diff --git a/bin/tests/dst/dst_test.c b/bin/tests/dst/dst_test.c index a87d204d2a..08b9ad3cf8 100644 --- a/bin/tests/dst/dst_test.c +++ b/bin/tests/dst/dst_test.c @@ -51,13 +51,13 @@ use(dst_key_t *key) { isc_buffer_add(&databuf, strlen(data)); isc_buffer_used(&databuf, &datareg); - ret = dst_sign(DST_SIG_MODE_ALL, key, NULL, &datareg, &sigbuf); + ret = dst_sign(DST_SIGMODE_ALL, key, NULL, &datareg, &sigbuf); printf("sign(%d) returned: %s\n", dst_key_alg(key), dst_result_totext(ret)); isc_buffer_forward(&sigbuf, 1); isc_buffer_remaining(&sigbuf, &sigreg); - ret = dst_verify(DST_SIG_MODE_ALL, key, NULL, &datareg, &sigreg); + ret = dst_verify(DST_SIGMODE_ALL, key, NULL, &datareg, &sigreg); printf("verify(%d) returned: %s\n", dst_key_alg(key), dst_result_totext(ret)); } diff --git a/bin/tests/dst/t_dst.c b/bin/tests/dst/t_dst.c index c1f68d4273..73e9823de6 100644 --- a/bin/tests/dst/t_dst.c +++ b/bin/tests/dst/t_dst.c @@ -92,7 +92,7 @@ use(dst_key_t *key, dst_result_t exp_result, int *nfails) { isc_buffer_add(&databuf, strlen(data)); isc_buffer_used(&databuf, &datareg); - ret = dst_sign(DST_SIG_MODE_ALL, key, NULL, &datareg, &sigbuf); + ret = dst_sign(DST_SIGMODE_ALL, key, NULL, &datareg, &sigbuf); if (ret != exp_result) { t_info("dst_sign(%d) returned (%s) expected (%s)\n", dst_key_alg(key), dst_result_totext(ret), @@ -103,7 +103,7 @@ use(dst_key_t *key, dst_result_t exp_result, int *nfails) { isc_buffer_remaining(&sigbuf, &sigreg); - ret = dst_verify(DST_SIG_MODE_ALL, key, NULL, &datareg, &sigreg); + ret = dst_verify(DST_SIGMODE_ALL, key, NULL, &datareg, &sigreg); if (ret != exp_result) { t_info("dst_verify(%d) returned (%s) expected (%s)\n", dst_key_alg(key), dst_result_totext(ret), diff --git a/lib/dns/sec/dst/bsafe_link.c b/lib/dns/sec/dst/bsafe_link.c index 710d91bd51..38fc8aa6d0 100644 --- a/lib/dns/sec/dst/bsafe_link.c +++ b/lib/dns/sec/dst/bsafe_link.c @@ -19,7 +19,7 @@ /* * Principal Author: Brian Wellington - * $Id: bsafe_link.c,v 1.1 1999/07/12 20:08:28 bwelling Exp $ + * $Id: bsafe_link.c,v 1.2 1999/08/26 20:41:54 bwelling Exp $ */ #include @@ -136,7 +136,7 @@ dst_s_bsafe_init() * UPDATE (hash (more) data), FINAL (generate a signature). This * routine performs one or more of these steps. * Parameters - * mode DST_SIG_MODE_{INIT_UPDATE_FINAL|ALL} + * mode DST_SIGMODE_{INIT_UPDATE_FINAL|ALL} * key key to use for signing * context the context to use for this computation * data data to be signed @@ -157,7 +157,7 @@ dst_bsafe_sign(const int mode, dst_key_t *key, void **context, isc_region_t sig_region, digest_region; dst_result_t ret; - if (mode & DST_SIG_MODE_INIT) { + if (mode & DST_SIGMODE_INIT) { md5_ctx = (B_ALGORITHM_OBJ *) isc_mem_get(mctx, sizeof(*md5_ctx)); if (md5_ctx == NULL) @@ -174,7 +174,7 @@ dst_bsafe_sign(const int mode, dst_key_t *key, void **context, isc_buffer_init(&digest, digest_array, sizeof(digest_array), ISC_BUFFERTYPE_BINARY); ret = dst_bsafe_md5digest(mode, md5_ctx, data, &digest); - if (ret != DST_R_SUCCESS || (mode & DST_SIG_MODE_FINAL)) { + if (ret != DST_R_SUCCESS || (mode & DST_SIGMODE_FINAL)) { B_DestroyAlgorithmObject(md5_ctx); memset(md5_ctx, 0, sizeof(*md5_ctx)); isc_mem_put(mctx, md5_ctx, sizeof(*md5_ctx)); @@ -182,7 +182,7 @@ dst_bsafe_sign(const int mode, dst_key_t *key, void **context, return (ret); } - if (mode & DST_SIG_MODE_FINAL) { + if (mode & DST_SIGMODE_FINAL) { RSA_Key *rkey; B_ALGORITHM_OBJ rsaEncryptor = (B_ALGORITHM_OBJ) NULL_PTR; unsigned int written = 0; @@ -261,7 +261,7 @@ dst_bsafe_sign(const int mode, dst_key_t *key, void **context, * FINAL (generate a signature). This routine performs one or more of * these steps. * Parameters - * mode DST_SIG_MODE_{INIT_UPDATE_FINAL|ALL} + * mode DST_SIGMODE_{INIT_UPDATE_FINAL|ALL} * key key to use for verifying * context the context to use for this computation * data signed data @@ -283,7 +283,7 @@ dst_bsafe_verify(const int mode, dst_key_t *key, void **context, dst_result_t ret; int status = 0; - if (mode & DST_SIG_MODE_INIT) { + if (mode & DST_SIGMODE_INIT) { md5_ctx = (B_ALGORITHM_OBJ *) isc_mem_get(mctx, sizeof(*md5_ctx)); if (md5_ctx == NULL) @@ -300,7 +300,7 @@ dst_bsafe_verify(const int mode, dst_key_t *key, void **context, isc_buffer_init(&digest, digest_array, sizeof(digest_array), ISC_BUFFERTYPE_BINARY); ret = dst_bsafe_md5digest(mode, md5_ctx, data, &digest); - if (ret != DST_R_SUCCESS || (mode & DST_SIG_MODE_FINAL)) { + if (ret != DST_R_SUCCESS || (mode & DST_SIGMODE_FINAL)) { B_DestroyAlgorithmObject(md5_ctx); memset(md5_ctx, 0, sizeof(*md5_ctx)); isc_mem_put(mctx, md5_ctx, sizeof(*md5_ctx)); @@ -308,7 +308,7 @@ dst_bsafe_verify(const int mode, dst_key_t *key, void **context, return (ret); } - if (mode & DST_SIG_MODE_FINAL) { + if (mode & DST_SIGMODE_FINAL) { RSA_Key *rkey; B_ALGORITHM_OBJ rsaEncryptor = (B_ALGORITHM_OBJ) NULL_PTR; unsigned int written = 0; @@ -1004,18 +1004,18 @@ dst_bsafe_md5digest(const int mode, B_ALGORITHM_OBJ *digest_obj, REQUIRE(digest != NULL); REQUIRE(digest_obj != NULL); - if ((mode & DST_SIG_MODE_INIT) && + if ((mode & DST_SIGMODE_INIT) && (status = B_DigestInit(*digest_obj, (B_KEY_OBJ) NULL, CHOOSER, NULL_SURRENDER)) != 0) return (DST_R_SIGN_INIT_FAILURE); - if ((mode & DST_SIG_MODE_UPDATE) && + if ((mode & DST_SIGMODE_UPDATE) && (status = B_DigestUpdate(*digest_obj, data->base, data->length, NULL_SURRENDER)) != 0) return (DST_R_SIGN_UPDATE_FAILURE); isc_buffer_available(digest, &r); - if (mode & DST_SIG_MODE_FINAL) { + if (mode & DST_SIGMODE_FINAL) { if (digest == NULL || (status = B_DigestFinal(*digest_obj, r.base, &written, r.length, NULL_SURRENDER)) != 0) diff --git a/lib/dns/sec/dst/dst_api.c b/lib/dns/sec/dst/dst_api.c index 6befa253a4..e8bca6e5a8 100644 --- a/lib/dns/sec/dst/dst_api.c +++ b/lib/dns/sec/dst/dst_api.c @@ -17,7 +17,7 @@ /* * Principal Author: Brian Wellington - * $Id: dst_api.c,v 1.4 1999/08/20 17:03:30 bwelling Exp $ + * $Id: dst_api.c,v 1.5 1999/08/26 20:41:54 bwelling Exp $ */ #include @@ -85,17 +85,17 @@ dst_supported_algorithm(const int alg) { /* * dst_sign * An incremental signing function. Data is signed in steps. - * First the context must be initialized (DST_SIG_MODE_INIT). - * Then data is hashed (DST_SIG_MODE_UPDATE). Finally the signature - * itself is created (DST_SIG_MODE_FINAL). This function can be called - * once with DST_SIG_MODE_ALL set, or it can be called separately + * First the context must be initialized (DST_SIGMODE_INIT). + * Then data is hashed (DST_SIGMODE_UPDATE). Finally the signature + * itself is created (DST_SIGMODE_FINAL). This function can be called + * once with DST_SIGMODE_ALL set, or it can be called separately * for each step. The UPDATE step may be repeated. * Parameters * mode A bit mask specifying operation(s) to be performed. - * DST_SIG_MODE_INIT Initialize digest - * DST_SIG_MODE_UPDATE Add data to digest - * DST_SIG_MODE_FINAL Generate signature - * DST_SIG_MODE_ALL Perform all operations + * DST_SIGMODE_INIT Initialize digest + * DST_SIGMODE_UPDATE Add data to digest + * DST_SIGMODE_FINAL Generate signature + * DST_SIGMODE_ALL Perform all operations * key The private key used to sign the data * context The state of the operation * data The data to be signed. @@ -110,12 +110,12 @@ dst_sign(const int mode, dst_key_t *key, dst_context_t *context, { RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS); REQUIRE(VALID_KEY(key)); - REQUIRE((mode & DST_SIG_MODE_ALL) != 0); + REQUIRE((mode & DST_SIGMODE_ALL) != 0); - if ((mode & DST_SIG_MODE_UPDATE) != 0) + if ((mode & DST_SIGMODE_UPDATE) != 0) REQUIRE(data != NULL && data->base != NULL); - if ((mode & DST_SIG_MODE_FINAL) != 0) + if ((mode & DST_SIGMODE_FINAL) != 0) REQUIRE(sig != NULL); if (dst_supported_algorithm(key->key_alg) == ISC_FALSE) @@ -131,17 +131,17 @@ dst_sign(const int mode, dst_key_t *key, dst_context_t *context, /* * dst_verify * An incremental verify function. Data is verified in steps. - * First the context must be initialized (DST_SIG_MODE_INIT). - * Then data is hashed (DST_SIG_MODE_UPDATE). Finally the signature - * is verified (DST_SIG_MODE_FINAL). This function can be called - * once with DST_SIG_MODE_ALL set, or it can be called separately + * First the context must be initialized (DST_SIGMODE_INIT). + * Then data is hashed (DST_SIGMODE_UPDATE). Finally the signature + * is verified (DST_SIGMODE_FINAL). This function can be called + * once with DST_SIGMODE_ALL set, or it can be called separately * for each step. The UPDATE step may be repeated. * Parameters * mode A bit mask specifying operation(s) to be performed. - * DST_SIG_MODE_INIT Initialize digest - * DST_SIG_MODE_UPDATE Add data to digest - * DST_SIG_MODE_FINAL Verify signature - * DST_SIG_MODE_ALL Perform all operations + * DST_SIGMODE_INIT Initialize