2011-01-09 20:31:23 +11:00
|
|
|
package dns
|
|
|
|
|
|
|
|
|
|
import (
|
2011-09-08 06:38:34 +10:00
|
|
|
"bytes"
|
2011-02-25 02:22:14 +11:00
|
|
|
"crypto"
|
2011-12-09 21:16:49 +11:00
|
|
|
"crypto/ecdsa"
|
|
|
|
|
"crypto/elliptic"
|
2011-01-09 20:31:23 +11:00
|
|
|
"crypto/md5"
|
2011-12-09 21:16:49 +11:00
|
|
|
"crypto/rand"
|
|
|
|
|
"crypto/rsa"
|
2011-01-09 20:31:23 +11:00
|
|
|
"crypto/sha1"
|
|
|
|
|
"crypto/sha256"
|
|
|
|
|
"crypto/sha512"
|
|
|
|
|
"encoding/hex"
|
|
|
|
|
"hash"
|
2011-12-17 01:06:24 +11:00
|
|
|
"io"
|
2011-12-09 21:16:49 +11:00
|
|
|
"math/big"
|
2011-01-09 20:31:23 +11:00
|
|
|
"sort"
|
|
|
|
|
"strings"
|
2011-12-09 21:16:49 +11:00
|
|
|
"time"
|
2011-01-09 20:31:23 +11:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// DNSSEC encryption algorithm codes.
|
|
|
|
|
const (
|
2011-09-08 16:26:40 +10:00
|
|
|
RSAMD5 = 1
|
|
|
|
|
DH = 2
|
|
|
|
|
DSA = 3
|
|
|
|
|
ECC = 4
|
|
|
|
|
RSASHA1 = 5
|
|
|
|
|
DSANSEC3SHA1 = 6
|
|
|
|
|
RSASHA1NSEC3SHA1 = 7
|
|
|
|
|
RSASHA256 = 8
|
|
|
|
|
RSASHA512 = 10
|
|
|
|
|
ECCGOST = 12
|
|
|
|
|
ECDSAP256SHA256 = 13
|
|
|
|
|
ECDSAP384SHA384 = 14
|
2011-12-10 07:45:57 +11:00
|
|
|
PRIVATEDNS = 253 // Private (experimental keys)
|
|
|
|
|
PRIVATEOID = 254
|
2011-01-09 20:31:23 +11:00
|
|
|
)
|
|
|
|
|
|
2011-07-24 07:15:40 +10:00
|
|
|
// DNSSEC hashing algorithm codes.
|
2011-01-09 20:31:23 +11:00
|
|
|
const (
|
2011-07-24 07:43:43 +10:00
|
|
|
_ = iota
|
|
|
|
|
SHA1 // RFC 4034
|
|
|
|
|
SHA256 // RFC 4509
|
|
|
|
|
GOST94 // RFC 5933
|
|
|
|
|
SHA384 // Experimental
|
2011-01-09 20:31:23 +11:00
|
|
|
)
|
|
|
|
|
|
2011-07-24 07:15:40 +10:00
|
|
|
// DNSKEY flag values.
|
2011-03-03 21:45:33 +11:00
|
|
|
const (
|
2012-01-09 02:49:54 +11:00
|
|
|
SEP = 1
|
|
|
|
|
ZONE = 1 << 7
|
|
|
|
|
REVOKE = 1 << 8
|
2011-03-03 21:45:33 +11:00
|
|
|
)
|
|
|
|
|
|
2011-01-14 21:57:28 +11:00
|
|
|
// The RRSIG needs to be converted to wireformat with some of
|
|
|
|
|
// the rdata (the signature) missing. Use this struct to easy
|
2011-02-12 08:21:41 +11:00
|
|
|
// the conversion (and re-use the pack/unpack functions).
|
2011-01-14 21:57:28 +11:00
|
|
|
type rrsigWireFmt struct {
|
|
|
|
|
TypeCovered uint16
|
|
|
|
|
Algorithm uint8
|
|
|
|
|
Labels uint8
|
|
|
|
|
OrigTtl uint32
|
|
|
|
|
Expiration uint32
|
|
|
|
|
Inception uint32
|
|
|
|
|
KeyTag uint16
|
|
|
|
|
SignerName string "domain-name"
|
|
|
|
|
/* No Signature */
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Used for converting DNSKEY's rdata to wirefmt.
|
|
|
|
|
type dnskeyWireFmt struct {
|
|
|
|
|
Flags uint16
|
|
|
|
|
Protocol uint8
|
|
|
|
|
Algorithm uint8
|
2011-02-25 02:22:14 +11:00
|
|
|
PublicKey string "base64"
|
2011-01-18 21:34:48 +11:00
|
|
|
/* Nothing is left out */
|
2011-01-14 21:57:28 +11:00
|
|
|
}
|
|
|
|
|
|
2011-09-09 03:25:45 +10:00
|
|
|
// Keytag calculates the keytag of the DNSKEY.
