2011-01-16 00:40:54 +11:00
|
|
|
package dns
|
2010-12-31 06:00:26 +11:00
|
|
|
|
2011-01-18 06:29:40 +11:00
|
|
|
import (
|
2011-12-10 07:45:57 +11:00
|
|
|
"crypto/rsa"
|
2011-12-16 03:37:07 +11:00
|
|
|
"os"
|
2011-07-24 07:43:43 +10:00
|
|
|
"strings"
|
2011-01-18 06:29:40 +11:00
|
|
|
"testing"
|
2011-12-16 03:37:07 +11:00
|
|
|
"time"
|
2011-01-18 06:29:40 +11:00
|
|
|
)
|
2010-12-31 06:00:26 +11:00
|
|
|
|
2011-07-18 04:51:27 +10:00
|
|
|
func TestSign(t *testing.T) {
|
|
|
|
pub := "miek.nl. IN DNSKEY 256 3 5 AwEAAb+8lGNCxJgLS8rYVer6EnHVuIkQDghdjdtewDzU3G5R7PbMbKVRvH2Ma7pQyYceoaqWZQirSj72euPWfPxQnMy9ucCylA+FuH9cSjIcPf4PqJfdupHk9X6EBYjxrCLY4p1/yBwgyBIRJtZtAqM3ceAH2WovEJD6rTtOuHo5AluJ"
|
2011-01-18 05:52:28 +11:00
|
|
|
|
2011-07-18 04:51:27 +10:00
|
|
|
priv := `Private-key-format: v1.3
|
2011-01-18 05:52:28 +11:00
|
|
|
Algorithm: 5 (RSASHA1)
|
2011-07-18 04:51:27 +10:00
|
|
|
Modulus: v7yUY0LEmAtLythV6voScdW4iRAOCF2N217APNTcblHs9sxspVG8fYxrulDJhx6hqpZlCKtKPvZ649Z8/FCczL25wLKUD4W4f1xKMhw9/g+ol926keT1foQFiPGsItjinX/IHCDIEhEm1m0Cozdx4AfZai8QkPqtO064ejkCW4k=
|
2011-01-18 05:52:28 +11:00
|
|
|
PublicExponent: AQAB
|
2011-07-18 04:51:27 +10:00
|
|
|
PrivateExponent: YPwEmwjk5HuiROKU4xzHQ6l1hG8Iiha4cKRG3P5W2b66/EN/GUh07ZSf0UiYB67o257jUDVEgwCuPJz776zfApcCB4oGV+YDyEu7Hp/rL8KcSN0la0k2r9scKwxTp4BTJT23zyBFXsV/1wRDK1A5NxsHPDMYi2SoK63Enm/1ptk=
|
|
|
|
Prime1: /wjOG+fD0ybNoSRn7nQ79udGeR1b0YhUA5mNjDx/x2fxtIXzygYk0Rhx9QFfDy6LOBvz92gbNQlzCLz3DJt5hw==
|
|
|
|
Prime2: wHZsJ8OGhkp5p3mrJFZXMDc2mbYusDVTA+t+iRPdS797Tj0pjvU2HN4vTnTj8KBQp6hmnY7dLp9Y1qserySGbw==
|
|
|
|
Exponent1: N0A7FsSRIg+IAN8YPQqlawoTtG1t1OkJ+nWrurPootScApX6iMvn8fyvw3p2k51rv84efnzpWAYiC8SUaQDNxQ==
|
|
|
|
Exponent2: SvuYRaGyvo0zemE3oS+WRm2scxR8eiA8WJGeOc+obwOKCcBgeZblXzfdHGcEC1KaOcetOwNW/vwMA46lpLzJNw==
|
|
|
|
Coefficient: 8+7ZN/JgByqv0NfULiFKTjtyegUcijRuyij7yNxYbCBneDvZGxJwKNi4YYXWx743pcAj4Oi4Oh86gcmxLs+hGw==
|
|
|
|
Created: 20110302104537
|
|
|
|
Publish: 20110302104537
|
|
|
|
Activate: 20110302104537`
|
2011-01-18 05:52:28 +11:00
|
|
|
|
2011-12-16 03:37:07 +11:00
|
|
|
xk, _ := NewRR(pub) // TODO err
|
|
|
|
k := xk.(*RR_DNSKEY)
|
2011-07-18 04:51:27 +10:00
|
|
|
p, err := k.ReadPrivateKey(strings.NewReader(priv))
|
2011-07-24 07:43:43 +10:00
|
|
|
if err != nil {
|
|
|
|
t.Logf("%v\n", err)
|
|
|
|
t.Fail()
|
|
|
|
}
|
2011-01-18 06:29:40 +11:00
|
|
|
switch priv := p.(type) {
|
|
|
|
case *rsa.PrivateKey:
|
|
|
|
if 65537 != priv.PublicKey.E {
|
2011-03-25 01:52:37 +11:00
|
|
|
t.Log("Exponenent should be 65537")
|
