483 free(id);
484 return -1;
485 }
486 break;
487 case LDNS_SIGN_ECDSAP384SHA384:
488 if (strcmp(key_info->algorithm_name, "ECDSA") != 0) {
489 printf("Not an ECDSA key, the key is of algorithm %s.\n", key_info->algorithm_name);
490 libhsm_key_info_free(key_info);
491 free(key);
492 free(name);
493 free(id);
494 return -1;
495 }
496 if (key_info->keysize != 384) {
497 printf("The key is a ECDSA/%lu, expecting ECDSA/384 for this algorithm.\n", key_info->keysize);
498 libhsm_key_info_free(key_info);
499 free(key);
500 free(name);
501 free(id);
502 return -1;
503 }
504 break;
505#if (LDNS_REVISION >= ((1<<16)|(7<<8)|(0)))
506 case LDNS_SIGN_ED25519:
507 if (strcmp(key_info->algorithm_name, "EDDSA") != 0) {
508 printf("Not an EDDSA key, the key is of algorithm %s.\n", key_info->algorithm_name);
509 libhsm_key_info_free(key_info);
510 free(key);
511 free(name);
512 free(id);
513 return -1;
514 }
515 if (key_info->keysize != 255) {
516 printf("The key is EDDSA/%lu, expecting EDDSA/255 for this algorithm.\n", key_info->keysize);
517 libhsm_key_info_free(key_info);
518 free(key);
519 free(name);
520 free(id);
521 return -1;
522 }
523 break;
524 case LDNS_SIGN_ED448:
525 if (strcmp(key_info->algorithm_name, "EDDSA") != 0) {
526 printf("Not an EDDSA key, the key is of algorithm %s.\n", key_info->algorithm_name);
527 libhsm_key_info_free(key_info);
528 free(key);
529 free(name);
530 free(id);
531 return -1;
532 }
533 if (key_info->keysize != 448) {
534 printf("The key is EDDSA/%lu, expecting EDDSA/448 for this algorithm.\n", key_info->keysize);
535 libhsm_key_info_free(key_info);
536 free(key);
537 free(name);
538 free(id);
539 return -1;
540 }
541 break;
542#endif
543 default:
544 printf("Invalid algorithm: %i\n", algo);
545 libhsm_key_info_free(key_info);
546 free(key);
547 free(name);
548 free(id);
549 return -1;
550 }
551 libhsm_key_info_free(key_info);
552
553 sign_params = hsm_sign_params_new();
554 sign_params->algorithm = algo;
555 sign_params->flags = type;
556 sign_params->owner = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, name);
557 dnskey_rr = hsm_get_dnskey(ctx, key, sign_params);
558 sign_params->keytag = ldns_calc_keytag(dnskey_rr);
559
560 ldns_rr_print(stdout, dnskey_rr);
561
562 hsm_sign_params_free(sign_params);
563 ldns_rr_free(dnskey_rr);
564 libhsm_key_free(key);
565 free(name);
566 free(id);
567
568 return 0;
569}
570
571static int
572cmd_test (int argc, char *argv[], hsm_ctx_t* ctx)
573{
574 char *repository = NULL;
575
576 if (argc) {
577 repository = strdup(argv[0]);
578 argc--;
579 argv++;
580
581 printf("Testing repository: %s\n\n", repository);
582 int rv = hsm_test(repository, ctx);
583 if (repository) free(repository);
584 return rv;
585 } else {
586 usage();
587 }
588
589 return 0;
590}
591
592static int
593cmd_info (hsm_ctx_t* ctx)
594{
596
597 return 0;
598}
599
600static int
601cmd_debug (hsm_ctx_t* ctx)
602{
604
605 return 0;
606}
607
608int
609main (int argc, char *argv[])
610{
611 int result;
612
613 char *config = NULL;
614
615 int ch;
616 int force = 0;
617 progname = argv[0];
618
619 while ((ch = getopt(argc, argv, "c:vVhf")) != -1) {
620 switch (ch) {
621 case 'c':
622 config = strdup(optarg);
623 break;
624 case 'f':
625 force = 1;
626 break;
627 case 'v':
628 verbose++;
629 break;
630 case 'V':
631 version();
632 exit(0);
633 break;
634 case 'h':
635 usage();
636 exit(0);
637 break;
638 default:
639 usage();
640 exit(1);
641 }
642 }
643 argc -= optind;
644 argv += optind;
645
646 if (!argc) {
647 usage();
648 exit(1);
649 }
650
651
652 if (!strcasecmp(argv[0], "logout")) {
653 if (config) free(config);
654 exit(cmd_logout());
655 }
656
657 result = hsm_open2(parse_conf_repositories(config?config:HSM_DEFAULT_CONFIG), hsm_prompt_pin);
658 if (result != HSM_OK) {
659 char* error = hsm_get_error(NULL);
660 if (error != NULL) {
661 fprintf(stderr,"%s\n", error);
662 free(error);
663 }
664 exit(-1);
665 }
667
668 openlog("hsmutil", LOG_PID, LOG_USER);
669
670 if (!strcasecmp(argv[0], "login")) {
671 argc --;
672 argv ++;
673 result = cmd_login();
674 } else if (!strcasecmp(argv[0], "list")) {
675 argc --;
676 argv ++;