|
2011-01-09 20:31:23 +11:00
|
|
|
func (k *RR_DNSKEY) KeyTag() uint16 {
|
|
|
|
|
var keytag int
|
|
|
|
|
switch k.Algorithm {
|
2011-07-09 01:27:44 +10:00
|
|
|
case RSAMD5:
|
2011-01-09 20:31:23 +11:00
|
|
|
keytag = 0
|
|
|
|
|
default:
|
2011-01-17 04:37:29 +11:00
|
|
|
keywire := new(dnskeyWireFmt)
|
|
|
|
|
keywire.Flags = k.Flags
|
|
|
|
|
keywire.Protocol = k.Protocol
|
|
|
|
|
keywire.Algorithm = k.Algorithm
|
2011-01-25 23:57:54 +11:00
|
|
|
keywire.PublicKey = k.PublicKey
|
2011-01-28 06:43:55 +11:00
|
|
|
wire := make([]byte, DefaultMsgSize)
|
2012-01-12 06:33:38 +11:00
|
|
|
n, ok := packStruct(keywire, wire, 0)
|
2011-01-09 20:31:23 +11:00
|
|
|
if !ok {
|
|
|
|
|
return 0
|
|
|
|
|
}
|
2011-01-17 04:37:29 +11:00
|
|
|
wire = wire[:n]
|
2011-01-09 20:31:23 +11:00
|
|
|
for i, v := range wire {
|
|
|
|
|
if i&1 != 0 {
|
|
|
|
|
keytag += int(v) // must be larger than uint32
|
|
|
|
|
} else {
|
|
|
|
|
keytag += int(v) << 8
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
keytag += (keytag >> 16) & 0xFFFF
|
|
|
|
|
keytag &= 0xFFFF
|
|
|
|
|
}
|
|
|
|
|
return uint16(keytag)
|
|
|
|
|
}
|
|
|
|
|
|
2011-09-09 03:25:45 +10:00
|
|
|
// ToDS converts a DNSKEY record to a DS record.
|
2011-01-09 20:31:23 +11:00
|
|
|
func (k *RR_DNSKEY) ToDS(h int) *RR_DS {
|
|
|
|
|
ds := new(RR_DS)
|
|
|
|
|
ds.Hdr.Name = k.Hdr.Name
|
|
|
|
|
ds.Hdr.Class = k.Hdr.Class
|
2011-03-24 19:24:24 +11:00
|
|
|
ds.Hdr.Rrtype = TypeDS
|
2011-01-09 20:31:23 +11:00
|
|
|
ds.Hdr.Ttl = k.Hdr.Ttl
|
|
|
|
|
ds.Algorithm = k.Algorithm
|
|
|
|
|
ds.DigestType = uint8(h)
|
|
|
|
|
ds.KeyTag = k.KeyTag()
|
|
|
|
|
|
2011-01-17 04:37:29 +11:00
|
|
|
keywire := new(dnskeyWireFmt)
|
|
|
|
|
keywire.Flags = k.Flags
|
|
|
|
|
keywire.Protocol = k.Protocol
|
|
|
|
|
keywire.Algorithm = k.Algorithm
|
2011-01-25 23:57:54 +11:00
|
|
|
keywire.PublicKey = k.PublicKey
|
2011-01-28 06:43:55 +11:00
|
|
|
wire := make([]byte, DefaultMsgSize)
|
2012-01-12 06:33:38 +11:00
|
|
|
n, ok := packStruct(keywire, wire, 0)
|
2011-01-17 04:37:29 +11:00
|
|
|
if !ok {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
wire = wire[:n]
|
2011-01-14 21:57:28 +11:00
|
|
|
|
2011-01-17 04:37:29 +11:00
|
|
|
owner := make([]byte, 255)
|
2012-01-12 02:16:09 +11:00
|
|
|
off, ok1 := PackDomainName(k.Hdr.Name, owner, 0, nil, false)
|
2011-01-09 20:31:23 +11:00
|
|
|
if !ok1 {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2011-01-17 04:37:29 +11:00
|
|
|
owner = owner[:off]
|
2011-03-16 05:41:28 +11:00
|
|
|
// RFC4034:
|
|
|
|
|
// digest = digest_algorithm( DNSKEY owner name | DNSKEY RDATA);
|
|
|
|
|
// "|" denotes concatenation
|
|
|
|
|
// DNSKEY RDATA = Flags | Protocol | Algorithm | Public Key.
