OpenDNSSEC-enforcer  1.4.10
ksm.h
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2008-2009 Nominet UK. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  * notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  * notice, this list of conditions and the following disclaimer in the
11  * documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
15  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
17  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
19  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
21  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
22  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
23  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  *
25  */
26 
27 #ifndef KSM_KSM_H
28 #define KSM_KSM_H
29 
30 #ifdef __cplusplus
31 extern "C" {
32 #endif
33 
34 /*+
35  * ksm.h - KSM Definitions
36  *
37  * Description:
38  * Holds definitions and prototypes for the KSM library.
39 -*/
40 
41 #include <time.h>
42 #include <ksm/database.h>
43 #include <ksm/database_statement.h>
44 
45 
46 /* General */
47 
48 typedef int KSM_ID; /* Identifies a KSM entity */
49 
50 #define KSM_NULL_ID ((KSM_ID) -1) /* General invalid ID */
51 
52 /* ksm_common */
53 
54 int KsmInit(void);
55 int KsmRundown(void);
56 
57 #define KSM_NAME_LENGTH 256 /* Includes trailing NULL */
58 #define KSM_MSG_LENGTH 512 /* Includes trailing NULL */
59 #define KSM_PATH_LENGTH 4096 /* Includes trailing NULL */
60 #define KSM_POLICY_DESC_LENGTH 256 /* Includes trailing NULL */
61 #define KSM_TIME_LENGTH 32 /* Includes trailing NULL */
62 
63 #define KSM_SQL_SIZE 1024 /* Max size of SQL statement */
64 #define KSM_INT_STR_SIZE 32 /* Max size of int as string */
65 #define KSM_SALT_LENGTH 512 /* Includes trailing NULL */
66 #define KSM_ZONE_NAME_LENGTH 256 /* Includes trailing NULL */
67 #define KSM_ADAPTER_NAME_LENGTH 512 /* Includes trailing NULL */
68 /* ksm_key */
69 
70 #define RFC5011_ADD_HOLDDOWN_TIME (30*24*3600) /* seconds to prepublish KSK for 5011 */
71 #define RFC5011_REM_HOLDDOWN_TIME (30*24*3600) /* seconds to postpublish KSK for 5011 */
72 
73 /* Key time flag states */
74 
75 #define KEYDATA_M_ID 0x0001
76 #define KEYDATA_M_STATE 0x0002
77 #define KEYDATA_M_KEYTYPE 0x0004
78 #define KEYDATA_M_ALGORITHM 0x0008
79 #define KEYDATA_M_SIGLIFETIME 0x0010
80 #define KEYDATA_M_ACTIVE 0x0020
81 #define KEYDATA_M_DEAD 0x0040
82 #define KEYDATA_M_GENERATE 0x0080
83 #define KEYDATA_M_PUBLISH 0x0100
84 #define KEYDATA_M_READY 0x0200
85 #define KEYDATA_M_RETIRE 0x0400
86 #define KEYDATA_M_LOCATION 0x0800
87 #define KEYDATA_M_SIZE 0x1000
88 #define KEYDATA_M_SMID 0x2000
89 
90 #define KEYDATA_M_TIMES (KEYDATA_M_ACTIVE | KEYDATA_M_DEAD | \
91  KEYDATA_M_GENERATE | KEYDATA_M_PUBLISH | KEYDATA_M_READY | KEYDATA_M_RETIRE)
92 
93 /*
94  * Structure for key information. Note that on the date fields, the
95  * "struct tm" fields are used to insert data into the database, and the
96  * "char*" fields used to retrieve data. In the latter case, a NULL field
97  * will be represented by an empty string.
98  */
99 
100 typedef struct {
102  int state;
103  int keytype;
106  char active[KSM_TIME_LENGTH];
107  char dead[KSM_TIME_LENGTH];
108  char generate[KSM_TIME_LENGTH];
109  char publish[KSM_TIME_LENGTH];
110  char ready[KSM_TIME_LENGTH];
111  char retire[KSM_TIME_LENGTH];
112  char location[KSM_NAME_LENGTH];
114  int size;
116  char HSMKey_id[KSM_NAME_LENGTH]; /* TODO is this long enough ? */
118  int zone_id;
120 
121  /*
122  * The remaining fields are used for data manipulation and are not part of
123  * the KEYDATA table.
124  */
125 
126  int flags; /* States which fields are valid */
127  int roll_scheme;/* Which rollover scheme the key is under */
128  int rfc5011; /* Use 5011 style add/remove for this key */
129  int revoke; /* Publish key with the revoke bit */
130 } KSM_KEYDATA;
131 
132 int KsmKeyPairCreate(int policy_id, const char* HSMKeyID, int smID, int size, int alg, const char* generate, DB_ID* id);
133 int KsmDnssecKeyCreate(int zone_id, int keypair_id, int keytype, int state, int rfc5011, const char* time, const char* retTime, DB_ID* id);
134 /*int KsmDnssecKeyCreateOnPolicy(int policy_id, int keypair_id, int keytype);*/
135 int KsmKeyInitSql(DB_RESULT* result, const char* sql);
136 int KsmKeyInit(DB_RESULT* result, DQS_QUERY_CONDITION* condition);
137 int KsmKeyInitId(DB_RESULT* result, DB_ID id);
138 int KsmKey(DB_RESULT result, KSM_KEYDATA* data);
139 void KsmKeyEnd(DB_RESULT result);
140 int KsmKeyQuery(const char* sql, DB_RESULT* result);
141 int KsmKeyData(DB_ID id, KSM_KEYDATA* data);
142 int KsmKeyPredict(int policy_id, int keytype, int shared_keys, int interval, int *count, int rollover_scheme, int zone_count);
143 int KsmKeyCountQueue(int keytype, int* count, int zone_id);
144 int KsmKeyCountStillGood(int policy_id, int sm, int bits, int algorithm, int interval, const char* datetime, int *count, int keytype);
145 int KsmKeyGetUnallocated(int policy_id, int sm, int bits, int algorithm, int zone_id, int share_keys, int *keypair_id);
146 int KsmMarkKeysAsDead(int zone_id);
147 int KsmKillKey(int keypair_id, int zone_id);
148 
149 /* delete */
150 
151 int KsmDeleteKeyRange(int minid, int maxid);
152 int KsmDeleteKeyRanges(int limit[], int size);
