Finish DSA support -- completely untested
This commit is contained in:
parent
dda096049e
commit
01258c0d97
22
dnssec.go
22
dnssec.go
|
@ -53,6 +53,8 @@ const (
|
|||
PRIVATEOID = 254
|
||||
)
|
||||
|
||||
const _DSA_T = 0x0F // What should this value be?? TODO(mg)
|
||||
|
||||
// DNSSEC hashing algorithm codes.
|
||||
const (
|
||||
_ = iota
|
||||
|
@ -279,7 +281,8 @@ func (s *RR_RRSIG) Sign(k PrivateKey, rrset []RR) error {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
signature := r1.Bytes()
|
||||
signature := []byte{_DSA_T}
|
||||
signature = append(signature, r1.Bytes()...)
|
||||
signature = append(signature, s1.Bytes()...)
|
||||
s.Signature = unpackBase64(signature)
|
||||
case *rsa.PrivateKey:
|
||||
|
@ -575,10 +578,12 @@ func (k *RR_DNSKEY) setPublicKeyCurve(_X, _Y *big.Int) bool {
|
|||
}
|
||||
|
||||
// Set the public key for DSA
|
||||
func (k RR_DNSKEY) setPublicKeyDSA(_P, _Q, _G, _Y *big.Int) bool {
|
||||
if _P == nil || _Q == nil || _G == nil || _Y == nil {
|
||||
func (k *RR_DNSKEY) setPublicKeyDSA(_Q, _P, _G, _Y *big.Int) bool {
|
||||
if _Q == nil || _P == nil || _G == nil || _Y == nil {
|
||||
return false
|
||||
}
|
||||
buf := dsaToBuf(_Q, _P, _G, _Y)
|
||||
k.PublicKey = unpackBase64(buf)
|
||||
return true
|
||||
}
|
||||
|
||||
|
@ -608,6 +613,17 @@ func curveToBuf(_X, _Y *big.Int) []byte {
|
|||
return buf
|
||||
}
|
||||
|
||||
// Set the public key for X and Y for Curve. The two
|
||||
// values are just concatenated.
|
||||
func dsaToBuf(_Q, _P, _G, _Y *big.Int) []byte {
|
||||
buf := []byte{_DSA_T}
|
||||
buf = append(buf, _Q.Bytes()...)
|
||||
buf = append(buf, _P.Bytes()...)
|
||||
buf = append(buf, _G.Bytes()...)
|
||||
buf = append(buf, _Y.Bytes()...)
|
||||
return buf
|
||||
}
|
||||
|
||||
type wireSlice [][]byte
|
||||
|
||||
func (p wireSlice) Len() int { return len(p) }
|
||||
|
|
|
@ -58,7 +58,7 @@ func (r *RR_DNSKEY) Generate(bits int) (PrivateKey, error) {
|
|||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
// setPublicKeyDSA() needed?
|
||||
r.setPublicKeyDSA(params.Q, params.P, params.G, priv.PublicKey.Y)
|
||||
return priv, nil
|
||||
case RSAMD5, RSASHA1, RSASHA256, RSASHA512, RSASHA1NSEC3SHA1:
|
||||
priv, err := rsa.GenerateKey(rand.Reader, bits)
|
||||
|
|
Loading…
Reference in New Issue