|
|
|
|
|
|
2011-01-09 20:31:23 +11:00
|
|
|
// digest buffer
|
2012-01-16 02:00:40 +11:00
|
|
|
digest := append(owner, wire...) // another copy
|
2011-01-09 20:31:23 +11:00
|
|
|
|
|
|
|
|
switch h {
|
2011-07-09 01:27:44 +10:00
|
|
|
case SHA1:
|
2011-01-09 20:31:23 +11:00
|
|
|
s := sha1.New()
|
2011-12-17 01:06:24 +11:00
|
|
|
io.WriteString(s, string(digest))
|
|
|
|
|
ds.Digest = hex.EncodeToString(s.Sum(nil))
|
2011-07-09 01:27:44 +10:00
|
|
|
case SHA256:
|
2011-01-09 20:31:23 +11:00
|
|
|
s := sha256.New()
|
2011-12-17 01:06:24 +11:00
|
|
|
io.WriteString(s, string(digest))
|
|
|
|
|
ds.Digest = hex.EncodeToString(s.Sum(nil))
|
2011-07-24 07:43:43 +10:00
|
|
|
case SHA384:
|
|
|
|
|
s := sha512.New384()
|
2011-12-17 01:06:24 +11:00
|
|
|
io.WriteString(s, string(digest))
|
|
|
|
|
ds.Digest = hex.EncodeToString(s.Sum(nil))
|
2011-07-09 01:27:44 +10:00
|
|
|
case GOST94:
|
2011-01-18 21:34:48 +11:00
|
|
|
/* I have no clue */
|
2011-01-09 20:31:23 +11:00
|
|
|
default:
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
return ds
|
|
|
|
|
}
|
|
|
|
|
|
2011-09-08 16:30:17 +10:00
|
|
|
// Sign signs an RRSet. The signature needs to be filled in with
|
2011-01-18 21:25:47 +11:00
|
|
|
// the values: Inception, Expiration, KeyTag, SignerName and Algorithm.
|
2011-09-09 03:25:45 +10:00
|
|
|
// The rest is copied from the RRset. Sign returns true when the signing went OK,
|
|
|
|
|
// otherwise false.
|
|
|
|
|
// The signature data in the RRSIG is filled by this method.
|
2011-03-31 00:44:28 +11:00
|
|
|
// There is no check if RRSet is a proper (RFC 2181) RRSet.
|
2011-11-03 09:06:54 +11:00
|
|
|
func (s *RR_RRSIG) Sign(k PrivateKey, rrset RRset) error {
|
2011-01-17 04:37:29 +11:00
|
|
|
if k == nil {
|
2011-09-09 18:21:04 +10:00
|
|
|
return ErrPrivKey
|
2011-01-17 04:37:29 +11:00
|
|
|
}
|
2011-02-25 01:29:36 +11:00
|
|
|
// s.Inception and s.Expiration may be 0 (rollover etc.), the rest must be set
|
2011-01-18 21:34:48 +11:00
|
|
|
if s.KeyTag == 0 || len(s.SignerName) == 0 || s.Algorithm == 0 {
|
2011-09-09 18:21:04 +10:00
|
|
|
return ErrKey
|
2011-02-25 02:22:14 +11:00
|
|
|
}
|
2011-02-25 01:29:36 +11:00
|
|
|
|
2011-01-18 21:25:47 +11:00
|
|
|
s.Hdr.Rrtype = TypeRRSIG
|
|
|
|
|
s.Hdr.Name = rrset[0].Header().Name
|
|
|
|
|
s.Hdr.Class = rrset[0].Header().Class
|
2011-01-18 21:34:48 +11:00
|
|
|
s.OrigTtl = rrset[0].Header().Ttl
|
|
|
|
|
s.TypeCovered = rrset[0].Header().Rrtype
|
2011-01-14 22:10:54 +11:00
|
|
|
s.TypeCovered = rrset[0].Header().Rrtype
|
2012-01-13 09:17:34 +11:00
|
|
|
s.Labels, _ = IsDomainName(rrset[0].Header().Name)
|
2011-02-25 02:22:14 +11:00
|
|
|
if strings.HasPrefix(rrset[0].Header().Name, "*") {
|
2012-01-09 01:54:33 +11:00
|
|
|
s.Labels-- // wildcard, remove from label count
|
2011-02-25 02:22:14 +11:00
|
|
|
}
|
2011-02-25 01:29:36 +11:00
|
|
|
|
2011-01-14 21:57:28 +11:00
|
|
|
sigwire := new(rrsigWireFmt)
|
2011-01-14 22:10:54 +11:00
|
|
|
sigwire.TypeCovered = s.TypeCovered
|
|
|
|
|
sigwire.Algorithm = s.Algorithm
|
|
|
|
|
sigwire.Labels = s.Labels
|
|
|
|
|
sigwire.OrigTtl = s.OrigTtl
|
|
|
|
|
sigwire.Expiration = s.Expiration
|
|
|
|
|
sigwire.Inception = s.Inception
|
|
|
|
|
sigwire.KeyTag = s.KeyTag
|
2011-09-08 07:07:07 +10:00
|
|
|
sigwire.SignerName = strings.ToLower(s.SignerName)
|
2011-01-14 22:10:54 +11:00
|
|
|
|
|
|
|
|
// Create the desired binary blob
|
2011-01-27 19:38:52 +11:00
|
|
|
signdata := make([]byte, DefaultMsgSize)
|
2012-01-12 06:33:38 +11:00
|
|
|
n, ok := packStruct(sigwire, signdata, 0)
|
2011-01-14 22:10:54 +11:00
|
|
|
if !ok {
|
2011-09-09 18:21:04 +10:00
|
|
|
return ErrPack
|
2011-01-14 22:10:54 +11:00
|
|
|
}
|
|
|
|
|
signdata = signdata[:n]
|
2011-02-25 02:22:14 +11:00
|
|
|
wire := rawSignatureData(rrset, s)
|
|
|
|
|
if wire == nil {
|
2011-09-09 18:21:04 +10:00
|
|
|
return ErrSigGen
|
2011-02-25 02:22:14 +11:00
|
|
|
}
|
2011-02-25 01:29:36 +11:00
|
|
|
signdata = append(signdata, wire...)
