4 * contains the cryptographic function needed for DNSSEC in ldns
5 * The crypto library used is openssl
7 * (c) NLnet Labs, 2004-2008
9 * See the file LICENSE for the license
12 #include <ldns/config.h>
14 #include <ldns/ldns.h>
15 #include <ldns/dnssec.h>
21 #include <openssl/ssl.h>
22 #include <openssl/evp.h>
23 #include <openssl/rand.h>
24 #include <openssl/err.h>
25 #include <openssl/md5.h>
29 ldns_dnssec_get_rrsig_for_name_and_type(const ldns_rdf *name,
30 const ldns_rr_type type,
31 const ldns_rr_list *rrs)
40 for (i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
41 candidate = ldns_rr_list_rr(rrs, i);
42 if (ldns_rr_get_type(candidate) == LDNS_RR_TYPE_RRSIG) {
43 if (ldns_dname_compare(ldns_rr_owner(candidate),
45 ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(candidate))
57 ldns_dnssec_get_dnskey_for_rrsig(const ldns_rr *rrsig,
58 const ldns_rr_list *rrs)
67 for (i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
68 candidate = ldns_rr_list_rr(rrs, i);
69 if (ldns_rr_get_type(candidate) == LDNS_RR_TYPE_DNSKEY) {
70 if (ldns_dname_compare(ldns_rr_owner(candidate),
71 ldns_rr_rrsig_signame(rrsig)) == 0 &&
72 ldns_rdf2native_int16(ldns_rr_rrsig_keytag(rrsig)) ==
73 ldns_calc_keytag(candidate)
84 ldns_nsec_get_bitmap(ldns_rr *nsec) {
85 if (ldns_rr_get_type(nsec) == LDNS_RR_TYPE_NSEC) {
86 return ldns_rr_rdf(nsec, 1);
87 } else if (ldns_rr_get_type(nsec) == LDNS_RR_TYPE_NSEC3) {
88 return ldns_rr_rdf(nsec, 5);
94 /*return the owner name of the closest encloser for name from the list of rrs */
95 /* this is NOT the hash, but the original name! */
97 ldns_dnssec_nsec3_closest_encloser(ldns_rdf *qname,
98 ATTR_UNUSED(ldns_rr_type qtype),
101 /* remember parameters, they must match */
107 ldns_rdf *sname, *hashed_sname, *tmp;
111 bool exact_match_found;
119 ldns_rdf *result = NULL;
122 if (!qname || !nsec3s || ldns_rr_list_rr_count(nsec3s) < 1) {
126 nsec = ldns_rr_list_rr(nsec3s, 0);
127 algorithm = ldns_nsec3_algorithm(nsec);
128 salt_length = ldns_nsec3_salt_length(nsec);
129 salt = ldns_nsec3_salt_data(nsec);
130 iterations = ldns_nsec3_iterations(nsec);
132 sname = ldns_rdf_clone(qname);
137 zone_name = ldns_dname_left_chop(ldns_rr_owner(nsec));
139 /* algorithm from nsec3-07 8.3 */
140 while (ldns_dname_label_count(sname) > 0) {
141 exact_match_found = false;
142 in_range_found = false;
144 hashed_sname = ldns_nsec3_hash_name(sname,
150 status = ldns_dname_cat(hashed_sname, zone_name);
151 if(status != LDNS_STATUS_OK) {
153 ldns_rdf_deep_free(zone_name);
154 ldns_rdf_deep_free(sname);
158 for (nsec_i = 0; nsec_i < ldns_rr_list_rr_count(nsec3s); nsec_i++) {
159 nsec = ldns_rr_list_rr(nsec3s, nsec_i);
161 /* check values of iterations etc! */
164 if (ldns_dname_compare(ldns_rr_owner(nsec), hashed_sname) == 0) {
165 exact_match_found = true;
166 } else if (ldns_nsec_covers_name(nsec, hashed_sname)) {
167 in_range_found = true;
171 if (!exact_match_found && in_range_found) {
173 } else if (exact_match_found && flag) {
174 result = ldns_rdf_clone(sname);
175 /* RFC 5155: 8.3. 2.** "The proof is complete" */
176 ldns_rdf_deep_free(hashed_sname);
178 } else if (exact_match_found && !flag) {
180 ldns_rdf_deep_free(hashed_sname);
186 ldns_rdf_deep_free(hashed_sname);
188 sname = ldns_dname_left_chop(sname);
189 ldns_rdf_deep_free(tmp);
194 ldns_rdf_deep_free(zone_name);
195 ldns_rdf_deep_free(sname);
201 ldns_dnssec_pkt_has_rrsigs(const ldns_pkt *pkt)
204 for (i = 0; i < ldns_pkt_ancount(pkt); i++) {
205 if (ldns_rr_get_type(ldns_rr_list_rr(ldns_pkt_answer(pkt), i)) ==
206 LDNS_RR_TYPE_RRSIG) {
210 for (i = 0; i < ldns_pkt_nscount(pkt); i++) {
211 if (ldns_rr_get_type(ldns_rr_list_rr(ldns_pkt_authority(pkt), i)) ==
212 LDNS_RR_TYPE_RRSIG) {
220 ldns_dnssec_pkt_get_rrsigs_for_name_and_type(const ldns_pkt *pkt,
226 ldns_rr_list *sigs_covered;
229 sigs = ldns_pkt_rr_list_by_name_and_type(pkt,
232 LDNS_SECTION_ANY_NOQUESTION
235 t_netorder = htons(type); /* rdf are in network order! */
236 rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE, LDNS_RDF_SIZE_WORD, &t_netorder);
237 sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0);
239 ldns_rdf_free(rdf_t);
240 ldns_rr_list_deep_free(sigs);
247 ldns_dnssec_pkt_get_rrsigs_for_type(const ldns_pkt *pkt, ldns_rr_type type)
251 ldns_rr_list *sigs_covered;
254 sigs = ldns_pkt_rr_list_by_type(pkt,
256 LDNS_SECTION_ANY_NOQUESTION
259 t_netorder = htons(type); /* rdf are in network order! */
260 rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE,
263 sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0);
265 ldns_rdf_free(rdf_t);
266 ldns_rr_list_deep_free(sigs);
272 /* used only on the public key RR */
274 ldns_calc_keytag(const ldns_rr *key)
284 if (ldns_rr_get_type(key) != LDNS_RR_TYPE_DNSKEY &&
