974c28d1b1
More fixes for compression
2012-01-11 11:13:17 +01:00
7f77e5e6b4
Fix key2ds
2012-01-08 16:49:54 +01:00
cd266d5f0f
Its a uint8
2012-01-08 15:56:19 +01:00
ecfd5451a9
Remove the Labels() function.
...
This is now handled inside IsDomainName, which really parses
the name and then (also) returns the number of labels found.
2012-01-08 15:54:33 +01:00
d1b0ee219f
Digest fixes
2011-12-16 15:06:24 +01:00
131f6962d1
gofmt
2011-12-09 21:45:57 +01:00
17d3f12d31
Fix NSEC presentation
2011-12-09 16:11:37 +01:00
96cbd9420c
add privatedns/oid
2011-12-09 16:00:41 +01:00
ad11f2425e
export Unpack/PackDomainName
2011-12-09 15:58:36 +01:00
e115e5da6e
Update to the latest weekly: weekly/weekly.2011-12-06
...
The new time API must still be used. But for now it compiles.
All DNSSEC/TSIG timing is probably broken
2011-12-09 11:16:49 +01:00
22a467e718
Fixes the latest weekly
2011-11-02 23:06:54 +01:00
b7ca96e7d4
Normalize errors
...
Use the errors as defined in msg.go and a few.
2011-09-09 10:21:04 +02:00
24a912919f
Change Sign() and Verify() to return more useful os.Error
2011-09-08 12:14:41 -07:00
220ad18ded
Remove redundant sorting and fix small error
2011-09-08 12:14:06 -07:00
ca33c9ad0e
Add sorting to DNSSEC signature verify
2011-09-08 12:14:06 -07:00
c104ee05b8
documentation updates
2011-09-08 19:25:45 +02:00
6034016b29
tweak the documentation a bit
2011-09-08 08:30:17 +02:00
7897c8f088
Add RSASHA1NSEC3SHA1 alg
...
From Taral <taralx@gmail.com>
2011-09-08 08:26:40 +02:00
4671072027
Error handling
...
Handle semantic errors in the input stream.
Try to use Ragel's error handling when seeing a non-supported
class. This does not work yet.
2011-07-24 17:08:33 +02:00
da0603089a
gofmt -w
2011-07-23 23:43:43 +02:00
9b1e7b4b3d
documentation
...
make Str_rr and Str_class private, prolly only needed
for parsing
2011-07-23 23:15:40 +02:00
fd0064c805
Parsings works - clean up the tests
...
RR_DNSKEY has now a
* Read (to read an RR)
* ReadPrivateKey (to read an private key file)
Together you have enough data to sign and verify DNSSEC data.
I'm thinking about a better API, but I think one will emerge
whenever I complete the zone parsin.
2011-07-17 20:51:27 +02:00
4c26df63ba
Drop the Alg and Hash prefixes
2011-07-08 17:27:44 +02:00
b84e27535c
More ECC updates - we should be able to sign
2011-07-08 14:51:40 +02:00
ad5b59c09d
Prepare ecdsa signing/verification
2011-07-08 11:40:32 +02:00
e73c759491
More curve updates
2011-07-08 11:08:31 +02:00
328931d079
implement (part of) ecdsa256/384
2011-07-08 10:41:07 +02:00
582766d6fe
Tweaks preparing for ECC
2011-07-07 11:19:57 +02:00
df10cc187e
Add the new hashes
2011-07-07 10:00:42 +02:00
7cc28a94e9
Fix funkensturm signing
...
make LabelCount public account.
2011-07-06 21:50:23 +02:00
ffd7a5acb6
documentation
2011-03-30 15:44:28 +02:00
8a4647ec22
documentation
2011-03-30 15:35:49 +02:00
f44bf2d656
Formatting
2011-03-24 09:24:24 +01:00
d8d4d000bc
Fix test and robustness
2011-03-24 09:02:19 +01:00
3af023bda9
Use bufio.Reader in private key reading
2011-03-23 16:10:15 +01:00
bc4d7ed748
add this example too
2011-03-22 09:13:25 +01:00
50ecc8d2a6
the comments
2011-03-15 19:41:28 +01:00
115309962a
Add const for KSK/ZSK and REVOKE
2011-03-03 11:45:33 +01:00
2b5a97570a
Made a start with ixfr
2011-02-24 21:44:55 +01:00
98e4b33cb5
formatting and documentation
2011-02-24 16:22:14 +01:00
71b860e0d3
comment updates
2011-02-24 15:31:58 +01:00
266ed16e72
refactor the rrset to signedata function
2011-02-24 15:29:36 +01:00
9ea988d5fa
doc update
2011-02-11 22:21:41 +01:00
1e111c9571
Make it work with the new Go release
2011-02-02 09:05:25 +01:00
8fbcb3e408
loose the dns. prefix
2011-01-27 20:43:55 +01:00
bc53ca75e1
some buf sizes
2011-01-27 20:30:16 +01:00
f934968d00
remove printlns
2011-01-27 20:24:58 +01:00
13574b6c97
use DefaultMsgSize
2011-01-27 09:38:52 +01:00
0e0c6fd024
use DefaultMsgSize
2011-01-27 09:38:30 +01:00
d9dfd913a7
documentation updates
2011-01-27 09:29:11 +01:00
7e1f9490f2
Cert RR added
...
