00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029 #ifndef KSM_KSM_H
00030 #define KSM_KSM_H
00031
00032 #ifdef __cplusplus
00033 extern "C" {
00034 #endif
00035
00036
00037
00038
00039
00040
00041
00042
00043 #include <time.h>
00044 #include <ksm/database.h>
00045 #include <ksm/database_statement.h>
00046
00047
00048
00049
00050 typedef int KSM_ID;
00051
00052 #define KSM_NULL_ID ((KSM_ID) -1)
00053
00054
00055
00056 int KsmInit(void);
00057 int KsmRundown(void);
00058
00059 #define KSM_NAME_LENGTH 256
00060 #define KSM_PATH_LENGTH 4096
00061 #define KSM_POLICY_DESC_LENGTH 256
00062 #define KSM_POLICY_AUDIT_LENGTH 4096
00063 #define KSM_TIME_LENGTH 32
00064
00065 #define KSM_SQL_SIZE 1024
00066 #define KSM_INT_STR_SIZE 32
00067 #define KSM_SALT_LENGTH 512
00068 #define KSM_ZONE_NAME_LENGTH 256
00069 #define KSM_ADAPTER_NAME_LENGTH 256
00070
00071
00072
00073
00074 #define KEYDATA_M_ID 0x0001
00075 #define KEYDATA_M_STATE 0x0002
00076 #define KEYDATA_M_KEYTYPE 0x0004
00077 #define KEYDATA_M_ALGORITHM 0x0008
00078 #define KEYDATA_M_SIGLIFETIME 0x0010
00079 #define KEYDATA_M_ACTIVE 0x0020
00080 #define KEYDATA_M_DEAD 0x0040
00081 #define KEYDATA_M_GENERATE 0x0080
00082 #define KEYDATA_M_PUBLISH 0x0100
00083 #define KEYDATA_M_READY 0x0200
00084 #define KEYDATA_M_RETIRE 0x0400
00085 #define KEYDATA_M_LOCATION 0x0800
00086 #define KEYDATA_M_SIZE 0x1000
00087 #define KEYDATA_M_SMID 0x2000
00088
00089 #define KEYDATA_M_TIMES (KEYDATA_M_ACTIVE | KEYDATA_M_DEAD | \
00090 KEYDATA_M_GENERATE | KEYDATA_M_PUBLISH | KEYDATA_M_READY | KEYDATA_M_RETIRE)
00091
00092
00093
00094
00095
00096
00097
00098
00099 typedef struct {
00100 DB_ID keypair_id;
00101 int state;
00102 int keytype;
00103 int algorithm;
00104 int siglifetime;
00105 char active[KSM_TIME_LENGTH];
00106 char dead[KSM_TIME_LENGTH];
00107 char generate[KSM_TIME_LENGTH];
00108 char publish[KSM_TIME_LENGTH];
00109 char ready[KSM_TIME_LENGTH];
00110 char retire[KSM_TIME_LENGTH];
00111 char location[KSM_NAME_LENGTH];
00112 int securitymodule_id;
00113 int size;
00114 int policy_id;
00115 char HSMKey_id[KSM_NAME_LENGTH];
00116 DB_ID dnsseckey_id;
00117 int zone_id;
00118 int fixedDate;
00119
00120
00121
00122
00123
00124
00125 int flags;
00126 int roll_scheme;
00127 } KSM_KEYDATA;
00128
00129 int KsmKeyPairCreate(int policy_id, const char* HSMKeyID, int smID, int size, int alg, const char* generate, DB_ID* id);
00130 int KsmDnssecKeyCreate(int zone_id, int keypair_id, int keytype, int state, const char* time, DB_ID* id);
00131
00132 int KsmKeyInitSql(DB_RESULT* result, const char* sql);
00133 int KsmKeyInit(DB_RESULT* result, DQS_QUERY_CONDITION* condition);
00134 int KsmKeyInitId(DB_RESULT* result, DB_ID id);
00135 int KsmKey(DB_RESULT result, KSM_KEYDATA* data);
00136 void KsmKeyEnd(DB_RESULT result);
00137 int KsmKeyQuery(const char* sql, DB_RESULT* result);
00138 int KsmKeyData(DB_ID id, KSM_KEYDATA* data);