285 ldns_rr_get_type(key) != LDNS_RR_TYPE_KEY
290 /* rdata to buf - only put the rdata in a buffer */
291 keybuf = ldns_buffer_new(LDNS_MIN_BUFLEN); /* grows */
295 (void)ldns_rr_rdata2buffer_wire(keybuf, key);
296 /* the current pos in the buffer is the keysize */
297 keysize= ldns_buffer_position(keybuf);
299 ac16 = ldns_calc_keytag_raw(ldns_buffer_begin(keybuf), keysize);
300 ldns_buffer_free(keybuf);
304 uint16_t ldns_calc_keytag_raw(uint8_t* key, size_t keysize)
313 /* look at the algorithm field, copied from 2535bis */
314 if (key[3] == LDNS_RSAMD5) {
317 memmove(&ac16, key + keysize - 3, 2);
320 return (uint16_t) ac16;
323 for (i = 0; (size_t)i < keysize; ++i) {
324 ac32 += (i & 1) ? key[i] : key[i] << 8;
326 ac32 += (ac32 >> 16) & 0xFFFF;
327 return (uint16_t) (ac32 & 0xFFFF);
333 ldns_key_buf2dsa(ldns_buffer *key)
335 return ldns_key_buf2dsa_raw((unsigned char*)ldns_buffer_begin(key),
336 ldns_buffer_position(key));
340 ldns_key_buf2dsa_raw(unsigned char* key, size_t len)
346 BIGNUM *Q; BIGNUM *P;
347 BIGNUM *G; BIGNUM *Y;
352 length = (64 + T * 8);
358 if(len < (size_t)1 + SHA_DIGEST_LENGTH + 3*length)
361 Q = BN_bin2bn(key+offset, SHA_DIGEST_LENGTH, NULL);
362 offset += SHA_DIGEST_LENGTH;
364 P = BN_bin2bn(key+offset, (int)length, NULL);
367 G = BN_bin2bn(key+offset, (int)length, NULL);
370 Y = BN_bin2bn(key+offset, (int)length, NULL);
373 /* create the key and set its properties */
374 if(!Q || !P || !G || !Y || !(dsa = DSA_new())) {
392 ldns_key_buf2rsa(ldns_buffer *key)
394 return ldns_key_buf2rsa_raw((unsigned char*)ldns_buffer_begin(key),
395 ldns_buffer_position(key));
399 ldns_key_buf2rsa_raw(unsigned char* key, size_t len)
413 /* need some smart comment here XXX*/
414 /* the exponent is too large so it's places
416 memmove(&int16, key+1, 2);
424 /* key length at least one */
425 if(len < (size_t)offset + exp + 1)
430 if(!exponent) return NULL;
431 (void) BN_bin2bn(key+offset, (int)exp, exponent);
440 /* length of the buffer must match the key length! */
441 (void) BN_bin2bn(key+offset, (int)(len - offset), modulus);
458 ldns_digest_evp(unsigned char* data, unsigned int len, unsigned char* dest,
462 ctx = EVP_MD_CTX_create();
465 if(!EVP_DigestInit_ex(ctx, md, NULL) ||
466 !EVP_DigestUpdate(ctx, data, len) ||
467 !EVP_DigestFinal_ex(ctx, dest, NULL)) {
468 EVP_MD_CTX_destroy(ctx);
471 EVP_MD_CTX_destroy(ctx);
474 #endif /* HAVE_SSL */
477 ldns_key_rr2ds(const ldns_rr *key, ldns_hash h)
484 ldns_buffer *data_buf;
486 const EVP_MD* md = NULL;
489 if (ldns_rr_get_type(key) != LDNS_RR_TYPE_DNSKEY) {
497 ldns_rr_set_type(ds, LDNS_RR_TYPE_DS);
498 ldns_rr_set_owner(ds, ldns_rdf_clone(
499 ldns_rr_owner(key)));
500 ldns_rr_set_ttl(ds, ldns_rr_ttl(key));
501 ldns_rr_set_class(ds, ldns_rr_get_class(key));
506 digest = LDNS_XMALLOC(uint8_t, LDNS_SHA1_DIGEST_LENGTH);
513 digest = LDNS_XMALLOC(uint8_t, LDNS_SHA256_DIGEST_LENGTH);
521 (void)ldns_key_EVP_load_gost_id();
522 md = EVP_get_digestbyname("md_gost94");
527 digest = LDNS_XMALLOC(uint8_t, EVP_MD_size(md));
534 /* not implemented */
539 /* Make similar ``not implemented'' construct as above when
540 draft-hoffman-dnssec-ecdsa-04 becomes a standard
543 digest = LDNS_XMALLOC(uint8_t, SHA384_DIGEST_LENGTH);
552 data_buf = ldns_buffer_new(LDNS_MAX_PACKETLEN);
560 keytag = htons(ldns_calc_keytag((ldns_rr*)key));
561 tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT16,
564 ldns_rr_push_rdf(ds, tmp);
566 /* copy the algorithm field */
567 if ((tmp = ldns_rr_rdf(key, 2)) == NULL) {
569 ldns_buffer_free(data_buf);
573 ldns_rr_push_rdf(ds, ldns_rdf_clone( tmp ));
576 /* digest hash type */
577 sha1hash = (uint8_t)h;
578 tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT8,
581 ldns_rr_push_rdf(ds, tmp);
585 tmp = ldns_rdf_clone(ldns_rr_owner(key));
586 ldns_dname2canonical(tmp);
587 if (ldns_rdf2buffer_wire(data_buf, tmp) != LDNS_STATUS_OK) {
589 ldns_buffer_free(data_buf);
591 ldns_rdf_deep_free(tmp);
594 ldns_rdf_deep_free(tmp);
596 /* all the rdata's */
597 if (ldns_rr_rdata2buffer_wire(data_buf,
598 (ldns_rr*)key) != LDNS_STATUS_OK) {
600 ldns_buffer_free(data_buf);
606 (void) ldns_sha1((unsigned char *) ldns_buffer_begin(data_buf),
607 (unsigned int) ldns_buffer_position(data_buf),
608 (unsigned char *) digest);
610 tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_HEX,
611 LDNS_SHA1_DIGEST_LENGTH,
613 ldns_rr_push_rdf(ds, tmp);
617 (void) ldns_sha256((unsigned char *) ldns_buffer_begin(data_buf),
618 (unsigned int) ldns_buffer_position(data_buf),
619 (unsigned char *) digest);
620 tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_HEX,
621 LDNS_SHA256_DIGEST_LENGTH,
623 ldns_rr_push_rdf(ds, tmp);
627 if(!ldns_digest_evp((unsigned char *) ldns_buffer_begin(data_buf),
628 (unsigned int) ldns_buffer_position(data_buf),
629 (unsigned char *) digest, md)) {
631 ldns_buffer_free(data_buf);
635 tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_HEX,
636 (size_t)EVP_MD_size(md),
638 ldns_rr_push_rdf(ds, tmp);
643 (void) SHA384((unsigned char *) ldns_buffer_begin(data_buf),
644 (unsigned int) ldns_buffer_position(data_buf),
645 (unsigned char *) digest);
646 tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_HEX,
647 SHA384_DIGEST_LENGTH,
649 ldns_rr_push_rdf(ds, tmp);
655 ldns_buffer_free(data_buf);
660 ldns_dnssec_create_nsec_bitmap(ldns_rr_type rr_type_list[],
662 ldns_rr_type nsec_type)
668 ldns_rdf *bitmap_rdf;
670 uint8_t *data = NULL;
671 uint8_t cur_data[32];
672 uint8_t cur_window = 0;
673 uint8_t cur_window_max = 0;
674 uint16_t cur_data_size = 0;
676 if (nsec_type != LDNS_RR_TYPE_NSEC &&
677 nsec_type != LDNS_RR_TYPE_NSEC3) {
682 for (i = 0; i < size; i++) {
683 if (i_type < rr_type_list[i])
684 i_type = rr_type_list[i];
686 if (i_type < nsec_type) {
690 bm_len = i_type / 8 + 2;
691 bitmap = LDNS_XMALLOC(uint8_t, bm_len);
692 if(!bitmap) return NULL;
693 for (i = 0; i < bm_len; i++) {
697 for (i = 0; i < size; i++) {
698 i_type = rr_type_list[i];
699 ldns_set_bit(bitmap + (int) i_type / 8,
700 (int) (7 - (i_type % 8)),
704 /* fold it into windows TODO: can this be done directly? */
705 memset(cur_data, 0, 32);
706 for (i = 0; i < bm_len; i++) {
707 if (i / 32 > cur_window) {
708 /* check, copy, new */
709 if (cur_window_max > 0) {
710 /* this window has stuff, add it */
711 data = LDNS_XREALLOC(data,
713 cur_data_size + cur_window_max + 3);
718 data[cur_data_size] = cur_window;
719 data[cur_data_size + 1] = cur_window_max + 1;
720 memcpy(data + cur_data_size + 2,
723 cur_data_size += cur_window_max + 3;
727 memset(cur_data, 0, 32);
729 cur_data[i%32] = bitmap[i];
731 cur_window_max = i%32;
734 if (cur_window_max > 0 || cur_data[0] != 0) {
735 /* this window has stuff, add it */
736 data = LDNS_XREALLOC(data,
738 cur_data_size + cur_window_max + 3);
743 data[cur_data_size] = cur_window;
744 data[cur_data_size + 1] = cur_window_max + 1;
745 memcpy(data + cur_data_size + 2, cur_data, cur_window_max+1);
746 cur_data_size += cur_window_max + 3;
749 bitmap_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_NSEC,
760 ldns_dnssec_rrsets_contains_type(ldns_dnssec_rrsets *rrsets,
763 ldns_dnssec_rrsets *cur_rrset = rrsets;
765 if (cur_rrset->type == type) {
768 cur_rrset = cur_rrset->next;
774 ldns_dnssec_create_nsec(ldns_dnssec_name *from,
775 ldns_dnssec_name *to,
776 ldns_rr_type nsec_type)
779 ldns_rr_type types[65536];
780 size_t type_count = 0;
781 ldns_dnssec_rrsets *cur_rrsets;
782 int on_delegation_point;
784 if (!from || !to || (nsec_type != LDNS_RR_TYPE_NSEC)) {
788 nsec_rr = ldns_rr_new();
789 ldns_rr_set_type(nsec_rr, nsec_type);
790 ldns_rr_set_owner(nsec_rr, ldns_rdf_clone(ldns_dnssec_name_name(from)));
791 ldns_rr_push_rdf(nsec_rr, ldns_rdf_clone(ldns_dnssec_name_name(to)));
793 on_delegation_point = ldns_dnssec_rrsets_contains_type(
794 from->rrsets, LDNS_RR_TYPE_NS)
795 && !ldns_dnssec_rrsets_contains_type(
796 from->rrsets, LDNS_RR_TYPE_SOA);
798 cur_rrsets = from->rrsets;
800 /* Do not include non-authoritative rrsets on the delegation point
801 * in the type bitmap */
802 if ((on_delegation_point && (
803 cur_rrsets->type == LDNS_RR_TYPE_NS
804 || cur_rrsets->type == LDNS_RR_TYPE_DS))
805 || (!on_delegation_point &&
806 cur_rrsets->type != LDNS_RR_TYPE_RRSIG
807 && cur_rrsets->type != LDNS_RR_TYPE_NSEC)) {
809 types[type_count] = cur_rrsets->type;
812 cur_rrsets = cur_rrsets->next;
815 types[type_count] = LDNS_RR_TYPE_RRSIG;
817 types[type_count] = LDNS_RR_TYPE_NSEC;
820 ldns_rr_push_rdf(nsec_rr, ldns_dnssec_create_nsec_bitmap(types,
828 ldns_dnssec_create_nsec3(ldns_dnssec_name *from,
829 ldns_dnssec_name *to,
838 ldns_rr_type types[65536];
839 size_t type_count = 0;
840 ldns_dnssec_rrsets *cur_rrsets;
842 int on_delegation_point;
850 nsec_rr = ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3);
851 ldns_rr_set_owner(nsec_rr,
852 ldns_nsec3_hash_name(ldns_dnssec_name_name(from),
857 status = ldns_dname_cat(ldns_rr_owner(nsec_rr), zone_name);
858 if(status != LDNS_STATUS_OK) {
859 ldns_rr_free(nsec_rr);
862 ldns_nsec3_add_param_rdfs(nsec_rr,
869 on_delegation_point = ldns_dnssec_rrsets_contains_type(
870 from->rrsets, LDNS_RR_TYPE_NS)
871 && !ldns_dnssec_rrsets_contains_type(
872 from->rrsets, LDNS_RR_TYPE_SOA);
873 cur_rrsets = from->rrsets;
875 /* Do not include non-authoritative rrsets on the delegation point
876 * in the type bitmap. Potentionally not skipping insecure
877 * delegation should have been done earlier, in function
878 * ldns_dnssec_zone_create_nsec3s, or even earlier in:
879 * ldns_dnssec_zone_sign_nsec3_flg .