|
2011-01-14 22:10:54 +11:00
|
|
|
|
2011-07-24 07:43:43 +10:00
|
|
|
var sighash []byte
|
|
|
|
|
var h hash.Hash
|
|
|
|
|
var ch crypto.Hash // Only need for RSA
|
|
|
|
|
switch s.Algorithm {
|
|
|
|
|
case RSAMD5:
|
|
|
|
|
h = md5.New()
|
|
|
|
|
ch = crypto.MD5
|
2011-09-08 16:26:40 +10:00
|
|
|
case RSASHA1, RSASHA1NSEC3SHA1:
|
2011-07-24 07:43:43 +10:00
|
|
|
h = sha1.New()
|
|
|
|
|
ch = crypto.SHA1
|
|
|
|
|
case RSASHA256, ECDSAP256SHA256:
|
|
|
|
|
h = sha256.New()
|
|
|
|
|
ch = crypto.SHA256
|
|
|
|
|
case ECDSAP384SHA384:
|
|
|
|
|
h = sha512.New384()
|
|
|
|
|
case RSASHA512:
|
|
|
|
|
h = sha512.New()
|
|
|
|
|
ch = crypto.SHA512
|
|
|
|
|
default:
|
2011-09-09 18:21:04 +10:00
|
|
|
return ErrAlg
|
2011-07-24 07:43:43 +10:00
|
|
|
}
|
2011-12-17 01:06:24 +11:00
|
|
|
io.WriteString(h, string(signdata))
|
|
|
|
|
sighash = h.Sum(nil)
|
2011-07-24 07:43:43 +10:00
|
|
|
|
|
|
|
|
switch p := k.(type) {
|
|
|
|
|
case *rsa.PrivateKey:
|
|
|
|
|
signature, err := rsa.SignPKCS1v15(rand.Reader, p, ch, sighash)
|
|
|
|
|
if err != nil {
|
2011-09-08 07:55:00 +10:00
|
|
|
return err
|
2011-07-24 07:43:43 +10:00
|
|
|
}
|
|
|
|
|
s.Signature = unpackBase64(signature)
|
|
|
|
|
case *ecdsa.PrivateKey:
|
|
|
|
|
r1, s1, err := ecdsa.Sign(rand.Reader, p, sighash)
|
|
|
|
|
if err != nil {
|
2011-09-08 07:55:00 +10:00
|
|
|
return err
|
2011-07-24 07:43:43 +10:00
|
|
|
}
|
|
|
|
|
signature := r1.Bytes()
|
|
|
|
|
signature = append(signature, s1.Bytes()...)
|
|
|
|
|
s.Signature = unpackBase64(signature)
|
|
|
|
|
default:
|
|
|
|
|
// Not given the correct key
|
2011-09-09 18:21:04 +10:00
|
|
|
return ErrKeyAlg
|
2011-07-24 07:43:43 +10:00
|
|
|
}
|
2011-09-08 07:55:00 +10:00
|
|
|
return nil
|
2011-01-14 03:14:14 +11:00
|
|
|
}
|
|
|
|
|
|
2011-09-09 03:25:45 +10:00
|
|
|
// Verify validates an RRSet with the signature and key. This is only the
|
2011-01-27 19:29:11 +11:00
|
|
|
// cryptographic test, the signature validity period most be checked separately.
