Rename and simplify packing helper functions
This commit is contained in:
parent
bcc05715b3
commit
0f1b1184ae
22
dnssec.go
22
dnssec.go
|
@ -108,7 +108,7 @@ func (k *DNSKEY) KeyTag() uint16 {
|
|||
// Look at the bottom two bytes of the modules, which the last
|
||||
// item in the pubkey. We could do this faster by looking directly
|
||||
// at the base64 values. But I'm lazy.
|
||||
modulus, _ := packBase64([]byte(k.PublicKey))
|
||||
modulus, _ := fromBase64([]byte(k.PublicKey))
|
||||
if len(modulus) > 1 {
|
||||
x, _ := unpackUint16(modulus, len(modulus)-2)
|
||||
keytag = int(x)
|
||||
|
@ -286,14 +286,14 @@ func (rr *RRSIG) Sign(k PrivateKey, rrset []RR) error {
|
|||
signature := []byte{0x4D} // T value, here the ASCII M for Miek (not used in DNSSEC)
|
||||
signature = append(signature, r1.Bytes()...)
|
||||
signature = append(signature, s1.Bytes()...)
|
||||
rr.Signature = unpackBase64(signature)
|
||||
rr.Signature = toBase64(signature)
|
||||
case *rsa.PrivateKey:
|
||||
// We can use nil as rand.Reader here (says AGL)
|
||||
signature, err := rsa.SignPKCS1v15(nil, p, ch, sighash)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
rr.Signature = unpackBase64(signature)
|
||||
rr.Signature = toBase64(signature)
|
||||
case *ecdsa.PrivateKey:
|
||||
r1, s1, err := ecdsa.Sign(rand.Reader, p, sighash)
|
||||
if err != nil {
|
||||
|
@ -301,7 +301,7 @@ func (rr *RRSIG) Sign(k PrivateKey, rrset []RR) error {
|
|||
}
|
||||
signature := r1.Bytes()
|
||||
signature = append(signature, s1.Bytes()...)
|
||||
rr.Signature = unpackBase64(signature)
|
||||
rr.Signature = toBase64(signature)
|
||||
default:
|
||||
// Not given the correct key
|
||||
return ErrKeyAlg
|
||||
|
@ -444,7 +444,7 @@ func (rr *RRSIG) ValidityPeriod(t time.Time) bool {
|
|||
|
||||
// Return the signatures base64 encodedig sigdata as a byte slice.
|
||||
func (s *RRSIG) sigBuf() []byte {
|
||||
sigbuf, err := packBase64([]byte(s.Signature))
|
||||
sigbuf, err := fromBase64([]byte(s.Signature))
|
||||
if err != nil {
|
||||
return nil
|
||||
}
|
||||
|
@ -478,7 +478,7 @@ func (k *DNSKEY) setPublicKeyInPrivate(p PrivateKey) bool {
|
|||
|
||||
// publicKeyRSA returns the RSA public key from a DNSKEY record.
|
||||
func (k *DNSKEY) publicKeyRSA() *rsa.PublicKey {
|
||||
keybuf, err := packBase64([]byte(k.PublicKey))
|
||||
keybuf, err := fromBase64([]byte(k.PublicKey))
|
||||
if err != nil {
|
||||
return nil
|
||||
}
|
||||
|
@ -516,7 +516,7 @@ func (k *DNSKEY) publicKeyRSA() *rsa.PublicKey {
|
|||
|
||||
// publicKeyCurve returns the Curve public key from the DNSKEY record.
|
||||
func (k *DNSKEY) publicKeyCurve() *ecdsa.PublicKey {
|
||||
keybuf, err := packBase64([]byte(k.PublicKey))
|
||||
keybuf, err := fromBase64([]byte(k.PublicKey))
|
||||
if err != nil {
|
||||
return nil
|
||||
}
|
||||
|
@ -543,7 +543,7 @@ func (k *DNSKEY) publicKeyCurve() *ecdsa.PublicKey {
|
|||
}
|
||||
|
||||
func (k *DNSKEY) publicKeyDSA() *dsa.PublicKey {
|
||||
keybuf, err := packBase64([]byte(k.PublicKey))
|
||||
keybuf, err := fromBase64([]byte(k.PublicKey))
|
||||
if err != nil {
|
||||
return nil
|
||||
}
|
||||
|
@ -573,7 +573,7 @@ func (k *DNSKEY) setPublicKeyRSA(_E int, _N *big.Int) bool {
|
|||
}
|
||||
buf := exponentToBuf(_E)
|
||||
buf = append(buf, _N.Bytes()...)
