xref: /openbsd-src/usr.bin/dig/lib/dns/rdata/generic/nsec3_50.c (revision 1fb015a8af3a7e9b85db2510147a155826ef04d9) 
15185a700Sflorian /*
25185a700Sflorian  * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
35185a700Sflorian  *
45185a700Sflorian  * Permission to use, copy, modify, and/or distribute this software for any
55185a700Sflorian  * purpose with or without fee is hereby granted, provided that the above
65185a700Sflorian  * copyright notice and this permission notice appear in all copies.
75185a700Sflorian  *
85185a700Sflorian  * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
95185a700Sflorian  * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
105185a700Sflorian  * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
115185a700Sflorian  * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
125185a700Sflorian  * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
135185a700Sflorian  * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
145185a700Sflorian  * PERFORMANCE OF THIS SOFTWARE.
155185a700Sflorian  */
165185a700Sflorian 
17*1fb015a8Sflorian /* $Id: nsec3_50.c,v 1.13 2020/09/14 08:40:43 florian Exp $ */
185185a700Sflorian 
195185a700Sflorian /*
205185a700Sflorian  * Copyright (C) 2004  Nominet, Ltd.
215185a700Sflorian  *
225185a700Sflorian  * Permission to use, copy, modify, and distribute this software for any
235185a700Sflorian  * purpose with or without fee is hereby granted, provided that the above
245185a700Sflorian  * copyright notice and this permission notice appear in all copies.
255185a700Sflorian  *
265185a700Sflorian  * THE SOFTWARE IS PROVIDED "AS IS" AND NOMINET DISCLAIMS ALL WARRANTIES WITH
275185a700Sflorian  * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
285185a700Sflorian  * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
295185a700Sflorian  * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
305185a700Sflorian  * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
315185a700Sflorian  * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
325185a700Sflorian  * PERFORMANCE OF THIS SOFTWARE.
335185a700Sflorian  */
345185a700Sflorian 
355185a700Sflorian /* RFC 5155 */
365185a700Sflorian 
375185a700Sflorian #ifndef RDATA_GENERIC_NSEC3_50_C
385185a700Sflorian #define RDATA_GENERIC_NSEC3_50_C
395185a700Sflorian 
405185a700Sflorian #include <isc/base32.h>
415185a700Sflorian 
425185a700Sflorian static inline isc_result_t
totext_nsec3(ARGS_TOTEXT)435185a700Sflorian totext_nsec3(ARGS_TOTEXT) {
445185a700Sflorian 	isc_region_t sr;
455185a700Sflorian 	unsigned int i, j;
465185a700Sflorian 	unsigned char hash;
475185a700Sflorian 	unsigned char flags;
485185a700Sflorian 	char buf[sizeof("TYPE65535")];
495185a700Sflorian 	uint32_t iterations;
505185a700Sflorian 
515185a700Sflorian 	REQUIRE(rdata->type == dns_rdatatype_nsec3);
525185a700Sflorian 	REQUIRE(rdata->length != 0);
535185a700Sflorian 
545185a700Sflorian 	dns_rdata_toregion(rdata, &sr);
555185a700Sflorian 
565185a700Sflorian 	/* Hash */
