/*!
* \brief Initialize algorithm data.
*
* \param params Key parameters.
* \param data Algorithm context to be initialized.
*
* \return Error code, KNOT_EOK if successful.
*/
static int init_algorithm_data(const knot_key_params_t *params,
knot_dnssec_key_data_t *data)
{
assert(params);
assert(data);
data->functions = get_implementation(params->algorithm);
if (!data->functions)
return KNOT_DNSSEC_ENOTSUP;
int result = create_pkey(params, data->functions, &data->private_key);
if (result != KNOT_EOK) {
clean_algorithm_data(data);
return result;
}
return KNOT_EOK;
}
int neverbleed_load_private_key_file(neverbleed_t *nb, SSL_CTX *ctx, const char *fn, char *errbuf)
{
struct st_neverbleed_thread_data_t *thdata = get_thread_data(nb);
struct expbuf_t buf = {};
size_t ret, key_index;
char *estr, *nstr, *errstr;
EVP_PKEY *pkey;
expbuf_push_str(&buf, "load_key");
expbuf_push_str(&buf, fn);
if (expbuf_write(&buf, thdata->fd) != 0)
dief(errno != 0 ? "write error" : "connection closed by daemon");
expbuf_dispose(&buf);
if (expbuf_read(&buf, thdata->fd) != 0)
dief(errno != 0 ? "read error" : "connection closed by daemon");
if (expbuf_shift_num(&buf, &ret) != 0 || expbuf_shift_num(&buf, &key_index) != 0 || (estr = expbuf_shift_str(&buf)) == NULL ||
(nstr = expbuf_shift_str(&buf)) == NULL || (errstr = expbuf_shift_str(&buf)) == NULL) {
errno = 0;
dief("failed to parse response");
}
if (ret != 1) {
snprintf(errbuf, NEVERBLEED_ERRBUF_SIZE, "%s", errstr);
return -1;
}
/* success */
pkey = create_pkey(nb, key_index, estr, nstr);
if (SSL_CTX_use_PrivateKey(ctx, pkey) != 1) {
snprintf(errbuf, NEVERBLEED_ERRBUF_SIZE, "SSL_CTX_use_PrivateKey failed");
ret = 0;
}
EVP_PKEY_free(pkey);
return (int)ret;
}