|
2011-11-03 09:06:54 +11:00
|
|
|
func (s *RR_RRSIG) Verify(k *RR_DNSKEY, rrset RRset) error {
|
2011-01-09 20:31:23 +11:00
|
|
|
// Frist the easy checks
|
|
|
|
|
if s.KeyTag != k.KeyTag() {
|
2011-09-09 18:21:04 +10:00
|
|
|
return ErrKey
|
2011-01-09 20:31:23 +11:00
|
|
|
}
|
|
|
|
|
if s.Hdr.Class != k.Hdr.Class {
|
2011-09-09 18:21:04 +10:00
|
|
|
return ErrKey
|
2011-01-09 20:31:23 +11:00
|
|
|
}
|
|
|
|
|
if s.Algorithm != k.Algorithm {
|
2011-09-09 18:21:04 +10:00
|
|
|
return ErrKey
|
2011-01-09 20:31:23 +11:00
|
|
|
}
|
|
|
|
|
if s.SignerName != k.Hdr.Name {
|
2011-09-09 18:21:04 +10:00
|
|
|
return ErrKey
|
2011-01-09 20:31:23 +11:00
|
|
|
}
|
|
|
|
|
for _, r := range rrset {
|
|
|
|
|
if r.Header().Class != s.Hdr.Class {
|
2011-09-09 18:21:04 +10:00
|
|
|
return ErrRRset
|
2011-01-09 20:31:23 +11:00
|
|
|
}
|
|
|
|
|
if r.Header().Rrtype != s.TypeCovered {
|
2011-09-09 18:21:04 +10:00
|
|
|
return ErrRRset
|
2011-01-09 20:31:23 +11:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// RFC 4035 5.3.2. Reconstructing the Signed Data
|
|
|
|
|
// Copy the sig, except the rrsig data
|
2011-01-14 21:57:28 +11:00
|
|
|
sigwire := new(rrsigWireFmt)
|
|
|
|
|
sigwire.TypeCovered = s.TypeCovered
|
|
|
|
|
sigwire.Algorithm = s.Algorithm
|
|
|
|
|
sigwire.Labels = s.Labels
|
|
|
|
|
sigwire.OrigTtl = s.OrigTtl
|
|
|
|
|
sigwire.Expiration = s.Expiration
|
|
|
|
|
sigwire.Inception = s.Inception
|
|
|
|
|
sigwire.KeyTag = s.KeyTag
|
2011-09-08 07:07:07 +10:00
|
|
|
sigwire.SignerName = strings.ToLower(s.SignerName)
|
2011-01-14 21:57:28 +11:00
|
|
|
// Create the desired binary blob
|
2011-01-27 19:38:52 +11:00
|
|
|
signeddata := make([]byte, DefaultMsgSize)
|
2012-01-12 06:33:38 +11:00
|
|
|
n, ok := packStruct(sigwire, signeddata, 0)
|
2011-01-09 20:31:23 +11:00
|
|
|
if !ok {
|
2011-09-09 18:21:04 +10:00
|
|
|
return ErrPack
|
2011-01-09 20:31:23 +11:00
|
|
|
}
|
2011-01-14 21:57:28 +11:00
|
|
|
signeddata = signeddata[:n]
|
2011-02-25 02:22:14 +11:00
|
|
|
wire := rawSignatureData(rrset, s)
|
|
|
|
|
if wire == nil {
|
2011-09-09 18:21:04 +10:00
|
|
|
return ErrSigGen
|
2011-02-25 02:22:14 +11:00
|
|
|
}
|
|
|
|
|
signeddata = append(signeddata, wire...)
|
2011-01-09 20:31:23 +11:00
|
|
|
|
2011-01-14 21:57:28 +11:00
|
|
|
sigbuf := s.sigBuf() // Get the binary signature data
|
2011-12-10 07:45:57 +11:00
|
|
|
if s.Algorithm == PRIVATEDNS {
|
|
|
|
|
// remove the domain name and assume its our
|
|
|
|
|
}
|
2011-01-09 20:31:23 +11:00
|
|
|
|
|
|
|
|
switch s.Algorithm {
|
2011-09-08 16:26:40 +10:00
|
|
|
case RSASHA1, RSASHA1NSEC3SHA1, RSASHA256, RSASHA512, RSAMD5:
|
2011-01-14 21:57:28 +11:00
|
|
|
pubkey := k.pubKeyRSA() // Get the key
|
2011-01-09 20:31:23 +11:00
|
|
|
// Setup the hash as defined for this alg.