575185a700Sflorian 	hash = uint8_fromregion(&sr);
585185a700Sflorian 	isc_region_consume(&sr, 1);
595185a700Sflorian 	snprintf(buf, sizeof(buf), "%u ", hash);
60873f12b9Sflorian 	RETERR(isc_str_tobuffer(buf, target));
615185a700Sflorian 
625185a700Sflorian 	/* Flags */
635185a700Sflorian 	flags = uint8_fromregion(&sr);
645185a700Sflorian 	isc_region_consume(&sr, 1);
655185a700Sflorian 	snprintf(buf, sizeof(buf), "%u ", flags);
66873f12b9Sflorian 	RETERR(isc_str_tobuffer(buf, target));
675185a700Sflorian 
685185a700Sflorian 	/* Iterations */
695185a700Sflorian 	iterations = uint16_fromregion(&sr);
705185a700Sflorian 	isc_region_consume(&sr, 2);
715185a700Sflorian 	snprintf(buf, sizeof(buf), "%u ", iterations);
72873f12b9Sflorian 	RETERR(isc_str_tobuffer(buf, target));
735185a700Sflorian 
745185a700Sflorian 	/* Salt */
755185a700Sflorian 	j = uint8_fromregion(&sr);
765185a700Sflorian 	isc_region_consume(&sr, 1);
775185a700Sflorian 	INSIST(j <= sr.length);
785185a700Sflorian 
795185a700Sflorian 	if (j != 0) {
805185a700Sflorian 		i = sr.length;
815185a700Sflorian 		sr.length = j;
825185a700Sflorian 		RETERR(isc_hex_totext(&sr, 1, "", target));
835185a700Sflorian 		sr.length = i - j;
845185a700Sflorian 	} else
85873f12b9Sflorian 		RETERR(isc_str_tobuffer("-", target));
865185a700Sflorian 
875185a700Sflorian 	if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0)
88873f12b9Sflorian 		RETERR(isc_str_tobuffer(" (", target));
89873f12b9Sflorian 	RETERR(isc_str_tobuffer(tctx->linebreak, target));
905185a700Sflorian 
915185a700Sflorian 	/* Next hash */
925185a700Sflorian 	j = uint8_fromregion(&sr);
935185a700Sflorian 	isc_region_consume(&sr, 1);
945185a700Sflorian 	INSIST(j <= sr.length);
955185a700Sflorian 
965185a700Sflorian 	i = sr.length;
975185a700Sflorian 	sr.length = j;
985185a700Sflorian 	RETERR(isc_base32hexnp_totext(&sr, 1, "", target));
995185a700Sflorian 	sr.length = i - j;
1005185a700Sflorian 
1015185a700Sflorian 	/*
1025185a700Sflorian 	 * Don't leave a trailing space when there's no typemap present.
1035185a700Sflorian 	 */
1045185a700Sflorian 	if (((tctx->flags & DNS_STYLEFLAG_MULTILINE) == 0) && (sr.length > 0)) {
105873f12b9Sflorian 		RETERR(isc_str_tobuffer(" ", target));
1065185a700Sflorian 	}
1075185a700Sflorian 	RETERR(typemap_totext(&sr, tctx, target));
1085185a700Sflorian 
1095185a700Sflorian 	if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0)
110873f12b9Sflorian 		RETERR(isc_str_tobuffer(" )", target));
1115185a700Sflorian 
1125185a700Sflorian 	return (ISC_R_SUCCESS);
1135185a700Sflorian }
1145185a700Sflorian 
1155185a700Sflorian static inline isc_result_t
fromwire_nsec3(ARGS_FROMWIRE)1165185a700Sflorian fromwire_nsec3(ARGS_FROMWIRE) {
1175185a700Sflorian 	isc_region_t sr, rr;
1185185a700Sflorian 	unsigned int saltlen, hashlen;
1195185a700Sflorian 
1205185a700Sflorian 	REQUIRE(type == dns_rdatatype_nsec3);
1215185a700Sflorian 
1225185a700Sflorian 	UNUSED(type);
1235185a700Sflorian 	UNUSED(rdclass);
