dns/keygen.go

// Copyright 2011 Miek Gieben. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

package dns

import (
	"crypto/dsa"
	"crypto/ecdsa"
	"crypto/elliptic"
	"crypto/rand"
	"crypto/rsa"
	"math/big"
	"strconv"
)

const _FORMAT = "Private-key-format: v1.3\n"

// Empty interface that is used as a wrapper around all possible
// private key implementations from the crypto package.
type PrivateKey interface{}

// Generate generates a DNSKEY of the given bit size.
// The public part is put inside the DNSKEY record.
// The Algorithm in the key must be set as this will define
// what kind of DNSKEY will be generated.
// The ECDSA algorithms imply a fixed keysize, in that case
// bits should be set to the size of the algorithm.
func (r *DNSKEY) Generate(bits int) (PrivateKey, error) {
	switch r.Algorithm {
	case DSA, DSANSEC3SHA1:
		if bits != 1024 {
			return nil, ErrKeySize
		}
	case RSAMD5, RSASHA1, RSASHA256, RSASHA1NSEC3SHA1:
		if bits < 512 || bits > 4096 {
			return nil, ErrKeySize
		}
	case RSASHA512:
		if bits < 1024 || bits > 4096 {
			return nil, ErrKeySize
		}
	case ECDSAP256SHA256:
		if bits != 256 {
			return nil, ErrKeySize
		}
	case ECDSAP384SHA384:
		if bits != 384 {
			return nil, ErrKeySize
		}
	}

	switch r.Algorithm {
	case DSA, DSANSEC3SHA1:
		params := new(dsa.Parameters)
		if err := dsa.GenerateParameters(params, rand.Reader, dsa.L1024N160); err != nil {
			return nil, err
		}
		priv := new(dsa.PrivateKey)
		priv.PublicKey.Parameters = *params
		err := dsa.GenerateKey(priv, rand.Reader)
		if err != nil {
			return nil, err
		}
		r.setPublicKeyDSA(params.Q, params.P, params.G, priv.PublicKey.Y)
		return priv, nil
	case RSAMD5, RSASHA1, RSASHA256, RSASHA512, RSASHA1NSEC3SHA1:
		priv, err := rsa.GenerateKey(rand.Reader, bits)
		if err != nil {
			return nil, err
		}
		r.setPublicKeyRSA(priv.PublicKey.E, priv.PublicKey.N)
		return priv, nil
	case ECDSAP256SHA256, ECDSAP384SHA384:
		var c elliptic.Curve
		switch r.Algorithm {
		case ECDSAP256SHA256:
			c = elliptic.P256()
		case ECDSAP384SHA384:
			c = elliptic.P384()
		}
		priv, err := ecdsa.GenerateKey(c, rand.Reader)
		if err != nil {
			return nil, err
		}
		r.setPublicKeyCurve(priv.PublicKey.X, priv.PublicKey.Y)
		return priv, nil
	default:
		return nil, ErrAlg
	}
	return nil, nil // Dummy return
}

// PrivateKeyString converts a PrivateKey to a string. This
// string has the same format as the private-key-file of BIND9 (Private-key-format: v1.3).
// It needs some info from the key (hashing, keytag), so its a method of the DNSKEY.
func (r *DNSKEY) PrivateKeyString(p PrivateKey) (s string) {
	switch t := p.(type) {
	case *rsa.PrivateKey:
		algorithm := strconv.Itoa(int(r.Algorithm)) + " (" + AlgorithmToString[r.Algorithm] + ")"
		modulus := unpackBase64(t.PublicKey.N.Bytes())
		e := big.NewInt(int64(t.PublicKey.E))
		publicExponent := unpackBase64(e.Bytes())
		privateExponent := unpackBase64(t.D.Bytes())
		prime1 := unpackBase64(t.Primes[0].Bytes())
		prime2 := unpackBase64(t.Primes[1].Bytes())
		// Calculate Exponent1/2 and Coefficient as per: http://en.wikipedia.org/wiki/RSA#Using_the_Chinese_remainder_algorithm
		// and from: http://code.google.com/p/go/issues/detail?id=987
		one := big.NewInt(1)
		minusone := big.NewInt(-1)
		p_1 := big.NewInt(0).Sub(t.Primes[0], one)
		q_1 := big.NewInt(0).Sub(t.Primes[1], one)
		exp1 := big.NewInt(0).Mod(t.D, p_1)
		exp2 := big.NewInt(0).Mod(t.D, q_1)
		coeff := big.NewInt(0).Exp(t.Primes[1], minusone, t.Primes[0])

		exponent1 := unpackBase64(exp1.Bytes())
		exponent2 := unpackBase64(exp2.Bytes())
		coefficient := unpackBase64(coeff.Bytes())

		s = _FORMAT +
			"Algorithm: " + algorithm + "\n" +
			"Modules: " + modulus + "\n" +
			"PublicExponent: " + publicExponent + "\n" +
			"PrivateExponent: " + privateExponent + "\n" +
			"Prime1: " + prime1 + "\n" +
			"Prime2: " + prime2 + "\n" +
			"Exponent1: " + exponent1 + "\n" +
			"Exponent2: " + exponent2 + "\n" +
			"Coefficient: " + coefficient + "\n"
	case *ecdsa.PrivateKey:
		algorithm := strconv.Itoa(int(r.Algorithm)) + " (" + AlgorithmToString[r.Algorithm] + ")"
		private := unpackBase64(t.D.Bytes())
		s = _FORMAT +
			"Algorithm: " + algorithm + "\n" +
			"PrivateKey: " + private + "\n"
	case *dsa.PrivateKey:
		algorithm := strconv.Itoa(int(r.Algorithm)) + " (" + AlgorithmToString[r.Algorithm] + ")"
		prime := unpackBase64(t.PublicKey.Parameters.P.Bytes())
		subprime := unpackBase64(t.PublicKey.Parameters.Q.Bytes())
		base := unpackBase64(t.PublicKey.Parameters.G.Bytes())
		priv := unpackBase64(t.X.Bytes())
		pub := unpackBase64(t.PublicKey.Y.Bytes())
		s = _FORMAT +
			"Algorithm: " + algorithm + "\n" +
			"Prime(p): " + prime + "\n" +
			"Subprime(q): " + subprime + "\n" +
			"Base(g): " + base + "\n" +
			"Private_value(x): " + priv + "\n" +
			"Public_value(y): " + pub + "\n"
	}
	return
}
Update all copyright notices 2013-05-13 00:15:52 +10:00			`// Copyright 2011 Miek Gieben. All rights reserved.`
			`// Use of this source code is governed by a BSD-style`
			`// license that can be found in the LICENSE file.`

Add dnskey gen for RSA keys 2011-01-11 02:10:15 +11:00			`package dns`

			`import (`
fmt 2012-05-06 01:37:48 +10:00			`"crypto/dsa"`
gofmt -w 2011-07-24 07:43:43 +10:00			`"crypto/ecdsa"`
			`"crypto/elliptic"`
Love interfaces Using interfaces to make key.Generate and Sign much more generic 2011-01-15 04:25:36 +11:00			`"crypto/rand"`
gofmt 2011-12-10 07:45:57 +11:00			`"crypto/rsa"`
			`"math/big"`
			`"strconv"`
Add dnskey gen for RSA keys 2011-01-11 02:10:15 +11:00			`)`

Add priv. key support for ecdsa 2012-04-07 03:27:11 +10:00			`const _FORMAT = "Private-key-format: v1.3\n"`

documentation updates 2011-01-27 19:29:11 +11:00			`// Empty interface that is used as a wrapper around all possible`
Fix documentation 2011-01-18 07:10:48 +11:00			`// private key implementations from the crypto package.`
Love interfaces Using interfaces to make key.Generate and Sign much more generic 2011-01-15 04:25:36 +11:00			`type PrivateKey interface{}`

documentation 2011-09-09 03:35:02 +10:00			`// Generate generates a DNSKEY of the given bit size.`
gofmt 2013-05-06 04:30:44 +10:00			`// The public part is put inside the DNSKEY record.`
Love interfaces Using interfaces to make key.Generate and Sign much more generic 2011-01-15 04:25:36 +11:00			`// The Algorithm in the key must be set as this will define`
Helper functions for base64 encoding/decoding 2011-01-15 20:38:14 +11:00			`// what kind of DNSKEY will be generated.`
documentation 2011-09-09 03:35:02 +10:00			`// The ECDSA algorithms imply a fixed keysize, in that case`
			`// bits should be set to the size of the algorithm.`
Rename the RR types drop the RR_ prefix This is also done in the official Go library. It also make the code shorter. 2012-12-10 05:23:25 +11:00			`func (r *DNSKEY) Generate(bits int) (PrivateKey, error) {`
Love interfaces Using interfaces to make key.Generate and Sign much more generic 2011-01-15 04:25:36 +11:00			`switch r.Algorithm {`
add the nsec3 alias too 2012-04-19 22:39:50 +10:00			`case DSA, DSANSEC3SHA1:`
More DSA stuff: generation/signing/verifying 2012-04-17 19:58:06 +10:00			`if bits != 1024 {`
			`return nil, ErrKeySize`
			`}`
gofmt 2011-12-10 07:45:57 +11:00			`case RSAMD5, RSASHA1, RSASHA256, RSASHA1NSEC3SHA1:`
Love interfaces Using interfaces to make key.Generate and Sign much more generic 2011-01-15 04:25:36 +11:00			`if bits < 512 \|\| bits > 4096 {`
normalize errors 2011-03-25 21:19:35 +11:00			`return nil, ErrKeySize`
Love interfaces Using interfaces to make key.Generate and Sign much more generic 2011-01-15 04:25:36 +11:00			`}`
Drop the Alg and Hash prefixes 2011-07-09 01:27:44 +10:00			`case RSASHA512:`
Love interfaces Using interfaces to make key.Generate and Sign much more generic 2011-01-15 04:25:36 +11:00			`if bits < 1024 \|\| bits > 4096 {`
normalize errors 2011-03-25 21:19:35 +11:00			`return nil, ErrKeySize`
Love interfaces Using interfaces to make key.Generate and Sign much more generic 2011-01-15 04:25:36 +11:00			`}`
fix the mnemonic for ecdsa* 2012-04-11 22:37:51 +10:00			`case ECDSAP256SHA256:`
gofmt -w 2011-07-24 07:43:43 +10:00			`if bits != 256 {`
			`return nil, ErrKeySize`
			`}`
fix the mnemonic for ecdsa* 2012-04-11 22:37:51 +10:00			`case ECDSAP384SHA384:`
gofmt -w 2011-07-24 07:43:43 +10:00			`if bits != 384 {`
			`return nil, ErrKeySize`
			`}`
Parsing .private files work - needs some cleaning up 2011-01-17 03:59:04 +11:00			`}`
Add dnskey gen for RSA keys 2011-01-11 02:10:15 +11:00
Parsing .private files work - needs some cleaning up 2011-01-17 03:59:04 +11:00			`switch r.Algorithm {`
add the nsec3 alias too 2012-04-19 22:39:50 +10:00			`case DSA, DSANSEC3SHA1:`
More DSA stuff: generation/signing/verifying 2012-04-17 19:58:06 +10:00			`params := new(dsa.Parameters)`
			`if err := dsa.GenerateParameters(params, rand.Reader, dsa.L1024N160); err != nil {`
			`return nil, err`
			`}`
			`priv := new(dsa.PrivateKey)`
			`priv.PublicKey.Parameters = *params`
			`err := dsa.GenerateKey(priv, rand.Reader)`
			`if err != nil {`
			`return nil, err`
			`}`
Finish DSA support -- completely untested 2012-04-18 20:48:54 +10:00			`r.setPublicKeyDSA(params.Q, params.P, params.G, priv.PublicKey.Y)`
More DSA stuff: generation/signing/verifying 2012-04-17 19:58:06 +10:00			`return priv, nil`
Fixes the latest weekly 2011-11-03 09:06:54 +11:00			`case RSAMD5, RSASHA1, RSASHA256, RSASHA512, RSASHA1NSEC3SHA1:`
Love interfaces Using interfaces to make key.Generate and Sign much more generic 2011-01-15 04:25:36 +11:00			`priv, err := rsa.GenerateKey(rand.Reader, bits)`