00139 int KsmKeyPredict(int policy_id, int keytype, int shared_keys, int interval, int *count, int rollover_scheme, int zone_count);
00140 int KsmKeyCountQueue(int keytype, int* count, int zone_id);
00141 int KsmKeyCountStillGood(int policy_id, int sm, int bits, int algorithm, int interval, const char* datetime, int *count, int keytype);
00142 int KsmKeyGetUnallocated(int policy_id, int sm, int bits, int algorithm, int zone_id, int share_keys, int *keypair_id);
00143 int KsmMarkKeysAsDead(int zone_id);
00144 int KsmKillKey(int keypair_id);
00145
00146
00147
00148 int KsmDeleteKeyRange(int minid, int maxid);
00149 int KsmDeleteKeyRanges(int limit[], int size);
00150
00151
00152
00153 typedef struct {
00154 char name[KSM_NAME_LENGTH];
00155 char category[KSM_NAME_LENGTH];
00156 int value;
00157 int parameter_id;
00158 } KSM_PARAMETER;
00159
00160 int KsmParameterInit(DB_RESULT* result, const char* name, const char* category, int policy_id);
00161 int KsmParameterExist(DB_RESULT* result, const char* name, const char* category, int* parameter_id);
00162 int KsmParameter(DB_RESULT result, KSM_PARAMETER* data);
00163 void KsmParameterEnd(DB_RESULT result);
00164 int KsmParameterValue(const char* name, const char* category, int* value, int policy_id, int* parameter_id);
00165 int KsmParameterSet(const char* name, const char* category, int value, int policy_id);
00166 int KsmParameterShow(const char* name, const char* category, int policy_id);
00167
00168
00169 typedef struct {
00170 int refresh;
00171 int jitter;
00172 int propdelay;
00173 int soamin;
00174 int soattl;
00175 int serial;
00176 } KSM_SIGNER_POLICY;
00177
00178 typedef struct {
00179 int clockskew;
00180 int resign;
00181 int valdefault;
00182 int valdenial;
00183 } KSM_SIGNATURE_POLICY;
00184
00185 typedef struct {
00186 int version;
00187 int resalt;
00188 int algorithm;
00189 int iteration;
00190 int optout;
00191 int ttl;
00192 int saltlength;
00193 char salt[KSM_SALT_LENGTH];
00194 char salt_stamp[KSM_TIME_LENGTH];
00195 } KSM_DENIAL_POLICY;
00196
00197 typedef struct {
00198 int ttl;
00199 int retire_safety;
00200 int publish_safety;
00201 int share_keys;
00202 int purge;
00203 } KSM_COMMON_KEY_POLICY;
00204
00205 typedef struct {
00206 int algorithm;
00207 int bits;
00208 int lifetime;
00209 int sm;
00210 char sm_name[KSM_NAME_LENGTH];
00211 unsigned long sm_capacity;
00212 int require_backup;
00213 int overlap;
00214 int ttl;
00215 int rfc5011;
00216 int type;
00217 int standby_keys;
00218 int manual_rollover;
00219 int rollover_scheme;
00220 } KSM_KEY_POLICY;
00221
00222 typedef struct {
00223 int keycreate;
00224 int backup_interval;
00225 int keygeninterval;
00226 } KSM_ENFORCER_POLICY;
00227
00228 typedef struct {
00229 int propdelay;
00230 int soa_ttl;
00231 int soa_min;
00232 int serial;
00233 } KSM_ZONE_POLICY;
00234
00235 typedef struct {