|
||||
k.PublicKey = unpackBase64(buf)
|
||||
k.PublicKey = toBase64(buf)
|
||||
return true
|
||||
}
|
||||
|
||||
|
@ -584,7 +584,7 @@ func (k *DNSKEY) setPublicKeyCurve(_X, _Y *big.Int) bool {
|
|||
}
|
||||
buf := curveToBuf(_X, _Y)
|
||||
// Check the length of the buffer, either 64 or 92 bytes
|
||||
k.PublicKey = unpackBase64(buf)
|
||||
k.PublicKey = toBase64(buf)
|
||||
return true
|
||||
}
|
||||
|
||||
|
@ -594,7 +594,7 @@ func (k *DNSKEY) setPublicKeyDSA(_Q, _P, _G, _Y *big.Int) bool {
|
|||
return false
|
||||
}
|
||||
buf := dsaToBuf(_Q, _P, _G, _Y)
|
||||
k.PublicKey = unpackBase64(buf)
|
||||
k.PublicKey = toBase64(buf)
|
||||
return true
|
||||
}
|
||||
|
||||
|
|
28
keygen.go
28
keygen.go
|
@ -94,12 +94,12 @@ func (r *DNSKEY) PrivateKeyString(p PrivateKey) (s string) {
|
|||
switch t := p.(type) {
|
||||
case *rsa.PrivateKey:
|
||||
algorithm := strconv.Itoa(int(r.Algorithm)) + " (" + AlgorithmToString[r.Algorithm] + ")"
|
||||
modulus := unpackBase64(t.PublicKey.N.Bytes())
|
||||
modulus := toBase64(t.PublicKey.N.Bytes())
|
||||
e := big.NewInt(int64(t.PublicKey.E))
|
||||
publicExponent := unpackBase64(e.Bytes())
|
||||
privateExponent := unpackBase64(t.D.Bytes())
|
||||
prime1 := unpackBase64(t.Primes[0].Bytes())
|
||||
prime2 := unpackBase64(t.Primes[1].Bytes())
|
||||
publicExponent := toBase64(e.Bytes())
|
||||
privateExponent := toBase64(t.D.Bytes())
|
||||
prime1 := toBase64(t.Primes[0].Bytes())
|
||||
prime2 := toBase64(t.Primes[1].Bytes())
|
||||
// Calculate Exponent1/2 and Coefficient as per: http://en.wikipedia.org/wiki/RSA#Using_the_Chinese_remainder_algorithm
|
||||
// and from: http://code.google.com/p/go/issues/detail?id=987
|
||||
one := big.NewInt(1)
|
||||
|
@ -110,9 +110,9 @@ func (r *DNSKEY) PrivateKeyString(p PrivateKey) (s string) {
|
|||
exp2 := big.NewInt(0).Mod(t.D, q_1)
|
||||
coeff := big.NewInt(0).Exp(t.Primes[1], minusone, t.Primes[0])
|
||||
|
||||
exponent1 := unpackBase64(exp1.Bytes())
|
||||
exponent2 := unpackBase64(exp2.Bytes())
|
||||
coefficient := unpackBase64(coeff.Bytes())
|
||||
exponent1 := toBase64(exp1.Bytes())
|
||||
exponent2 := toBase64(exp2.Bytes())
|
||||
coefficient := toBase64(coeff.Bytes())
|
||||
|
||||
s = _FORMAT +
|
||||
"Algorithm: " + algorithm + "\n" +
|
||||
|
@ -126,17 +126,17 @@ func (r *DNSKEY) PrivateKeyString(p PrivateKey) (s string) {
|
|||
"Coefficient: " + coefficient + "\n"
|
||||
case *ecdsa.PrivateKey:
|
||||
algorithm := strconv.Itoa(int(r.Algorithm)) + " (" + AlgorithmToString[r.Algorithm] + ")"
|
||||
private := unpackBase64(t.D.Bytes())
|
||||
private := toBase64(t.D.Bytes())
|
||||
s = _FORMAT +
|
||||
"Algorithm: " + algorithm + "\n" +
|
||||
"PrivateKey: " + private + "\n"
|
||||
case *dsa.PrivateKey:
|
||||
algorithm := strconv.Itoa(int(r.Algorithm)) + " (" + AlgorithmToString[r.Algorithm] + ")"
|
||||
prime := unpackBase64(t.PublicKey.Parameters.P.Bytes())
|
||||
subprime := unpackBase64(t.PublicKey.Parameters.Q.Bytes())
|
||||
base := unpackBase64(t.PublicKey.Parameters.G.Bytes())
|
||||
priv := unpackBase64(t.X.Bytes())
|
||||
pub := unpackBase64(t.PublicKey.Y.Bytes())
|
||||
prime := toBase64(t.PublicKey.Parameters.P.Bytes())
|
||||