881 if ((on_delegation_point && (
882 cur_rrsets->type == LDNS_RR_TYPE_NS
883 || cur_rrsets->type == LDNS_RR_TYPE_DS))
884 || (!on_delegation_point &&
885 cur_rrsets->type != LDNS_RR_TYPE_RRSIG)) {
887 types[type_count] = cur_rrsets->type;
890 cur_rrsets = cur_rrsets->next;
892 /* always add rrsig type if this is not an unsigned
895 if (type_count > 0 &&
896 !(type_count == 1 && types[0] == LDNS_RR_TYPE_NS)) {
897 types[type_count] = LDNS_RR_TYPE_RRSIG;
901 /* leave next rdata empty if they weren't precomputed yet */
902 if (to && to->hashed_name) {
903 (void) ldns_rr_set_rdf(nsec_rr,
904 ldns_rdf_clone(to->hashed_name),
907 (void) ldns_rr_set_rdf(nsec_rr, NULL, 4);
910 ldns_rr_push_rdf(nsec_rr,
911 ldns_dnssec_create_nsec_bitmap(types,
913 LDNS_RR_TYPE_NSEC3));
919 ldns_create_nsec(ldns_rdf *cur_owner, ldns_rdf *next_owner, ldns_rr_list *rrs)
921 /* we do not do any check here - garbage in, garbage out */
923 /* the the start and end names - get the type from the
926 /* inefficient, just give it a name, a next name, and a list of rrs */
927 /* we make 1 big uberbitmap first, then windows */
928 /* todo: make something more efficient :) */
933 ldns_rr *nsec = NULL;
934 ldns_rr_type i_type_list[65536];
935 size_t type_count = 0;
937 nsec = ldns_rr_new();
938 ldns_rr_set_type(nsec, LDNS_RR_TYPE_NSEC);
939 ldns_rr_set_owner(nsec, ldns_rdf_clone(cur_owner));
940 ldns_rr_push_rdf(nsec, ldns_rdf_clone(next_owner));
942 for (i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
943 i_rr = ldns_rr_list_rr(rrs, i);
944 if (ldns_rdf_compare(cur_owner,
945 ldns_rr_owner(i_rr)) == 0) {
946 i_type = ldns_rr_get_type(i_rr);
947 if (i_type != LDNS_RR_TYPE_RRSIG && i_type != LDNS_RR_TYPE_NSEC) {
948 if (type_count == 0 || i_type_list[type_count-1] != i_type) {
949 i_type_list[type_count] = i_type;
956 i_type_list[type_count] = LDNS_RR_TYPE_RRSIG;
958 i_type_list[type_count] = LDNS_RR_TYPE_NSEC;
961 ldns_rr_push_rdf(nsec,
962 ldns_dnssec_create_nsec_bitmap(i_type_list,
963 type_count, LDNS_RR_TYPE_NSEC));
969 ldns_nsec3_hash_name(ldns_rdf *name,
975 size_t hashed_owner_str_len;
977 ldns_rdf *hashed_owner;
978 unsigned char *hashed_owner_str;
979 char *hashed_owner_b32;
980 size_t hashed_owner_b32_len;
982 /* define to contain the largest possible hash, which is
983 * sha1 at the moment */
984 unsigned char hash[LDNS_SHA1_DIGEST_LENGTH];
987 /* TODO: mnemonic list for hash algs SHA-1, default to 1 now (sha1) */
988 if (algorithm != LDNS_SHA1) {
992 /* prepare the owner name according to the draft section bla */
993 cann = ldns_rdf_clone(name);
995 fprintf(stderr, "Memory error\n");
998 ldns_dname2canonical(cann);
1000 hashed_owner_str_len = salt_length + ldns_rdf_size(cann);
1001 hashed_owner_str = LDNS_XMALLOC(unsigned char, hashed_owner_str_len);
1002 if(!hashed_owner_str) {
1003 ldns_rdf_deep_free(cann);
1006 memcpy(hashed_owner_str, ldns_rdf_data(cann), ldns_rdf_size(cann));
1007 memcpy(hashed_owner_str + ldns_rdf_size(cann), salt, salt_length);
1008 ldns_rdf_deep_free(cann);
1010 for (cur_it = iterations + 1; cur_it > 0; cur_it--) {
1011 (void) ldns_sha1((unsigned char *) hashed_owner_str,
1012 (unsigned int) hashed_owner_str_len, hash);
1014 LDNS_FREE(hashed_owner_str);
1015 hashed_owner_str_len = salt_length + LDNS_SHA1_DIGEST_LENGTH;
1016 hashed_owner_str = LDNS_XMALLOC(unsigned char, hashed_owner_str_len);
1017 if (!hashed_owner_str) {
1020 memcpy(hashed_owner_str, hash, LDNS_SHA1_DIGEST_LENGTH);
1021 memcpy(hashed_owner_str + LDNS_SHA1_DIGEST_LENGTH, salt, salt_length);
1022 hashed_owner_str_len = LDNS_SHA1_DIGEST_LENGTH + salt_length;
1025 LDNS_FREE(hashed_owner_str);
1026 hashed_owner_str = hash;
1027 hashed_owner_str_len = LDNS_SHA1_DIGEST_LENGTH;
1029 hashed_owner_b32 = LDNS_XMALLOC(char,
1030 ldns_b32_ntop_calculate_size(hashed_owner_str_len) + 1);
1031 if(!hashed_owner_b32) {
1034 hashed_owner_b32_len = (size_t) ldns_b32_ntop_extended_hex(