00236 int propdelay;
00237 int ds_ttl;
00238 int soa_ttl;
00239 int soa_min;
00240 } KSM_PARENT_POLICY;
00241
00242 typedef struct {
00243 int audit;
00244 } KSM_AUDIT_POLICY;
00245
00246 typedef struct {
00247 int id;
00248 char name[KSM_NAME_LENGTH];
00249 char* description;
00250 KSM_SIGNER_POLICY* signer;
00251 KSM_SIGNATURE_POLICY* signature;
00252 KSM_DENIAL_POLICY* denial;
00253 KSM_COMMON_KEY_POLICY* keys;
00254 KSM_KEY_POLICY* ksk;
00255 KSM_KEY_POLICY* zsk;
00256 KSM_ENFORCER_POLICY* enforcer;
00257 KSM_ZONE_POLICY* zone;
00258 KSM_PARENT_POLICY* parent;
00259
00260 char* audit;
00261 int shared_keys;
00262 } KSM_POLICY;
00263
00264 typedef struct {
00265 char name[KSM_NAME_LENGTH];
00266 char category[KSM_NAME_LENGTH];
00267 int value;
00268 } KSM_POLICY_PARAMETER;
00269
00270 int KsmPolicyInit(DB_RESULT* handle, const char* name);
00271 int KsmPolicyExists(const char* name);
00272 int KsmPolicyParametersInit(DB_RESULT* handle, const char* name);
00273 int KsmPolicyRead(KSM_POLICY* policy);
00274 int KsmPolicy(DB_RESULT handle, KSM_POLICY* data);
00275 int KsmPolicyParameter(DB_RESULT handle, KSM_POLICY_PARAMETER* data);
00276 int KsmPolicyReadFromId(KSM_POLICY* policy);
00277 int KsmPolicyNameFromId(KSM_POLICY* policy);
00278 int KsmPolicyUpdateSalt(KSM_POLICY* policy);
00279 int KsmPolicyNullSaltStamp(int policy_id);
00280 int KsmPolicyPopulateSMFromIds(KSM_POLICY* policy);
00281 int KsmPolicySetIdFromName(KSM_POLICY *policy);
00282 int KsmPolicyIdFromZoneId(int zone_id, int* policy_id);
00283
00284 KSM_POLICY *KsmPolicyAlloc();
00285 void KsmPolicyFree(KSM_POLICY *policy);
00286
00287
00288 typedef struct {
00289 int id;
00290 int policy_id;
00291 char name[KSM_ZONE_NAME_LENGTH];
00292 char signconf[KSM_PATH_LENGTH];
00293 char input[KSM_PATH_LENGTH];
00294 char output[KSM_PATH_LENGTH];
00295 char policy_name[KSM_NAME_LENGTH];
00296 } KSM_ZONE;
00297
00298 int KsmZoneInit(DB_RESULT* handle, int policy_id);
00299 int KsmZone(DB_RESULT handle, KSM_ZONE *data);
00300 int KsmZoneCount(DB_RESULT handle, int* count);
00301 int KsmZoneCountInit(DB_RESULT* handle, int id);
00302 int KsmZoneIdFromName(const char* zone_name, int* zone_id);
00303 int KsmZoneIdAndPolicyFromName(const char* zone_name, int* policy_id, int* zone_id);
00304 int KsmDeleteZone(int zone_id);
00305 int KsmZoneNameFromId(int zone_id, char** zone_name);
00306
00307 #define UNSIGNED 0
00308 #define SIGNED 1
00309
00310 int KsmDNSSECKeysInSMCountInit(DB_RESULT* handle, int policy_id);
00311 int KsmDNSSECKeysInSMCount(DB_RESULT handle, int* count);
00312 int KsmDNSSECKeysStateCountInit(DB_RESULT* result, int policy_id, KSM_KEY_POLICY *key_policy, int state);
00313
00314
00315
00316 void KsmPurge(void);
00317
00318
00319
00320
00321
00322
00323
00324
00325
00326
00327
00328
00329
00330 #define KSM_ALGORITHM_RSAMD5 1
00331 #define KSM_ALGORITHM_RSAMD5_STRING "rsamd5"