subprime := toBase64(t.PublicKey.Parameters.Q.Bytes())
|
||||
base := toBase64(t.PublicKey.Parameters.G.Bytes())
|
||||
priv := toBase64(t.X.Bytes())
|
||||
pub := toBase64(t.PublicKey.Y.Bytes())
|
||||
s = _FORMAT +
|
||||
"Algorithm: " + algorithm + "\n" +
|
||||
"Prime(p): " + prime + "\n" +
|
||||
|
|
6
kscan.go
6
kscan.go
|
@ -88,7 +88,7 @@ func readPrivateKeyRSA(m map[string]string) (PrivateKey, error) {
|
|||
for k, v := range m {
|
||||
switch k {
|
||||
case "modulus", "publicexponent", "privateexponent", "prime1", "prime2":
|
||||
v1, err := packBase64([]byte(v))
|
||||
v1, err := fromBase64([]byte(v))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
@ -125,7 +125,7 @@ func readPrivateKeyDSA(m map[string]string) (PrivateKey, error) {
|
|||
for k, v := range m {
|
||||
switch k {
|
||||
case "private_value(x)":
|
||||
v1, err := packBase64([]byte(v))
|
||||
v1, err := fromBase64([]byte(v))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
@ -144,7 +144,7 @@ func readPrivateKeyECDSA(m map[string]string) (PrivateKey, error) {
|
|||
for k, v := range m {
|
||||
switch k {
|
||||
case "privatekey":
|
||||
v1, err := packBase64([]byte(v))
|
||||
v1, err := fromBase64([]byte(v))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
71
msg.go
71
msg.go
|
@ -813,7 +813,7 @@ func packStructValue(val reflect.Value, msg []byte, off int, compression map[str
|
|||
default:
|
||||
return lenmsg, &Error{"bad tag packing string: " + typefield.Tag.Get("dns")}
|
||||
case `dns:"base64"`:
|
||||
b64, e := packBase64([]byte(s))
|
||||
b64, e := fromBase64([]byte(s))
|
||||
if e != nil {
|
||||
return lenmsg, e
|
||||
}
|
||||
|
@ -834,7 +834,7 @@ func packStructValue(val reflect.Value, msg []byte, off int, compression map[str
|
|||
msg[off-1] = 20
|
||||
fallthrough
|
||||
case `dns:"base32"`:
|
||||
b32, e := packBase32([]byte(s))
|
||||
b32, e := fromBase32([]byte(s))
|
||||
if e != nil {
|
||||
return lenmsg, e
|
||||
}
|
||||
|
@ -1224,7 +1224,7 @@ func unpackStructValue(val reflect.Value, msg []byte, off int) (off1 int, err er
|
|||
if b64end > lenrd || b64end > lenmsg {
|
||||
return lenmsg, &Error{err: "overflow unpacking base64"}
|
||||
}
|
||||
s = unpackBase64(msg[off:b64end])
|
||||
s = toBase64(msg[off:b64end])
|
||||
off = b64end
|
||||
case `dns:"cdomain-name"`:
|
||||
fallthrough
|
||||
|
@ -1250,7 +1250,7 @@ func unpackStructValue(val reflect.Value, msg []byte, off int) (off1 int, err er
|
|||
if off+size > lenmsg {
|
||||
return lenmsg, &Error{err: "overflow unpacking base32"}
|
||||
}
|
||||
s = unpackBase32(msg[off : off+size])
|
||||
s = toBase32(msg[off : off+size])
|
||||
off += size
|
||||
case `dns:"size-hex"`:
|
||||
// a "size" string, but it must be encoded in hex in the string
|
||||
|
@ -1298,58 +1298,43 @@ func dddToByte(s []byte) byte {
|
|||
return byte((s[0]-'0')*100 + (s[1]-'0')*10 + (s[2] - '0'))
|
||||
}
|
||||
|
||||
// Helper function for unpacking
|
||||
func unpackUint16(msg []byte, off int) (v uint16, off1 int) {
|
||||
v = uint16(msg[off])<<8 | uint16(msg[off+1])
|
||||
off1 = off + 2
|
||||
return
|
||||
}
|
||||
|
||||
// UnpackStruct unpacks a binary message from offset off to the interface
|
||||
// value given.