1245185a700Sflorian 	UNUSED(options);
1255185a700Sflorian 	UNUSED(dctx);
1265185a700Sflorian 
1275185a700Sflorian 	isc_buffer_activeregion(source, &sr);
1285185a700Sflorian 	rr = sr;
1295185a700Sflorian 
1305185a700Sflorian 	/* hash(1), flags(1), iteration(2), saltlen(1) */
1315185a700Sflorian 	if (sr.length < 5U)
132fbc1dec8Sflorian 		return (DNS_R_FORMERR);
1335185a700Sflorian 	saltlen = sr.base[4];
1345185a700Sflorian 	isc_region_consume(&sr, 5);
1355185a700Sflorian 
1365185a700Sflorian 	if (sr.length < saltlen)
137fbc1dec8Sflorian 		return (DNS_R_FORMERR);
1385185a700Sflorian 	isc_region_consume(&sr, saltlen);
1395185a700Sflorian 
1405185a700Sflorian 	if (sr.length < 1U)
141fbc1dec8Sflorian 		return (DNS_R_FORMERR);
1425185a700Sflorian 	hashlen = sr.base[0];
1435185a700Sflorian 	isc_region_consume(&sr, 1);
1445185a700Sflorian 
1455185a700Sflorian 	if (sr.length < hashlen)
146fbc1dec8Sflorian 		return (DNS_R_FORMERR);
1475185a700Sflorian 	isc_region_consume(&sr, hashlen);
1485185a700Sflorian 
149*1fb015a8Sflorian 	RETERR(typemap_test(&sr, 1));
1505185a700Sflorian 
151637d8eb6Sflorian 	RETERR(isc_mem_tobuffer(target, rr.base, rr.length));
1525185a700Sflorian 	isc_buffer_forward(source, rr.length);
1535185a700Sflorian 	return (ISC_R_SUCCESS);
1545185a700Sflorian }
1555185a700Sflorian 
1565185a700Sflorian static inline isc_result_t
towire_nsec3(ARGS_TOWIRE)1575185a700Sflorian towire_nsec3(ARGS_TOWIRE) {
1585185a700Sflorian 	isc_region_t sr;
1595185a700Sflorian 
1605185a700Sflorian 	REQUIRE(rdata->type == dns_rdatatype_nsec3);
1615185a700Sflorian 	REQUIRE(rdata->length != 0);
1625185a700Sflorian 
1635185a700Sflorian 	UNUSED(cctx);
1645185a700Sflorian 
1655185a700Sflorian 	dns_rdata_toregion(rdata, &sr);
166637d8eb6Sflorian 	return (isc_mem_tobuffer(target, sr.base, sr.length));
1675185a700Sflorian }
1685185a700Sflorian 
1695185a700Sflorian #define NSEC3_MAX_HASH_LENGTH 155
170*1fb015a8Sflorian static inline int
checkowner_nsec3(ARGS_CHECKOWNER)1715185a700Sflorian checkowner_nsec3(ARGS_CHECKOWNER) {
1725185a700Sflorian 	unsigned char owner[NSEC3_MAX_HASH_LENGTH];
1735185a700Sflorian 	isc_buffer_t buffer;
1745185a700Sflorian 	dns_label_t label;
1755185a700Sflorian 
1765185a700Sflorian 	REQUIRE(type == dns_rdatatype_nsec3);
1775185a700Sflorian 
1785185a700Sflorian 	UNUSED(type);
1795185a700Sflorian 	UNUSED(rdclass);
1805185a700Sflorian 	UNUSED(wildcard);
1815185a700Sflorian 
1825185a700Sflorian 	/*
1835185a700Sflorian 	 * First label is a base32hex string without padding.
1845185a700Sflorian 	 */
1855185a700Sflorian 	dns_name_getlabel(name, 0, &label);
1865185a700Sflorian 	isc_region_consume(&label, 1);
1875185a700Sflorian 	isc_buffer_init(&buffer, owner, sizeof(owner));
1885185a700Sflorian 	if (isc_base32hexnp_decoderegion(&label, &buffer) == ISC_R_SUCCESS)
189*1fb015a8Sflorian 		return (1);
1905185a700Sflorian 
191*1fb015a8Sflorian 	return (0);
1925185a700Sflorian }
1935185a700Sflorian 
1945185a700Sflorian #endif	/* RDATA_GENERIC_NSEC3_50_C */
195