digest + * DST_SIGMODE_UPDATE Add data to digest + * DST_SIGMODE_FINAL Verify signature + * DST_SIGMODE_ALL Perform all operations * key The public key used to verify the signature. * context The state of the operation * data The data to be digested. @@ -157,12 +157,12 @@ dst_verify(const int mode, dst_key_t *key, dst_context_t *context, { RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS); REQUIRE(VALID_KEY(key)); - REQUIRE((mode & DST_SIG_MODE_ALL) != 0); + REQUIRE((mode & DST_SIGMODE_ALL) != 0); - if ((mode & DST_SIG_MODE_UPDATE) != 0) + if ((mode & DST_SIGMODE_UPDATE) != 0) REQUIRE(data != NULL && data->base != NULL); - if ((mode & DST_SIG_MODE_FINAL) != 0) + if ((mode & DST_SIGMODE_FINAL) != 0) REQUIRE(sig != NULL && sig->base != NULL); if (dst_supported_algorithm(key->key_alg) == ISC_FALSE) diff --git a/lib/dns/sec/dst/hmac_link.c b/lib/dns/sec/dst/hmac_link.c index 9e377761ce..6ee0de70c1 100644 --- a/lib/dns/sec/dst/hmac_link.c +++ b/lib/dns/sec/dst/hmac_link.c @@ -17,7 +17,7 @@ /* * Principal Author: Brian Wellington - * $Id: hmac_link.c,v 1.2 1999/07/29 17:21:23 bwelling Exp $ + * $Id: hmac_link.c,v 1.3 1999/08/26 20:41:54 bwelling Exp $ */ #include @@ -100,7 +100,7 @@ dst_s_hmacmd5_init() * UPDATE (hash (more) data), FINAL (generate a signature). This * routine performs one or more of these steps. * Parameters - * mode DST_SIG_MODE_{INIT_UPDATE_FINAL|ALL} + * mode DST_SIGMODE_{INIT_UPDATE_FINAL|ALL} * key key to use for signing * context the context to use for this computation * data data to be signed @@ -117,7 +117,7 @@ dst_hmacmd5_sign(const int mode, dst_key_t *key, void **context, isc_region_t r; MD5_CTX *ctx = NULL; - if (mode & DST_SIG_MODE_INIT) { + if (mode & DST_SIGMODE_INIT) { ctx = (MD5_CTX *) isc_mem_get(mctx, sizeof(MD5_CTX)); if (ctx == NULL) return (DST_R_NOMEMORY); @@ -126,17 +126,17 @@ dst_hmacmd5_sign(const int mode, dst_key_t *key, void **context, ctx = (MD5_CTX *) *context; REQUIRE (ctx != NULL); - if (mode & DST_SIG_MODE_INIT) { + if (mode & DST_SIGMODE_INIT) { HMAC_Key *hkey = key->opaque; MD5Init(ctx); MD5Update(ctx, hkey->ipad, HMAC_LEN); } - if ((mode & DST_SIG_MODE_UPDATE)) + if ((mode & DST_SIGMODE_UPDATE)) MD5Update(ctx, data->base, data->length); - if (mode & DST_SIG_MODE_FINAL) { + if (mode & DST_SIGMODE_FINAL) { HMAC_Key *hkey = key->opaque; isc_buffer_available(sig, &r); @@ -168,7 +168,7 @@ dst_hmacmd5_sign(const int mode, dst_key_t *key, void **context, * FINAL (generate a signature). This routine performs one or more of * these steps. * Parameters - * mode DST_SIG_MODE_{INIT_UPDATE_FINAL|ALL} + * mode DST_SIGMODE_{INIT_UPDATE_FINAL|ALL} * key key to use for verifying * context the context to use for this computation * data signed data @@ -184,7 +184,7 @@ dst_hmacmd5_verify(const int mode, dst_key_t *key, void **context, { MD5_CTX *ctx = NULL; - if (mode & DST_SIG_MODE_INIT) { + if (mode & DST_SIGMODE_INIT) { ctx = (MD5_CTX *) isc_mem_get(mctx, sizeof(MD5_CTX)); if (ctx == NULL) return (DST_R_NOMEMORY); @@ -193,17 +193,17 @@ dst_hmacmd5_verify(const int mode, dst_key_t *key, void **context, ctx = (MD5_CTX *) *context; REQUIRE (ctx != NULL); - if (mode & DST_SIG_MODE_INIT) { + if (mode & DST_SIGMODE_INIT) { HMAC_Key *hkey = key->opaque; MD5Init(ctx); MD5Update(ctx, hkey->ipad, HMAC_LEN); } - if ((mode & DST_SIG_MODE_UPDATE)) + if ((mode & DST_SIGMODE_UPDATE)) MD5Update(ctx, data->base, data->length); - if (mode & DST_SIG_MODE_FINAL) { + if (mode & DST_SIGMODE_FINAL) { u_char digest[MD5_LEN]; HMAC_Key *hkey = key->opaque; diff --git a/lib/dns/sec/dst/include/dst/dst.h b/lib/dns/sec/dst/include/dst/dst.h index 580c700821..57b1688b9c 100644 --- a/lib/dns/sec/dst/include/dst/dst.h +++ b/lib/dns/sec/dst/include/dst/dst.h @@ -37,12 +37,12 @@ typedef void * dst_context_t; #define DST_MAX_ALGS DST_ALG_HMAC_SHA1 /* 'Mode' passed into dst_sign() and dst_verify() */ -#define DST_SIG_MODE_INIT 1 /* initialize digest */ -#define DST_SIG_MODE_UPDATE 2 /* add data to digest */ -#define DST_SIG_MODE_FINAL 4 /* generate/verify signature */ -#define DST_SIG_MODE_ALL (DST_SIG_MODE_INIT | \ - DST_SIG_MODE_UPDATE | \ - DST_SIG_MODE_FINAL) +#define DST_SIGMODE_INIT 1 /* initialize digest */ +#define DST_SIGMODE_UPDATE 2 /* add data to digest */ +#define DST_SIGMODE_FINAL 4 /* generate/verify signature */ +#define DST_SIGMODE_ALL (DST_SIGMODE_INIT | \ + DST_SIGMODE_UPDATE | \ + DST_SIGMODE_FINAL) /* A buffer of this size is large enough to hold any key */ #define DST_MAX_KEY_SIZE 1024 @@ -64,8 +64,8 @@ dst_supported_algorithm(const int alg); /* Sign a block of data. * * Requires: - * "mode" is some combination of DST_SIG_MODE_INIT, DST_SIG_MODE_UPDATE, - * and DST_SIG_MODE_FINAL. + * "mode" is some combination of DST_SIGMODE_INIT, DST_SIGMODE_UPDATE, + * and DST_SIGMODE_FINAL. * "key" is a valid key. * "context" contains a value appropriate for the value of "mode". * "data" is a valid region. @@ -82,8 +82,8 @@ dst_sign(const int mode, dst_key_t *key, dst_context_t *context, /* Verify a signature on a block of data. * * Requires: - * "mode" is some combination of DST_SIG_MODE_INIT, DST_SIG_MODE_UPDATE, - * and DST_SIG_MODE_FINAL. + * "mode" is some combination of DST_SIGMODE_INIT, DST_SIGMODE_UPDATE, + * and DST_SIGMODE_FINAL. * "key" is a valid key. * "context" contains a value appropriate for the value of "mode". * "data" is a valid region. diff --git a/lib/dns/sec/dst/openssl_link.c b/lib/dns/sec/dst/openssl_link.c index 570bd79023..902ed88319 100644 --- a/lib/dns/sec/dst/openssl_link.c +++ b/lib/dns/sec/dst/openssl_link.c @@ -19,7 +19,7 @@ /* * Principal Author: Brian Wellington - * $Id: openssl_link.c,v 1.1 1999/07/12 20:08:29 bwelling Exp $ + * $Id: openssl_link.c,v 1.2 1999/08/26 20:41:54 bwelling Exp $ */ #include @@ -97,7 +97,7 @@ dst_s_openssl_init() * UPDATE (hash (more) data), FINAL (generate a signature). This * routine performs one or more of these steps. * Parameters - * mode DST_SIG_MODE_{INIT_UPDATE_FINAL|ALL} + * mode DST_SIGMODE_{INIT_UPDATE_FINAL|ALL} * key key to use for signing * context the context to use for this computation * data data to be signed @@ -114,7 +114,7 @@ dst_openssl_sign(const int mode, dst_key_t *key, void **context, isc_region_t r; SHA_CTX *ctx = NULL; - if (mode & DST_SIG_MODE_INIT) { + if (mode & DST_SIGMODE_INIT) { ctx = (SHA_CTX *) isc_mem_get(mctx, sizeof(SHA_CTX)); if (ctx == NULL) return (DST_R_NOMEMORY); @@ -123,13 +123,13 @@ dst_openssl_sign(const int mode, dst_key_t *key, void **context, ctx = (SHA_CTX *) *context; REQUIRE (ctx != NULL); - if (mode & DST_SIG_MODE_INIT) + if (mode & DST_SIGMODE_INIT) SHA1_Init(ctx); - if ((mode & DST_SIG_MODE_UPDATE)) + if ((mode & DST_SIGMODE_UPDATE)) SHA1_Update(ctx, data->base, data->length); - if (mode & DST_SIG_MODE_FINAL) { + if (mode & DST_SIGMODE_FINAL) { DSA *dsa; DSA_SIG *dsasig; unsigned char digest[SHA_DIGEST_LENGTH]; @@ -169,7 +169,7 @@ dst_openssl_sign(const int mode, dst_key_t *key, void **context, * FINAL (generate a signature). This routine performs one or more of * these steps. * Parameters - * mode DST_SIG_MODE_{INIT_UPDATE_FINAL|ALL} + * mode DST_SIGMODE_{INIT_UPDATE_FINAL|ALL} * key key to use for verifying * context the context to use for this computation * data signed data @@ -186,7 +186,7 @@ dst_openssl_verify(const int mode, dst_key_t *key, void **context, int status = 0; SHA_CTX *ctx = NULL; - if (mode & DST_SIG_MODE_INIT) { + if (mode & DST_SIGMODE_INIT) { ctx = (SHA_CTX *) isc_mem_get(mctx, sizeof(SHA_CTX)); if (ctx == NULL) return (DST_R_NOMEMORY); @@ -195,13 +195,13 @@ dst_openssl_verify(const int mode, dst_key_t *key, void **context, ctx = (SHA_CTX *) *context; REQUIRE (ctx != NULL); - if (mode & DST_SIG_MODE_INIT) + if (mode & DST_SIGMODE_INIT) SHA1_Init(ctx); - if ((mode & DST_SIG_MODE_UPDATE)) + if ((mode & DST_SIGMODE_UPDATE)) SHA1_Update(ctx, data->base, data->length); - if (mode & DST_SIG_MODE_FINAL) { + if (mode & DST_SIGMODE_FINAL) { DSA *dsa; DSA_SIG *dsasig; unsigned char digest[SHA_DIGEST_LENGTH]; diff --git a/lib/dns/tsig.c b/lib/dns/tsig.c index fa58823c65..957a83871a 100644 --- a/lib/dns/tsig.c +++ b/lib/dns/tsig.c @@ -16,7 +16,7 @@ */ /* - * $Id: tsig.c,v 1.2 1999/08/25 14:43:45 bwelling Exp $ + * $Id: tsig.c,v 1.3 1999/08/26 20:41:53 bwelling Exp $ * Principal Author: Brian Wellington */ @@ -217,7 +217,7 @@ dns_tsig_sign(dns_message_t *msg) { isc_buffer_init(&databuf, data, sizeof(data), ISC_BUFFERTYPE_BINARY); if (!dns_tsig_emptykey(key)) { - ret = dst_sign(DST_SIG_MODE_INIT, key->key, &ctx, NULL, NULL); + ret = dst_sign(DST_SIGMODE_INIT, key->key, &ctx, NULL, NULL); if (ret != ISC_R_SUCCESS) goto cleanup_algorithm; } @@ -232,7 +232,7 @@ dns_tsig_sign(dns_message_t *msg) { msg->querytsig->siglen); isc_buffer_add(&databuf, msg->querytsig->siglen); isc_buffer_used(&databuf, &r); - ret = dst_sign(DST_SIG_MODE_UPDATE, key->key, &ctx, &r, + ret = dst_sign(DST_SIGMODE_UPDATE, key->key, &ctx, &r, NULL); if (ret != ISC_R_SUCCESS) goto cleanup_algorithm; @@ -268,18 +268,18 @@ dns_tsig_sign(dns_message_t *msg) { ISC_BUFFERTYPE_BINARY); dns_message_renderheader(msg, &headerbuf); isc_buffer_used(&headerbuf, &r); - ret = dst_sign(DST_SIG_MODE_UPDATE, key->key, &ctx, &r, NULL); + ret = dst_sign(DST_SIGMODE_UPDATE, key->key, &ctx, &r, NULL); if (ret != ISC_R_SUCCESS) goto cleanup_other; isc_buffer_used(msg->buffer, &r); isc_region_consume(&r, DNS_MESSAGE_HEADERLEN); - ret = dst_sign(DST_SIG_MODE_UPDATE, key->key, &ctx, &r, NULL); + ret = dst_sign(DST_SIGMODE_UPDATE, key->key, &ctx, &r, NULL); if (ret != ISC_R_SUCCESS) goto cleanup_other; /* Digest the name, class, ttl, alg */ dns_name_toregion(&key->name, &r); - ret = dst_sign(DST_SIG_MODE_UPDATE, key->key, &ctx, &r, NULL); + ret = dst_sign(DST_SIGMODE_UPDATE, key->key, &ctx, &r, NULL); if (ret != ISC_R_SUCCESS) goto cleanup_other; @@ -287,12 +287,12 @@ dns_tsig_sign(dns_message_t *msg) { isc_buffer_putuint16(&databuf, dns_rdataclass_any); isc_buffer_putuint32(&databuf, 0); /* ttl */ isc_buffer_used(&databuf, &r); - ret = dst_sign(DST_SIG_MODE_UPDATE, key->key, &ctx, &r, NULL); + ret = dst_sign(DST_SIGMODE_UPDATE, key->key, &ctx, &r, NULL); if (ret != ISC_R_SUCCESS) goto cleanup_other; dns_name_toregion(tsig->algorithm, &r); - ret = dst_sign(DST_SIG_MODE_UPDATE, key->key, &ctx, &r, NULL); + ret = dst_sign(DST_SIGMODE_UPDATE, key->key, &ctx, &r, NULL); if (ret != ISC_R_SUCCESS) goto cleanup_other; @@ -315,14 +315,14 @@ dns_tsig_sign(dns_message_t *msg) { isc_buffer_putuint16(&databuf, tsig->otherlen); isc_buffer_used(&databuf, &r); - ret = dst_sign(DST_SIG_MODE_UPDATE, key->key, &ctx, &r, NULL); + ret = dst_sign(DST_SIGMODE_UPDATE, key->key, &ctx, &r, NULL); if (ret != ISC_R_SUCCESS) goto cleanup_other; if (tsig->otherlen > 0) { r.length = tsig->otherlen; r.base = tsig->other; - ret = dst_sign(DST_SIG_MODE_UPDATE, key->key, &ctx, &r, + ret = dst_sign(DST_SIGMODE_UPDATE, key->key, &ctx, &r, NULL); if (ret != ISC_R_SUCCESS) goto cleanup_other; @@ -338,7 +338,7 @@ dns_tsig_sign(dns_message_t *msg) { isc_buffer_init(&sigbuf, tsig->signature, tsig->siglen, ISC_BUFFERTYPE_BINARY); - ret = dst_sign(DST_SIG_MODE_FINAL, key->key, &ctx, NULL, + ret = dst_sign(DST_SIGMODE_FINAL, key->key, &ctx, NULL, &sigbuf); if (ret != ISC_R_SUCCESS) goto cleanup_signature; @@ -518,7 +518,7 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg) { sig_r.base = tsig->signature; sig_r.length = tsig->siglen; - ret = dst_verify(DST_SIG_MODE_INIT, key, &ctx, NULL, &sig_r); + ret = dst_verify(DST_SIGMODE_INIT, key, &ctx, NULL, &sig_r); if (ret != ISC_R_SUCCESS) goto cleanup_key; @@ -527,14 +527,14 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg) { ISC_BUFFERTYPE_BINARY); isc_buffer_putuint16(&databuf, msg->querytsig->siglen); isc_buffer_used(&databuf, &r); - ret = dst_verify(DST_SIG_MODE_UPDATE, key, &ctx, &r, + ret = dst_verify(DST_SIGMODE_UPDATE, key, &ctx, &r, NULL); if (ret != ISC_R_SUCCESS) goto cleanup_key; if (msg->querytsig->siglen > 0) { r.length = msg->querytsig->siglen; r.base = msg->querytsig->signature; - ret = dst_verify(DST_SIG_MODE_UPDATE, key, + ret = dst_verify(DST_SIGMODE_UPDATE, key, &ctx, &r, NULL); if (ret != ISC_R_SUCCESS) goto cleanup_key; @@ -553,7 +553,7 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg) { /* Digest the modified header */ header_r.base = (unsigned char *) header; header_r.length = DNS_MESSAGE_HEADERLEN; - ret = dst_verify(DST_SIG_MODE_UPDATE, key, &ctx, &header_r, + ret = dst_verify(DST_SIGMODE_UPDATE, key, &ctx, &header_r, &sig_r); if (ret != ISC_R_SUCCESS) goto cleanup_key; @@ -562,13 +562,13 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg) { isc_buffer_used(source, &source_r); r.base = source_r.base + DNS_MESSAGE_HEADERLEN; r.length = msg->tsigstart - DNS_MESSAGE_HEADERLEN; - ret = dst_verify(DST_SIG_MODE_UPDATE, key, &ctx, &r, &sig_r); + ret = dst_verify(DST_SIGMODE_UPDATE, key, &ctx, &r, &sig_r); if (ret != ISC_R_SUCCESS) goto cleanup_key; /* Digest the key name */ dns_name_toregion(&tsigkey->name, &r); - ret = dst_verify(DST_SIG_MODE_UPDATE, key, &ctx, &r, &sig_r); + ret = dst_verify(DST_SIGMODE_UPDATE, key, &ctx, &r, &sig_r); if (ret != ISC_R_SUCCESS) goto cleanup_key; @@ -577,13 +577,13 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg) { isc_buffer_putuint16(&databuf, tsig->common.rdclass); isc_buffer_putuint32(&databuf, dataset->ttl); isc_buffer_used(&databuf, &r); - ret = dst_verify(DST_SIG_MODE_UPDATE, key, &ctx, &r, &sig_r); + ret = dst_verify(DST_SIGMODE_UPDATE, key, &ctx, &r, &sig_r); if (ret != ISC_R_SUCCESS) goto cleanup_key; /* Digest the key algorithm */ dns_name_toregion(&tsigkey->algorithm, &r); - ret = dst_verify(DST_SIG_MODE_UPDATE, key, &ctx, &r, &sig_r); + ret = dst_verify(DST_SIGMODE_UPDATE, key, &ctx, &r, &sig_r); if (ret != ISC_R_SUCCESS) goto cleanup_key; @@ -594,18 +594,18 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg) { isc_buffer_putuint16(&databuf, tsig->error); isc_buffer_putuint16(&databuf, tsig->otherlen); isc_buffer_used(&databuf, &r); - ret = dst_verify(DST_SIG_MODE_UPDATE, key, &ctx, &r, &sig_r); + ret = dst_verify(DST_SIGMODE_UPDATE, key, &ctx, &r, &sig_r); if (tsig->otherlen > 0) { r.base = tsig->other; r.length = tsig->otherlen; - ret = dst_verify(DST_SIG_MODE_UPDATE, key, &ctx, &r, + ret = dst_verify(DST_SIGMODE_UPDATE, key, &ctx, &r, &sig_r); if (ret != ISC_R_SUCCESS) goto cleanup_key; } - ret = dst_verify(DST_SIG_MODE_FINAL, key, &ctx, NULL, &sig_r); + ret = dst_verify(DST_SIGMODE_FINAL, key, &ctx, NULL, &sig_r); if (ret == DST_R_VERIFY_FINAL_FAILURE) { msg->tsigstatus = dns_tsigerror_badsig; return (DNS_R_TSIGVERIFYFAILURE);