|
||||
func UnpackStruct(any interface{}, msg []byte, off int) (off1 int, err error) {
|
||||
off, err = unpackStructValue(structValue(any), msg, off)
|
||||
return off, err
|
||||
func UnpackStruct(any interface{}, msg []byte, off int) (int, error) {
|
||||
return unpackStructValue(structValue(any), msg, off)
|
||||
}
|
||||
|
||||
func unpackBase32(b []byte) string {
|
||||
b32 := make([]byte, base32.HexEncoding.EncodedLen(len(b)))
|
||||
base32.HexEncoding.Encode(b32, b)
|
||||
return string(b32)
|
||||
// Helper function for packing and unpacking
|
||||
func unpackUint16(msg []byte, off int) (uint16, int) {
|
||||
return uint16(msg[off])<<8 | uint16(msg[off+1]), off + 2
|
||||
}
|
||||
|
||||
func unpackBase64(b []byte) string {
|
||||
b64 := make([]byte, base64.StdEncoding.EncodedLen(len(b)))
|
||||
base64.StdEncoding.Encode(b64, b)
|
||||
return string(b64)
|
||||
}
|
||||
|
||||
// Helper function for packing
|
||||
func packUint16(i uint16) (byte, byte) {
|
||||
return byte(i >> 8), byte(i)
|
||||
}
|
||||
|
||||
func packBase64(s []byte) ([]byte, error) {
|
||||
b64len := base64.StdEncoding.DecodedLen(len(s))
|
||||
buf := make([]byte, b64len)
|
||||
n, err := base64.StdEncoding.Decode(buf, []byte(s))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
buf = buf[:n]
|
||||
return buf, nil
|
||||
func toBase32(b []byte) string {
|
||||
return base32.HexEncoding.EncodeToString(b)
|
||||
}
|
||||
|
||||
// Helper function for packing, mostly used in dnssec.go
|
||||
func packBase32(s []byte) ([]byte, error) {
|
||||
b32len := base32.HexEncoding.DecodedLen(len(s))
|
||||
buf := make([]byte, b32len)
|
||||
n, err := base32.HexEncoding.Decode(buf, []byte(s))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
func fromBase32(s []byte) (buf []byte, err error) {
|
||||
buflen := base32.HexEncoding.DecodedLen(len(s))
|
||||
buf = make([]byte, buflen)
|
||||
n, err := base32.HexEncoding.Decode(buf, s)
|
||||
buf = buf[:n]
|
||||
return buf, nil
|
||||
return
|
||||
}
|
||||
|
||||
func toBase64(b []byte) string {
|
||||
return base64.StdEncoding.EncodeToString(b)
|
||||
}
|
||||
|
||||
func fromBase64(s []byte) (buf []byte, err error) {
|
||||
buflen := base64.StdEncoding.DecodedLen(len(s))
|
||||
buf = make([]byte, buflen)
|
||||
n, err := base64.StdEncoding.Decode(buf, s)
|
||||
buf = buf[:n]
|
||||
return
|
||||
}
|
||||
|
||||
// PackRR packs a resource record rr into msg[off:].
|
||||
|
|
2
nsecx.go
2
nsecx.go
|
@ -47,7 +47,7 @@ func HashName(label string, ha uint8, iter uint16, salt string) string {
|
|||
io.WriteString(s, string(nsec3))
|
||||
nsec3 = s.Sum(nil)
|
||||
}
|
||||
return unpackBase32(nsec3)
|
||||
return toBase32(nsec3)
|
||||
}
|
||||
|
||||
type Denialer interface {
|
||||
|
|
2
sig0.go
2
sig0.go
|
@ -115,7 +115,7 @@ func (rr *SIG) Sign(k PrivateKey, m *Msg) ([]byte, error) {
|
|||
default:
|
||||
return nil, ErrAlg
|
||||
}
|
||||
rr.Signature = unpackBase64(sig)
|
||||
rr.Signature = toBase64(sig)
|
||||
buf = append(buf, sig...)
|
||||
if len(buf) > int(^uint16(0)) {
|
||||
return nil, ErrBuf
|
||||
|
|
4
tsig.go
4
tsig.go
|
@ -159,7 +159,7 @@ func TsigGenerate(m *Msg, secret, requestMAC string, timersOnly bool) ([]byte, s
|
|||
panic("dns: TSIG not last RR in additional")
|
||||
}
|
||||
// If we barf here, the caller is to blame
|
||||
rawsecret, err := packBase64([]byte(secret))
|
||||
rawsecret, err := fromBase64([]byte(secret))
|
||||
if err != nil {
|
||||
return nil, "", err
|
||||
}
|
||||
|
@ -209,7 +209,7 @@ func TsigGenerate(m *Msg, secret, requestMAC string, timersOnly bool) ([]byte, s
|
|||
// If the signature does not validate err contains the
|
||||
// error, otherwise it is nil.
|
||||
func TsigVerify(msg []byte, secret, requestMAC string, timersOnly bool) error {
|
||||
rawsecret, err := packBase64([]byte(secret))
|
||||
rawsecret, err := fromBase64([]byte(secret))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue