Add function to see if dst key uses kasp

For purposes of zones transitioning back to insecure mode, it is
practical to see if related keys have a state file associated.

lib/dns/dst_api.c

@@ -649,12 +649,14 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type,
 				   filename, ".state");
 		INSIST(result == ISC_R_SUCCESS);
 
+		key->kasp = false;
 		result = dst_key_read_state(newfilename, mctx, &key);
-		if (result == ISC_R_FILENOTFOUND) {
+		if (result == ISC_R_SUCCESS) {
+			key->kasp = true;
+		} else if (result == ISC_R_FILENOTFOUND) {
 			/* Having no state is valid. */
 			result = ISC_R_SUCCESS;
 		}
-
 		isc_mem_put(mctx, newfilename, newfilenamelen);
 		newfilename = NULL;
 		RETERR(result);
@@ -2600,6 +2602,8 @@ dst_key_goal(dst_key_t *key) {
 	dst_key_state_t state;
 	isc_result_t result;
 
+	REQUIRE(VALID_KEY(key));
+
 	result = dst_key_getstate(key, DST_KEY_GOAL, &state);
 	if (result == ISC_R_SUCCESS) {
 		return (state);
@@ -2607,6 +2611,13 @@ dst_key_goal(dst_key_t *key) {
 	return (DST_KEY_STATE_HIDDEN);
 }
 
+bool
+dst_key_haskasp(dst_key_t *key) {
+	REQUIRE(VALID_KEY(key));
+
+	return (key->kasp);
+}
+
 void
 dst_key_copy_metadata(dst_key_t *to, dst_key_t *from) {
 	dst_key_state_t state;

lib/dns/dst_internal.h

@@ -123,6 +123,7 @@ struct dst_key {
 	bool keystateset[DST_MAX_KEYSTATES + 1];	  /*%< data
 							   * set? */
 
+	bool kasp;     /*%< key has kasp state */
 	bool inactive; /*%< private key not present as it is
 			* inactive */
 	bool external; /*%< external key */

lib/dns/include/dst/dst.h

@@ -1103,6 +1103,15 @@ dst_key_isexternal(dst_key_t *key);
  *	'key' to be valid.
  */
 
+bool
+dst_key_haskasp(dst_key_t *key);
+/*%<
+ * Check if this key has state (and thus uses KASP).
+ *
+ * Requires:
+ *	'key' to be valid.
+ */
+
 bool
 dst_key_is_unused(dst_key_t *key);
 /*%<

lib/dns/win32/libdns.def.in

@@ -1452,6 +1452,7 @@ dst_key_getstate
 dst_key_gettime
 dst_key_getttl
 dst_key_goal
+dst_key_haskasp
 dst_key_id
 dst_key_is_active
 dst_key_is_published