Add dnskey gen for RSA keys
This commit is contained in:
parent
69f9bc6ecd
commit
578304226f
1
Makefile
1
Makefile
|
@ -13,6 +13,7 @@ GOFILES=\
|
|||
edns.go\
|
||||
tsig.go\
|
||||
dnssec.go\
|
||||
keygen.go\
|
||||
|
||||
|
||||
include $(GOROOT)/src/Make.pkg
|
||||
|
|
2
TODO
2
TODO
|
@ -2,9 +2,9 @@ Todo:
|
|||
Short term:
|
||||
* NSEC(3) secure denial of existence, support the type bitmap
|
||||
- need base32 for Nsec3
|
||||
* TSIG
|
||||
* Parsing from strings
|
||||
* Server support
|
||||
|
||||
* Key generation
|
||||
* Signature generation
|
||||
|
||||
|
|
|
@ -5,6 +5,24 @@ import (
|
|||
"fmt"
|
||||
)
|
||||
|
||||
|
||||
func TestKeyGen(t *testing.T) {
|
||||
key := new(RR_DNSKEY)
|
||||
key.Hdr.Name = "miek.nl."
|
||||
key.Hdr.Rrtype = TypeDNSKEY
|
||||
key.Hdr.Class = ClassINET
|
||||
key.Hdr.Ttl = 3600
|
||||
key.Flags = 256
|
||||
key.Protocol = 3
|
||||
key.Algorithm = AlgRSASHA256
|
||||
key.GenerateRSA(512)
|
||||
|
||||
fmt.Printf("%v\n", key)
|
||||
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
func TestDnskey(t *testing.T) {
|
||||
return
|
||||
// This key was generate with LDNS:
|
||||
|
@ -51,3 +69,4 @@ func TestDnskey(t *testing.T) {
|
|||
openssl := "135560614087352210480379313279722604826647214111257577861451621491284835543707521986085999189597017237768514876957888744370440811423088511394629855684615382349190289731989185193184712980579812986523080792122141528583964882610028199770199112837017606561901919812183422914622295620927795008308854924436086101591"
|
||||
println("OPENSSL key: what should be is: ",openssl)
|
||||
}
|
||||
*/
|
||||
|
|
|
@ -0,0 +1,48 @@
|
|||
package dns
|
||||
|
||||
import (
|
||||
"os"
|
||||
"crypto/rsa"
|
||||
"crypto/rand"
|
||||
"encoding/base64"
|
||||
)
|
||||
|
||||
|
||||
// Generate a RSA key of the given bit size.
|
||||
// The public parts are directly put inside the
|
||||
// DNSKEY record. The private key is returned.
|
||||
func (r *RR_DNSKEY) GenerateRSA(bits int) (*rsa.PrivateKey, os.Error) {
|
||||
/*
|
||||
-b <key size in bits>:
|
||||
RSAMD5: [512..4096]
|
||||
RSASHA1: [512..4096]
|
||||
NSEC3RSASHA1: [512..4096]
|
||||
RSASHA256: [512..4096]
|
||||
RSASHA512: [1024..4096]
|
||||
*/
|
||||
priv, err := rsa.GenerateKey(rand.Reader, bits)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
//func GenerateKey(rand io.Reader, bits int) (priv *PrivateKey, err os.Error)
|
||||
// Fill r.PubKey string "base64"
|
||||
//priv.PublicKey.N (*big.Int) modulus
|
||||
//priv.PublicKey.E (int) public exponent
|
||||
keybuf := make([]byte, 1)
|
||||
|
||||
if priv.PublicKey.E < 256 {
|
||||
keybuf[0] = uint8(priv.PublicKey.E)
|
||||
} else {
|
||||
keybuf[0] = 0
|
||||
// keybuf[1]+[2] have the length
|
||||
// keybuf[3:..3+lenght] have exponent
|
||||
// not implemented
|
||||
return nil, &Error{Error: "Exponent to large"}
|
||||
}
|
||||
keybuf = append(keybuf, priv.PublicKey.N.Bytes()...)
|
||||
|
||||
b64 := make([]byte, base64.StdEncoding.EncodedLen(len(keybuf)))
|
||||
base64.StdEncoding.Encode(b64, keybuf)
|
||||
r.PubKey = string(b64)
|
||||
return priv, nil
|
||||
}
|
3
msg.go
3
msg.go
|
@ -342,6 +342,7 @@ func packStructValue(val *reflect.StructValue, msg []byte, off int) (off1 int, o
|
|||
default:
|
||||
return len(msg), false
|
||||
case "base64":
|
||||
// TODO(mg) use the Len as return from the conversion (not used right now)
|
||||
b64len := base64.StdEncoding.DecodedLen(len(s))
|
||||
_, err := base64.StdEncoding.Decode(msg[off:off+b64len], []byte(s))
|
||||
if err != nil {
|
||||
|
@ -558,7 +559,7 @@ func unpackStructValue(val *reflect.StructValue, msg []byte, off int) (off1 int,
|
|||
default:
|
||||
consumed = 0 // TODO
|
||||
}
|
||||
|
||||
// TODO(mg) check return value of encoding
|
||||
b64 := make([]byte, base64.StdEncoding.EncodedLen(len(msg[off:off+rdlength-consumed])))
|
||||
base64.StdEncoding.Encode(b64, msg[off:off+rdlength-consumed])
|
||||
s = string(b64)
|
||||
|
|
Loading…
Reference in New Issue