From 000fa94ae2374380b3bee7ad55b3aac147af1e3c Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Tue, 22 May 2018 12:44:13 +0200 Subject: [PATCH] Sync ldns & utils with unbound --- src/gldns/import.sh | 6 +++--- src/gldns/keyraw.c | 29 +++++++++++++++++++++++++++++ src/gldns/keyraw.h | 9 +++++++++ src/gldns/str2wire.c | 13 ++++++++++++- src/gldns/wire2str.c | 15 ++++++++++++--- src/util/val_secalgo.c | 16 +++++++++++++++- 6 files changed, 80 insertions(+), 8 deletions(-) diff --git a/src/gldns/import.sh b/src/gldns/import.sh index ce85339c..88fcfff4 100755 --- a/src/gldns/import.sh +++ b/src/gldns/import.sh @@ -16,8 +16,8 @@ then mv sbuffer.h gbuffer.h mv sbuffer.c gbuffer.c else - svn co http://unbound.net/svn/trunk/ldns/ - for f in ldns/*.[ch] + svn co http://unbound.net/svn/trunk/sldns/ + for f in sldns/*.[ch] do sed -e 's/sldns_/gldns_/g' \ -e 's/LDNS_/GLDNS_/g' \ @@ -27,5 +27,5 @@ else done mv sbuffer.h gbuffer.h mv sbuffer.c gbuffer.c - rm -r ldns + rm -fr sldns fi diff --git a/src/gldns/keyraw.c b/src/gldns/keyraw.c index 365d6a0e..ed8188c8 100644 --- a/src/gldns/keyraw.c +++ b/src/gldns/keyraw.c @@ -89,6 +89,14 @@ gldns_rr_dnskey_key_size_raw(const unsigned char* keydata, return 256; case GLDNS_ECDSAP384SHA384: return 384; +#endif +#ifdef USE_ED25519 + case GLDNS_ED25519: + return 256; +#endif +#ifdef USE_ED448 + case GLDNS_ED448: + return 456; #endif default: return 0; @@ -409,6 +417,27 @@ gldns_ed255192pkey_raw(const unsigned char* key, size_t keylen) } #endif /* USE_ED25519 */ +#ifdef USE_ED448 +EVP_PKEY* +gldns_ed4482pkey_raw(const unsigned char* key, size_t keylen) +{ + /* ASN1 for ED448 is 3043300506032b6571033a00 <57byteskey> */ + uint8_t pre[] = {0x30, 0x43, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, + 0x71, 0x03, 0x3a, 0x00}; + int pre_len = 12; + uint8_t buf[256]; + EVP_PKEY *evp_key; + /* pp gets modified by d2i() */ + const unsigned char* pp = (unsigned char*)buf; + if(keylen != 57 || keylen + pre_len > sizeof(buf)) + return NULL; /* wrong length */ + memmove(buf, pre, pre_len); + memmove(buf+pre_len, key, keylen); + evp_key = d2i_PUBKEY(NULL, &pp, (int)(pre_len+keylen)); + return evp_key; +} +#endif /* USE_ED448 */ + int gldns_digest_evp(unsigned char* data, unsigned int len, unsigned char* dest, const EVP_MD* md) diff --git a/src/gldns/keyraw.h b/src/gldns/keyraw.h index 3d19e96f..a847887c 100644 --- a/src/gldns/keyraw.h +++ b/src/gldns/keyraw.h @@ -101,6 +101,15 @@ RSA *gldns_key_buf2rsa_raw(unsigned char* key, size_t len); */ EVP_PKEY* gldns_ed255192pkey_raw(const unsigned char* key, size_t len); +/** + * Converts a holding buffer with key material to EVP PKEY in openssl. + * Only available if ldns was compiled with ED448. + * \param[in] key the uncompressed wireformat of the key. + * \param[in] len length of key data + * \return the key or NULL on error. + */ +EVP_PKEY* gldns_ed4482pkey_raw(const unsigned char* key, size_t len); + /** * Utility function to calculate hash using generic EVP_MD pointer. * \param[in] data the data to hash. diff --git a/src/gldns/str2wire.c b/src/gldns/str2wire.c index 