153 
154 /* KsmParameter */
155 
156 typedef struct {
157  char name[KSM_NAME_LENGTH];
158  char category[KSM_NAME_LENGTH];
159  int value;
161 } KSM_PARAMETER;
162 
163 int KsmParameterInit(DB_RESULT* result, const char* name, const char* category, int policy_id);
164 int KsmParameterExist(DB_RESULT* result, const char* name, const char* category, int* parameter_id);
165 int KsmParameter(DB_RESULT result, KSM_PARAMETER* data);
166 void KsmParameterEnd(DB_RESULT result);
167 int KsmParameterValue(const char* name, const char* category, int* value, int policy_id, int* parameter_id);
168 int KsmParameterSet(const char* name, const char* category, int value, int policy_id);
169 int KsmParameterShow(const char* name, const char* category, int policy_id);
170 
171 /* ksmPolicy */
172 typedef struct {
173  int refresh;
174  int jitter;
176  int soamin;
177  int soattl;
178  int serial;
180 
181 typedef struct {
183  int resign;
187 
188 typedef struct {
189  int version;
190  int resalt;
193  int optout;
194  int ttl;
196  char salt[KSM_SALT_LENGTH];
197  char salt_stamp[KSM_TIME_LENGTH];
199 
200 typedef struct {
201  int ttl;
205  int purge;
207 
208 typedef struct {
210  int bits;
211  int lifetime;
212  int sm;
213  char sm_name[KSM_NAME_LENGTH];
214  unsigned long sm_capacity;
216  int overlap;
217  int ttl;
218  int rfc5011;
219  int type;
224 
225 typedef struct {
230 
231 typedef struct {
233  int soa_ttl;
234  int soa_min;
235  int serial;
237 
238 typedef struct {
240  int ds_ttl;
241  int soa_ttl;
242  int soa_min;
244 
245 typedef struct {
246  int id;
247  char name[KSM_NAME_LENGTH];
248  char* description;
259 } KSM_POLICY;
260 
261 typedef struct {
262  char name[KSM_NAME_LENGTH];
263  char category[KSM_NAME_LENGTH];
264  int value;
266 
267 int KsmPolicyInit(DB_RESULT* handle, const char* name);
268 int KsmPolicyExists(const char* name);
269 int KsmPolicyParametersInit(DB_RESULT* handle, const char* name);
270 int KsmPolicyRead(KSM_POLICY* policy);
271 int KsmPolicy(DB_RESULT handle, KSM_POLICY* data);
273 int KsmPolicyReadFromId(KSM_POLICY* policy);
274 int KsmPolicyNameFromId(KSM_POLICY* policy);
275 int KsmPolicyUpdateSalt(KSM_POLICY* policy);
276 int KsmPolicyNullSaltStamp(int policy_id);
279 int KsmPolicyIdFromZoneId(int zone_id, int* policy_id);
280 int KsmPolicyUpdateDesc(int policy_id, const char* policy_description);
281 
283 void KsmPolicyFree(KSM_POLICY *policy);
284 
285 /* ksmZone */
286 typedef struct {
287  int id;
290  char signconf[KSM_PATH_LENGTH];
291  char input[KSM_PATH_LENGTH];
292  char output[KSM_PATH_LENGTH];
293  char policy_name[KSM_NAME_LENGTH];
294  char in_type[KSM_ADAPTER_NAME_LENGTH];
295  char out_type[KSM_ADAPTER_NAME_LENGTH];
296 } KSM_ZONE;
297 
298 int KsmZoneInit(DB_RESULT* handle, int policy_id);
299 int KsmZone(DB_RESULT handle, KSM_ZONE *data);
300 int KsmZoneCount(DB_RESULT handle, int* count);
301 int KsmZoneCountInit(DB_RESULT* handle, int id);
302 int KsmZoneIdFromName(const char* zone_name, int* zone_id);
303 int KsmZoneIdAndPolicyFromName(const char* zone_name, int* policy_id, int* zone_id);
304 int KsmDeleteZone(int zone_id);
305 int KsmZoneNameFromId(int zone_id, char** zone_name);
306 
307 #define UNSIGNED 0
308 #define SIGNED 1
309 
310 int KsmDNSSECKeysInSMCountInit(DB_RESULT* handle, int policy_id);
311 int KsmDNSSECKeysInSMCount(DB_RESULT handle, int* count);
312 int KsmDNSSECKeysStateCountInit(DB_RESULT* result, int policy_id, KSM_KEY_POLICY *key_policy, int state);
313 
314 /* Purge */
315 
316 void KsmPurge(void);
317 
318 /*
319  * Constants in the database tables. These are used in the
320  * ksm_keyword module.
321  *
322  * THESE MUST BE KEPT IN STEP WITH THE DATABASE CREATION SCRIPT
323  */
324 
325 /*
326  * The following names and constants are in the SIG(0) Algorithm Numbers
327  * page at IANA - http://www.iana.org/assignments/sig-alg-numbers.
328  */
329 
330 #define KSM_ALGORITHM_RSAMD5 1
331 #define KSM_ALGORITHM_RSAMD5_STRING "rsamd5"
332 #define KSM_ALGORITHM_DH 2
333 #define KSM_ALGORITHM_DH_STRING "dh"
334 #define KSM_ALGORITHM_DSASHA1 3
335 #define KSM_ALGORITHM_DSASHA1_STRING "dsa"
336 #define KSM_ALGORITHM_RSASHA1 5
337 #define KSM_ALGORITHM_RSASHA1_STRING "rsasha1"
338 #define KSM_ALGORITHM_DSA_NSEC3_SHA1 6
339 #define KSM_ALGORITHM_DSA_NSEC3_SHA1_STRING "dsa-nsec3-sha1"
340 #define KSM_ALGORITHM_RSASHA1_NSEC3_SHA1 7
341 #define KSM_ALGORITHM_RSASHA1_NSEC3_SHA1_STRING "rsasha1-nsec3-sha1"
342 #define KSM_ALGORITHM_RSASHA256 8
343 #define KSM_ALGORITHM_RSASHA256_STRING "rsasha256"
344 #define KSM_ALGORITHM_RSASHA512 10
345 #define KSM_ALGORITHM_RSASHA512_STRING "rsasha512"
346 #define KSM_ALGORITHM_INDIRECT 252
347 #define KSM_ALGORITHM_INDIRECT_STRING "indirect"
348 #define KSM_ALGORITHM_PRIVDOM 253
349 #define KSM_ALGORITHM_PRIVDOM_STRING "domain"
350 #define KSM_ALGORITHM_PRIVOID 254
351 #define KSM_ALGORITHM_PRIVOID_STRING "oid"
352 
353 #define KSM_FORMAT_FILE 1
354 #define KSM_FORMAT_FILE_STRING "file"
355 #define KSM_FORMAT_HSM 2
356 #define KSM_FORMAT_HSM_STRING "hsm"
357 #define KSM_FORMAT_URI 3
358 #define KSM_FORMAT_URI_STRING "uri"
359 
360 #define KSM_TYPE_KSK 257
361 #define KSM_TYPE_KSK_STRING "ksk"
362 #define KSM_TYPE_ZSK 256
