1*00b67f09SDavid van Moolenbroek /* $NetBSD: nsec3hash.c,v 1.6 2014/12/10 04:37:54 christos Exp $ */
2*00b67f09SDavid van Moolenbroek
3*00b67f09SDavid van Moolenbroek /*
4*00b67f09SDavid van Moolenbroek * Copyright (C) 2006, 2008, 2009, 2011, 2014 Internet Systems Consortium, Inc. ("ISC")
5*00b67f09SDavid van Moolenbroek *
6*00b67f09SDavid van Moolenbroek * Permission to use, copy, modify, and/or distribute this software for any
7*00b67f09SDavid van Moolenbroek * purpose with or without fee is hereby granted, provided that the above
8*00b67f09SDavid van Moolenbroek * copyright notice and this permission notice appear in all copies.
9*00b67f09SDavid van Moolenbroek *
10*00b67f09SDavid van Moolenbroek * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
11*00b67f09SDavid van Moolenbroek * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
12*00b67f09SDavid van Moolenbroek * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
13*00b67f09SDavid van Moolenbroek * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
14*00b67f09SDavid van Moolenbroek * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
15*00b67f09SDavid van Moolenbroek * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
16*00b67f09SDavid van Moolenbroek * PERFORMANCE OF THIS SOFTWARE.
17*00b67f09SDavid van Moolenbroek */
18*00b67f09SDavid van Moolenbroek
19*00b67f09SDavid van Moolenbroek /* Id: nsec3hash.c,v 1.8 2011/11/02 23:46:24 tbox Exp */
20*00b67f09SDavid van Moolenbroek
21*00b67f09SDavid van Moolenbroek #include <config.h>
22*00b67f09SDavid van Moolenbroek
23*00b67f09SDavid van Moolenbroek #include <stdlib.h>
24*00b67f09SDavid van Moolenbroek #include <stdarg.h>
25*00b67f09SDavid van Moolenbroek
26*00b67f09SDavid van Moolenbroek #include <isc/base32.h>
27*00b67f09SDavid van Moolenbroek #include <isc/buffer.h>
28*00b67f09SDavid van Moolenbroek #include <isc/hex.h>
29*00b67f09SDavid van Moolenbroek #include <isc/iterated_hash.h>
30*00b67f09SDavid van Moolenbroek #include <isc/print.h>
31*00b67f09SDavid van Moolenbroek #include <isc/result.h>
32*00b67f09SDavid van Moolenbroek #include <isc/string.h>
33*00b67f09SDavid van Moolenbroek #include <isc/types.h>
34*00b67f09SDavid van Moolenbroek
35*00b67f09SDavid van Moolenbroek #include <dns/fixedname.h>
36*00b67f09SDavid van Moolenbroek #include <dns/name.h>
37*00b67f09SDavid van Moolenbroek #include <dns/nsec3.h>
38*00b67f09SDavid van Moolenbroek #include <dns/types.h>
39*00b67f09SDavid van Moolenbroek
40*00b67f09SDavid van Moolenbroek const char *program = "nsec3hash";
41*00b67f09SDavid van Moolenbroek
42*00b67f09SDavid van Moolenbroek ISC_PLATFORM_NORETURN_PRE static void
43*00b67f09SDavid van Moolenbroek fatal(const char *format, ...) ISC_PLATFORM_NORETURN_POST;
44*00b67f09SDavid van Moolenbroek
45*00b67f09SDavid van Moolenbroek static void
fatal(const char * format,...)46*00b67f09SDavid van Moolenbroek fatal(const char *format, ...) {
47*00b67f09SDavid van Moolenbroek va_list args;
48*00b67f09SDavid van Moolenbroek
49*00b67f09SDavid van Moolenbroek fprintf(stderr, "%s: ", program);
50*00b67f09SDavid van Moolenbroek va_start(args, format);
51*00b67f09SDavid van Moolenbroek vfprintf(stderr, format, args);
52*00b67f09SDavid van Moolenbroek va_end(args);
53*00b67f09SDavid van Moolenbroek fprintf(stderr, "\n");
54*00b67f09SDavid van Moolenbroek exit(1);
55*00b67f09SDavid van Moolenbroek }
56*00b67f09SDavid van Moolenbroek
57*00b67f09SDavid van Moolenbroek static void
check_result(isc_result_t result,const char * message)58*00b67f09SDavid van Moolenbroek check_result(isc_result_t result, const char *message) {
59*00b67f09SDavid van Moolenbroek if (result != ISC_R_SUCCESS)
60*00b67f09SDavid van Moolenbroek fatal("%s: %s", message, isc_result_totext(result));
61*00b67f09SDavid van Moolenbroek }
62*00b67f09SDavid van Moolenbroek
63*00b67f09SDavid van Moolenbroek static void
usage(void)64*00b67f09SDavid van Moolenbroek usage(void) {
65*00b67f09SDavid van Moolenbroek fprintf(stderr, "Usage: %s salt algorithm iterations domain\n",
66*00b67f09SDavid van Moolenbroek program);
67*00b67f09SDavid van Moolenbroek exit(1);
68*00b67f09SDavid van Moolenbroek }
69*00b67f09SDavid van Moolenbroek
70*00b67f09SDavid van Moolenbroek int
main(int argc,char ** argv)71*00b67f09SDavid van Moolenbroek main(int argc, char **argv) {
72*00b67f09SDavid van Moolenbroek dns_fixedname_t fixed;
73*00b67f09SDavid van Moolenbroek dns_name_t *name;
74*00b67f09SDavid van Moolenbroek isc_buffer_t buffer;
75*00b67f09SDavid van Moolenbroek isc_region_t region;
76*00b67f09SDavid van Moolenbroek isc_result_t result;
77*00b67f09SDavid van Moolenbroek unsigned char hash[NSEC3_MAX_HASH_LENGTH];
78*00b67f09SDavid van Moolenbroek unsigned char salt[DNS_NSEC3_SALTSIZE];
79*00b67f09SDavid van Moolenbroek unsigned char text[1024];
80*00b67f09SDavid van Moolenbroek unsigned int hash_alg;
81*00b67f09SDavid van Moolenbroek unsigned int length;
82*00b67f09SDavid van Moolenbroek unsigned int iterations;
83*00b67f09SDavid van Moolenbroek unsigned int salt_length;
84*00b67f09SDavid van Moolenbroek
85*00b67f09SDavid van Moolenbroek if (argc != 5)
86*00b67f09SDavid van Moolenbroek usage();
87*00b67f09SDavid van Moolenbroek
88*00b67f09SDavid van Moolenbroek if (strcmp(argv[1], "-") == 0) {
89*00b67f09SDavid van Moolenbroek salt_length = 0;
90*00b67f09SDavid van Moolenbroek salt[0] = 0;
91*00b67f09SDavid van Moolenbroek } else {
92*00b67f09SDavid van Moolenbroek isc_buffer_init(&buffer, salt, sizeof(salt));
93*00b67f09SDavid van Moolenbroek result = isc_hex_decodestring(argv[1], &buffer);
94*00b67f09SDavid van Moolenbroek check_result(result, "isc_hex_decodestring(salt)");
95*00b67f09SDavid van Moolenbroek salt_length = isc_buffer_usedlength(&buffer);
96*00b67f09SDavid van Moolenbroek if (salt_length > DNS_NSEC3_SALTSIZE)
97*00b67f09SDavid van Moolenbroek fatal("salt too long");
98*00b67f09SDavid van Moolenbroek }
99*00b67f09SDavid van Moolenbroek hash_alg = atoi(argv[2]);
100*00b67f09SDavid van Moolenbroek if (hash_alg > 255U)
101*00b67f09SDavid van Moolenbroek fatal("hash algorithm too large");
102*00b67f09SDavid van Moolenbroek iterations = atoi(argv[3]);
103*00b67f09SDavid van Moolenbroek if (iterations > 0xffffU)
104*00b67f09SDavid van Moolenbroek fatal("iterations to large");
105*00b67f09SDavid van Moolenbroek
106*00b67f09SDavid van Moolenbroek dns_fixedname_init(&fixed);
107*00b67f09SDavid van Moolenbroek name = dns_fixedname_name(&fixed);
108*00b67f09SDavid van Moolenbroek isc_buffer_init(&buffer, argv[4], strlen(argv[4]));
109*00b67f09SDavid van Moolenbroek isc_buffer_add(&buffer, strlen(argv[4]));
110*00b67f09SDavid van Moolenbroek result = dns_name_fromtext(name, &buffer, dns_rootname, 0, NULL);
111*00b67f09SDavid van Moolenbroek check_result(result, "dns_name_fromtext() failed");
112*00b67f09SDavid van Moolenbroek
113*00b67f09SDavid van Moolenbroek dns_name_downcase(name, name, NULL);
114*00b67f09SDavid van Moolenbroek length = isc_iterated_hash(hash, hash_alg, iterations, salt,
115*00b67f09SDavid van Moolenbroek salt_length, name->ndata, name->length);
116*00b67f09SDavid van Moolenbroek if (length == 0)
117*00b67f09SDavid van Moolenbroek fatal("isc_iterated_hash failed");
118*00b67f09SDavid van Moolenbroek region.base = hash;
119*00b67f09SDavid van Moolenbroek region.length = length;
120*00b67f09SDavid van Moolenbroek isc_buffer_init(&buffer, text, sizeof(text));
121*00b67f09SDavid van Moolenbroek isc_base32hexnp_totext(®ion, 1, "", &buffer);
122*00b67f09SDavid van Moolenbroek fprintf(stdout, "%.*s (salt=%s, hash=%u, iterations=%u)\n",
123*00b67f09SDavid van Moolenbroek (int)isc_buffer_usedlength(&buffer), text, argv[1], hash_alg, iterations);
124*00b67f09SDavid van Moolenbroek return(0);
125*00b67f09SDavid van Moolenbroek }
126