From 7e1f9490f2e0ac71cc3ddfd26fbca7200d86e33b Mon Sep 17 00:00:00 2001 From: Miek Gieben Date: Tue, 25 Jan 2011 13:57:54 +0100 Subject: [PATCH] Cert RR added PubKey is named PublicKey in the RR_DNSKEY --- dns_test.go | 2 +- dnssec.go | 12 ++++++------ dnssec_test.go | 8 ++++---- keygen.go | 4 ++-- msg.go | 1 + types.go | 45 +++++++++++++++++++++++++++++++++------------ 6 files changed, 47 insertions(+), 25 deletions(-) diff --git a/dns_test.go b/dns_test.go index bb634689..7f9f4a96 100644 --- a/dns_test.go +++ b/dns_test.go @@ -11,7 +11,7 @@ func TestPackUnpack(t *testing.T) { key := new(RR_DNSKEY) key.Hdr = RR_Header{Name: "miek.nl.", Rrtype: TypeDNSKEY, Class: ClassINET, Ttl: 3600} key = &RR_DNSKEY{Flags: 257, Protocol: 3, Algorithm: AlgRSASHA1} - key.PubKey = "AwEAAaHIwpx3w4VHKi6i1LHnTaWeHCL154Jug0Rtc9ji5qwPXpBo6A5sRv7cSsPQKPIwxLpyCrbJ4mr2L0EPOdvP6z6YfljK2ZmTbogU9aSU2fiq/4wjxbdkLyoDVgtO+JsxNN4bjr4WcWhsmk1Hg93FV9ZpkWb0Tbad8DFqNDzr//kZ" + key.PublicKey = "AwEAAaHIwpx3w4VHKi6i1LHnTaWeHCL154Jug0Rtc9ji5qwPXpBo6A5sRv7cSsPQKPIwxLpyCrbJ4mr2L0EPOdvP6z6YfljK2ZmTbogU9aSU2fiq/4wjxbdkLyoDVgtO+JsxNN4bjr4WcWhsmk1Hg93FV9ZpkWb0Tbad8DFqNDzr//kZ" out.Answer[0] = key msg, ok := out.Pack() diff --git a/dnssec.go b/dnssec.go index 117cbc30..f497e4a6 100644 --- a/dnssec.go +++ b/dnssec.go @@ -56,7 +56,7 @@ type dnskeyWireFmt struct { Flags uint16 Protocol uint8 Algorithm uint8 - PubKey string "base64" + PublicKey string "base64" /* Nothing is left out */ } @@ -72,7 +72,7 @@ func (k *RR_DNSKEY) KeyTag() uint16 { keywire.Flags = k.Flags keywire.Protocol = k.Protocol keywire.Algorithm = k.Algorithm - keywire.PubKey = k.PubKey + keywire.PublicKey = k.PublicKey wire := make([]byte, 2048) // TODO(mg) lenght! n, ok := packStruct(keywire, wire, 0) if !ok { @@ -106,7 +106,7 @@ func (k *RR_DNSKEY) ToDS(h int) *RR_DS { keywire.Flags = k.Flags keywire.Protocol = k.Protocol keywire.Algorithm = k.Algorithm - keywire.PubKey = k.PubKey + keywire.PublicKey = k.PublicKey wire := make([]byte, 2048) // TODO(mg) lenght! n, ok := packStruct(keywire, wire, 0) if !ok { @@ -410,7 +410,7 @@ func (s *RR_RRSIG) sigBuf() []byte { // Extract the RSA public key from the Key record func (k *RR_DNSKEY) pubKeyRSA() *rsa.PublicKey { - keybuf, err := packBase64([]byte(k.PubKey)) + keybuf, err := packBase64([]byte(k.PublicKey)) if err != nil { return nil } @@ -436,10 +436,10 @@ func (k *RR_DNSKEY) pubKeyRSA() *rsa.PublicKey { } // Set the public key (the value E and N) -func (k *RR_DNSKEY) setPubKeyRSA(_E int, _N *big.Int) { +func (k *RR_DNSKEY) setPublicKeyRSA(_E int, _N *big.Int) { buf := exponentToBuf(_E) buf = append(buf, _N.Bytes()...) - k.PubKey = unpackBase64(buf) + k.PublicKey = unpackBase64(buf) return } diff --git a/dnssec_test.go b/dnssec_test.go index 