Add dnskey gen for RSA keys

2011-01-10 16:10:15 +01:00 · 2011-01-10 16:10:15 +01:00 · 578304226f
parent 69f9bc6ecd
commit 578304226f
5 changed files with 71 additions and 2 deletions
--- a/1
+++ b/1
@ -13,6 +13,7 @@ GOFILES=\
 	edns.go\
 	tsig.go\
 	dnssec.go\
+	keygen.go\


 include $(GOROOT)/src/Make.pkg
--- a/2
+++ b/2
@ -2,9 +2,9 @@ Todo:
 Short term:
 * NSEC(3) secure denial of existence, support the type bitmap
    - need base32 for Nsec3
-* TSIG 
 * Parsing from strings
 * Server support 
+
 * Key generation
 * Signature generation

--- a/dnskey_test.go
+++ b/dnskey_test.go
@ -5,6 +5,24 @@ import (
 	"fmt"
 )

+
+func TestKeyGen(t *testing.T) {
+	key := new(RR_DNSKEY)
+	key.Hdr.Name = "miek.nl."
+	key.Hdr.Rrtype = TypeDNSKEY
+	key.Hdr.Class = ClassINET
+	key.Hdr.Ttl = 3600
+	key.Flags = 256
+	key.Protocol = 3
+	key.Algorithm = AlgRSASHA256
+        key.GenerateRSA(512)
+
+        fmt.Printf("%v\n", key)
+
+}
+
+
+/*
 func TestDnskey(t *testing.T) {
        return
 	// This key was generate with LDNS:
@ -51,3 +69,4 @@ func TestDnskey(t *testing.T) {
        openssl := "135560614087352210480379313279722604826647214111257577861451621491284835543707521986085999189597017237768514876957888744370440811423088511394629855684615382349190289731989185193184712980579812986523080792122141528583964882610028199770199112837017606561901919812183422914622295620927795008308854924436086101591"
        println("OPENSSL key: what should be is: ",openssl)
 }
+*/
--- a/keygen.go
+++ b/keygen.go
@ -0,0 +1,48 @@
+package dns
+
+import (
+        "os"
+        "crypto/rsa"
+        "crypto/rand"
+        "encoding/base64"
+)
+
+
+// Generate a RSA key of the given bit size.
+// The public parts are directly put inside the
+// DNSKEY record. The private key is returned.
+func (r *RR_DNSKEY) GenerateRSA(bits int) (*rsa.PrivateKey, os.Error) {
+/*
+   -b <key size in bits>:
+         RSAMD5:        [512..4096]
+         RSASHA1:       [512..4096]
+         NSEC3RSASHA1:  [512..4096]
+         RSASHA256:     [512..4096]
+         RSASHA512:     [1024..4096]
+*/
+        priv, err := rsa.GenerateKey(rand.Reader, bits)
+        if err != nil {
+                return nil, err
+        }
+        //func GenerateKey(rand io.Reader, bits int) (priv *PrivateKey, err os.Error)
+        // Fill r.PubKey    string "base64"
+        //priv.PublicKey.N (*big.Int) modulus
+        //priv.PublicKey.E (int)      public exponent
+        keybuf := make([]byte, 1)
+
+        if priv.PublicKey.E < 256 {
+                keybuf[0] = uint8(priv.PublicKey.E)
+        } else {
+                keybuf[0] = 0
+                // keybuf[1]+[2] have the length
+                // keybuf[3:..3+lenght] have exponent
+                // not implemented
+                return nil, &Error{Error: "Exponent to large"}
+        }
+        keybuf = append(keybuf, priv.PublicKey.N.Bytes()...)
+
+        b64 := make([]byte, base64.StdEncoding.EncodedLen(len(keybuf)))
+        base64.StdEncoding.Encode(b64, keybuf)
+        r.PubKey = string(b64)
+        return priv, nil
+}
--- a/msg.go
+++ b/msg.go
@ -342,6 +342,7 @@ func packStructValue(val *reflect.StructValue, msg []byte, off int) (off1 int, o
 			default:
 				return len(msg), false
 			case "base64":
+                                // TODO(mg) use the Len as return from the conversion (not used right now)
 				b64len := base64.StdEncoding.DecodedLen(len(s))
 				_, err := base64.StdEncoding.Decode(msg[off:off+b64len], []byte(s))
 				if err != nil {
@ -558,7 +559,7 @@ func unpackStructValue(val *reflect.StructValue, msg []byte, off int) (off1 int,
 				default:
 					consumed = 0 // TODO
 				}
-
+                                // TODO(mg) check return value of encoding
 				b64 := make([]byte, base64.StdEncoding.EncodedLen(len(msg[off:off+rdlength-consumed])))
 				base64.StdEncoding.Encode(b64, msg[off:off+rdlength-consumed])
 				s = string(b64)