|
|
|
|
|
var h hash.Hash
|
2011-02-02 19:05:25 +11:00
|
|
|
var ch crypto.Hash
|
2011-01-09 20:31:23 +11:00
|
|
|
switch s.Algorithm {
|
2011-07-09 01:27:44 +10:00
|
|
|
case RSAMD5:
|
2011-01-09 20:31:23 +11:00
|
|
|
h = md5.New()
|
2011-02-02 19:05:25 +11:00
|
|
|
ch = crypto.MD5
|
2011-09-08 16:26:40 +10:00
|
|
|
case RSASHA1, RSASHA1NSEC3SHA1:
|
2011-01-09 20:31:23 +11:00
|
|
|
h = sha1.New()
|
2011-02-02 19:05:25 +11:00
|
|
|
ch = crypto.SHA1
|
2011-07-09 01:27:44 +10:00
|
|
|
case RSASHA256:
|
2011-01-09 20:31:23 +11:00
|
|
|
h = sha256.New()
|
2011-02-02 19:05:25 +11:00
|
|
|
ch = crypto.SHA256
|
2011-07-09 01:27:44 +10:00
|
|
|
case RSASHA512:
|
2011-01-09 20:31:23 +11:00
|
|
|
h = sha512.New()
|
2011-02-02 19:05:25 +11:00
|
|
|
ch = crypto.SHA512
|
2011-01-09 20:31:23 +11:00
|
|
|
}
|
2011-12-17 01:06:24 +11:00
|
|
|
io.WriteString(h, string(signeddata))
|
|
|
|
|
sighash := h.Sum(nil)
|
2011-09-08 07:55:00 +10:00
|
|
|
return rsa.VerifyPKCS1v15(pubkey, ch, sighash, sigbuf)
|
2011-01-09 20:31:23 +11:00
|
|
|
}
|
2011-09-08 07:55:00 +10:00
|
|
|
// Unknown alg
|
2011-11-03 09:06:54 +11:00
|
|
|
return ErrAlg
|
2011-01-09 20:31:23 +11:00
|
|
|
}
|
|
|
|
|
|
2011-09-09 03:25:45 +10:00
|
|
|
// ValidityPeriod uses RFC1982 serial arithmetic to calculate
|
|
|
|
|
// if a signature period is valid.
|
2011-03-24 19:24:24 +11:00
|
|
|
func (s *RR_RRSIG) ValidityPeriod() bool {
|
2011-12-09 21:16:49 +11:00
|
|
|
utc := time.Now().UTC().Unix()
|
2011-01-09 20:31:23 +11:00
|
|
|
modi := (int64(s.Inception) - utc) / Year68
|
|
|
|
|
mode := (int64(s.Expiration) - utc) / Year68
|
|
|
|
|
ti := int64(s.Inception) + (modi * Year68)
|
|
|
|
|
te := int64(s.Expiration) + (mode * Year68)
|
|
|
|
|
return ti <= utc && utc <= te
|
|
|
|
|
}
|
|
|
|
|
|
2011-01-14 21:57:28 +11:00
|
|
|
// Return the signatures base64 encodedig sigdata as a byte slice.
|
|
|
|
|
func (s *RR_RRSIG) sigBuf() []byte {
|
2011-01-17 04:37:29 +11:00
|
|
|
sigbuf, err := packBase64([]byte(s.Signature))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2011-01-14 21:57:28 +11:00
|
|
|
return sigbuf
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Extract the RSA public key from the Key record
|
|
|
|
|
func (k *RR_DNSKEY) pubKeyRSA() *rsa.PublicKey {
|
2011-01-25 23:57:54 +11:00
|
|
|
keybuf, err := packBase64([]byte(k.PublicKey))
|
2011-01-17 04:37:29 +11:00
|
|
|
if err != nil {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2011-01-14 21:57:28 +11:00
|
|
|
|
2011-01-09 20:31:23 +11:00
|
|
|
// RFC 2537/3110, section 2. RSA Public KEY Resource Records
|
|
|
|
|
// Length is in the 0th byte, unless its zero, then it
|
|
|
|
|
// it in bytes 1 and 2 and its a 16 bit number
|
|
|
|
|
explen := uint16(keybuf[0])
|
|
|
|
|
keyoff := 1
|
|
|
|
|
if explen == 0 {
|
|
|
|
|
explen = uint16(keybuf[1])<<8 | uint16(keybuf[2])
|
|
|
|
|
keyoff = 3
|
|
|
|
|
}
|
|
|
|
|
pubkey := new(rsa.PublicKey)
|
|
|
|
|
pubkey.N = big.NewInt(0)
|
|
|
|
|
shift := (explen - 1) * 8
|
|
|
|
|
for i := int(explen - 1); i >= 0; i-- {
|
|
|
|
|
pubkey.E += int(keybuf[keyoff+i]) << shift
|
|
|
|
|
shift -= 8
|
|
|
|
|
}
|
|
|
|
|
pubkey.N.SetBytes(keybuf[keyoff+int(explen):])
|
|
|
|
|
return pubkey
|
|
|
|
|
}
|
|
|
|
|
|
2011-07-08 19:08:31 +10:00
|
|
|