00332 #define KSM_ALGORITHM_DH 2
00333 #define KSM_ALGORITHM_DH_STRING "dh"
00334 #define KSM_ALGORITHM_DSASHA1 3
00335 #define KSM_ALGORITHM_DSASHA1_STRING "dsa"
00336 #define KSM_ALGORITHM_RSASHA1 5
00337 #define KSM_ALGORITHM_RSASHA1_STRING "rsasha1"
00338 #define KSM_ALGORITHM_DSA_NSEC3_SHA1 6
00339 #define KSM_ALGORITHM_DSA_NSEC3_SHA1_STRING "dsa-nsec3-sha1"
00340 #define KSM_ALGORITHM_RSASHA1_NSEC3_SHA1 7
00341 #define KSM_ALGORITHM_RSASHA1_NSEC3_SHA1_STRING "rsasha1-nsec3-sha1"
00342 #define KSM_ALGORITHM_RSASHA256 8
00343 #define KSM_ALGORITHM_RSASHA256_STRING "rsasha256"
00344 #define KSM_ALGORITHM_RSASHA512 10
00345 #define KSM_ALGORITHM_RSASHA512_STRING "rsasha512"
00346 #define KSM_ALGORITHM_INDIRECT 252
00347 #define KSM_ALGORITHM_INDIRECT_STRING "indirect"
00348 #define KSM_ALGORITHM_PRIVDOM 253
00349 #define KSM_ALGORITHM_PRIVDOM_STRING "domain"
00350 #define KSM_ALGORITHM_PRIVOID 254
00351 #define KSM_ALGORITHM_PRIVOID_STRING "oid"
00352
00353 #define KSM_FORMAT_FILE 1
00354 #define KSM_FORMAT_FILE_STRING "file"
00355 #define KSM_FORMAT_HSM 2
00356 #define KSM_FORMAT_HSM_STRING "hsm"
00357 #define KSM_FORMAT_URI 3
00358 #define KSM_FORMAT_URI_STRING "uri"
00359
00360 #define KSM_TYPE_KSK 257
00361 #define KSM_TYPE_KSK_STRING "ksk"
00362 #define KSM_TYPE_ZSK 256
00363 #define KSM_TYPE_ZSK_STRING "zsk"
00364
00365 #define KSM_STATE_GENERATE 1
00366 #define KSM_STATE_GENERATE_STRING "generate"
00367 #define KSM_STATE_PUBLISH 2
00368 #define KSM_STATE_PUBLISH_STRING "publish"
00369 #define KSM_STATE_READY 3
00370 #define KSM_STATE_READY_STRING "ready"
00371 #define KSM_STATE_ACTIVE 4
00372 #define KSM_STATE_ACTIVE_STRING "active"
00373 #define KSM_STATE_RETIRE 5
00374 #define KSM_STATE_RETIRE_STRING "retire"
00375 #define KSM_STATE_DEAD 6
00376 #define KSM_STATE_DEAD_STRING "dead"
00377 #define KSM_STATE_DSSUB 7
00378 #define KSM_STATE_DSSUB_STRING "dssub"
00379 #define KSM_STATE_DSPUBLISH 8
00380 #define KSM_STATE_DSPUBLISH_STRING "dspublish"
00381 #define KSM_STATE_DSREADY 9
00382 #define KSM_STATE_DSREADY_STRING "dsready"
00383 #define KSM_STATE_KEYPUBLISH 10
00384 #define KSM_STATE_KEYPUBLISH_STRING "keypublish"
00385
00386 #define KSM_SERIAL_UNIX_STRING "unixtime"
00387 #define KSM_SERIAL_UNIX 1
00388 #define KSM_SERIAL_COUNTER_STRING "counter"
00389 #define KSM_SERIAL_COUNTER 2
00390 #define KSM_SERIAL_DATE_STRING "datecounter"
00391 #define KSM_SERIAL_DATE 3
00392 #define KSM_SERIAL_KEEP_STRING "keep"
00393 #define KSM_SERIAL_KEEP 4
00394
00395 #define KSM_KEYS_NOT_SHARED 0
00396 #define KSM_KEYS_SHARED 1
00397
00398 #define KSM_ROLL_DEFAULT 1
00399 #define KSM_ROLL_DNSKEY_STRING "DoubleDNSKey"
00400 #define KSM_ROLL_DNSKEY 1
00401 #define KSM_ROLL_DS_STRING "DoubleDS"
00402 #define KSM_ROLL_DS 2
00403 #define KSM_ROLL_RRSET_STRING "DoubleRRSet"
00404 #define KSM_ROLL_RRSET 3
00405
00406
00407
00408
00409
00410
00411 #define KSM_PAR_CLOCKSKEW 3600