			`if err != nil {`
			`return nil, err`
			`}`
gofmt -w 2011-07-24 07:43:43 +10:00			`r.setPublicKeyRSA(priv.PublicKey.E, priv.PublicKey.N)`
			`return priv, nil`
fix the mnemonic for ecdsa* 2012-04-11 22:37:51 +10:00			`case ECDSAP256SHA256, ECDSAP384SHA384:`
Fixes for weekly.2012-01-20 2012-01-20 22:24:05 +11:00			`var c elliptic.Curve`
gofmt -w 2011-07-24 07:43:43 +10:00			`switch r.Algorithm {`
fix the mnemonic for ecdsa* 2012-04-11 22:37:51 +10:00			`case ECDSAP256SHA256:`
gofmt -w 2011-07-24 07:43:43 +10:00			`c = elliptic.P256()`
fix the mnemonic for ecdsa* 2012-04-11 22:37:51 +10:00			`case ECDSAP384SHA384:`
gofmt -w 2011-07-24 07:43:43 +10:00			`c = elliptic.P384()`
			`}`
			`priv, err := ecdsa.GenerateKey(c, rand.Reader)`
			`if err != nil {`
			`return nil, err`
			`}`
			`r.setPublicKeyCurve(priv.PublicKey.X, priv.PublicKey.Y)`
Love interfaces Using interfaces to make key.Generate and Sign much more generic 2011-01-15 04:25:36 +11:00			`return priv, nil`
implement (part of) ecdsa256/384 2011-07-08 18:41:07 +10:00			`default:`
			`return nil, ErrAlg`
Love interfaces Using interfaces to make key.Generate and Sign much more generic 2011-01-15 04:25:36 +11:00			`}`
			`return nil, nil // Dummy return`
Add dnskey gen for RSA keys 2011-01-11 02:10:15 +11:00			`}`
Add private (rsa) key to string method 2011-01-15 22:18:18 +11:00
Documentation 2012-01-16 02:09:17 +11:00			`// PrivateKeyString converts a PrivateKey to a string. This`
gofmt 2013-05-06 04:30:44 +10:00			`// string has the same format as the private-key-file of BIND9 (Private-key-format: v1.3).`
Fix documentation too 2012-12-10 06:20:16 +11:00			`// It needs some info from the key (hashing, keytag), so its a method of the DNSKEY.`
Rename the RR types drop the RR_ prefix This is also done in the official Go library. It also make the code shorter. 2012-12-10 05:23:25 +11:00			`func (r *DNSKEY) PrivateKeyString(p PrivateKey) (s string) {`
Parsing .private files work - needs some cleaning up 2011-01-17 03:59:04 +11:00			`switch t := p.(type) {`
			`case *rsa.PrivateKey:`
Use much more descriptive names for the maps Alg_str -> AlgorithmToString Rr_str -> TypeToString And for the reverse maps also. 2012-12-02 19:29:54 +11:00			`algorithm := strconv.Itoa(int(r.Algorithm)) + " (" + AlgorithmToString[r.Algorithm] + ")"`
Parsing .private files work - needs some cleaning up 2011-01-17 03:59:04 +11:00			`modulus := unpackBase64(t.PublicKey.N.Bytes())`
Less verbose tests 2011-01-18 06:29:40 +11:00			`e := big.NewInt(int64(t.PublicKey.E))`
Fix all exponent issues in rsa keys 2011-01-18 04:13:52 +11:00			`publicExponent := unpackBase64(e.Bytes())`
Parsing .private files work - needs some cleaning up 2011-01-17 03:59:04 +11:00			`privateExponent := unpackBase64(t.D.Bytes())`
Ran gofix, and manually bring code up to latest go release. 1) Ran gofix on all files. 2) Added "tcp" and "udp" to Resolve* functions in server.go 3) Generated primes to the primes array and not to two predefined struct members (P and Q), since now rsa support multi-factor primes. 2011-06-02 20:31:12 +10:00			`prime1 := unpackBase64(t.Primes[0].Bytes())`
			`prime2 := unpackBase64(t.Primes[1].Bytes())`
Parsing .private files work - needs some cleaning up 2011-01-17 03:59:04 +11:00			`// Calculate Exponent1/2 and Coefficient as per: http://en.wikipedia.org/wiki/RSA#Using_the_Chinese_remainder_algorithm`
			`// and from: http://code.google.com/p/go/issues/detail?id=987`
			`one := big.NewInt(1)`