// Extract the Curve public key from the Key record
|
|
|
|
|
func (k *RR_DNSKEY) pubKeyCurve() *ecdsa.PublicKey {
|
2011-07-24 07:43:43 +10:00
|
|
|
keybuf, err := packBase64([]byte(k.PublicKey))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
var c *elliptic.Curve
|
|
|
|
|
switch k.Algorithm {
|
|
|
|
|
case ECDSAP256SHA256:
|
|
|
|
|
c = elliptic.P256()
|
|
|
|
|
case ECDSAP384SHA384:
|
|
|
|
|
c = elliptic.P384()
|
|
|
|
|
}
|
|
|
|
|
x, y := c.Unmarshal(keybuf)
|
|
|
|
|
pubkey := new(ecdsa.PublicKey)
|
|
|
|
|
pubkey.X = x
|
|
|
|
|
pubkey.Y = y
|
|
|
|
|
pubkey.Curve = c
|
|
|
|
|
return pubkey
|
2011-07-08 19:08:31 +10:00
|
|
|
}
|
|
|
|
|
|
2011-01-17 04:37:29 +11:00
|
|
|
// Set the public key (the value E and N)
|
2011-03-24 19:02:19 +11:00
|
|
|
func (k *RR_DNSKEY) setPublicKeyRSA(_E int, _N *big.Int) bool {
|
2011-07-07 19:19:57 +10:00
|
|
|
if _E == 0 || _N == nil {
|
2011-03-24 19:24:24 +11:00
|
|
|
return false
|
|
|
|
|
}
|
2011-01-18 06:29:40 +11:00
|
|
|
buf := exponentToBuf(_E)
|
|
|
|
|
buf = append(buf, _N.Bytes()...)
|
2011-01-25 23:57:54 +11:00
|
|
|
k.PublicKey = unpackBase64(buf)
|
2011-03-24 19:02:19 +11:00
|
|
|
return true
|
2011-01-18 04:13:52 +11:00
|
|
|
}
|
|
|
|
|
|
2011-07-08 18:41:07 +10:00
|
|
|
// Set the public key for Elliptic Curves
|
2011-07-08 22:51:40 +10:00
|
|
|
func (k *RR_DNSKEY) setPublicKeyCurve(_X, _Y *big.Int) bool {
|
2011-07-24 07:43:43 +10:00
|
|
|
if _X == nil || _Y == nil {
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
buf := curveToBuf(_X, _Y)
|
|
|
|
|
k.PublicKey = unpackBase64(buf)
|
|
|
|
|
return true
|
2011-07-08 18:41:07 +10:00
|
|
|
}
|
|
|
|
|
|
2011-07-07 19:19:57 +10:00
|
|
|
// Set the public key (the values E and N) for RSA
|
2011-01-18 06:18:51 +11:00
|
|
|
// RFC 3110: Section 2. RSA Public KEY Resource Records
|
2011-01-18 04:13:52 +11:00
|
|
|
func exponentToBuf(_E int) []byte {
|
2011-01-18 06:29:40 +11:00
|
|
|
var buf []byte
|
|
|
|
|
i := big.NewInt(int64(_E))
|
|
|
|
|
if len(i.Bytes()) < 256 {
|
|
|
|
|
buf = make([]byte, 1)
|
|
|
|
|
buf[0] = uint8(len(i.Bytes()))
|
|
|
|
|
} else {
|
|
|
|
|
buf = make([]byte, 3)
|
|
|
|
|
buf[0] = 0
|
|
|
|
|
buf[1] = uint8(len(i.Bytes()) >> 8)
|
|
|
|
|
buf[2] = uint8(len(i.Bytes()))
|
|
|
|
|
}
|
|
|
|
|
buf = append(buf, i.Bytes()...)
|
|
|
|
|
return buf
|
2011-01-17 04:37:29 +11:00
|
|
|
}
|
|
|
|
|
|
2011-09-09 03:25:45 +10:00
|
|
|
// Set the public key for X and Y for Curve. Experiment.
|
2011-07-08 22:51:40 +10:00
|
|
|
func curveToBuf(_X, _Y *big.Int) []byte {
|
2011-07-24 07:43:43 +10:00
|
|
|
buf := _X.Bytes()
|
|
|
|
|
buf = append(buf, _Y.Bytes()...)
|
|
|
|
|
return buf
|
2011-07-08 18:41:07 +10:00
|
|
|
}
|
|
|
|
|
|
2011-09-08 06:38:34 +10:00
|
|
|
type wireSlice [][]byte
|
|
|
|
|
|
|
|
|
|
func (p wireSlice) Len() int { return len(p) }
|
|
|
|
|
func (p wireSlice) Less(i, j int) bool {
|
2011-10-07 05:16:23 +11:00
|
|
|
_, ioff, _ := UnpackDomainName(p[i], 0)
|
|
|
|
|
_, joff, _ := UnpackDomainName(p[j], 0)
|
2011-09-08 06:38:34 +10:00
|
|
|
return bytes.Compare(p[i][ioff+10:], p[j][joff+10:]) < 0
|
|
|
|
|
}
|
|
|
|
|
func (p wireSlice) Swap(i, j int) { p[i], p[j] = p[j], p[i] }
|
|
|
|
|
|
2011-09-09 03:25:45 +10:00
|
|
|
// Return the raw signature data.