PubKey is named PublicKey in the RR_DNSKEY
2011-01-25 13:57:54 +01:00
fc0ffa20f7
Not possible to create keytag from privkey alone
2011-01-18 11:43:08 +01:00
68e0e0b1be
Set the algorithm too in the test
2011-01-18 11:34:48 +01:00
3df903d6e6
Small signing tweaks
...
* Get more info from the rrset your are signing
* Still todo, calculate publickey and keytag etc.
2011-01-18 11:25:47 +01:00
9eea4682fd
Fix documentation
2011-01-17 21:10:48 +01:00
96a55dee9b
Less verbose tests
2011-01-17 20:29:40 +01:00
48cbf55a23
completely fix private key reading
2011-01-17 20:18:51 +01:00
1f6a221bd8
Private key completely works. Can read BIND9 files
2011-01-17 19:52:28 +01:00
ea08cb2d7b
Fix all exponent issues in rsa keys
2011-01-17 18:13:52 +01:00
2041cffcfc
Fix exp 65537 in RSA keys
2011-01-17 17:55:58 +01:00
d086722c36
Add rrset check function
2011-01-16 20:07:17 +01:00
2cfa45408d
trying to set the pubkey from the private key
2011-01-16 18:37:29 +01:00
54f158c23d
Helper functions for base64 encoding/decoding
2011-01-15 10:38:14 +01:00
15bf984f3f
LabelCount() made public and various other tweaks
2011-01-14 18:55:18 +01:00
ab4a5b5477
Love interfaces
...
Using interfaces to make key.Generate and Sign much more generic
2011-01-14 18:25:36 +01:00
0c95585952
Signing works, dont know yet if it would validate
2011-01-14 13:22:24 +01:00
67230e9759
Fixed signing stuff (doesn't work yet)
...
Need a nice priv-key representation to make it all work
2011-01-14 12:10:54 +01:00
a60238bdde
Remove unwanted wire conversion functions
2011-01-14 11:57:28 +01:00
728b575b60
Make signing a method of DNSKEY
2011-01-13 17:14:14 +01:00
4f8537dde2
incorp. in the main dns package
2011-01-09 20:00:37 +01:00
42ce4d3085
Fix tsig -- needs testing
2011-01-09 15:54:23 +01:00
19edd05274
Fold dnssec back into dns
...
It is more natural. Otherwise tsig and tkey needed to be
put in their own packages
2011-01-09 10:31:23 +01:00
15dd65171b
Split the package in multiple packages
...
dns - the standard rrtypes and such
dnssec - validation, keytag calculation, etc
resolver - for talking to servers
2010-12-30 13:42:52 +01:00
bc624181dc
More dnssec stuff added
2010-12-30 09:24:40 +01:00
ac43aed00f
Extracted the pubkey from a DNSKEY record
2010-12-29 16:34:53 +01:00
504ab27f6f
en weer terug
2010-12-29 16:12:01 +01:00
de5b30f781
zo dan
2010-12-29 16:11:23 +01:00
5ced9e2152
almost ready for DNSSEC validation
...
only need call the crypto/rsa func
2010-12-28 14:57:30 +01:00
0cea39ac49
Second stab a DNSSEC validation
...
- still need: sorting, numOfLabels, wildcard handling
2010-12-28 10:40:20 +01:00
e339e8bce6
more tests
2010-12-28 10:17:27 +01:00
c1d45f507e
First stab at DNSSEC validation
2010-12-28 09:49:45 +01:00
4ed14b9785
More cleansup and robustness
...
* make the resolver more robust
* more dnssec functions
2010-12-28 09:41:54 +01:00
8dbefdd3f1
Add key2ds conversion
...
More DNSSEC pieces are coming together
2010-12-27 13:56:58 +01:00
36b181f65a
Add keytag calculation
...
Still slow, but it is working. Added testcase for this too
2010-12-27 12:49:48 +01:00
830b2eae29
add hex encoding for DS record
...
* some more edns finishing touches
2010-12-27 09:58:45 +01:00
b634118257
add function prototype for to be implemented functions
2010-12-25 13:13:32 +01:00
70552b49ca
More stuff added, first stab at using hashing functions
2010-12-25 11:43:12 +01:00
65caf6f891
Documentation!
...
Make the packet documentation much nicer.
2010-12-25 11:14:11 +01:00
fd9afcb44d
Add signature helper function
...
Do this in dnssec.go so that all DNSSEC stuff in contained
in that file.
Add testing too
2010-12-24 11:50:42 +01:00
92d09fcfc1
prepare stuff for DNSSEC
2010-12-24 10:59:15 +01:00
Miek Gieben
Taral