Add signature helper function

Do this in dnssec.go so that all DNSSEC stuff in contained in that file. Add testing too
2010-12-24 11:50:42 +01:00 · 2010-12-24 11:50:42 +01:00 · fd9afcb44d
parent 92d09fcfc1
commit fd9afcb44d
7 changed files with 73 additions and 43 deletions
--- a/dnssec.go
+++ b/dnssec.go
@ -1,4 +1,27 @@
 package dns

-// All verification for RRSIG and RRsets i
-// Done here
+import "time"
+
+// All DNSSEC verification 
+
+const (
+	Year68 = 2 << (32 - 1)
+)
+
+// Translate the RRSIG's incep. and expir. time
+// to the correct date, taking into account serial
+// arithmetic
+func timeToDate(t uint32) string {
+	utc := time.UTC().Seconds()
+	mod := (int64(t) - utc) / Year68
+
+        // If needed assume wrap around(s)
+        ti := time.SecondsToUTC(int64(t) + (mod * Year68)) // abs()? TODO
+	return ti.Format("20060102030405")
+}
+
+// Is the signature (RRSIG) valid?
+func validSignaturePeriod(start, end uint32) bool {
+        utc := time.UTC().Seconds()       // maybe as parameter?? TODO MG
+        return int64(start) <= utc && utc <= int64(end)
+}
--- a/edns_test.go
+++ b/edns_test.go
@ -3,17 +3,16 @@ package dns
 // Test EDNS RR records
 import (
 	"testing"
-        "fmt"
 )

 func TestEDNS_RR(t *testing.T) {
-        edns := new(RR_OPT)
-        edns.Hdr.Name = "."      // must . be for edns
-        edns.Hdr.Rrtype = TypeOPT
-        edns.Hdr.Class = ClassINET
-        edns.Hdr.Ttl = 3600
-        edns.Option = make([]Option, 1)
-        edns.Option[0].Code = OptionCodeNSID
-        edns.Option[0].Data = "lalalala"
-        fmt.Printf("%v\n", edns)
+	edns := new(RR_OPT)
+	edns.Hdr.Name = "." // must . be for edns
+	edns.Hdr.Rrtype = TypeOPT
+	edns.Hdr.Class = ClassINET
+	edns.Hdr.Ttl = 3600
+	edns.Option = make([]Option, 1)
+	edns.Option[0].Code = OptionCodeNSID
+	edns.Option[0].Data = "lalalala"
+	//t..Logf("%v\n", edns)
 }
--- a/pack_test.go
+++ b/pack_test.go
@ -3,7 +3,6 @@ package dns
 import (
 	"testing"
 	"net"
-        "fmt"
 )

 func TestPackUnpack(t *testing.T) {
@ -89,15 +88,15 @@ func TestPackUnpack(t *testing.T) {

        _, ok = packRR(edns, msg, 0)
        if !ok {
+                t.Logf("%v\n", edns)
                t.Log("Failed")
                t.Fail()
        }
-        fmt.Printf("%v\n", edns)

        unpacked, _, ok := unpackRR(msg, 0)
        if  !ok {
+                t.Logf("%v\n", unpacked)
                t.Log("Failed")
                t.Fail()
        }
-        fmt.Printf("%v\n", unpacked)
 }
--- a/resolverEdns_test.go
+++ b/resolverEdns_test.go
@ -3,7 +3,6 @@ package dns
 import (
 	"testing"
 	"time"
-	"fmt"
 )

 func TestResolverEdns(t *testing.T) {
@ -34,17 +33,14 @@ func TestResolverEdns(t *testing.T) {
 	m.Question[0] = Question{"miek.nl", TypeSOA, ClassINET}
 	m.Ns[0] = edns

-	fmt.Printf("Sending: %v\n", m)
-
 	ch <- DnsMsg{m, nil}
 	in := <-ch

 	if in.Dns.Rcode != RcodeSuccess {
+                t.Logf("Recv: %v\n", in.Dns)
 		t.Log("Failed to get an valid answer")
 		t.Fail()
 	}
-	fmt.Printf("Recv: %v\n", in.Dns)
-
 	ch <- DnsMsg{nil, nil}
-	time.Sleep(1.0e9)
+	time.Sleep(0.5e9)
 }
--- a/resolver_test.go
+++ b/resolver_test.go
@ -3,7 +3,6 @@ package dns
 import (
 	"testing"
 	"time"
-	"fmt"
 )