|
2011-02-25 01:29:36 +11:00
|
|
|
func rawSignatureData(rrset RRset, s *RR_RRSIG) (buf []byte) {
|
2011-09-08 06:38:34 +10:00
|
|
|
wires := make(wireSlice, len(rrset))
|
|
|
|
|
for i, r := range rrset {
|
2011-02-25 01:29:36 +11:00
|
|
|
h := r.Header()
|
|
|
|
|
// RFC 4034: 6.2. Canonical RR Form. (2) - domain name to lowercase
|
|
|
|
|
name := h.Name
|
|
|
|
|
h.Name = strings.ToLower(h.Name)
|
|
|
|
|
// 6.2. Canonical RR Form. (3) - domain rdata to lowercaser
|
|
|
|
|
switch h.Rrtype {
|
|
|
|
|
case TypeNS, TypeCNAME, TypeSOA, TypeMB, TypeMG, TypeMR, TypePTR:
|
|
|
|
|
case TypeHINFO, TypeMINFO, TypeMX /* TypeRP, TypeAFSDB, TypeRT */ :
|
|
|
|
|
case TypeSIG /* TypePX, TypeNXT /* TypeNAPTR, TypeKX */ :
|
|
|
|
|
case TypeSRV, /* TypeDNAME, TypeA6 */ TypeRRSIG, TypeNSEC:
|
|
|
|
|
// lower case the domain rdata //
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
// 6.2. Canonical RR Form. (4) - wildcards
|
2011-02-25 02:22:14 +11:00
|
|
|
// dont have to do anything
|
2011-02-25 01:29:36 +11:00
|
|
|
|
|
|
|
|
// 6.2. Canonical RR Form. (5) - origTTL
|
|
|
|
|
ttl := h.Ttl
|
2012-01-16 02:00:40 +11:00
|
|
|
wire := make([]byte, r.Len())
|
2011-02-25 01:29:36 +11:00
|
|
|
h.Ttl = s.OrigTtl
|
2012-01-12 06:26:39 +11:00
|
|
|
off, ok1 := packRR(r, wire, 0, nil, false)
|
2011-02-25 01:31:58 +11:00
|
|
|
h.Ttl = ttl // restore the order in the universe TODO(mg) work on copy
|
2012-01-16 02:00:40 +11:00
|
|
|
wire = wire[:off]
|
2011-02-25 01:29:36 +11:00
|
|
|
h.Name = name
|
|
|
|
|
if !ok1 {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2011-09-08 06:38:34 +10:00
|
|
|
wires[i] = wire
|
|
|
|
|
}
|
|
|
|
|
sort.Sort(wires)
|
|
|
|
|
for _, wire := range wires {
|
2011-02-25 02:22:14 +11:00
|
|
|
buf = append(buf, wire...)
|
|
|
|
|
}
|
|
|
|
|
return
|
2011-02-25 01:29:36 +11:00
|
|
|
}
|
|
|
|
|
|
2011-01-09 20:31:23 +11:00
|
|
|
// Map for algorithm names.
|
2012-01-12 23:01:43 +11:00
|
|
|
var Alg_str = map[uint8]string{
|
2011-09-08 16:26:40 +10:00
|
|
|
RSAMD5: "RSAMD5",
|
|
|
|
|
DH: "DH",
|
|
|
|
|
DSA: "DSA",
|
|
|
|
|
RSASHA1: "RSASHA1",
|
|
|
|
|
DSANSEC3SHA1: "DSA-NSEC3-SHA1",
|
|
|
|
|
RSASHA1NSEC3SHA1: "RSASHA1-NSEC3-SHA1",
|
|
|
|
|
RSASHA256: "RSASHA256",
|
|
|
|
|
RSASHA512: "RSASHA512",
|
|
|
|
|
ECCGOST: "ECC-GOST",
|
|
|
|
|
ECDSAP256SHA256: "ECDSAP256SHA256",
|
|
|
|
|
ECDSAP384SHA384: "ECDSAP384SHA384",
|
2011-12-10 07:45:57 +11:00
|
|
|
PRIVATEDNS: "PRIVATEDNS",
|
|
|
|
|
PRIVATEOID: "PRIVATEOID",
|
2011-01-09 20:31:23 +11:00
|
|
|
}
|
