Lines Matching defs:kasp
32 #include <dns/kasp.h>
69 dns_kasp_getname(kasp)); \
132 keymgr_settime_remove(dns_dnsseckey_t *key, dns_kasp_t *kasp) {
147 dns_ttl_t ttlsig = dns_kasp_zonemaxttl(kasp, true);
150 retire + ttlsig + dns_kasp_zonepropagationdelay(kasp) +
151 dns_kasp_retiresafety(kasp) + dns_kasp_signdelay(kasp);
156 ksk_remove = retire + dns_kasp_dsttl(kasp) +
157 dns_kasp_parentpropagationdelay(kasp) +
158 dns_kasp_retiresafety(kasp);
170 dns_keymgr_settime_syncpublish(dst_key_t *key, dns_kasp_t *kasp, bool first) {
188 dns_kasp_zonepropagationdelay(kasp) +
189 dns_kasp_publishsafety(kasp);
193 dns_ttl_t ttlsig = dns_kasp_zonemaxttl(kasp, true);
195 dns_kasp_zonepropagationdelay(kasp) +
196 dns_kasp_publishsafety(kasp);
219 keymgr_prepublication_time(dns_dnsseckey_t *key, dns_kasp_t *kasp,
252 prepub = dst_key_getttl(key->key) + dns_kasp_publishsafety(kasp) +
253 dns_kasp_zonepropagationdelay(kasp);
275 dns_ttl_t ttlsig = dns_kasp_zonemaxttl(kasp,
278 dns_kasp_publishsafety(kasp) +
279 dns_kasp_zonepropagationdelay(kasp);
322 keymgr_settime_remove(key, kasp);
335 keymgr_key_retire(dns_dnsseckey_t *key, dns_kasp_t *kasp, isc_stdtime_t now) {
351 keymgr_settime_remove(key, kasp);
393 keymgr_key_update_lifetime(dns_dnsseckey_t *key, dns_kasp_t *kasp,
422 keymgr_settime_remove(key, kasp);
462 * Create a new key for 'origin' given the kasp key configuration 'kkey'.
469 dns_kasp_t *kasp, dns_rdataclass_t rdclass, isc_mem_t *mctx,
492 keystore, origin, dns_kasp_getname(kasp),
1287 dst_key_state_t next_state, dns_kasp_t *kasp,
1291 dns_ttl_t ttlsig = dns_kasp_zonemaxttl(kasp, true);
1325 dns_kasp_zonepropagationdelay(kasp) +
1326 dns_kasp_publishsafety(kasp);
1334 dns_kasp_zonepropagationdelay(kasp);
1365 dns_kasp_zonepropagationdelay(kasp) +
1366 dns_kasp_retiresafety(kasp);
1379 nexttime += dns_kasp_signdelay(kasp);
1417 dstime + dns_kasp_dsttl(kasp) +
1418 dns_kasp_parentpropagationdelay(kasp) +
1419 dns_kasp_retiresafety(kasp);
1431 dstime + dns_kasp_dsttl(kasp) +
1432 dns_kasp_parentpropagationdelay(kasp) +
1433 dns_kasp_retiresafety(kasp);
1455 keymgr_update(dns_dnsseckeylist_t *keyring, dns_kasp_t *kasp, isc_stdtime_t now,
1562 keymgr_transition_time(dkey, i, next_state, kasp, now,
1614 keymgr_key_init(dns_dnsseckey_t *key, dns_kasp_t *kasp, isc_stdtime_t now,
1642 dns_ttl_t ttlsig = dns_kasp_zonemaxttl(kasp, true);
1643 ttlsig += dns_kasp_zonepropagationdelay(kasp);
1654 key_ttl += dns_kasp_zonepropagationdelay(kasp);
1664 dns_ttl_t ds_ttl = dns_kasp_dsttl(kasp);
1665 ds_ttl += dns_kasp_parentpropagationdelay(kasp);
1675 dns_ttl_t ttlsig = dns_kasp_zonemaxttl(kasp, true);
1676 ttlsig += dns_kasp_zonepropagationdelay(kasp);
1688 key_ttl += dns_kasp_zonepropagationdelay(kasp);
1725 dns_kasp_t *kasp, const char *keydir, uint32_t lifetime,
1743 dns_kasp_getname(kasp));
1750 prepub = keymgr_prepublication_time(active_key, kasp, lifetime,
1763 dns_kasp_getname(kasp), (prepub - now));
1785 dns_kasp_getname(kasp));
1797 dns_kasp_getname(kasp));
1810 dns_kasp_getname(kasp));
1819 namestr, dns_kasp_getname(kasp));
1845 keymgr_createkey(kaspkey, origin, kasp, rdclass, mctx,
1850 dst_key_setttl(dst_key, dns_kasp_dnskeyttl(kasp));
1853 keymgr_key_init(new_key, kasp, now, csk);
1862 * If there is no active key found yet for this kasp
1867 dns_keymgr_settime_syncpublish(new_key->key, kasp, true);
1899 dns_keymgr_settime_syncpublish(new_key->key, kasp, false);
1919 keymgr_settime_remove(new_key, kasp);
1936 dns_kasp_getname(kasp));
2029 * Examine 'keys' and match 'kasp' policy.