1035 (uint8_t *) hashed_owner_str,
1036 hashed_owner_str_len,
1038 ldns_b32_ntop_calculate_size(hashed_owner_str_len)+1);
1039 if (hashed_owner_b32_len < 1) {
1040 fprintf(stderr, "Error in base32 extended hex encoding ");
1041 fprintf(stderr, "of hashed owner name (name: ");
1042 ldns_rdf_print(stderr, name);
1043 fprintf(stderr, ", return code: %u)\n",
1044 (unsigned int) hashed_owner_b32_len);
1045 LDNS_FREE(hashed_owner_b32);
1048 hashed_owner_b32[hashed_owner_b32_len] = '\0';
1050 status = ldns_str2rdf_dname(&hashed_owner, hashed_owner_b32);
1051 if (status != LDNS_STATUS_OK) {
1052 fprintf(stderr, "Error creating rdf from %s\n", hashed_owner_b32);
1053 LDNS_FREE(hashed_owner_b32);
1057 LDNS_FREE(hashed_owner_b32);
1058 return hashed_owner;
1062 ldns_nsec3_add_param_rdfs(ldns_rr *rr,
1065 uint16_t iterations,
1066 uint8_t salt_length,
1069 ldns_rdf *salt_rdf = NULL;
1070 uint8_t *salt_data = NULL;
1073 old = ldns_rr_set_rdf(rr,
1074 ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT8,
1075 1, (void*)&algorithm),
1077 if (old) ldns_rdf_deep_free(old);
1079 old = ldns_rr_set_rdf(rr,
1080 ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT8,
1083 if (old) ldns_rdf_deep_free(old);
1085 old = ldns_rr_set_rdf(rr,
1086 ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16,
1089 if (old) ldns_rdf_deep_free(old);
1091 salt_data = LDNS_XMALLOC(uint8_t, salt_length + 1);
1093 /* no way to return error */
1096 salt_data[0] = salt_length;
1097 memcpy(salt_data + 1, salt, salt_length);
1098 salt_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_NSEC3_SALT,
1102 LDNS_FREE(salt_data);
1103 /* no way to return error */
1107 old = ldns_rr_set_rdf(rr, salt_rdf, 3);
1108 if (old) ldns_rdf_deep_free(old);
1109 LDNS_FREE(salt_data);
1113 rr_list_delegation_only(ldns_rdf *origin, ldns_rr_list *rr_list)
1117 if (!origin || !rr_list) return 0;
1118 for (i = 0; i < ldns_rr_list_rr_count(rr_list); i++) {
1119 cur_rr = ldns_rr_list_rr(rr_list, i);
1120 if (ldns_dname_compare(ldns_rr_owner(cur_rr), origin) == 0) {
1123 if (ldns_rr_get_type(cur_rr) != LDNS_RR_TYPE_NS) {
1130 /* this will NOT return the NSEC3 completed, you will have to run the
1131 finalize function on the rrlist later! */
1133 ldns_create_nsec3(ldns_rdf *cur_owner,
1138 uint16_t iterations,
1139 uint8_t salt_length,
1141 bool emptynonterminal)
1147 ldns_rr *nsec = NULL;
1148 ldns_rdf *hashed_owner = NULL;
1152 ldns_rr_type i_type_list[1024];
1153 size_t type_count = 0;
1155 hashed_owner = ldns_nsec3_hash_name(cur_owner,
1160 status = ldns_dname_cat(hashed_owner, cur_zone);
1161 if(status != LDNS_STATUS_OK)
1164 nsec = ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3);
1167 ldns_rr_set_type(nsec, LDNS_RR_TYPE_NSEC3);
1168 ldns_rr_set_owner(nsec, hashed_owner);
1170 ldns_nsec3_add_param_rdfs(nsec,
1176 (void) ldns_rr_set_rdf(nsec, NULL, 4);
1179 for (i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
1180 i_rr = ldns_rr_list_rr(rrs, i);
1181 if (ldns_rdf_compare(cur_owner,
1182 ldns_rr_owner(i_rr)) == 0) {
1183 i_type = ldns_rr_get_type(i_rr);
1184 if (type_count == 0 || i_type_list[type_count-1] != i_type) {
1185 i_type_list[type_count] = i_type;
1191 /* add RRSIG anyway, but only if this is not an ENT or
1192 * an unsigned delegation */
1193 if (!emptynonterminal && !rr_list_delegation_only(cur_zone, rrs)) {
1194 i_type_list[type_count] = LDNS_RR_TYPE_RRSIG;
1198 /* and SOA if owner == zone */
1199 if (ldns_dname_compare(cur_zone, cur_owner) == 0) {
1200 i_type_list[type_count] = LDNS_RR_TYPE_SOA;
1204 ldns_rr_push_rdf(nsec,
1205 ldns_dnssec_create_nsec_bitmap(i_type_list,
1206 type_count, LDNS_RR_TYPE_NSEC3));
1212 ldns_nsec3_algorithm(const ldns_rr *nsec3_rr)
1215 (ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 ||
1216 ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3PARAM)
1217 && (ldns_rr_rdf(nsec3_rr, 0) != NULL)
