1 files changed, 31 insertions, 0 deletions

diff --git a/avahi-core/dns.c b/avahi-core/dns.c
index 0206ec7..29fe515 100644
--- a/avahi-core/dns.c
+++ b/avahi-core/dns.c
@@ -858,3 +858,34 @@ size_t avahi_rdata_serialize(AvahiRecord *record, void *rdata, size_t max_size)
     
     return p.size;
 }
+
+/* TODO: should this be located in this file? */
+/* r = avahi_get_local_zsk_pubkey(<ttl>) */
+AvahiRecord* avahi_get_local_zsk_pubkey(uint32_t ttl){
+
+    AvahiRecord *r;
+
+    r = avahi_record_new_full(keyname, AVAHI_DNS_CLASS_IN, AVAHI_DNS_TYPE_DNSKEY, 0);
+
+    if (!r) {
+      avahi_log_error("avahi_record_new_full() failed.");
+        return NULL;
+    }
+
+    r->ttl = ttl;   /* TTL of records associated with a signature MUST match the record's */
+
+    r->flags = AVAHI_DNSSEC_DNSKEY_ZK_FLAG; /* bit 7 MUST be set to indicate DNSSEC key */
+
+    r->protocol = AVAHI_DNSSEC_PROTO; /* used for "compatibility" with KEY record */
+
+    /* TODO: in merged version into upstream, key needs to be an external configurable pulled from /etc */
+    /* in the prototype, we just statically configure */
+
+    r->algorithm = AVAHI_DNSSEC_KEY_SHA1; /* SHA1 is mandatory in the spec, but others do exist */
+
+    /* statically using key 62051 which has 512b length */
+    /* 512b ZSK pubkey in base64 encoding */
+    r->public_key = avahi_strndup("AQO/7WDOTMzPbRAEVbwYttMZztSn+exNoeNTsPqNXb6dtNqpRIdzwgfS3kBtaBtqiOGyJjts7qjXbQRX/QvvFuFF", strlen("AQO/7WDOTMzPbRAEVbwYttMZztSn+exNoeNTsPqNXb6dtNqpRIdzwgfS3kBtaBtqiOGyJjts7qjXbQRX/QvvFuFF"));
+
+    return r;
+}