363 #define KSM_TYPE_ZSK_STRING "zsk"
364 
365 #define KSM_FLAG_REVOKE 0x80
366 
367 #define KSM_STATE_GENERATE 1
368 #define KSM_STATE_GENERATE_STRING "generate"
369 #define KSM_STATE_PUBLISH 2
370 #define KSM_STATE_PUBLISH_STRING "publish"
371 #define KSM_STATE_READY 3
372 #define KSM_STATE_READY_STRING "ready"
373 #define KSM_STATE_ACTIVE 4
374 #define KSM_STATE_ACTIVE_STRING "active"
375 #define KSM_STATE_RETIRE 5
376 #define KSM_STATE_RETIRE_STRING "retire"
377 #define KSM_STATE_DEAD 6
378 #define KSM_STATE_DEAD_STRING "dead"
379 #define KSM_STATE_DSSUB 7
380 #define KSM_STATE_DSSUB_STRING "dssub"
381 #define KSM_STATE_DSPUBLISH 8
382 #define KSM_STATE_DSPUBLISH_STRING "dspublish"
383 #define KSM_STATE_DSREADY 9
384 #define KSM_STATE_DSREADY_STRING "dsready"
385 #define KSM_STATE_KEYPUBLISH 10
386 #define KSM_STATE_KEYPUBLISH_STRING "keypublish"
387 
388 #define KSM_SERIAL_UNIX_STRING "unixtime"
389 #define KSM_SERIAL_UNIX 1
390 #define KSM_SERIAL_COUNTER_STRING "counter"
391 #define KSM_SERIAL_COUNTER 2
392 #define KSM_SERIAL_DATE_STRING "datecounter"
393 #define KSM_SERIAL_DATE 3
394 #define KSM_SERIAL_KEEP_STRING "keep"
395 #define KSM_SERIAL_KEEP 4
396 
397 #define KSM_KEYS_NOT_SHARED 0
398 #define KSM_KEYS_SHARED 1
399 
400 #define KSM_ROLL_DEFAULT 1 /* DoubleDNSKEY */
401 #define KSM_ROLL_DNSKEY_STRING "DoubleDNSKey"
402 #define KSM_ROLL_DNSKEY 1
403 #define KSM_ROLL_DS_STRING "DoubleDS"
404 #define KSM_ROLL_DS 2
405 #define KSM_ROLL_RRSET_STRING "DoubleRRSet"
406 #define KSM_ROLL_RRSET 3
407 
408 /* Reserved parameters and default values (in seconds) */
409 /* TODO redefine this properly:
410  * have _CAT defines separate
411  * rename to match the new list
412  * add new items ? */
413 #define KSM_PAR_CLOCKSKEW 3600 /* 1 hour */
414 #define KSM_PAR_CLOCKSKEW_STRING "clockskew"
415 #define KSM_PAR_CLOCKSKEW_CAT "signature"
416 #define KSM_PAR_KSKLIFE 63072000 /* 2 years */
417 #define KSM_PAR_KSKLIFE_STRING "lifetime"
418 #define KSM_PAR_KSKLIFE_CAT "ksk"
419 #define KSM_PAR_PROPDELAY 3600 /* 1 hour */
420 #define KSM_PAR_PROPDELAY_STRING "propagationdelay"
421 #define KSM_PAR_PROPDELAY_CAT "zone"
422 #define KSM_PAR_STANDBYKSKS 1
423 #define KSM_PAR_STANDBYKSKS_STRING "standby"
424 #define KSM_PAR_STANDBYKSKS_CAT "ksk"
425 #define KSM_PAR_STANDBYZSKS 1
426 #define KSM_PAR_STANDBYZSKS_STRING "standby"
427 #define KSM_PAR_STANDBYZSKS_CAT "zsk"
428 #define KSM_PAR_SIGNINT 7200 /* 2 hours */
429 #define KSM_PAR_SIGNINT_STRING "resign"
430 #define KSM_PAR_SIGNINT_CAT "signature"
431 #define KSM_PAR_SOAMIN 7200 /* 2 hours */
432 #define KSM_PAR_SOAMIN_STRING "min"
433 #define KSM_PAR_SOAMIN_CAT "zone"
434 #define KSM_PAR_SOATTL 172800 /* 2 days */
435 #define KSM_PAR_SOATTL_STRING "ttl"
436 #define KSM_PAR_SOATTL_CAT "zone"
437 #define KSM_PAR_ZSKSIGLIFE 432000 /* 5 days */
438 #define KSM_PAR_ZSKSIGLIFE_STRING "valdefault"
439 #define KSM_PAR_ZSKSIGLIFE_CAT "signature"
440 #define KSM_PAR_ZSKLIFE 2592000 /* 30 days */
441 #define KSM_PAR_ZSKLIFE_STRING "lifetime"
442 #define KSM_PAR_ZSKLIFE_CAT "zsk"
443 #define KSM_PAR_ZSKTTL 172800 /* 2 days */
444 #define KSM_PAR_ZSKTTL_STRING "ttl"
445 #define KSM_PAR_ZSKTTL_CAT "keys"
446 #define KSM_PAR_KSKTTL 172800 /* 2 days */
447 #define KSM_PAR_KSKTTL_STRING "ttl"
448 #define KSM_PAR_KSKTTL_CAT "keys"
449 #define KSM_PAR_KSKPROPDELAY 3600 /* 1 hour */
450 #define KSM_PAR_KSKPROPDELAY_STRING "propagationdelay"
451 #define KSM_PAR_KSKPROPDELAY_CAT "parent"
452 #define KSM_PAR_REGDELAY 0 /* TODO sort this out */
453 #define KSM_PAR_REGDELAY_STRING "registrationdelay" /* TODO sort this out */
454 #define KSM_PAR_REGDELAY_CAT "parent" /* TODO sort this out */
455 #define KSM_PAR_PUBSAFETY 172800 /* 2 days */
456 #define KSM_PAR_PUBSAFETY_STRING "publishsafety"
457 #define KSM_PAR_PUBSAFETY_CAT "keys"
458 #define KSM_PAR_RETSAFETY 172800 /* 2 days */
459 #define KSM_PAR_RETSAFETY_STRING "retiresafety"
460 #define KSM_PAR_RETSAFETY_CAT "keys"
461 #define KSM_PAR_KSK_MAN_ROLL 0 /* false (i.e. automatic roll) */
462 #define KSM_PAR_KSK_MAN_ROLL_STRING "manual_rollover"
463 #define KSM_PAR_KSK_MAN_ROLL_CAT "ksk"
464 #define KSM_PAR_ZSK_MAN_ROLL 0 /* false (i.e. automatic roll) */
465 #define KSM_PAR_ZSK_MAN_ROLL_STRING "manual_rollover"
466 #define KSM_PAR_ZSK_MAN_ROLL_CAT "zsk"
467 #define KSM_PAR_DSTTL 3600
468 #define KSM_PAR_DSTTL_STRING "ttlds"
469 #define KSM_PAR_DSTTL_CAT "parent"
470 #define KSM_PAR_KSK_ROLL 0
471 #define KSM_PAR_KSK_ROLL_STRING "rollover_scheme"
472 #define KSM_PAR_KSK_ROLL_CAT "ksk"
473 #define KSM_PAR_RFC5011 0
474 #define KSM_PAR_RFC5011_STRING "rfc5011"
475 #define KSM_PAR_RFC5011_CAT "ksk"
476 #define KSM_PAR_REVOKE 0
477 #define KSM_PAR_REVOKE_STRING "revoked"
478 #define KSM_PAR_REVOKE_CAT "ksk"
479 
480 typedef struct { /* Holds collection of parameters */
481  int clockskew; /* Clock skew */
482  int ksklife; /* Lifetime of a KSK */
483  int standbyksks; /* Number of Standby Key Signing keys */
484  int standbyzsks; /* Number of Standby Zone signing keys */
485  int propdelay; /* Propagation delay */
486  int signint; /* Signing interval - how long signing the zone takes */
487  int soamin; /* "Minimum" value from SOA record */
488  int soattl; /* TTL of the SOA record */
