IPSECKEY is kinda strange because it has a type selector which tells
what type a later rdata field has. The type can be a domainname, address
or v6 address. You sort of wish Go would have a union type for this, but
alas.
Currently this is implemented as:
GatewayA net.IP `dns:"a"`
GatewayAAAA net.IP `dns:"aaaa"`
GatewayName string `dns:"domain-name"`
In the IPSECKEY. Only one of these is active at any one time. When
parsing/packing and unpacking the value of GatewayType is checked
to see what to do.
Parsing from strings is also implemented properly and tested. The Unpack
function still needs work.
ECDSA public keys consist of a single value, called "Q" in FIPS
186-3. In DNSSEC keys, Q is a simple bit string that represents the
uncompressed form of a curve point, "x | y".
The ECDSA signature is the combination of two non-negative integers,
called "r" and "s" in FIPS 186-3. The two integers, each of which is
formatted as a simple octet string, are combined into a single longer
octet string for DNSSEC as the concatenation "r | s". (Conversion of
the integers to bit strings is described in Section C.2 of FIPS
186-3.) For P-256, each integer MUST be encoded as 32 octets; for
P-384, each integer MUST be encoded as 48 octets.
Instead of going through the fmt package, we can use append int,
which saves an allocation.
benchmark old ns/op new ns/op delta
BenchmarkUnpackDomainNameUnprintable 2147 506 -76.43%
This is based on @miekg's sig0 branch. That branch diverged from master
and I didn't want to wander off on a rebase.
As implemented there's no allowance for multi-envelope (TCP) support.
TODO:
* unpackUint32() could be moved out and used elsewhere
* tests
* multi-envelope support (if useful)
This way the Id function can be overruled by clients to have
another implementation for the Id function:
To make it static: dns.Id = func() uint16 { return 1234 }
Changes to domain name packing and unpacking:
* Escape dot, backslash, brackets, double-quote, semi-colon and space
* Tab, line feed and carriage return become \t, \n and \r
Changes to TXT string packing and unpacking:
* Escape backslash and double-quote
* Tab, line feed and carriage return become \t, \n and \r
* Other unprintables to \DDD
Stringers do the equivalent of putting domain names and TXT strings
to the wire and back.
There is some duplication of logic. I found performance suffered when
I broke the logic out into smaller functions. I think this may have
been due to functions not being inlined for various reasons.
packLen() was a featureless mirror of Len(). Remove it, and just use
Len() internally too.
Fix bug in Len() too, where the length of the additional section was
not counted.
If the TC bit is set in a message, we will probably try to parse
half a message, which will fail. To fix this just return a message
header and the question section and don't parse the rest.