1218 && ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 0)) > 0) {
1219 return ldns_rdf2native_int8(ldns_rr_rdf(nsec3_rr, 0));
1225 ldns_nsec3_flags(const ldns_rr *nsec3_rr)
1228 (ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 ||
1229 ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3PARAM)
1230 && (ldns_rr_rdf(nsec3_rr, 1) != NULL)
1231 && ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 1)) > 0) {
1232 return ldns_rdf2native_int8(ldns_rr_rdf(nsec3_rr, 1));
1238 ldns_nsec3_optout(const ldns_rr *nsec3_rr)
1240 return (ldns_nsec3_flags(nsec3_rr) & LDNS_NSEC3_VARS_OPTOUT_MASK);
1244 ldns_nsec3_iterations(const ldns_rr *nsec3_rr)
1247 (ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 ||
1248 ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3PARAM)
1249 && (ldns_rr_rdf(nsec3_rr, 2) != NULL)
1250 && ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 2)) > 0) {
1251 return ldns_rdf2native_int16(ldns_rr_rdf(nsec3_rr, 2));
1258 ldns_nsec3_salt(const ldns_rr *nsec3_rr)
1261 (ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 ||
1262 ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3PARAM)
1264 return ldns_rr_rdf(nsec3_rr, 3);
1270 ldns_nsec3_salt_length(const ldns_rr *nsec3_rr)
1272 ldns_rdf *salt_rdf = ldns_nsec3_salt(nsec3_rr);
1273 if (salt_rdf && ldns_rdf_size(salt_rdf) > 0) {
1274 return (uint8_t) ldns_rdf_data(salt_rdf)[0];
1279 /* allocs data, free with LDNS_FREE() */
1281 ldns_nsec3_salt_data(const ldns_rr *nsec3_rr)
1283 uint8_t salt_length;
1286 ldns_rdf *salt_rdf = ldns_nsec3_salt(nsec3_rr);
1287 if (salt_rdf && ldns_rdf_size(salt_rdf) > 0) {
1288 salt_length = ldns_rdf_data(salt_rdf)[0];
1289 salt = LDNS_XMALLOC(uint8_t, salt_length);
1290 if(!salt) return NULL;
1291 memcpy(salt, &ldns_rdf_data(salt_rdf)[1], salt_length);
1298 ldns_nsec3_next_owner(const ldns_rr *nsec3_rr)
1300 if (!nsec3_rr || ldns_rr_get_type(nsec3_rr) != LDNS_RR_TYPE_NSEC3) {
1303 return ldns_rr_rdf(nsec3_rr, 4);
1308 ldns_nsec3_bitmap(const ldns_rr *nsec3_rr)
1310 if (!nsec3_rr || ldns_rr_get_type(nsec3_rr) != LDNS_RR_TYPE_NSEC3) {
1313 return ldns_rr_rdf(nsec3_rr, 5);
1318 ldns_nsec3_hash_name_frm_nsec3(const ldns_rr *nsec, ldns_rdf *name)
1321 uint16_t iterations;
1322 uint8_t salt_length;
1325 ldns_rdf *hashed_owner;
1327 algorithm = ldns_nsec3_algorithm(nsec);
1328 salt_length = ldns_nsec3_salt_length(nsec);
1329 salt = ldns_nsec3_salt_data(nsec);
1330 iterations = ldns_nsec3_iterations(nsec);
1332 hashed_owner = ldns_nsec3_hash_name(name,
1339 return hashed_owner;
1343 ldns_nsec_bitmap_covers_type(const ldns_rdf *nsec_bitmap, ldns_rr_type type)
1345 uint8_t window_block_nr;
1346 uint8_t bitmap_length;
1352 if (nsec_bitmap == NULL) {
1355 data = ldns_rdf_data(nsec_bitmap);
1356 while(pos < ldns_rdf_size(nsec_bitmap)) {
1357 window_block_nr = data[pos];
1358 bitmap_length = data[pos + 1];
1361 for (bit_pos = 0; bit_pos < (bitmap_length) * 8; bit_pos++) {
1362 if (ldns_get_bit(&data[pos], bit_pos)) {
1363 cur_type = 256 * (uint16_t) window_block_nr + bit_pos;
1364 if (cur_type == type) {
1370 pos += (uint16_t) bitmap_length;
1376 ldns_nsec_covers_name(const ldns_rr *nsec, const ldns_rdf *name)
1378 ldns_rdf *nsec_owner = ldns_rr_owner(nsec);
1379 ldns_rdf *hash_next;
1380 char *next_hash_str;
1381 ldns_rdf *nsec_next = NULL;
1383 ldns_rdf *chopped_dname;
1386 if (ldns_rr_get_type(nsec) == LDNS_RR_TYPE_NSEC) {
1387 if (ldns_rr_rdf(nsec, 0) != NULL) {
1388 nsec_next = ldns_rdf_clone(ldns_rr_rdf(nsec, 0));
1392 } else if (ldns_rr_get_type(nsec) == LDNS_RR_TYPE_NSEC3) {
1393 hash_next = ldns_nsec3_next_owner(nsec);
1394 next_hash_str = ldns_rdf2str(hash_next);
1395 nsec_next = ldns_dname_new_frm_str(next_hash_str);
1396 LDNS_FREE(next_hash_str);
1397 chopped_dname = ldns_dname_left_chop(nsec_owner);
1398 status = ldns_dname_cat(nsec_next, chopped_dname);
1399 ldns_rdf_deep_free(chopped_dname);
1400 if (status != LDNS_STATUS_OK) {