00412 #define KSM_PAR_CLOCKSKEW_STRING "clockskew"
00413 #define KSM_PAR_CLOCKSKEW_CAT "signature"
00414 #define KSM_PAR_KSKLIFE 63072000
00415 #define KSM_PAR_KSKLIFE_STRING "lifetime"
00416 #define KSM_PAR_KSKLIFE_CAT "ksk"
00417 #define KSM_PAR_PROPDELAY 3600
00418 #define KSM_PAR_PROPDELAY_STRING "propagationdelay"
00419 #define KSM_PAR_PROPDELAY_CAT "zone"
00420 #define KSM_PAR_STANDBYKSKS 1
00421 #define KSM_PAR_STANDBYKSKS_STRING "standby"
00422 #define KSM_PAR_STANDBYKSKS_CAT "ksk"
00423 #define KSM_PAR_STANDBYZSKS 1
00424 #define KSM_PAR_STANDBYZSKS_STRING "standby"
00425 #define KSM_PAR_STANDBYZSKS_CAT "zsk"
00426 #define KSM_PAR_SIGNINT 7200
00427 #define KSM_PAR_SIGNINT_STRING "resign"
00428 #define KSM_PAR_SIGNINT_CAT "signature"
00429 #define KSM_PAR_SOAMIN 7200
00430 #define KSM_PAR_SOAMIN_STRING "min"
00431 #define KSM_PAR_SOAMIN_CAT "zone"
00432 #define KSM_PAR_SOATTL 172800
00433 #define KSM_PAR_SOATTL_STRING "ttl"
00434 #define KSM_PAR_SOATTL_CAT "zone"
00435 #define KSM_PAR_ZSKSIGLIFE 432000
00436 #define KSM_PAR_ZSKSIGLIFE_STRING "valdefault"
00437 #define KSM_PAR_ZSKSIGLIFE_CAT "signature"
00438 #define KSM_PAR_ZSKLIFE 2592000
00439 #define KSM_PAR_ZSKLIFE_STRING "lifetime"
00440 #define KSM_PAR_ZSKLIFE_CAT "zsk"
00441 #define KSM_PAR_ZSKTTL 172800
00442 #define KSM_PAR_ZSKTTL_STRING "ttl"
00443 #define KSM_PAR_ZSKTTL_CAT "keys"
00444 #define KSM_PAR_KSKTTL 172800
00445 #define KSM_PAR_KSKTTL_STRING "ttl"
00446 #define KSM_PAR_KSKTTL_CAT "keys"
00447 #define KSM_PAR_KSKPROPDELAY 3600
00448 #define KSM_PAR_KSKPROPDELAY_STRING "propagationdelay"
00449 #define KSM_PAR_KSKPROPDELAY_CAT "parent"
00450 #define KSM_PAR_REGDELAY 0
00451 #define KSM_PAR_REGDELAY_STRING "registrationdelay"
00452 #define KSM_PAR_REGDELAY_CAT "parent"
00453 #define KSM_PAR_PUBSAFETY 172800
00454 #define KSM_PAR_PUBSAFETY_STRING "publishsafety"
00455 #define KSM_PAR_PUBSAFETY_CAT "keys"
00456 #define KSM_PAR_RETSAFETY 172800
00457 #define KSM_PAR_RETSAFETY_STRING "retiresafety"
00458 #define KSM_PAR_RETSAFETY_CAT "keys"
00459 #define KSM_PAR_KSK_MAN_ROLL 0
00460 #define KSM_PAR_KSK_MAN_ROLL_STRING "manual_rollover"
00461 #define KSM_PAR_KSK_MAN_ROLL_CAT "ksk"
00462 #define KSM_PAR_ZSK_MAN_ROLL 0
00463 #define KSM_PAR_ZSK_MAN_ROLL_STRING "manual_rollover"
00464 #define KSM_PAR_ZSK_MAN_ROLL_CAT "zsk"
00465 #define KSM_PAR_DSTTL 3600
00466 #define KSM_PAR_DSTTL_STRING "ttlds"
00467 #define KSM_PAR_DSTTL_CAT "parent"
00468 #define KSM_PAR_KSK_ROLL 0
00469 #define KSM_PAR_KSK_ROLL_STRING "rollover_scheme"
00470 #define KSM_PAR_KSK_ROLL_CAT "ksk"
00471
00472 typedef struct {
00473 int clockskew;
00474 int ksklife;
00475 int standbyksks;
00476 int standbyzsks;
00477 int propdelay;
00478 int signint;
00479 int soamin;
00480 int soattl;
00481 int zsksiglife;
00482 int zsklife;
00483 int zskttl;
00484 int kskttl;
00485 int kskpropdelay;