8ce4b06d..26c2ea6f 100644 --- a/src/gldns/str2wire.c +++ b/src/gldns/str2wire.c @@ -1225,6 +1225,17 @@ int gldns_str2wire_b32_ext_buf(const char* str, uint8_t* rd, size_t* len) return GLDNS_WIREPARSE_ERR_OK; } +/** see if the string ends, or ends in whitespace */ +static int +gldns_is_last_of_string(const char* str) +{ + if(*str == 0) return 1; + while(isspace((unsigned char)*str)) + str++; + if(*str == 0) return 1; + return 0; +} + int gldns_str2wire_hex_buf(const char* str, uint8_t* rd, size_t* len) { const char* s = str; @@ -1234,7 +1245,7 @@ int gldns_str2wire_hex_buf(const char* str, uint8_t* rd, size_t* len) s++; continue; } - if(dlen == 0 && *s == '0' && *(s+1) == 0) { + if(dlen == 0 && *s == '0' && gldns_is_last_of_string(s+1)) { *len = 0; return GLDNS_WIREPARSE_ERR_OK; } diff --git a/src/gldns/wire2str.c b/src/gldns/wire2str.c index 0cba52cf..54e336d8 100644 --- a/src/gldns/wire2str.c +++ b/src/gldns/wire2str.c @@ -1065,7 +1065,11 @@ int gldns_wire2str_tsigtime_scan(uint8_t** d, size_t* dl, char** s, size_t* sl) d4 = (*d)[4]; d5 = (*d)[5]; tsigtime = (d0<<40) | (d1<<32) | (d2<<24) | (d3<<16) | (d4<<8) | d5; - w = gldns_str_print(s, sl, "%"PRIu64, (uint64_t)tsigtime); +#ifndef USE_WINSOCK + w = gldns_str_print(s, sl, "%llu", (long long)tsigtime); +#else + w = gldns_str_print(s, sl, "%I64u", (long long)tsigtime); +#endif (*d)+=6; (*dl)-=6; return w; @@ -1752,8 +1756,13 @@ int gldns_wire2str_edns_llq_print(char** s, size_t* sl, uint8_t* data, if(error_code < llq_errors_num) w += gldns_str_print(s, sl, " %s", llq_errors[error_code]); else w += gldns_str_print(s, sl, " error %d", (int)error_code); - w += gldns_str_print(s, sl, " id %"PRIx64" lease-life %lu", - (uint64_t)llq_id, (unsigned long)lease_life); +#ifndef USE_WINSOCK + w += gldns_str_print(s, sl, " id %llx lease-life %lu", + (unsigned long long)llq_id, (unsigned long)lease_life); +#else + w += gldns_str_print(s, sl, " id %I64x lease-life %lu", + (unsigned long long)llq_id, (unsigned long)lease_life); +#endif return w; } diff --git a/src/util/val_secalgo.c b/src/util/val_secalgo.c index 7f5c5181..95200a48 100644 --- a/src/util/val_secalgo.c +++ b/src/util/val_secalgo.c @@ -231,7 +231,10 @@ dnskey_algo_id_is_supported(int id) #ifdef USE_ED25519 case LDNS_ED25519: #endif -#if (defined(HAVE_EVP_SHA256) && defined(USE_SHA2)) || (defined(HAVE_EVP_SHA512) && defined(USE_SHA2)) || defined(USE_ECDSA) +#ifdef USE_ED448 + case LDNS_ED448: +#endif +#if (defined(HAVE_EVP_SHA256) && defined(USE_SHA2)) || (defined(HAVE_EVP_SHA512) && defined(USE_SHA2)) || defined(USE_ECDSA) || defined(USE_ED25519) || defined(USE_ED448) return 1; #endif @@ -569,6 +572,17 @@ setup_key_digest(int algo, EVP_PKEY** evp_key, const EVP_MD** digest_type, *digest_type = NULL; break; #endif /* USE_ED25519 */ +#ifdef USE_ED448 + case LDNS_ED448: + *evp_key = sldns_ed4482pkey_raw(key, keylen); + if(!*evp_key) { + verbose(VERB_QUERY, "verify: " + "sldns_ed4482pkey_raw failed"); + return 0; + } + *digest_type = NULL; + break; +#endif /* USE_ED448 */ default: verbose(VERB_QUERY, "verify: unknown algorithm %d", algo);