1401 printf("error catting: %s\n", ldns_get_errorstr_by_id(status));
1404 ldns_rdf_deep_free(nsec_next);
1408 /* in the case of the last nsec */
1409 if(ldns_dname_compare(nsec_owner, nsec_next) > 0) {
1410 result = (ldns_dname_compare(nsec_owner, name) <= 0 ||
1411 ldns_dname_compare(name, nsec_next) < 0);
1413 result = (ldns_dname_compare(nsec_owner, name) <= 0 &&
1414 ldns_dname_compare(name, nsec_next) < 0);
1417 ldns_rdf_deep_free(nsec_next);
1422 /* sig may be null - if so look in the packet */
1424 ldns_pkt_verify(ldns_pkt *p, ldns_rr_type t, ldns_rdf *o,
1425 ldns_rr_list *k, ldns_rr_list *s, ldns_rr_list *good_keys)
1427 ldns_rr_list *rrset;
1429 ldns_rr_list *sigs_covered;
1431 ldns_rr_type t_netorder;
1434 return LDNS_STATUS_ERR;
1435 /* return LDNS_STATUS_CRYPTO_NO_DNSKEY; */
1438 if (t == LDNS_RR_TYPE_RRSIG) {
1439 /* we don't have RRSIG(RRSIG) (yet? ;-) ) */
1440 return LDNS_STATUS_ERR;
1444 /* if s is not NULL, the sigs are given to use */
1447 /* otherwise get them from the packet */
1448 sigs = ldns_pkt_rr_list_by_name_and_type(p, o, LDNS_RR_TYPE_RRSIG,
1449 LDNS_SECTION_ANY_NOQUESTION);
1452 return LDNS_STATUS_ERR;
1453 /* return LDNS_STATUS_CRYPTO_NO_RRSIG; */
1457 /* rrsig are subtyped, so now we need to find the correct
1458 * sigs for the type t
1460 t_netorder = htons(t); /* rdf are in network order! */
1461 /* a type identifier is a 16-bit number, so the size is 2 bytes */
1462 rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE,
1465 sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0);
1467 rrset = ldns_pkt_rr_list_by_name_and_type(p,
1470 LDNS_SECTION_ANY_NOQUESTION);
1473 return LDNS_STATUS_ERR;
1476 if (!sigs_covered) {
1477 return LDNS_STATUS_ERR;
1480 return ldns_verify(rrset, sigs, k, good_keys);
1482 #endif /* HAVE_SSL */
1485 ldns_dnssec_chain_nsec3_list(ldns_rr_list *nsec3_rrs)
1488 char *next_nsec_owner_str;
1489 ldns_rdf *next_nsec_owner_label;
1490 ldns_rdf *next_nsec_rdf;
1491 ldns_status status = LDNS_STATUS_OK;
1493 for (i = 0; i < ldns_rr_list_rr_count(nsec3_rrs); i++) {
1494 if (i == ldns_rr_list_rr_count(nsec3_rrs) - 1) {
1495 next_nsec_owner_label =
1496 ldns_dname_label(ldns_rr_owner(ldns_rr_list_rr(nsec3_rrs,
1498 next_nsec_owner_str = ldns_rdf2str(next_nsec_owner_label);
1499 if (next_nsec_owner_str[strlen(next_nsec_owner_str) - 1]
1501 next_nsec_owner_str[strlen(next_nsec_owner_str) - 1]
1504 status = ldns_str2rdf_b32_ext(&next_nsec_rdf,
1505 next_nsec_owner_str);
1506 if (!ldns_rr_set_rdf(ldns_rr_list_rr(nsec3_rrs, i),
1507 next_nsec_rdf, 4)) {
1511 ldns_rdf_deep_free(next_nsec_owner_label);
1512 LDNS_FREE(next_nsec_owner_str);
1514 next_nsec_owner_label =
1515 ldns_dname_label(ldns_rr_owner(ldns_rr_list_rr(nsec3_rrs,
1518 next_nsec_owner_str = ldns_rdf2str(next_nsec_owner_label);
1519 if (next_nsec_owner_str[strlen(next_nsec_owner_str) - 1]
1521 next_nsec_owner_str[strlen(next_nsec_owner_str) - 1]
1524 status = ldns_str2rdf_b32_ext(&next_nsec_rdf,
1525 next_nsec_owner_str);
1526 ldns_rdf_deep_free(next_nsec_owner_label);
1527 LDNS_FREE(next_nsec_owner_str);
1528 if (!ldns_rr_set_rdf(ldns_rr_list_rr(nsec3_rrs, i),
1529 next_nsec_rdf, 4)) {
1538 qsort_rr_compare_nsec3(const void *a, const void *b)
1540 const ldns_rr *rr1 = * (const ldns_rr **) a;
1541 const ldns_rr *rr2 = * (const ldns_rr **) b;
1542 if (rr1 == NULL && rr2 == NULL) {
1551 return ldns_rdf_compare(ldns_rr_owner(rr1), ldns_rr_owner(rr2));
1555 ldns_rr_list_sort_nsec3(ldns_rr_list *unsorted)
1557 qsort(unsorted->_rrs,
1558 ldns_rr_list_rr_count(unsorted),
1560 qsort_rr_compare_nsec3);
1564 ldns_dnssec_default_add_to_signatures(ldns_rr *sig, void *n)
1568 return LDNS_SIGNATURE_LEAVE_ADD_NEW;
1572 ldns_dnssec_default_leave_signatures(ldns_rr *sig, void *n)
1576 return LDNS_SIGNATURE_LEAVE_NO_ADD;
1580 ldns_dnssec_default_delete_signatures(ldns_rr *sig, void *n)
1584 return LDNS_SIGNATURE_REMOVE_NO_ADD;