00486 int regdelay;
00487 int pub_safety;
00488 int ret_safety;
00489 int kskmanroll;
00490 int zskmanroll;
00491 int dsttl;
00492 int kskroll;
00493 } KSM_PARCOLL;
00494
00495 int KsmCollectionInit(KSM_PARCOLL* data);
00496 int KsmParameterClockskew(KSM_PARCOLL* collection);
00497 int KsmParameterKskLifetime(KSM_PARCOLL* collection);
00498 int KsmParameterStandbyKSKeys(KSM_PARCOLL* collection);
00499 int KsmParameterStandbyZSKeys(KSM_PARCOLL* collection);
00500 int KsmParameterPropagationDelay(KSM_PARCOLL* collection);
00501 int KsmParameterSigningInterval(KSM_PARCOLL* collection);
00502 int KsmParameterSoaMin(KSM_PARCOLL* collection);
00503 int KsmParameterSoaTtl(KSM_PARCOLL* collection);
00504 int KsmParameterZskLifetime(KSM_PARCOLL* collection);
00505 int KsmParameterZskTtl(KSM_PARCOLL* collection);
00506 int KsmParameterKskTtl(KSM_PARCOLL* collection);
00507 int KsmParameterKskPropagationDelay(KSM_PARCOLL* collection);
00508 int KsmParameterRegistrationDelay(KSM_PARCOLL* collection);
00509 int KsmParameterPubSafety(KSM_PARCOLL* collection);
00510 int KsmParameterRetSafety(KSM_PARCOLL* collection);
00511 int KsmParameterInitialPublicationInterval(KSM_PARCOLL* collection);
00512 int KsmParameterCollection(KSM_PARCOLL* data, int policy_id);
00513
00514
00515
00516 int KsmKeywordAlgorithmNameToValue(const char* name);
00517 int KsmKeywordFormatNameToValue(const char* name);
00518 int KsmKeywordParameterNameToValue(const char* name);
00519 int KsmKeywordStateNameToValue(const char* name);
00520 int KsmKeywordTypeNameToValue(const char* name);
00521 int KsmKeywordRollNameToValue(const char* name);
00522
00523 const char* KsmKeywordAlgorithmValueToName(int value);
00524 const char* KsmKeywordFormatValueToName(int value);
00525 const char* KsmKeywordStateValueToName(int value);
00526 const char* KsmKeywordTypeValueToName(int value);
00527 const char* KsmKeywordSerialValueToName(int value);
00528 const char* KsmKeywordRollValueToName(int value);
00529
00530 int KsmKeywordParameterExists(const char* name);
00531
00532
00533
00534 int KsmUpdate(int policy_id, int zone_id);
00535 void KsmUpdateKey(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
00536 void KsmUpdateGenerateKeyTime(KSM_KEYDATA* data);
00537 void KsmUpdatePublishKeyTime(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
00538 void KsmUpdateReadyKeyTime(KSM_KEYDATA* data);
00539 void KsmUpdateActiveKeyTime(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
00540 void KsmUpdateRetireKeyTime(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
00541 void KsmUpdateDeadKeyTime(KSM_KEYDATA* data);
00542 void KsmUpdateDSPublishKeyTime(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
00543 void KsmUpdateKEYPublishKeyTime(KSM_KEYDATA* data, KSM_PARCOLL* collection, int zone_id);
00544 int KsmUpdateKeyTime(const KSM_KEYDATA* data, const char* source,
00545 const char* destination, int interval, int zone_id);