2036 dns_kasp_t *kasp, isc_stdtime_t now, isc_stdtime_t *nexttime) {
2049 REQUIRE(DNS_KASP_VALID(kasp));
2064 namebuf, dns_kasp_getname(kasp));
2074 dns_kasp_getname(kasp));
2083 dns_kasp_getname(kasp));
2099 keymgr_key_init(dkey, kasp, now, (numkeys == 1));
2101 for (kkey = ISC_LIST_HEAD(dns_kasp_keys(kasp)); kkey != NULL;
2112 keymgr_key_retire(dkey, kasp, now);
2117 dns_kasp_purgekeys(kasp), now))
2125 dns_kasp_getname(kasp));
2135 for (kkey = ISC_LIST_HEAD(dns_kasp_keys(kasp)); kkey != NULL;
2142 /* Do we have keys available for this kasp key? */
2156 dns_kasp_getname(kasp));
2159 keymgr_key_update_lifetime(dkey, kasp, now,
2164 * matches the kasp policy.
2176 * the kasp key configuration.
2179 keymgr_key_retire(dkey, kasp,
2221 dns_kasp_getname(kasp));
2231 origin, rdclass, kasp, keydir,
2236 /* Walked all kasp key configurations. Append new keys. */
2245 secure_to_insecure = dns_kasp_keylist_empty(kasp);
2248 keymgr_update(keyring, kasp, now, nexttime, secure_to_insecure);
2255 if (dst_key_getttl(dkey->key) != dns_kasp_dnskeyttl(kasp)) {
2256 dst_key_setttl(dkey->key, dns_kasp_dnskeyttl(kasp));
2278 directory, dns_kasp_getname(kasp));
2306 keymgr_checkds(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring,
2314 REQUIRE(DNS_KASP_VALID(kasp));
2392 dns_keymgr_checkds(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring,
2394 return keymgr_checkds(kasp, keyring, now, when, dspublish, 0, 0, false);
2398 dns_keymgr_checkds_id(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring,
2401 return keymgr_checkds(kasp, keyring, now, when, dspublish, id, alg,
2431 rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, isc_stdtime_t now,
2489 dkey, kasp,
2536 dns_keymgr_status(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring,
2541 REQUIRE(DNS_KASP_VALID(kasp));
2548 isc_buffer_printf(&buf, "dnssec-policy: %s\n", dns_kasp_getname(kasp));
2591 rollover_status(dkey, kasp, now, &buf, zsk);
2608 dns_keymgr_rollover(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring,
2617 REQUIRE(DNS_KASP_VALID(kasp));
2663 prepub = dst_key_getttl(key->key) + dns_kasp_publishsafety(kasp) +
2664 dns_kasp_zonepropagationdelay(kasp);
2686 dns_kasp_t *kasp, isc_stdtime_t now,
2713 keymgr_key_init(dkey, kasp, now, false);
2730 dns_ttl_t ttlsig = dns_kasp_zonemaxttl(kasp, true);
2731 ttlsig += dns_kasp_zonepropagationdelay(kasp);
2740 dns_kasp_retiresafety(kasp);
2747 key_ttl += dns_kasp_zonepropagationdelay(kasp);
2756 dns_kasp_publishsafety(kasp);
2762 dns_ttl_t ttlsig = dns_kasp_zonemaxttl(kasp, true);
2763 ttlsig += dns_kasp_zonepropagationdelay(kasp);
2772 dns_kasp_retiresafety(kasp);
2779 key_ttl += dns_kasp_zonepropagationdelay(kasp);
2789 dns_kasp_zonepropagationdelay(kasp);
2840 directory, dns_kasp_getname(kasp));