2011-01-18 06:29:40 +11:00
|
|
|
t.Fail()
|
|
|
|
}
|
2011-07-24 07:43:43 +10:00
|
|
|
default:
|
|
|
|
t.Logf("We should have read an RSA key: %v", priv)
|
|
|
|
t.Fail()
|
2011-01-18 06:29:40 +11:00
|
|
|
}
|
2011-07-18 04:51:27 +10:00
|
|
|
if k.KeyTag() != 37350 {
|
2011-07-17 23:47:03 +10:00
|
|
|
t.Logf("%d %v\n", k.KeyTag(), k)
|
2011-07-18 04:51:27 +10:00
|
|
|
t.Log("Keytag should be 37350")
|
2011-01-18 06:29:40 +11:00
|
|
|
t.Fail()
|
|
|
|
}
|
2011-01-18 21:25:47 +11:00
|
|
|
|
2011-02-22 06:33:36 +11:00
|
|
|
soa := new(RR_SOA)
|
|
|
|
soa.Hdr = RR_Header{"miek.nl.", TypeSOA, ClassINET, 14400, 0}
|
|
|
|
soa.Ns = "open.nlnetlabs.nl."
|
|
|
|
soa.Mbox = "miekg.atoom.net."
|
|
|
|
soa.Serial = 1293945905
|
|
|
|
soa.Refresh = 14400
|
|
|
|
soa.Retry = 3600
|
|
|
|
soa.Expire = 604800
|
|
|
|
soa.Minttl = 86400
|
2011-01-18 21:25:47 +11:00
|
|
|
|
2011-02-22 06:33:36 +11:00
|
|
|
sig := new(RR_RRSIG)
|
|
|
|
sig.Hdr = RR_Header{"miek.nl.", TypeRRSIG, ClassINET, 14400, 0}
|
|
|
|
sig.Expiration = 1296534305 // date -u '+%s' -d"2011-02-01 04:25:05"
|
|
|
|
sig.Inception = 1293942305 // date -u '+%s' -d"2011-01-02 04:25:05"
|
|
|
|
sig.KeyTag = k.KeyTag()
|
|
|
|
sig.SignerName = k.Hdr.Name
|
|
|
|
sig.Algorithm = k.Algorithm
|
2011-01-18 21:25:47 +11:00
|
|
|
|
2011-02-22 06:33:36 +11:00
|
|
|
sig.Sign(p, []RR{soa})
|
2011-07-24 07:43:43 +10:00
|
|
|
if sig.Signature != "D5zsobpQcmMmYsUMLxCVEtgAdCvTu8V/IEeP4EyLBjqPJmjt96bwM9kqihsccofA5LIJ7DN91qkCORjWSTwNhzCv7bMyr2o5vBZElrlpnRzlvsFIoAZCD9xg6ZY7ZyzUJmU6IcTwG4v3xEYajcpbJJiyaw/RqR90MuRdKPiBzSo=" {
|
|
|
|
t.Log("Signature is not correct")
|
|
|
|
t.Logf("%v\n", sig)
|
|
|
|
t.Fail()
|
|
|
|
}
|
2011-01-18 05:52:28 +11:00
|
|
|
}
|
2011-02-22 04:23:39 +11:00
|
|
|
|
2011-02-22 06:33:36 +11:00
|
|
|
func TestDotInName(t *testing.T) {
|
|
|
|
buf := make([]byte, 20)
|
2011-12-10 07:12:03 +11:00
|
|
|
PackDomainName("aa\\.bb.nl.", buf, 0)
|
2011-07-24 07:43:43 +10:00
|
|
|
// index 3 must be a real dot
|
|
|
|
if buf[3] != '.' {
|
|
|
|
t.Log("Dot should be a real dot")
|
|
|
|
t.Fail()
|
|
|
|
}
|
2011-02-22 06:33:36 +11:00
|
|
|
|
2011-07-24 07:43:43 +10:00
|
|
|
if buf[6] != 2 {
|
|
|
|
t.Log("This must have the value 2")
|
|
|
|
t.Fail()
|
|
|
|
}
|
2011-12-10 07:12:03 +11:00
|
|
|
dom, _, _ := UnpackDomainName(buf, 0)
|
2011-07-24 07:43:43 +10:00
|
|
|
// printing it should yield the backspace again
|
|
|
|
if dom != "aa\\.bb.nl." {
|
|
|
|
t.Log("Dot should have been escaped: " + dom)
|
|
|
|
t.Fail()
|
|
|
|
}
|
2011-02-22 04:23:39 +11:00
|