455f02f8..ef2a9214 100644 --- a/dnssec_test.go +++ b/dnssec_test.go @@ -35,7 +35,7 @@ func TestSecure(t *testing.T) { key.Flags = 256 key.Protocol = 3 key.Algorithm = AlgRSASHA256 - key.PubKey = "AwEAAcNEU67LJI5GEgF9QLNqLO1SMq1EdoQ6E9f85ha0k0ewQGCblyW2836GiVsm6k8Kr5ECIoMJ6fZWf3CQSQ9ycWfTyOHfmI3eQ/1Covhb2y4bAmL/07PhrL7ozWBW3wBfM335Ft9xjtXHPy7ztCbV9qZ4TVDTW/Iyg0PiwgoXVesz" + key.PublicKey = "AwEAAcNEU67LJI5GEgF9QLNqLO1SMq1EdoQ6E9f85ha0k0ewQGCblyW2836GiVsm6k8Kr5ECIoMJ6fZWf3CQSQ9ycWfTyOHfmI3eQ/1Covhb2y4bAmL/07PhrL7ozWBW3wBfM335Ft9xjtXHPy7ztCbV9qZ4TVDTW/Iyg0PiwgoXVesz" // It should validate. Period is checked seperately, so this will keep on working if ! sig.Verify(key, []RR{soa}) { @@ -147,7 +147,7 @@ func TestDnskey(t *testing.T) { key.Flags = 256 key.Protocol = 3 key.Algorithm = AlgRSASHA256 - key.PubKey = "AwEAAcELcuxHosJX3LjbR6EFzsqI3mKivwvO6Y5Kzt/OXYmLQUI8tnOrX9ilT/0qGraxoONayVX3A6bl1pG3h/xOxVEGcJGqbrZnhr2+4S9tW2GWQwevV+NhinE7v6MCCCheVCnAPh0KFb/u14ng3DQizP1spBU/NoAN31l678snBpZX" + key.PublicKey = "AwEAAcELcuxHosJX3LjbR6EFzsqI3mKivwvO6Y5Kzt/OXYmLQUI8tnOrX9ilT/0qGraxoONayVX3A6bl1pG3h/xOxVEGcJGqbrZnhr2+4S9tW2GWQwevV+NhinE7v6MCCCheVCnAPh0KFb/u14ng3DQizP1spBU/NoAN31l678snBpZX" soa := new(RR_SOA) soa.Hdr = RR_Header{"Miek.nl.", TypeSOA, ClassINET, 875, 0} @@ -189,7 +189,7 @@ func TestTag(t *testing.T) { key.Flags = 256 key.Protocol = 3 key.Algorithm = AlgRSASHA256 - key.PubKey = "AwEAAcNEU67LJI5GEgF9QLNqLO1SMq1EdoQ6E9f85ha0k0ewQGCblyW2836GiVsm6k8Kr5ECIoMJ6fZWf3CQSQ9ycWfTyOHfmI3eQ/1Covhb2y4bAmL/07PhrL7ozWBW3wBfM335Ft9xjtXHPy7ztCbV9qZ4TVDTW/Iyg0PiwgoXVesz" + key.PublicKey = "AwEAAcNEU67LJI5GEgF9QLNqLO1SMq1EdoQ6E9f85ha0k0ewQGCblyW2836GiVsm6k8Kr5ECIoMJ6fZWf3CQSQ9ycWfTyOHfmI3eQ/1Covhb2y4bAmL/07PhrL7ozWBW3wBfM335Ft9xjtXHPy7ztCbV9qZ4TVDTW/Iyg0PiwgoXVesz" tag := key.KeyTag() if tag != 12051 { @@ -247,7 +247,7 @@ func TestKeyToDS(t *testing.T) { key.Flags = 256 key.Protocol = 3 key.Algorithm = AlgRSASHA256 - key.PubKey = "AwEAAcNEU67LJI5GEgF9QLNqLO1SMq1EdoQ6E9f85ha0k0ewQGCblyW2836GiVsm6k8Kr5ECIoMJ6fZWf3CQSQ9ycWfTyOHfmI3eQ/1Covhb2y4bAmL/07PhrL7ozWBW3wBfM335Ft9xjtXHPy7ztCbV9qZ4TVDTW/Iyg0PiwgoXVesz" + key.PublicKey = "AwEAAcNEU67LJI5GEgF9QLNqLO1SMq1EdoQ6E9f85ha0k0ewQGCblyW2836GiVsm6k8Kr5ECIoMJ6fZWf3CQSQ9ycWfTyOHfmI3eQ/1Covhb2y4bAmL/07PhrL7ozWBW3wBfM335Ft9xjtXHPy7ztCbV9qZ4TVDTW/Iyg0PiwgoXVesz" ds := key.ToDS(HashSHA1) if strings.ToUpper(ds.Digest) != "B5121BDB5B8D86D0CC5FFAFBAAABE26C3E20BAC1" { diff --git a/keygen.go b/keygen.go index a706a32b..2aa4a4d0 100644 --- a/keygen.go +++ b/keygen.go @@ -46,7 +46,7 @@ func (r *RR_DNSKEY) Generate(bits int) (PrivateKey, os.Error) { } keybuf := exponentToBuf(priv.PublicKey.E) keybuf = append(keybuf, priv.PublicKey.N.Bytes()...) - r.PubKey = unpackBase64(keybuf) + r.PublicKey = unpackBase64(keybuf) return priv, nil } return nil, nil // Dummy return @@ -151,6 +151,6 @@ func (k *RR_DNSKEY) PrivateKeySetString(s string) (PrivateKey, os.Error) { } line, _ = r.ReadBytes('\n') } - k.setPubKeyRSA(p.PublicKey.E, p.PublicKey.N) + k.setPublicKeyRSA(p.PublicKey.E, p.PublicKey.N) return p, nil } diff --git a/msg.go b/msg.go index aed1a549..05ba14da 100644 --- a/msg.go +++ b/msg.go @@ -77,6 +77,7 @@ var Rr_str = map[uint16]string{ TypeTXT: "TXT", TypeSRV: "SRV", TypeNAPTR: "NAPTR", + TypeCERT: "CERT", TypeDNAME: "DNAME", TypeA: "A", TypeAAAA: "AAAA", diff --git a/types.go b/types.go index f0fd5eb0..dea8d15b 100644 --- a/types.go +++ b/types.go @@ -43,7 +43,8 @@ const ( TypeLOC = 29 TypeSRV = 33 TypeNAPTR = 35 - TypeDNAME = 39 + TypeCERT = 37 + TypeDNAME = 39 // EDNS TypeOPT = 41 @@ -339,10 +340,30 @@ func (rr *RR_NAPTR) String() string { rr.Replacement } +// RFC 4398 +type RR_CERT struct { + Hdr RR_Header + Type uint16 + KeyTag uint16 + Algorithm uint8 + Certificate string "base64" +} + +func (rr *RR_CERT) Header() *RR_Header { + return &rr.Hdr +} + +func (rr *RR_CERT) String() string { + return rr.Hdr.String() + strconv.Itoa(int(rr.Type)) + + " " + strconv.Itoa(int(rr.KeyTag)) + + " " + strconv.Itoa(int(rr.Algorithm)) + + " " + rr.Certificate +} + // RFC 2672 type RR_DNAME struct { - Hdr RR_Header - Target string "domain-name" + Hdr RR_Header + Target string "domain-name" } func (rr *RR_DNAME) Header() *RR_Header { @@ -350,7 +371,7 @@ func (rr *RR_DNAME) Header() *RR_Header { } func (rr *RR_DNAME) String() string { - return rr.Hdr.String() + " " + rr.Target + return rr.Hdr.String() + rr.Target } type RR_A struct { @@ -395,7 +416,7 @@ func (rr *RR_LOC) Header() *RR_Header { } func (rr *RR_LOC) String() string { - // Version is not shown + // Version is not shown return rr.Hdr.String() + "TODO" } @@ -490,7 +511,7 @@ type RR_DNSKEY struct { Flags uint16 Protocol uint8 Algorithm uint8 - PubKey string "base64" + PublicKey string "base64" } func (rr *RR_DNSKEY) Header() *RR_Header { @@ -501,7 +522,7 @@ func (rr *RR_DNSKEY) String() string { return rr.Hdr.String() + strconv.Itoa(int(rr.Flags)) + " " + strconv.Itoa(int(rr.Protocol)) + " " + strconv.Itoa(int(rr.Algorithm)) + - " " + rr.PubKey + " " + rr.PublicKey } type RR_NSEC3 struct { @@ -549,11 +570,11 @@ func (rr *RR_NSEC3PARAM) Header() *RR_Header { func (rr *RR_NSEC3PARAM) String() string { s := rr.Hdr.String() - s += strconv.Itoa(int(rr.Hash)) + - " " + strconv.Itoa(int(rr.Flags)) + - " " + strconv.Itoa(int(rr.Iterations)) + - " " + strings.ToUpper(rr.Salt) - return s + s += strconv.Itoa(int(rr.Hash)) + + " " + strconv.Itoa(int(rr.Flags)) + + " " + strconv.Itoa(int(rr.Iterations)) + + " " + strings.ToUpper(rr.Salt) + return s } type RR_TKEY struct {