mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 05:57:52 +00:00
Code Issues Releases Wiki Activity

Remove RSAMD5 support

Browse Source
This commit is contained in:
Ondřej Surý 2018-10-25 10:27:49 +02:00
parent 74f895740c
commit e69dc0dbc7
27 changed files with 98 additions and 242 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bin/dnssec/dnssec-cds.c
View File

@ -573,7 +573,7 @@ match_keyset_dsset(dns_rdataset_t *keyset, dns_rdataset_t *dsset,
ki->algo = dnskey.algorithm;
dns_rdata_toregion(keyrdata, &r);
ki->tag = dst_region_computeid(&r, ki->algo);
ki->tag = dst_region_computeid(&r);
ki->dst = NULL;
if (!match_key_dsset(ki, dsset, strictness)) {

26
bin/dnssec/dnssec-keyfromlabel.c
View File

@ -64,7 +64,7 @@ usage(void) {
fprintf(stderr, " name: owner of the key\n");
fprintf(stderr, "Other options:\n");
fprintf(stderr, " -a algorithm: \n"
" RSA | RSAMD5 | DH | RSASHA1 |\n"
" DH | RSASHA1 |\n"
" NSEC3RSASHA1 |\n"
" RSASHA256 | RSASHA512 |\n"
" ECDSAP256SHA256 | ECDSAP384SHA384\n");
@ -382,22 +382,14 @@ main(int argc, char **argv) {
fatal("no algorithm specified");
}
if (strcasecmp(algname, "RSA") == 0) {
fprintf(stderr, "The use of RSA (RSAMD5) is not "
"recommended.\nIf you still wish to "
"use RSA (RSAMD5) please specify "
"\"-a RSAMD5\"\n");
if (freeit != NULL)
free(freeit);
return (1);
} else {
r.base = algname;
r.length = strlen(algname);
ret = dns_secalg_fromtext(&alg, &r);
if (ret != ISC_R_SUCCESS)
fatal("unknown algorithm %s", algname);
if (alg == DST_ALG_DH)
options |= DST_TYPE_KEY;
r.base = algname;
r.length = strlen(algname);
ret = dns_secalg_fromtext(&alg, &r);
if (ret != ISC_R_SUCCESS) {
fatal("unknown algorithm %s", algname);
}
if (alg == DST_ALG_DH) {
options |= DST_TYPE_KEY;
}
if (use_nsec3) {

2
bin/dnssec/dnssec-keyfromlabel.docbook
View File

@ -105,7 +105,7 @@
<listitem>
<para>
Selects the cryptographic algorithm. The value of
<option>algorithm</option> must be one of RSAMD5, RSASHA1,
<option>algorithm</option> must be one of RSASHA1,
NSEC3RSASHA1, RSASHA256, RSASHA512,
ECDSAP256SHA256, ECDSAP384SHA384, ED25519 or ED448.
</para>

31
bin/dnssec/dnssec-keygen.c
View File

@ -79,14 +79,12 @@ usage(void) {
fprintf(stderr, "Options:\n");
fprintf(stderr, " -K <directory>: write keys into directory\n");
fprintf(stderr, " -a <algorithm>:\n");
fprintf(stderr, " RSA | RSAMD5 | RSASHA1 | NSEC3RSASHA1"
" |\n");
fprintf(stderr, " RSASHA1 | NSEC3RSASHA1 |\n");
fprintf(stderr, " RSASHA256 | RSASHA512 |\n");
fprintf(stderr, " ECDSAP256SHA256 | ECDSAP384SHA384 |\n");
fprintf(stderr, " ED25519 | ED448 | DH\n");
fprintf(stderr, " -3: use NSEC3-capable algorithm\n");
fprintf(stderr, " -b <key size in bits>:\n");
fprintf(stderr, " RSAMD5:\t[1024..%d]\n", MAX_RSA);
fprintf(stderr, " RSASHA1:\t[1024..%d]\n", MAX_RSA);
fprintf(stderr, " NSEC3RSASHA1:\t[1024..%d]\n", MAX_RSA);
fprintf(stderr, " RSASHA256:\t[1024..%d]\n", MAX_RSA);
@ -508,23 +506,14 @@ main(int argc, char **argv) {
fatal("no algorithm specified");
}
if (strcasecmp(algname, "RSA") == 0) {
fprintf(stderr, "The use of RSA (RSAMD5) is not "
"recommended.\nIf you still wish to "
"use RSA (RSAMD5) please specify "
"\"-a RSAMD5\"\n");
INSIST(freeit == NULL);
return (1);
} else {
r.base = algname;
r.length = strlen(algname);
ret = dns_secalg_fromtext(&alg, &r);
if (ret != ISC_R_SUCCESS) {
fatal("unknown algorithm %s", algname);
}
if (alg == DST_ALG_DH) {
options |= DST_TYPE_KEY;
}
r.base = algname;
r.length = strlen(algname);
ret = dns_secalg_fromtext(&alg, &r);
if (ret != ISC_R_SUCCESS) {
fatal("unknown algorithm %s", algname);
}
if (alg == DST_ALG_DH) {
options |= DST_TYPE_KEY;
}
if (!dst_algorithm_supported(alg)) {
@ -698,7 +687,6 @@ main(int argc, char **argv) {
}
switch (alg) {
case DNS_KEYALG_RSAMD5:
case DNS_KEYALG_RSASHA1:
case DNS_KEYALG_NSEC3RSASHA1:
case DNS_KEYALG_RSASHA256:
@ -780,7 +768,6 @@ main(int argc, char **argv) {
}
switch(alg) {
case DNS_KEYALG_RSAMD5:
case DNS_KEYALG_RSASHA1:
case DNS_KEYALG_NSEC3RSASHA1:
case DNS_KEYALG_RSASHA256:

