Finish DSA support -- completely untested

dnssec.go

@@ -53,6 +53,8 @@ const (
 	PRIVATEOID       = 254
 )
 
+const _DSA_T	= 0x0F		// What should this value be?? TODO(mg)
+
 // DNSSEC hashing algorithm codes.
 const (
 	_      = iota
@@ -279,7 +281,8 @@ func (s *RR_RRSIG) Sign(k PrivateKey, rrset []RR) error {
 		if err != nil {
 			return err
 		}
-		signature := r1.Bytes()
+		signature := []byte{_DSA_T}
+		signature = append(signature, r1.Bytes()...)
 		signature = append(signature, s1.Bytes()...)
 		s.Signature = unpackBase64(signature)
 	case *rsa.PrivateKey:
@@ -575,10 +578,12 @@ func (k *RR_DNSKEY) setPublicKeyCurve(_X, _Y *big.Int) bool {
 }
 
 // Set the public key for DSA
-func (k RR_DNSKEY) setPublicKeyDSA(_P, _Q, _G, _Y *big.Int) bool {
-	if _P == nil || _Q == nil || _G == nil || _Y == nil {
+func (k *RR_DNSKEY) setPublicKeyDSA(_Q, _P, _G, _Y *big.Int) bool {
+	if _Q == nil || _P == nil || _G == nil || _Y == nil {
 		return false
 	}
+	buf := dsaToBuf(_Q, _P, _G, _Y)
+	k.PublicKey = unpackBase64(buf)
 	return true
 }
 
@@ -608,6 +613,17 @@ func curveToBuf(_X, _Y *big.Int) []byte {
 	return buf
 }
 
+// Set the public key for X and Y for Curve. The two 
+// values are just concatenated.
+func dsaToBuf(_Q, _P, _G, _Y *big.Int) []byte {
+	buf := []byte{_DSA_T}
+	buf = append(buf, _Q.Bytes()...)
+	buf = append(buf, _P.Bytes()...)
+	buf = append(buf, _G.Bytes()...)
+	buf = append(buf, _Y.Bytes()...)
+	return buf
+}
+
 type wireSlice [][]byte
 
 func (p wireSlice) Len() int { return len(p) }

keygen.go

@@ -58,7 +58,7 @@ func (r *RR_DNSKEY) Generate(bits int) (PrivateKey, error) {
 		if err != nil {
 			return nil, err
 		}
-		// setPublicKeyDSA() needed?
+		r.setPublicKeyDSA(params.Q, params.P, params.G, priv.PublicKey.Y)
 		return priv, nil
 	case RSAMD5, RSASHA1, RSASHA256, RSASHA512, RSASHA1NSEC3SHA1:
 		priv, err := rsa.GenerateKey(rand.Reader, bits)