@ -27,7 +26,7 @@ func TestResolver(t *testing.T) {
 	if in.Dns.Rcode != RcodeSuccess {
 		t.Log("Failed to get an valid answer")
 		t.Fail()
-	        fmt.Printf("%v\n", in)
+	        t.Logf("%v\n", in)
 	}

 	// ask something
@ -38,9 +37,9 @@ func TestResolver(t *testing.T) {
 	if in.Dns.Rcode != RcodeSuccess {
 		t.Log("Failed to get an valid answer")
 		t.Fail()
-	        fmt.Printf("%v\n", in)
+	        t.Logf("%v\n", in)
 	}

 	ch <- DnsMsg{nil, nil}
-	time.Sleep(1.0e9)
+	time.Sleep(0.5e9)
 }
--- a/signature_test.go
+++ b/signature_test.go
@ -0,0 +1,30 @@
+package dns
+
+import (
+	"testing"
+)
+
+func TestSignature(t *testing.T) {
+	sig := new(RR_RRSIG)
+	sig.Hdr.Name = "miek.nl."
+	sig.Hdr.Rrtype = TypeRRSIG
+	sig.Hdr.Class = ClassINET
+	sig.Hdr.Ttl = 3600
+	sig.TypeCovered = TypeDNSKEY
+	sig.Algorithm = AlgRSASHA1
+	sig.Labels = 2
+	sig.OrigTtl = 4000
+	sig.Expiration = 1000
+	sig.Inception = 800
+	sig.KeyTag = 34641
+	sig.SignerName = "miek.nl."
+	sig.Sig = "AwEAAaHIwpx3w4VHKi6i1LHnTaWeHCL154Jug0Rtc9ji5qwPXpBo6A5sRv7cSsPQKPIwxLpyCrbJ4mr2L0EPOdvP6z6YfljK2ZmTbogU9aSU2fiq/4wjxbdkLyoDVgtO+JsxNN4bjr4WcWhsmk1Hg93FV9ZpkWb0Tbad8DFqNDzr//kZ"
+
+	// Should not be valid
+	if validSignaturePeriod(sig.Inception, sig.Expiration) {
+		t.Log("Should not be valid")
+		t.Fail()
+	} else {
+	        t.Logf("Valid sig period:\n%v\n", sig)
+        }
+}
--- a/types.go
+++ b/types.go
@ -10,7 +10,6 @@ package dns
 import (
 	"net"
 	"strconv"
-	"time"
 )

 // Packet formats
@ -382,29 +381,14 @@ func (rr *RR_RRSIG) Header() *RR_Header {
 	return &rr.Hdr
 }

-// Also, I might need more of these helper function
-// where to put them if there are more
-// Define a new interface??
-// needs serial stuff
-// starts when 1970 has been 68 years ago??
-func intToDate(t uint32) string {
-	// als meer dan 68 jaar geleden, dan 68 jaar bij bedrag optellen
-	// TODO
-	ti := time.SecondsToUTC(int64(t))
-	return ti.Format("20060102030405")
-}
-
-
 func (rr *RR_RRSIG) String() string {
 	return rr.Hdr.String() +
 		" " + rr_str[rr.TypeCovered] +
 		" " + strconv.Itoa(int(rr.Algorithm)) +
 		" " + strconv.Itoa(int(rr.Labels)) +
 		" " + strconv.Itoa(int(rr.OrigTtl)) +
-		//		" " + strconv.Itoa(int(rr.Expiration)) + // date calc! TODO
-		" " + intToDate(rr.Expiration) +
-		//		" " + strconv.Itoa(int(rr.Inception)) + // date calc! TODO
-		" " + intToDate(rr.Inception) +
+		" " + timeToDate(rr.Expiration) +
+		" " + timeToDate(rr.Inception) +
 		" " + strconv.Itoa(int(rr.KeyTag)) +
 		" " + rr.SignerName +
 		" " + rr.Sig