[Opendnssec-commits] [keihatsu.kirei.se/svn/dnssec] r5338 - branches/OpenDNSSEC-enforcer-ng/enforcer-ng/src/enforcer

Yuri Schaeffer yuri at keihatsu.kirei.se
Fri Jul 15 16:08:23 CEST 2011


Author: yuri
Date: 2011-07-15 16:08:23 +0200 (Fri, 15 Jul 2011)
New Revision: 5338

Modified:
   branches/OpenDNSSEC-enforcer-ng/enforcer-ng/src/enforcer/enforcer.cpp
Log:
Find newest key given a key-configuration
Almost support for multple keys in same role...


Modified: branches/OpenDNSSEC-enforcer-ng/enforcer-ng/src/enforcer/enforcer.cpp
===================================================================
--- branches/OpenDNSSEC-enforcer-ng/enforcer-ng/src/enforcer/enforcer.cpp	2011-07-15 13:18:43 UTC (rev 5337)
+++ branches/OpenDNSSEC-enforcer-ng/enforcer-ng/src/enforcer/enforcer.cpp	2011-07-15 14:08:23 UTC (rev 5338)
@@ -686,7 +686,6 @@
 	/** 2: loop over all configs for this role */
 	for (int i = 0; i < numberOfKeys(policyKeys, key.role()); i++)
 	{
-		KeyRole p_role;
 		int p_bits, p_alg, p_life;
 		string p_rep;
 		keyProperties(policyKeys, i, key.role(), &p_bits, &p_alg, 
@@ -700,6 +699,31 @@
 	return false;
 }
 
+bool
+youngestKeyForConfig(HsmKeyFactory &keyfactory, const Keys &policyKeys, 
+	const KeyRole role, const int index, 
+	KeyDataList &key_list, KeyData *key)
+{
+	int p_bits, p_alg, p_life;
+	string p_rep;
+	
+	/** fetch characteristics of config */
+	keyProperties(policyKeys, index, role, &p_bits, &p_alg, &p_life, p_rep); 
+	
+	key = NULL;
+	for (int j = 0; j < key_list.numKeys(); j++) {
+		KeyData &k = key_list.key(j);
+		HsmKey *hsmkey;
+		/** if we have a match, remember youngest */
+		if (keyfactory.GetHsmKeyByLocator(k.locator(), &hsmkey) &&
+			p_bits == hsmkey->bits() && p_alg == k.algorithm() &&
+			//~ p_life == key.lifetime() && //TODO key.lifetime() does not exist yet
+			!p_rep.compare(hsmkey->repository())  &&
+			(!key || k.inception() > key->inception())) key = &k;
+	}
+	return key!=NULL;
+}
+
 /**
  * See what needs to be done for the policy 
  * 




More information about the Opendnssec-commits mailing list