add privatedns/oid

2011-10-06 20:08:25 +02:00 · 2011-10-06 20:08:25 +02:00 · 96cbd9420c
parent ad11f2425e
commit 96cbd9420c
2 changed files with 8 additions and 1 deletions
--- a/dnssec.go
+++ b/dnssec.go
@ -33,6 +33,8 @@ const (
 	ECCGOST          = 12
 	ECDSAP256SHA256  = 13
 	ECDSAP384SHA384  = 14
+        PRIVATEDNS       = 253  // Private (experimental keys)
+        PRIVATEOID       = 254
 )

 // DNSSEC hashing algorithm codes.
@ -305,6 +307,9 @@ func (s *RR_RRSIG) Verify(k *RR_DNSKEY, rrset RRset) error {
 	signeddata = append(signeddata, wire...)

 	sigbuf := s.sigBuf() // Get the binary signature data
+        if s.Algorithm == PRIVATEDNS {
+                // remove the domain name and assume its our
+        }

 	switch s.Algorithm {
 	case RSASHA1, RSASHA1NSEC3SHA1, RSASHA256, RSASHA512, RSAMD5:
@ -510,4 +515,6 @@ var alg_str = map[uint8]string{
 	ECCGOST:          "ECC-GOST",
 	ECDSAP256SHA256:  "ECDSAP256SHA256",
 	ECDSAP384SHA384:  "ECDSAP384SHA384",
+        PRIVATEDNS:       "PRIVATEDNS",
+        PRIVATEOID:       "PRIVATEOID",
 }
--- a/keygen.go
+++ b/keygen.go
@ -22,7 +22,7 @@ type PrivateKey interface{}
 // bits should be set to the size of the algorithm.
 func (r *RR_DNSKEY) Generate(bits int) (PrivateKey, error) {
 	switch r.Algorithm {
-	case RSAMD5, RSASHA1, RSASHA256, RSASHA1NSEC3SHA1:
+        case RSAMD5, RSASHA1, RSASHA256, RSASHA1NSEC3SHA1:
 		if bits < 512 || bits > 4096 {
 			return nil, ErrKeySize
 		}