00546
00547
00548
00549 typedef int (*KSM_REQUEST_CALLBACK)(void* context, KSM_KEYDATA* key);
00550
00551 int KsmRequestKeys(int keytype, int rollover, const char* datetime,
00552 KSM_REQUEST_CALLBACK callback, void* context, int policy_id, int zone_id,
00553 int run_interval, int* NewDS);
00554 int KsmRequestKeysByType(int keytype, int rollover, const char* datetime,
00555 KSM_REQUEST_CALLBACK callback, void* context, int policy_id, int zone_id,
00556 int run_interval, int* NewDS);
00557 int KsmRequestSetActiveExpectedRetire(int keytype, const char* datetime, int zone_id);
00558 int KsmRequestChangeStateActiveRetire(int keytype, const char* datetime, int zone_id, int policy_id);
00559 int KsmRequestChangeStateRetireDead(int keytype, const char* datetime, int zone_id, int policy_id, int rollover_scheme, int* NewDS);
00560 int KsmRequestChangeStatePublishReady(int keytype, const char* datetime, int zone_id, int policy_id, int* NewDS);
00561 int KsmRequestChangeStateDSPublishDSReady(int keytype, const char* datetime, int zone_id, int policy_id);
00562 int KsmRequestChangeState(int keytype, const char* datetime, int src_state,
00563 int dst_state, int zone_id, int policy_id, int rollover_scheme, int* NewDS);
00564 int KsmRequestChangeStateGeneratePublish(int keytype, const char* datetime,
00565 int count, int zone_id);
00566 int KsmRequestChangeStateGenerateDSSub(int keytype, const char* datetime,
00567 int count, int zone_id);
00568 int KsmRequestChangeStateDSReadyKeyPublish(const char* datetime, int zone_id, int policy_id);
00569 int KsmRequestChangeStateKeyPublishActive(const char* datetime, int zone_id, int policy_id, int* NewDS);
00570 int KsmRequestChangeStateReadyActive(int keytype, const char* datetime,
00571 int count, int zone_id);
00572 int KsmRequestChangeStateN(int keytype, const char* datetime,
00573 int count, int src_state, int dst_state, int zone_id);
00574 int KsmRequestChangeStateGenerateDSSubConditional(int keytype,
00575 const char* datetime, KSM_PARCOLL* collection, int zone_id, int* NewDS);
00576 int KsmRequestChangeStateGeneratePublishConditional( int keytype,
00577 const char* datetime, KSM_PARCOLL* collection, int zone_id,
00578 int run_interval);
00579 int KsmRequestPendingRetireCount(int keytype, const char* datetime,
00580 KSM_PARCOLL* parameters, int* count, int zone_id, int interval);
00581 int KsmRequestAvailableCount(int keytype, const char* datetime,
00582 KSM_PARCOLL* parameters, int* count, int zone_id);
00583 int KsmRequestGenerateCount(int keytype, int* count, int zone_id);
00584 int KsmRequestStandbyKSKCount(int* count, int zone_id);
00585 int KsmRequestCheckActiveKey(int keytype, const char* datetime, int* count, int zone_id);
00586 int KsmRequestCountReadyKey(int keytype, const char* datetime, int* count, int zone_id);
00587 int KsmRequestCheckFirstPass(int keytype, int* first_pass_flag, int zone_id);
