Added dns_dnssec_iszonekey() to determine if a KEY is a zone key without

the overhead of converting it to a dst key.

lib/dns/dnssec.c

@@ -16,7 +16,7 @@
  */
 
 /*
- * $Id: dnssec.c,v 1.47 2000/08/01 01:22:20 tale Exp $
+ * $Id: dnssec.c,v 1.48 2000/08/10 02:00:33 bwelling Exp $
  * Principal Author: Brian Wellington
  */
 
@@ -770,3 +770,26 @@ failure:
 
 	return (result);
 }
+
+isc_boolean_t
+dns_dnssec_iszonekey(dns_rdata_t *keyrdata) {
+	isc_result_t result;
+	dns_rdata_key_t key;
+	isc_boolean_t iszonekey = ISC_TRUE;
+
+	REQUIRE(keyrdata != NULL);
+
+	result = dns_rdata_tostruct(keyrdata, &key, NULL);
+	if (result != ISC_R_SUCCESS)
+		return (ISC_FALSE);
+
+	if ((key.flags & DNS_KEYTYPE_NOAUTH) != 0)
+		iszonekey = ISC_FALSE;
+	if ((key.flags & DNS_KEYFLAG_OWNERMASK) != DNS_KEYOWNER_ZONE)
+		iszonekey = ISC_FALSE;
+	if (key.protocol != DNS_KEYPROTO_DNSSEC &&
+	    key.protocol != DNS_KEYPROTO_ANY)
+		iszonekey = ISC_FALSE;    
+
+	return (iszonekey);             
+}

lib/dns/include/dns/dnssec.h

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: dnssec.h,v 1.18 2000/08/01 01:24:09 tale Exp $ */
+/* $Id: dnssec.h,v 1.19 2000/08/10 02:00:35 bwelling Exp $ */
 
 #ifndef DNS_DNSSEC_H
 #define DNS_DNSSEC_H 1
@@ -159,6 +159,15 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg,
  *		DST_R_*
  */
 
+isc_boolean_t
+dns_dnssec_iszonekey(dns_rdata_t *keyrdata);
+/*
+ *	Determines if the key record contained in the rdata is a zone key.
+ *
+ *	Requires:
+ *		'keyrdata' is not NULL.
+ */
+
 ISC_LANG_ENDDECLS
 
 #endif /* DNS_DNSSEC_H */