|
|
}
|
2011-12-16 03:37:07 +11:00
|
|
|
|
2011-07-16 02:09:41 +10:00
|
|
|
// Make this a decend test case. For now, good enough
|
2011-07-15 00:11:16 +10:00
|
|
|
func TestParse(t *testing.T) {
|
2011-07-24 07:43:43 +10:00
|
|
|
tests := map[string]string{
|
2011-12-16 08:40:07 +11:00
|
|
|
"miek.nl. 3600 IN A 127.0.0.1": "miek.nl.\t3600\tIN\tA\t127.0.0.1",
|
|
|
|
"miek.nl. 3600 IN MX 10 elektron.atoom.net.": "miek.nl.\t3600\tIN\tMX\t10 elektron.atoom.net.",
|
|
|
|
"miek.nl. IN 3600 A 127.0.0.1": "miek.nl.\t3600\tIN\tA\t127.0.0.1",
|
|
|
|
"miek.nl. A 127.0.0.1": "miek.nl.\t3600\tIN\tA\t127.0.0.1",
|
|
|
|
"miek.nl. IN AAAA ::1": "miek.nl.\t3600\tIN\tAAAA\t::1",
|
|
|
|
"miek.nl. IN A 127.0.0.1": "miek.nl.\t3600\tIN\tA\t127.0.0.1",
|
2011-12-16 20:26:32 +11:00
|
|
|
"miek.nl. IN DNSKEY 256 3 5 AwEAAb+8lGNCxJgLS8rYVer6EnHVuIkQDghdjdtewDzU3G5R7PbMbKVRvH2Ma7pQyYceoaqWZQirSj72euPWfPxQnMy9ucCylA+FuH9cSjIcPf4PqJfdupHk9X6EBYjxrCLY4p1/yBwgyBIRJtZtAqM3ceAH2WovEJD6rTtOuHo5AluJ": "miek.nl.\t3600\tIN\tDNSKEY\t256 3 5 AwEAAb+8lGNCxJgLS8rYVer6EnHVuIkQDghdjdtewDzU3G5R7PbMbKVRvH2Ma7pQyYceoaqWZQirSj72euPWfPxQnMy9ucCylA+FuH9cSjIcPf4PqJfdupHk9X6EBYjxrCLY4p1/yBwgyBIRJtZtAqM3ceAH2WovEJD6rTtOuHo5AluJ",
|
|
|
|
"nlnetlabs.nl. 3175 IN DNSKEY 256 3 8 AwEAAdR7XR95OaAN9Rz7TbtPalQ9guQk7zfxTHYNKhsiwTZA9z+F16nD0VeBlk7dNik3ETpT2GLAwr9sntG898JwurCDe353wHPvjZtMCdiTVp3cRCrjuCEvoFpmZNN82H0gaH/4v8mkv/QBDAkDSncYjz/FqHKAeYy3cMcjY6RyVweh": "nlnetlabs.nl.\t3175\tIN\tDNSKEY\t256 3 8 AwEAAdR7XR95OaAN9Rz7TbtPalQ9guQk7zfxTHYNKhsiwTZA9z+F16nD0VeBlk7dNik3ETpT2GLAwr9sntG898JwurCDe353wHPvjZtMCdiTVp3cRCrjuCEvoFpmZNN82H0gaH/4v8mkv/QBDAkDSncYjz/FqHKAeYy3cMcjY6RyVweh",
|
|
|
|
"dnsex.nl. 86400 IN SOA elektron.atoom.net. miekg.atoom.net. 1299256910 14400 3600 604800 86400": "dnsex.nl.\t86400\tIN\tSOA\telektron.atoom.net. miekg.atoom.net. 1299256910 14400 3600 604800 86400",
|
|
|
|
// RRSIG incep/expir fails (new time api)
|
|
|
|
// "dnsex.nl. 86400 IN RRSIG SOA 8 2 86400 20110403154150 20110304154150 23334 dnsex.nl. QN6hwJQLEBqRVKmO2LgkuRSx9bkKIZxXlTVtHg5SaiN+8RCTckGtUXkQ vmZiBt3RdIWAjaabQYpEZHgvyjfy4Wwu/9RPDYnLt/qoyr4QKAdujchc m+fMDSbbcC7AN08i5D/dUWfNOHXjRJLY7t7AYB9DBt32LazIb0EU9QiW 5Cg=":
|
|
|
|
// "dnsex.nl.\t86400\tIN\tRRSIG\tSOA 8 2 86400 20110403154150 20110304154150 23334 dnsex.nl. QN6hwJQLEBqRVKmO2LgkuRSx9bkKIZxXlTVtHg5SaiN+8RCTckGtUXkQvmZiBt3RdIWAjaabQYpEZHgvyjfy4Wwu/9RPDYnLt/qoyr4QKAdujchcm+fMDSbbcC7AN08i5D/dUWfNOHXjRJLY7t7AYB9DBt32LazIb0EU9QiW5Cg=",
|
2011-07-24 07:43:43 +10:00
|
|
|
}
|
2011-12-16 03:37:07 +11:00
|
|
|
for i, o := range tests {
|
|
|
|
rr, _ := NewRR(i)
|
2011-12-16 20:26:32 +11:00
|
|
|
if rr == nil {
|
|
|
|
t.Log("Failed to parse RR")
|
|
|
|
t.Fail()
|
|
|
|
}
|
2011-12-16 08:40:07 +11:00
|
|
|
if rr.String() != o {
|
|
|
|
t.Logf("`%s' should be equal to\n`%s', but is `%s'\n", i, o, rr.String())
|
|
|
|
t.Fail()
|
|
|
|
} else {
|
2011-12-16 20:26:32 +11:00
|
|
|
t.Logf("RR is OK: `%s'", rr.String())
|
|
|
|
}
|
2011-07-24 07:43:43 +10:00
|
|
|
}
|
2011-07-16 01:41:26 +10:00
|
|
|
}
|
2011-07-18 23:19:47 +10:00
|
|
|
|
2011-07-25 01:08:33 +10:00
|
|
|
func TestParseFailure(t *testing.T) {
|
2011-12-16 03:37:07 +11:00
|
|
|
tests := []string{"miek.nl. IN A 327.0.0.1",
|
|
|
|
"miek.nl. IN AAAA ::x",
|
|
|
|
"miek.nl. IN MX a0 miek.nl.",
|
|
|
|
"miek.nl aap IN MX mx.miek.nl.",
|
|
|
|
"miek.nl. IN CNAME ",
|
|
|
|
"miek.nl. PA MX 10 miek.nl.",
|
|
|
|
}
|
2011-07-25 01:08:33 +10:00
|
|
|
|
2011-12-16 03:37:07 +11:00
|
|
|
for _, s := range tests {
|
2011-12-16 03:49:43 +11:00
|
|
|
_, err := NewRR(s)
|
2011-12-16 03:37:07 +11:00
|
|
|
if err == nil {
|
|
|
|
t.Log("Should have triggered an error")
|
|
|
|
t.Fail()
|
|
|
|
}
|
|
|
|
}
|
2011-07-18 23:19:47 +10:00
|
|
|
}
|
2011-07-23 06:06:07 +10:00
|
|
|
|
|
|
|
func BenchmarkZoneParsing(b *testing.B) {
|
2011-12-16 03:37:07 +11:00
|
|
|
f, err := os.Open("miek.nl.signed_test")
|
2011-07-24 07:43:43 +10:00
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
2011-12-16 03:37:07 +11:00
|
|
|
defer f.Close()
|
2011-12-16 20:26:32 +11:00
|
|
|
to := make(chan Token)
|
|
|
|
go ParseZone(f, to)
|
|
|
|
for x := range to {
|
|
|
|
x = x
|
|
|
|
}
|
2011-07-23 06:06:07 +10:00
|
|
|
}
|
|
|
|
|
|
|
|
func TestZoneParsing(t *testing.T) {
|
2011-12-16 03:37:07 +11:00
|
|
|
f, err := os.Open("miek.nl.signed_test")
|
2011-07-24 07:43:43 +10:00
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
2011-12-16 03:37:07 +11:00
|
|
|
defer f.Close()
|
2011-12-16 20:26:32 +11:00
|
|
|
to := make(chan Token)
|
2011-12-16 03:37:07 +11:00
|
|
|
start := time.Now().Nanosecond()
|
2011-12-16 20:26:32 +11:00
|
|
|
go ParseZone(f, to)
|
2011-12-16 03:37:07 +11:00
|
|
|
var i int
|
2011-12-16 20:26:32 +11:00
|
|
|
for x := range to {
|
|
|
|
t.Logf("%s\n", x.Rr)
|
2011-12-16 03:37:07 +11:00
|
|
|
i++
|
2011-07-24 07:43:43 +10:00
|
|
|
}
|
2011-12-16 03:37:07 +11:00
|
|
|
delta := time.Now().Nanosecond() - start
|
|
|
|
t.Logf("%d RRs parsed in %.2f s (%.2f RR/s)", i, float32(delta)/1e9, float32(i)/(float32(delta)/1e9))
|
2011-07-23 06:06:07 +10:00
|
|
|
}
|