489  int zsksiglife; /* Length of signatures signed by this ZSK */
490  int zsklife; /* How long key is used for */
491  int zskttl; /* TTL of ZSK DNSKEY record */
492  int kskttl; /* TTL of KSK DNSKEY record */
493  int kskpropdelay; /* KSK Propagation delay */
494  int regdelay; /* KSK Registration delay */
495  int pub_safety; /* Publish safety margin */
496  int ret_safety; /* Retire safety margin */
497  int kskmanroll; /* Do we only roll the KSK manually? */
498  int zskmanroll; /* Do we only roll the ZSK manually? */
499  int dsttl; /* TTL of the DS record */
500  int kskroll; /* Rollover Scheme for the KSK */
501  int rfc5011; /* 5011 enabled? */
502  int revoke; /* Key revoked? */
503 } KSM_PARCOLL;
504 
505 int KsmCollectionInit(KSM_PARCOLL* data);
506 int KsmParameterClockskew(KSM_PARCOLL* collection);
507 int KsmParameterKskLifetime(KSM_PARCOLL* collection);
508 int KsmParameterStandbyKSKeys(KSM_PARCOLL* collection);
509 int KsmParameterStandbyZSKeys(KSM_PARCOLL* collection);
512 int KsmParameterSoaMin(KSM_PARCOLL* collection);
513 int KsmParameterSoaTtl(KSM_PARCOLL* collection);
514 int KsmParameterZskLifetime(KSM_PARCOLL* collection);
515 int KsmParameterZskTtl(KSM_PARCOLL* collection);
516 int KsmParameterKskTtl(KSM_PARCOLL* collection);
519 int KsmParameterPubSafety(KSM_PARCOLL* collection);
520 int KsmParameterRetSafety(KSM_PARCOLL* collection);
522 int KsmParameterCollection(KSM_PARCOLL* data, int policy_id);
523 int KsmParameterRfc5011(KSM_PARCOLL* collection);
524 int KsmParameterRevoke(KSM_PARCOLL* collection);
525 void KsmParameterCollectionCache(int enable);
526 
527 /* ksm_keyword */
528 
529 int KsmKeywordAlgorithmNameToValue(const char* name);
530 int KsmKeywordFormatNameToValue(const char* name);
531 int KsmKeywordParameterNameToValue(const char* name);
532 int KsmKeywordStateNameToValue(const char* name);
533 int KsmKeywordTypeNameToValue(const char* name);
534 int KsmKeywordRollNameToValue(const char* name);
535 
536 const char* KsmKeywordAlgorithmValueToName(int value);
537 const char* KsmKeywordFormatValueToName(int value);
538 const char* KsmKeywordStateValueToName(int value);
539 const char* KsmKeywordTypeValueToName(int value);
540 const char* KsmKeywordSerialValueToName(int value);
541 const char* KsmKeywordRollValueToName(int value);
542 
543 int KsmKeywordParameterExists(const char* name);
544 
545 /* ksm_update */
546 
547 int KsmUpdate(int policy_id, int zone_id);
548 void KsmUpdateKey(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
550 void KsmUpdatePublishKeyTime(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
551 void KsmUpdateReadyKeyTime(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
552 void KsmUpdateActiveKeyTime(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
553 void KsmUpdateRetireKeyTime(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
555 void KsmUpdateDSPublishKeyTime(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
556 void KsmUpdateKEYPublishKeyTime(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
557 int KsmUpdateKeyTime(const KSM_KEYDATA* data, const char* source,
558  const char* destination, int interval, int zone_id);
559 
560 /* ksm_request */
561 
562 typedef int (*KSM_REQUEST_CALLBACK)(void* context, KSM_KEYDATA* key);
563 
564 int KsmRequestKeys(int keytype, int rollover, const char* datetime,
565  KSM_REQUEST_CALLBACK callback, void* context, int policy_id, int zone_id,
566  int run_interval, int* NewDS);
567 int KsmRequestKeysByType(int keytype, int rollover, const char* datetime,
568  KSM_REQUEST_CALLBACK callback, void* context, int policy_id, int zone_id,
569  int run_interval, int* NewDS);
570 int KsmRequestSetActiveExpectedRetire(int keytype, const char* datetime, int zone_id);
571 int KsmRequestChangeStateActiveRetire(int keytype, const char* datetime, int zone_id, int policy_id, int revoke);
572 int KsmRequestChangeStateRetireDead(int keytype, const char* datetime, int zone_id, int policy_id, int rollover_scheme, int* NewDS);
573 int KsmRequestChangeStatePublishReady(int keytype, const char* datetime, int zone_id, int policy_id, int rfc5011, int* NewDS);
574 int KsmRequestChangeStatePublishActive(int keytype, const char* datetime, int zone_id, int policy_id, int* NewDS);
575 int KsmRequestChangeStateReadyActive(int keytype, const char* datetime, int zone_id, int policy_id, int* NewDS);
576 int KsmRequestChangeStateDSPublishDSReady(int keytype, const char* datetime, int zone_id, int policy_id);
577 int KsmRequestChangeState(int keytype, const char* datetime, int src_state,
578  int dst_state, int zone_id, int policy_id, int rollover_scheme,
579  int rfc5011, int revoke, int* NewDS);
580 int KsmRequestChangeStateGeneratePublish(int keytype, const char* datetime,
581  int count, int zone_id);
582 int KsmRequestChangeStateGenerateDSSub(int keytype, const char* datetime,
583  int count, int zone_id);
584 int KsmRequestChangeStateDSReadyKeyPublish(const char* datetime, int zone_id, int policy_id);
585 int KsmRequestChangeStateKeyPublishActive(const char* datetime, int zone_id, int policy_id, int* NewDS);
586 int KsmRequestChangeStateReadyActiveN(int keytype, const char* datetime,
587  int count, int zone_id);
588 int KsmRequestChangeStateN(int keytype, const char* datetime,
589  int count, int src_state, int dst_state, int zone_id);
591  const char* datetime, KSM_PARCOLL* collection, int zone_id, int* NewDS);
593  const char* datetime, KSM_PARCOLL* collection, int zone_id,
594  int run_interval);
595 int KsmRequestPendingRetireCount(int keytype, const char* datetime,
596  KSM_PARCOLL* parameters, int* count, int zone_id, int interval);
597 int KsmRequestAvailableCount(int keytype, const char* datetime,
598  KSM_PARCOLL* parameters, int* count, int zone_id);
599 int KsmRequestGenerateCount(int keytype, int* count, int zone_id);
600 int KsmRequestStandbyKSKCount(int* count, int zone_id);
601 int KsmRequestCheckActiveKey(int keytype, const char* datetime, int* count, int zone_id);
602 int KsmRequestCountReadyKey(int keytype, const char* datetime, int* count, int zone_id);
603 int KsmRequestCheckFirstPass(int keytype, int* first_pass_flag, int zone_id);
604 int KsmRequestCheckCompromisedFlag(int keytype, int zone_id, int* comp_flag);
605 int KsmRequestIssueKeys(int keytype, KSM_REQUEST_CALLBACK callback,
606  void* context, int zone_id);
607 
608 int KsmRequestPrintKey(void* context, KSM_KEYDATA* data);
609 
610 int KsmRequestDNSSECKeys(const char* datetime, KSM_POLICY* policy);
611 int KsmRequestDNSSECKeysChangeStateRetireDead(KSM_KEY_POLICY *policy, const char* datetime, int verify);
612 int KsmRequestDNSSECKeysChangeState(KSM_KEY_POLICY *policy, const char* datetime, int src_state, int dst_state, int verify);
613 int KsmRequestDNSSECKeysChangeStatePublishReady(KSM_KEY_POLICY *policy, const char* datetime, int verify);
614 int KsmRequestDNSSECKeysChangeStateGeneratePublishConditional(KSM_POLICY *policy, KSM_KEY_POLICY *key_policy, const char* datetime, int verify);
615 int KsmRequestDNSSECKeysSetActiveExpectedRetire(int keytype, const char* datetime, int verify);
616 int KsmRequestDNSSECKeysPendingRetireCount(KSM_KEY_POLICY, const char* datetime, int* count);
617 
622 int KsmPolicySigningInterval(KSM_PARCOLL* collection);
625 int KsmPolicyZskTtl(KSM_PARCOLL* collection);
627 
628 /* KsmImport */
629 int KsmImportRepository(const char* repo_name, const char* repo_capacity, int require_backup);
630 int KsmImportPolicy(const char* policy_name, const char* policy_description);
631 int KsmImportZone(const char* zone_name, int policy_id, int fail_if_exists, int *new_zone, const char* signconf, const char* input, const char* output, const char* input_type, const char* output_type);
632 int KsmImportKeyPair(int policy_id, const char* HSMKeyID, int smID, int size, int alg, int state, const char* time, int fixDate, DB_ID* id);
633 int KsmSmIdFromName(const char* name, int *id);
634 int KsmSerialIdFromName(const char* name, int *id);
635 int KsmPolicyIdFromName(const char* name, int *id);
636 int KsmMarkPreBackup(int repo_id, const char* datetime);
637 int KsmRollbackMarkPreBackup(int repo_id);
638 int KsmMarkBackup(int repo_id, const char* datetime);
639 int KsmCheckHSMkeyID(int repo_id, const char* cka_id, int *exists);
640 
641 /* KsmList */
642 int KsmListBackups(int repo_id, int verbose_flag);
643 int KsmListRepos();
644 int KsmListPolicies();
645 int KsmListRollovers(int zone_id, int* ds_count);
646 int KsmCheckNextRollover(int keytype, int zone_id, char** datetime);
647 
648 #ifdef __cplusplus
649 };
650 #endif
651 
652 #endif /* KSM_KSM_H */
int KsmCheckHSMkeyID(int repo_id, const char *cka_id, int *exists)
Definition: ksm_import.c:723
int KsmPolicyInit(DB_RESULT *handle, const char *name)
Definition: ksm_policy.c:69
unsigned long sm_capacity
Definition: ksm.h:214
int zone_id
Definition: ksm.h:118
int siglifetime
Definition: ksm.h:105
int revoke
Definition: ksm.h:502
int KsmZoneIdAndPolicyFromName(const char *zone_name, int *policy_id, int *zone_id)
Definition: ksm_zone.c:310
int KsmRequestChangeStateN(int keytype, const char *datetime, int count, int src_state, int dst_state, int zone_id)
Definition: ksm_request.c:1066
int KsmRequestCheckFirstPass(int keytype, int *first_pass_flag, int zone_id)
Definition: ksm_request.c:1955
int overlap
Definition: ksm.h:216
int KsmRequestChangeStatePublishActive(int keytype, const char *datetime, int zone_id, int policy_id, int *NewDS)
Definition: ksm_request.c:705
int rfc5011
Definition: ksm.h:218
int backup_interval
Definition: ksm.h:227
int KsmPolicy(DB_RESULT handle, KSM_POLICY *data)
Definition: ksm_policy.c:191
int serial
Definition: ksm.h:235
int KsmDeleteKeyRanges(int limit[], int size)
int KsmPolicyZskTtl(KSM_PARCOLL *collection)
int KsmKeywordParameterExists(const char *name)
Definition: ksm_keyword.c:286
int kskttl
Definition: ksm.h:492
int KsmKeywordTypeNameToValue(const char *name)
Definition: ksm_keyword.c:227
int KsmPolicySoaMin(KSM_SIGNER_POLICY *policy)
int KsmUpdate(int policy_id, int zone_id)
Definition: ksm_update.c:70
int KsmPolicyPropagationDelay(KSM_SIGNER_POLICY *policy)
int soa_min
Definition: ksm.h:234
void KsmUpdateDeadKeyTime(KSM_KEYDATA *data)
Definition: ksm_update.c:432
int KsmRequestIssueKeys(int keytype, KSM_REQUEST_CALLBACK callback, void *context, int zone_id)
Definition: ksm_request.c:2073
int flags
Definition: ksm.h:126
int KsmMarkPreBackup(int repo_id, const char *datetime)
Definition: ksm_import.c:517
int KsmKeyCountQueue(int keytype, int *count, int zone_id)
Definition: ksm_key.c:664
int pub_safety
Definition: ksm.h:495
KSM_POLICY * KsmPolicyAlloc()
Definition: ksm_policy.c:959
int KsmParameterZskTtl(KSM_PARCOLL *collection)
int KsmParameter(DB_RESULT result, KSM_PARAMETER *data)
KSM_COMMON_KEY_POLICY * keys
Definition: ksm.h:252
int KsmZoneInit(DB_RESULT *handle, int policy_id)
Definition: ksm_zone.c:66
int KsmRequestChangeStateDSReadyKeyPublish(const char *datetime, int zone_id, int policy_id)
Definition: ksm_request.c:724
int state
Definition: ksm.h:102
int KsmParameterCollection(KSM_PARCOLL *data, int policy_id)
void KsmUpdateReadyKeyTime(KSM_KEYDATA *data, KSM_PARCOLL *collection, int zone_id)
Definition: ksm_update.c:311
int soa_ttl
Definition: ksm.h:233
int rfc5011
Definition: ksm.h:501
#define KSM_TIME_LENGTH
Definition: ksm.h:61
int KsmSerialIdFromName(const char *name, int *id)
Definition: ksm_import.c:427
KSM_KEY_POLICY * zsk
Definition: ksm.h:254
int KsmRequestDNSSECKeys(const char *datetime, KSM_POLICY *policy)
int KsmPolicyKeyLifetime(KSM_KEY_POLICY *policy)
#define KSM_ZONE_NAME_LENGTH
Definition: ksm.h:66
int bits
Definition: ksm.h:210
int KsmPolicySetIdFromName(KSM_POLICY *policy)
Definition: ksm_policy.c:817
int dsttl
Definition: ksm.h:499
int(* KSM_REQUEST_CALLBACK)(void *context, KSM_KEYDATA *key)
Definition: ksm.h:562
int KsmParameterKskLifetime(KSM_PARCOLL *collection)
int zsksiglife
Definition: ksm.h:489
int KsmKeyPairCreate(int policy_id, const char *HSMKeyID, int smID, int size, int alg, const char *generate, DB_ID *id)
Definition: ksm_key.c:84
int KsmImportZone(const char *zone_name, int policy_id, int fail_if_exists, int *new_zone, const char *signconf, const char *input, const char *output, const char *input_type, const char *output_type)
Definition: ksm_import.c:218
int KsmZone(DB_RESULT handle, KSM_ZONE *data)
Definition: ksm_zone.c:150
int KsmKeywordRollNameToValue(const char *name)
Definition: ksm_keyword.c:257
int manual_rollover
Definition: ksm.h:221
int KsmZoneCount(DB_RESULT handle, int *count)
Definition: ksm_zone.c:206
int value
Definition: ksm.h:159
int KsmPolicyUpdateSalt(KSM_POLICY *policy)
Definition: ksm_policy.c:501
int KsmRollbackMarkPreBackup(int repo_id)
Definition: ksm_import.c:580
int shared_keys
Definition: ksm.h:258
int KsmListPolicies()
Definition: ksm_list.c:306
void KsmUpdateActiveKeyTime(KSM_KEYDATA *data, KSM_PARCOLL *collection, int zone_id)
Definition: ksm_update.c:327
int KsmPolicyRead(KSM_POLICY *policy)
Definition: ksm_policy.c:232
int KsmRequestStandbyKSKCount(int *count, int zone_id)
Definition: ksm_request.c:1760
int clockskew
Definition: ksm.h:481
int KsmParameterSoaMin(KSM_PARCOLL *collection)
int regdelay
Definition: ksm.h:494
int ret_safety
Definition: ksm.h:496
const char * KsmKeywordRollValueToName(int value)
Definition: ksm_keyword.c:262
int KsmRundown(void)
int KsmRequestChangeState(int keytype, const char *datetime, int src_state, int dst_state, int zone_id, int policy_id, int rollover_scheme, int rfc5011, int revoke, int *NewDS)
Definition: ksm_request.c:789
#define KSM_ADAPTER_NAME_LENGTH
Definition: ksm.h:67
int ksklife
Definition: ksm.h:482
int KsmRequestSetActiveExpectedRetire(int keytype, const char *datetime, int zone_id)
Definition: ksm_request.c:532
int algorithm
Definition: ksm.h:209
int KsmParameterKskTtl(KSM_PARCOLL *collection)
int KsmKeyQuery(const char *sql, DB_RESULT *result)
const char * KsmKeywordStateValueToName(int value)
Definition: ksm_keyword.c:242
void KsmUpdateKEYPublishKeyTime(KSM_KEYDATA *data, KSM_PARCOLL *collection, int zone_id)
Definition: ksm_update.c:497
int KsmCheckNextRollover(int keytype, int zone_id, char **datetime)
Definition: ksm_list.c:457
int KsmParameterZskLifetime(KSM_PARCOLL *collection)
int KsmPolicyIdFromName(const char *name, int *id)
Definition: ksm_import.c:470
int roll_scheme
Definition: ksm.h:127
#define KSM_NAME_LENGTH
Definition: ksm.h:57
int KsmKeyInitId(DB_RESULT *result, DB_ID id)
Definition: ksm_key.c:328
int KsmDNSSECKeysInSMCountInit(DB_RESULT *handle, int policy_id)
int KsmRequestCheckActiveKey(int keytype, const char *datetime, int *count, int zone_id)
Definition: ksm_request.c:1839
int KsmPolicyParameter(DB_RESULT handle, KSM_POLICY_PARAMETER *data)
Definition: ksm_policy.c:372
int KsmParameterKskPropagationDelay(KSM_PARCOLL *collection)
int KsmRequestDNSSECKeysChangeState(KSM_KEY_POLICY *policy, const char *datetime, int src_state, int dst_state, int verify)
int KsmSmIdFromName(const char *name, int *id)
Definition: ksm_import.c:398
int keygeninterval
Definition: ksm.h:228
int KsmPolicyReadFromId(KSM_POLICY *policy)
Definition: ksm_policy.c:420
int saltlength
Definition: ksm.h:195
int policy_id
Definition: ksm.h:288
int KsmPolicyIdFromZoneId(int zone_id, int *policy_id)
Definition: ksm_policy.c:866
int kskmanroll
Definition: ksm.h:497
int KsmParameterSoaTtl(KSM_PARCOLL *collection)
int KsmPolicyParametersInit(DB_RESULT *handle, const char *name)
Definition: ksm_policy.c:110
KSM_PARENT_POLICY * parent
Definition: ksm.h:257
int KsmPolicySoaTtl(KSM_SIGNER_POLICY *policy)
int KsmRequestDNSSECKeysChangeStatePublishReady(KSM_KEY_POLICY *policy, const char *datetime, int verify)
KSM_DENIAL_POLICY * denial
Definition: ksm.h:251
int KsmParameterStandbyZSKeys(KSM_PARCOLL *collection)
int KsmZoneIdFromName(const char *zone_name, int *zone_id)
Definition: ksm_zone.c:247
KSM_KEY_POLICY * ksk
Definition: ksm.h:253
void KsmUpdateGenerateKeyTime(KSM_KEYDATA *data)
Definition: ksm_update.c:222
int KsmInit(void)
int KsmListRollovers(int zone_id, int *ds_count)
Definition: ksm_list.c:369
unsigned long DB_ID
Definition: database.h:78
void KsmUpdatePublishKeyTime(KSM_KEYDATA *data, KSM_PARCOLL *collection, int zone_id)
Definition: ksm_update.c:240
KSM_ZONE_POLICY * zone
Definition: ksm.h:256
int KsmParameterValue(const char *name, const char *category, int *value, int policy_id, int *parameter_id)
int KsmKeywordStateNameToValue(const char *name)
Definition: ksm_keyword.c:222
int KsmListRepos()
Definition: ksm_list.c:242
int KsmParameterClockskew(KSM_PARCOLL *collection)
int KsmKeyInitSql(DB_RESULT *result, const char *sql)
Definition: ksm_key.c:219
int KsmRequestCountReadyKey(int keytype, const char *datetime, int *count, int zone_id)
Definition: ksm_request.c:1903
int revoke
Definition: ksm.h:129
int propdelay
Definition: ksm.h:232
int KsmCollectionInit(KSM_PARCOLL *data)
int securitymodule_id
Definition: ksm.h:113
int KsmParameterRegistrationDelay(KSM_PARCOLL *collection)
int type
Definition: ksm.h:219
int KsmImportPolicy(const char *policy_name, const char *policy_description)
Definition: ksm_import.c:147
int propdelay
Definition: ksm.h:485
void KsmPolicyFree(KSM_POLICY *policy)
Definition: ksm_policy.c:997
#define KSM_PATH_LENGTH
Definition: ksm.h:59
int KsmKey(DB_RESULT result, KSM_KEYDATA *data)
Definition: ksm_key.c:368
KSM_SIGNER_POLICY * signer
Definition: ksm.h:249
int KsmParameterPropagationDelay(KSM_PARCOLL *collection)
int KsmParameterInitialPublicationInterval(KSM_PARCOLL *collection)
int size
Definition: ksm.h:114
int standby_keys
Definition: ksm.h:220
int KsmParameterRevoke(KSM_PARCOLL *collection)
#define KSM_SALT_LENGTH
Definition: ksm.h:65
int KsmPolicyStandbyKeys(KSM_KEY_POLICY *policy)
int KsmRequestAvailableCount(int keytype, const char *datetime, KSM_PARCOLL *parameters, int *count, int zone_id)
Definition: ksm_request.c:1640
int KsmPolicyUpdateDesc(int policy_id, const char *policy_description)
Definition: ksm_policy.c:929
int KsmKeyPredict(int policy_id, int keytype, int shared_keys, int interval, int *count, int rollover_scheme, int zone_count)
Definition: ksm_key.c:571
int KsmMarkKeysAsDead(int zone_id)
Definition: ksm_key.c:957
const char * KsmKeywordSerialValueToName(int value)
Definition: ksm_keyword.c:252
int KsmDNSSECKeysStateCountInit(DB_RESULT *result, int policy_id, KSM_KEY_POLICY *key_policy, int state)
int KsmRequestChangeStateDSPublishDSReady(int keytype, const char *datetime, int zone_id, int policy_id)
Definition: ksm_request.c:717
int KsmPolicyNullSaltStamp(int policy_id)
Definition: ksm_policy.c:683
DB_ID dnsseckey_id
Definition: ksm.h:117
int rfc5011
Definition: ksm.h:128
int keytype
Definition: ksm.h:103
int KsmRequestGenerateCount(int keytype, int *count, int zone_id)
Definition: ksm_request.c:1710
int KsmRequestChangeStateRetireDead(int keytype, const char *datetime, int zone_id, int policy_id, int rollover_scheme, int *NewDS)
Definition: ksm_request.c:744
int KsmKeyInit(DB_RESULT *result, DQS_QUERY_CONDITION *condition)
Definition: ksm_key.c:251
int KsmRequestDNSSECKeysChangeStateRetireDead(KSM_KEY_POLICY *policy, const char *datetime, int verify)
int KsmRequestChangeStateGeneratePublish(int keytype, const char *datetime, int count, int zone_id)
Definition: ksm_request.c:1011
int KsmRequestDNSSECKeysSetActiveExpectedRetire(int keytype, const char *datetime, int verify)
int propdelay
Definition: ksm.h:239
int fixedDate
Definition: ksm.h:119
char * description
Definition: ksm.h:248
int KsmParameterShow(const char *name, const char *category, int policy_id)
int algorithm
Definition: ksm.h:104
int propdelay
Definition: ksm.h:175
int KsmRequestChangeStateGenerateDSSubConditional(int keytype, const char *datetime, KSM_PARCOLL *collection, int zone_id, int *NewDS)
Definition: ksm_request.c:1285
int zskttl
Definition: ksm.h:491
int KsmDNSSECKeysInSMCount(DB_RESULT handle, int *count)
int KsmRequestKeysByType(int keytype, int rollover, const char *datetime, KSM_REQUEST_CALLBACK callback, void *context, int policy_id, int zone_id, int run_interval, int *NewDS)
Definition: ksm_request.c:210
int KsmRequestChangeStateGeneratePublishConditional(int keytype, const char *datetime, KSM_PARCOLL *collection, int zone_id, int run_interval)
Definition: ksm_request.c:1390
int KsmDeleteZone(int zone_id)
Definition: ksm_zone.c:372
void KsmParameterCollectionCache(int enable)
int KsmPolicySigningInterval(KSM_PARCOLL *collection)
int parameter_id
Definition: ksm.h:160
int KsmZoneNameFromId(int zone_id, char **zone_name)
Definition: ksm_zone.c:412
int KsmParameterSigningInterval(KSM_PARCOLL *collection)
int KsmPolicyPopulateSMFromIds(KSM_POLICY *policy)
Definition: ksm_policy.c:716
int KsmParameterPubSafety(KSM_PARCOLL *collection)
int standbyzsks
Definition: ksm.h:484
DB_ID keypair_id
Definition: ksm.h:101
int KsmParameterExist(DB_RESULT *result, const char *name, const char *category, int *parameter_id)
void KsmParameterEnd(DB_RESULT result)
int KsmImportKeyPair(int policy_id, const char *HSMKeyID, int smID, int size, int alg, int state, const char *time, int fixDate, DB_ID *id)
Definition: ksm_import.c:344
int sm
Definition: ksm.h:212
int KsmKeyGetUnallocated(int policy_id, int sm, int bits, int algorithm, int zone_id, int share_keys, int *keypair_id)
Definition: ksm_key.c:881
int KsmKeyData(DB_ID id, KSM_KEYDATA *data)
Definition: ksm_key.c:507
const char * KsmKeywordTypeValueToName(int value)
Definition: ksm_keyword.c:247
void KsmUpdateKey(KSM_KEYDATA *data, KSM_PARCOLL *collection, int zone_id)
Definition: ksm_update.c:150
int KsmDnssecKeyCreate(int zone_id, int keypair_id, int keytype, int state, int rfc5011, const char *time, const char *retTime, DB_ID *id)
Definition: ksm_key.c:141
int signint
Definition: ksm.h:486
int KsmParameterInit(DB_RESULT *result, const char *name, const char *category, int policy_id)
Definition: ksm_parameter.c:83
void KsmUpdateDSPublishKeyTime(KSM_KEYDATA *data, KSM_PARCOLL *collection, int zone_id)
Definition: ksm_update.c:451
int kskpropdelay
Definition: ksm.h:493
int KsmPolicyExists(const char *name)
Definition: ksm_policy.c:151
int policy_id
Definition: ksm.h:115
int KsmRequestChangeStateKeyPublishActive(const char *datetime, int zone_id, int policy_id, int *NewDS)
Definition: ksm_request.c:731
int KsmParameterRetSafety(KSM_PARCOLL *collection)
int KsmRequestPrintKey(void *context, KSM_KEYDATA *data)
Definition: ksm_request.c:2152
int id
Definition: ksm.h:246
int KsmKeywordParameterNameToValue(const char *name)
Definition: ksm_keyword.c:217
const char * KsmKeywordFormatValueToName(int value)
Definition: ksm_keyword.c:237
int ttl
Definition: ksm.h:217
int require_backup
Definition: ksm.h:215
int KsmRequestPendingRetireCount(int keytype, const char *datetime, KSM_PARCOLL *parameters, int *count, int zone_id, int interval)
Definition: ksm_request.c:1507
int zsklife
Definition: ksm.h:490
int KsmRequestChangeStatePublishReady(int keytype, const char *datetime, int zone_id, int policy_id, int rfc5011, int *NewDS)
Definition: ksm_request.c:699
int KsmZoneCountInit(DB_RESULT *handle, int id)
Definition: ksm_zone.c:107
int KsmKeywordFormatNameToValue(const char *name)
Definition: ksm_keyword.c:212
int KsmParameterSet(const char *name, const char *category, int value, int policy_id)
KSM_ENFORCER_POLICY * enforcer
Definition: ksm.h:255
int KsmImportRepository(const char *repo_name, const char *repo_capacity, int require_backup)
Definition: ksm_import.c:70
int KsmRequestCheckCompromisedFlag(int keytype, int zone_id, int *comp_flag)
Definition: ksm_request.c:2011
int KsmPolicyClockskew(KSM_SIGNATURE_POLICY *policy)
int KsmRequestChangeStateReadyActiveN(int keytype, const char *datetime, int count, int zone_id)
Definition: ksm_request.c:1025
int KsmKeywordAlgorithmNameToValue(const char *name)
Definition: ksm_keyword.c:207
int KsmParameterStandbyKSKeys(KSM_PARCOLL *collection)
int KsmDeleteKeyRange(int minid, int maxid)
int algorithm
Definition: ksm.h:191
int KsmListBackups(int repo_id, int verbose_flag)
Definition: ksm_list.c:64
void KsmUpdateRetireKeyTime(KSM_KEYDATA *data, KSM_PARCOLL *collection, int zone_id)
Definition: ksm_update.c:377
int KSM_ID
Definition: ksm.h:48
int rollover_scheme
Definition: ksm.h:222
void KsmKeyEnd(DB_RESULT result)
Definition: ksm_key.c:478
int id
Definition: ksm.h:287
int standbyksks
Definition: ksm.h:483
int KsmPolicyNameFromId(KSM_POLICY *policy)
Definition: ksm_policy.c:433
int KsmRequestKeys(int keytype, int rollover, const char *datetime, KSM_REQUEST_CALLBACK callback, void *context, int policy_id, int zone_id, int run_interval, int *NewDS)
Definition: ksm_request.c:95
int lifetime
Definition: ksm.h:211
int KsmMarkBackup(int repo_id, const char *datetime)
Definition: ksm_import.c:650
int iteration
Definition: ksm.h:192
int KsmRequestChangeStateActiveRetire(int keytype, const char *datetime, int zone_id, int policy_id, int revoke)
Definition: ksm_request.c:737
Definition: ksm.h:286
int soattl
Definition: ksm.h:488
int zskmanroll
Definition: ksm.h:498
int KsmKeyCountStillGood(int policy_id, int sm, int bits, int algorithm, int interval, const char *datetime, int *count, int keytype)
Definition: ksm_key.c:743
int KsmKillKey(int keypair_id, int zone_id)
Definition: ksm_key.c:1019
int KsmUpdateKeyTime(const KSM_KEYDATA *data, const char *source, const char *destination, int interval, int zone_id)
Definition: ksm_update.c:561
int KsmPolicyInitialPublicationInterval(KSM_POLICY *policy)
void KsmPurge(void)
Definition: ksm_purge.c:52
KSM_SIGNATURE_POLICY * signature
Definition: ksm.h:250
int KsmRequestChangeStateGenerateDSSub(int keytype, const char *datetime, int count, int zone_id)
Definition: ksm_request.c:1018
int KsmRequestChangeStateReadyActive(int keytype, const char *datetime, int zone_id, int policy_id, int *NewDS)
Definition: ksm_request.c:711
int soamin
Definition: ksm.h:487
int KsmRequestDNSSECKeysPendingRetireCount(KSM_KEY_POLICY, const char *datetime, int *count)
int KsmRequestDNSSECKeysChangeStateGeneratePublishConditional(KSM_POLICY *policy, KSM_KEY_POLICY *key_policy, const char *datetime, int verify)
int kskroll
Definition: ksm.h:500
const char * KsmKeywordAlgorithmValueToName(int value)
Definition: ksm_keyword.c:232
int KsmParameterRfc5011(KSM_PARCOLL *collection)