00588 int KsmRequestCheckCompromisedFlag(int keytype, int zone_id, int* comp_flag);
00589 int KsmRequestIssueKeys(int keytype, KSM_REQUEST_CALLBACK callback,
00590 void* context, int zone_id);
00591
00592 int KsmRequestPrintKey(void* context, KSM_KEYDATA* data);
00593
00594 int KsmRequestDNSSECKeys(const char* datetime, KSM_POLICY* policy);
00595 int KsmRequestDNSSECKeysChangeStateRetireDead(KSM_KEY_POLICY *policy, const char* datetime, int verify);
00596 int KsmRequestDNSSECKeysChangeState(KSM_KEY_POLICY *policy, const char* datetime, int src_state, int dst_state, int verify);
00597 int KsmRequestDNSSECKeysChangeStatePublishReady(KSM_KEY_POLICY *policy, const char* datetime, int verify);
00598 int KsmRequestDNSSECKeysChangeStateGeneratePublishConditional(KSM_POLICY *policy, KSM_KEY_POLICY *key_policy, const char* datetime, int verify);
00599 int KsmRequestDNSSECKeysSetActiveExpectedRetire(int keytype, const char* datetime, int verify);
00600 int KsmRequestDNSSECKeysPendingRetireCount(KSM_KEY_POLICY, const char* datetime, int* count);
00601
00602 int KsmPolicyClockskew(KSM_SIGNATURE_POLICY *policy);
00603 int KsmPolicyKeyLifetime(KSM_KEY_POLICY *policy);
00604 int KsmPolicyStandbyKeys(KSM_KEY_POLICY *policy);
00605 int KsmPolicyPropagationDelay(KSM_SIGNER_POLICY *policy);
00606 int KsmPolicySigningInterval(KSM_PARCOLL* collection);
00607 int KsmPolicySoaMin(KSM_SIGNER_POLICY *policy);
00608 int KsmPolicySoaTtl(KSM_SIGNER_POLICY *policy);
00609 int KsmPolicyZskTtl(KSM_PARCOLL* collection);
00610 int KsmPolicyInitialPublicationInterval(KSM_POLICY *policy);
00611
00612
00613 int KsmImportRepository(const char* repo_name, const char* repo_capacity, int require_backup);
00614 int KsmImportPolicy(const char* policy_name, const char* policy_description);
00615 int KsmImportZone(const char* zone_name, int policy_id, int fail_if_exists, int *new_zone, const char* signconf, const char* input, const char* output);
00616 int KsmImportAudit(int policy_id, const char* audit_contents);
00617 int KsmImportKeyPair(int policy_id, const char* HSMKeyID, int smID, int size, int alg, int state, const char* time, DB_ID* id);
00618 int KsmSmIdFromName(const char* name, int *id);
00619 int KsmSerialIdFromName(const char* name, int *id);
00620 int KsmPolicyIdFromName(const char* name, int *id);
00621 int KsmMarkPreBackup(int repo_id, const char* datetime);
00622 int KsmRollbackMarkPreBackup(int repo_id);
00623 int KsmMarkBackup(int repo_id, const char* datetime);
00624 int KsmCheckHSMkeyID(int repo_id, const char* cka_id, int *exists);
00625
00626
00627 int KsmListBackups(int repo_id, int verbose_flag);
00628 int KsmListRepos();
00629 int KsmListPolicies();
00630 int KsmListRollovers(int zone_id);
00631 int KsmCheckNextRollover(int keytype, int zone_id, char** datetime);
00632
00633 #ifdef __cplusplus
00634 };
00635 #endif
00636
00637 #endif