677 result = cmd_list(argc, argv);
678 } else if (!strcasecmp(argv[0], "generate")) {
679 argc --;
680 argv ++;
681 result = cmd_generate(argc, argv);
682 } else if (!strcasecmp(argv[0], "remove")) {
683 argc --;
684 argv ++;
685 result = cmd_remove(argc, argv);
686 } else if (!strcasecmp(argv[0], "purge")) {
687 argc --;
688 argv ++;
689 result = cmd_purge(argc, argv, force);
690 } else if (!strcasecmp(argv[0], "dnskey")) {
691 argc --;
692 argv ++;
693 result = cmd_dnskey(argc, argv);
694 } else if (!strcasecmp(argv[0], "test")) {
695 argc --;
696 argv ++;
697 result = cmd_test(argc, argv, ctx);
698 } else if (!strcasecmp(argv[0], "info")) {
699 argc --;
700 argv ++;
701 result = cmd_info(ctx);
702 } else if (!strcasecmp(argv[0], "debug")) {
703 argc --;
704 argv ++;
705 result = cmd_debug(ctx);
706 } else {
707 usage();
708 result = -1;
709 }
710
712 hsm_close();
713 if (config) free(config);
714
715 closelog();
716
717 exit(result);
718}
ldns_algorithm algorithm
Definition: hsmspeed.c:43
int hsm_test(const char *repository, hsm_ctx_t *ctx)
Definition: hsmtest.c:109
int main(int argc, char *argv[])
Definition: hsmutil.c:609
unsigned int verbose
Definition: hsmutil.c:47
hsm_repository_t * parse_conf_repositories(const char *cfgfile)
Definition: confparser.c:51
char * progname
Definition: hsmutil.c:46
char * optarg
hsm_ctx_t * ctx
Definition: hsmutil.c:48
void libhsm_key_list_free(libhsm_key_t **key_list, size_t count)
Definition: libhsm.c:3147
char * hsm_get_error(hsm_ctx_t *gctx)
Definition: libhsm.c:3512
void hsm_print_error(hsm_ctx_t *gctx)
Definition: libhsm.c:3595
libhsm_key_t * hsm_find_key_by_id(hsm_ctx_t *ctx, const char *id)
Definition: libhsm.c:2615
int hsm_token_attached(hsm_ctx_t *ctx, const char *repository)
Definition: libhsm.c:3495
libhsm_key_t * hsm_generate_rsa_key(hsm_ctx_t *ctx, const char *repository, unsigned long keysize)
Definition: libhsm.c:2644
libhsm_key_t * hsm_generate_gost_key(hsm_ctx_t *ctx, const char *repository)
Definition: libhsm.c:2846
void hsm_print_key(hsm_ctx_t *ctx, libhsm_key_t *key)
Definition: libhsm.c:3569
hsm_sign_params_t * hsm_sign_params_new()
Definition: libhsm.c:2539
void hsm_print_ctx(hsm_ctx_t *ctx)
Definition: libhsm.c:3558
void libhsm_key_info_free(libhsm_key_info_t *key_info)
Definition: libhsm.c:3238
libhsm_key_t ** hsm_list_keys_repository(hsm_ctx_t *ctx, size_t *count, const char *repository)
Definition: libhsm.c:2598
int hsm_open2(hsm_repository_t *rlist, char *(pin_callback)(unsigned int, const char *, unsigned int))
Definition: libhsm.c:2388
ldns_rr * hsm_get_dnskey(hsm_ctx_t *ctx, const libhsm_key_t *key, const hsm_sign_params_t *sign_params)
Definition: libhsm.c:3365
libhsm_key_t * hsm_generate_dsa_key(hsm_ctx_t *ctx, const char *repository, unsigned long keysize)
Definition: libhsm.c:2732
libhsm_key_t * hsm_generate_ecdsa_key(hsm_ctx_t *ctx, const char *repository, const char *curve)
Definition: libhsm.c:2926
void hsm_close()
Definition: libhsm.c:2455
int hsm_remove_key(hsm_ctx_t *ctx, libhsm_key_t *key)
Definition: libhsm.c:3118
void hsm_print_tokeninfo(hsm_ctx_t *ctx)
Definition: libhsm.c:3610
libhsm_key_info_t * hsm_get_key_info(hsm_ctx_t *ctx, const libhsm_key_t *key)
Definition: libhsm.c:3187
void hsm_destroy_context(hsm_ctx_t *ctx)
Definition: libhsm.c:2530
libhsm_key_t ** hsm_list_keys(hsm_ctx_t *ctx, size_t *count)
Definition: libhsm.c:2572
void libhsm_key_free(libhsm_key_t *key)
Definition: libhsm.c:2565
void hsm_sign_params_free(hsm_sign_params_t *params)
Definition: libhsm.c:2556
hsm_ctx_t * hsm_create_context()
Definition: libhsm.c:2465
char * hsm_prompt_pin(unsigned int id, const char *repository, unsigned int mode)
Definition: pin.c:228
#define HSM_MAX_ALGONAME
Definition: libhsm.h:47
#define HSM_OK
Definition: libhsm.h:65
int hsm_logout_pin(void)
Definition: pin.c:413
ldns_algorithm algorithm
Definition: libhsmdns.h:36
ldns_rdf * owner
Definition: libhsmdns.h:46
uint16_t flags
Definition: libhsmdns.h:38
uint16_t keytag
Definition: libhsmdns.h:44
char * algorithm_name
Definition: libhsm.h:112
unsigned long keysize
Definition: libhsm.h:113
char * modulename
Definition: libhsm.h:103