1588 ldns_dnssec_default_replace_signatures(ldns_rr *sig, void *n)
1592 return LDNS_SIGNATURE_REMOVE_ADD_NEW;
1597 ldns_convert_dsa_rrsig_asn12rdf(const ldns_buffer *sig,
1600 ldns_rdf *sigdata_rdf;
1602 unsigned char *dsasig_data = (unsigned char*)ldns_buffer_begin(sig);
1605 dsasig = d2i_DSA_SIG(NULL,
1606 (const unsigned char **)&dsasig_data,
1609 DSA_SIG_free(dsasig);
1613 dsasig_data = LDNS_XMALLOC(unsigned char, 41);
1615 DSA_SIG_free(dsasig);
1619 byte_offset = (size_t) (20 - BN_num_bytes(dsasig->r));
1620 if (byte_offset > 20) {
1621 DSA_SIG_free(dsasig);
1622 LDNS_FREE(dsasig_data);
1625 memset(&dsasig_data[1], 0, byte_offset);
1626 BN_bn2bin(dsasig->r, &dsasig_data[1 + byte_offset]);
1627 byte_offset = (size_t) (20 - BN_num_bytes(dsasig->s));
1628 if (byte_offset > 20) {
1629 DSA_SIG_free(dsasig);
1630 LDNS_FREE(dsasig_data);
1633 memset(&dsasig_data[21], 0, byte_offset);
1634 BN_bn2bin(dsasig->s, &dsasig_data[21 + byte_offset]);
1636 sigdata_rdf = ldns_rdf_new(LDNS_RDF_TYPE_B64, 41, dsasig_data);
1638 LDNS_FREE(dsasig_data);
1640 DSA_SIG_free(dsasig);
1646 ldns_convert_dsa_rrsig_rdf2asn1(ldns_buffer *target_buffer,
1647 const ldns_rdf *sig_rdf)
1649 /* the EVP api wants the DER encoding of the signature... */
1652 unsigned char *raw_sig = NULL;
1655 if(ldns_rdf_size(sig_rdf) < 1 + 2*SHA_DIGEST_LENGTH)
1656 return LDNS_STATUS_SYNTAX_RDATA_ERR;
1657 /* extract the R and S field from the sig buffer */
1659 if(!R) return LDNS_STATUS_MEM_ERR;
1660 (void) BN_bin2bn((unsigned char *) ldns_rdf_data(sig_rdf) + 1,
1661 SHA_DIGEST_LENGTH, R);
1665 return LDNS_STATUS_MEM_ERR;
1667 (void) BN_bin2bn((unsigned char *) ldns_rdf_data(sig_rdf) + 21,
1668 SHA_DIGEST_LENGTH, S);
1670 dsasig = DSA_SIG_new();
1674 return LDNS_STATUS_MEM_ERR;
1680 raw_sig_len = i2d_DSA_SIG(dsasig, &raw_sig);
1681 if (raw_sig_len < 0) {
1682 DSA_SIG_free(dsasig);
1684 return LDNS_STATUS_SSL_ERR;
1686 if (ldns_buffer_reserve(target_buffer, (size_t) raw_sig_len)) {
1687 ldns_buffer_write(target_buffer, raw_sig, (size_t)raw_sig_len);
1690 DSA_SIG_free(dsasig);
1693 return ldns_buffer_status(target_buffer);
1699 ldns_convert_ecdsa_rrsig_asn12rdf(const ldns_buffer *sig, const long sig_len)
1701 ECDSA_SIG* ecdsa_sig;
1702 unsigned char *data = (unsigned char*)ldns_buffer_begin(sig);
1704 ecdsa_sig = d2i_ECDSA_SIG(NULL, (const unsigned char **)&data, sig_len);
1705 if(!ecdsa_sig) return NULL;
1708 data = LDNS_XMALLOC(unsigned char,
1709 BN_num_bytes(ecdsa_sig->r) + BN_num_bytes(ecdsa_sig->s));
1711 ECDSA_SIG_free(ecdsa_sig);
1714 BN_bn2bin(ecdsa_sig->r, data);
1715 BN_bn2bin(ecdsa_sig->s, data+BN_num_bytes(ecdsa_sig->r));
1716 rdf = ldns_rdf_new(LDNS_RDF_TYPE_B64, (size_t)(
1717 BN_num_bytes(ecdsa_sig->r) + BN_num_bytes(ecdsa_sig->s)), data);
1718 ECDSA_SIG_free(ecdsa_sig);
1723 ldns_convert_ecdsa_rrsig_rdf2asn1(ldns_buffer *target_buffer,
1724 const ldns_rdf *sig_rdf)
1728 long bnsize = (long)ldns_rdf_size(sig_rdf) / 2;
1729 /* if too short, or not even length, do not bother */
1730 if(bnsize < 16 || (size_t)bnsize*2 != ldns_rdf_size(sig_rdf))
1731 return LDNS_STATUS_ERR;
1733 /* use the raw data to parse two evenly long BIGNUMs, "r | s". */
1734 sig = ECDSA_SIG_new();
1735 if(!sig) return LDNS_STATUS_MEM_ERR;
1736 sig->r = BN_bin2bn((const unsigned char*)ldns_rdf_data(sig_rdf),
1738 sig->s = BN_bin2bn((const unsigned char*)ldns_rdf_data(sig_rdf)+bnsize,
1740 if(!sig->r || !sig->s) {
1741 ECDSA_SIG_free(sig);
1742 return LDNS_STATUS_MEM_ERR;
1745 raw_sig_len = i2d_ECDSA_SIG(sig, NULL);
1746 if (ldns_buffer_reserve(target_buffer, (size_t) raw_sig_len)) {
1747 unsigned char* pp = (unsigned char*)
1748 ldns_buffer_current(target_buffer);
1749 raw_sig_len = i2d_ECDSA_SIG(sig, &pp);
1750 ldns_buffer_skip(target_buffer, (ssize_t) raw_sig_len);
1752 ECDSA_SIG_free(sig);
1754 return ldns_buffer_status(target_buffer);
1757 #endif /* S_SPLINT_S */
1758 #endif /* USE_ECDSA */
1759 #endif /* HAVE_SSL */