			`minusone := big.NewInt(-1)`
Ran gofix, and manually bring code up to latest go release. 1) Ran gofix on all files. 2) Added "tcp" and "udp" to Resolve* functions in server.go 3) Generated primes to the primes array and not to two predefined struct members (P and Q), since now rsa support multi-factor primes. 2011-06-02 20:31:12 +10:00			`p_1 := big.NewInt(0).Sub(t.Primes[0], one)`
			`q_1 := big.NewInt(0).Sub(t.Primes[1], one)`
Parsing .private files work - needs some cleaning up 2011-01-17 03:59:04 +11:00			`exp1 := big.NewInt(0).Mod(t.D, p_1)`
			`exp2 := big.NewInt(0).Mod(t.D, q_1)`
Ran gofix, and manually bring code up to latest go release. 1) Ran gofix on all files. 2) Added "tcp" and "udp" to Resolve* functions in server.go 3) Generated primes to the primes array and not to two predefined struct members (P and Q), since now rsa support multi-factor primes. 2011-06-02 20:31:12 +10:00			`coeff := big.NewInt(0).Exp(t.Primes[1], minusone, t.Primes[0])`
Add private (rsa) key to string method 2011-01-15 22:18:18 +11:00
Parsing .private files work - needs some cleaning up 2011-01-17 03:59:04 +11:00			`exponent1 := unpackBase64(exp1.Bytes())`
			`exponent2 := unpackBase64(exp2.Bytes())`
			`coefficient := unpackBase64(coeff.Bytes())`
Add private (rsa) key to string method 2011-01-15 22:18:18 +11:00
Add priv. key support for ecdsa 2012-04-07 03:27:11 +10:00			`s = _FORMAT +`
Parsing .private files work - needs some cleaning up 2011-01-17 03:59:04 +11:00			`"Algorithm: " + algorithm + "\n" +`
			`"Modules: " + modulus + "\n" +`
			`"PublicExponent: " + publicExponent + "\n" +`
			`"PrivateExponent: " + privateExponent + "\n" +`
			`"Prime1: " + prime1 + "\n" +`
			`"Prime2: " + prime2 + "\n" +`
			`"Exponent1: " + exponent1 + "\n" +`
			`"Exponent2: " + exponent2 + "\n" +`
			`"Coefficient: " + coefficient + "\n"`
gofmt -w 2011-07-24 07:43:43 +10:00			`case *ecdsa.PrivateKey:`
Use much more descriptive names for the maps Alg_str -> AlgorithmToString Rr_str -> TypeToString And for the reverse maps also. 2012-12-02 19:29:54 +11:00			`algorithm := strconv.Itoa(int(r.Algorithm)) + " (" + AlgorithmToString[r.Algorithm] + ")"`
Add priv. key support for ecdsa 2012-04-07 03:27:11 +10:00			`private := unpackBase64(t.D.Bytes())`
			`s = _FORMAT +`
			`"Algorithm: " + algorithm + "\n" +`
			`"PrivateKey: " + private + "\n"`
String pres. for DSA private key files 2012-04-17 20:56:34 +10:00			`case *dsa.PrivateKey:`
Use much more descriptive names for the maps Alg_str -> AlgorithmToString Rr_str -> TypeToString And for the reverse maps also. 2012-12-02 19:29:54 +11:00			`algorithm := strconv.Itoa(int(r.Algorithm)) + " (" + AlgorithmToString[r.Algorithm] + ")"`
String pres. for DSA private key files 2012-04-17 20:56:34 +10:00			`prime := unpackBase64(t.PublicKey.Parameters.P.Bytes())`
			`subprime := unpackBase64(t.PublicKey.Parameters.Q.Bytes())`
			`base := unpackBase64(t.PublicKey.Parameters.G.Bytes())`
			`priv := unpackBase64(t.X.Bytes())`
fmt 2012-05-06 01:37:48 +10:00			`pub := unpackBase64(t.PublicKey.Y.Bytes())`
String pres. for DSA private key files 2012-04-17 20:56:34 +10:00			`s = _FORMAT +`
			`"Algorithm: " + algorithm + "\n" +`
			`"Prime(p): " + prime + "\n" +`
			`"Subprime(q): " + subprime + "\n" +`
			`"Base(g): " + base + "\n" +`
			`"Private_value(x): " + priv + "\n" +`
			`"Public_value(y): " + pub + "\n"`
Parsing .private files work - needs some cleaning up 2011-01-17 03:59:04 +11:00			`}`
			`return`
Add private (rsa) key to string method 2011-01-15 22:18:18 +11:00			`}`