2
bin/dnssec/dnssec-keygen.docbook
View File

@ -122,7 +122,7 @@
<listitem>
<para>
Selects the cryptographic algorithm. For DNSSEC keys, the value
of <option>algorithm</option> must be one of RSAMD5, RSASHA1,
of <option>algorithm</option> must be one of RSASHA1,
NSEC3RSASHA1, RSASHA256, RSASHA512,
ECDSAP256SHA256, ECDSAP384SHA384, ED25519 or ED448. For
TKEY, the value must be DH (Diffie Hellman); specifying

2
bin/dnssec/dnssec-revoke.c
View File

@ -239,7 +239,7 @@ main(int argc, char **argv) {
* Remove old key file, if told to (and if
* it isn't the same as the new file)
*/
if (removefile && dst_key_alg(key) != DST_ALG_RSAMD5) {
if (removefile) {
isc_buffer_init(&buf, oldname, sizeof(oldname));
dst_key_setflags(key, flags & ~DNS_KEYFLAG_REVOKE);
dst_key_buildfilename(key, DST_TYPE_PRIVATE, dir, &buf);

5
bin/named/server.c
View File

@ -777,8 +777,7 @@ dstkey_fromconfig(const cfg_obj_t *vconfig, const cfg_obj_t *key,
keystruct.datalen = r.length;
keystruct.data = r.base;
if ((keystruct.algorithm == DST_ALG_RSASHA1 ||
keystruct.algorithm == DST_ALG_RSAMD5) &&
if ((keystruct.algorithm == DST_ALG_RSASHA1) &&
r.length > 1 && r.base[0] == 1 && r.base[1] == 3)
cfg_obj_log(key, named_g_lctx, ISC_LOG_WARNING,
"%s key '%s' has a weak exponent",
@ -14911,7 +14910,7 @@ mkey_dumpzone(dns_view_t *view, isc_buffer_t **text) {
dns_rdata_toregion(&rdata, &r);
isc_region_consume(&r, 12);
keyid = dst_region_computeid(&r, kd.algorithm);
keyid = dst_region_computeid(&r);
snprintf(buf, sizeof(buf), "\n keyid: %u", keyid);
CHECK(putstr(text, buf));

9
bin/python/isc/policy.py.in
View File

@ -71,7 +71,7 @@ class PolicyLex:
return t
def t_ALGNAME(self, t):
r'(?i)\b(RSAMD5|DH|ECC|RSASHA1|NSEC3RSASHA1|RSASHA256|RSASHA512|ECDSAP256SHA256|ECDSAP384SHA384|ED25519|ED448)\b'
r'(?i)\b(DH|ECC|RSASHA1|NSEC3RSASHA1|RSASHA256|RSASHA512|ECDSAP256SHA256|ECDSAP384SHA384|ED25519|ED448)\b'
t.value = t.value.upper()
return t
@ -132,8 +132,7 @@ class Policy:
keyttl = None
coverage = None
directory = None
valid_key_sz_per_algo = {'RSAMD5': [1024, 4096],
'RSASHA1': [1024, 4096],
valid_key_sz_per_algo = {'RSASHA1': [1024, 4096],
'NSEC3RSASHA1': [512, 4096],
'RSASHA256': [1024, 4096],
'RSASHA512': [1024, 4096],
@ -322,10 +321,6 @@ class dnssec_policy:
# set default algorithm policies
# these can use default settings
self.alg_policy['RSAMD5'] = copy(p)
self.alg_policy['RSAMD5'].algorithm = "RSAMD5"
self.alg_policy['RSAMD5'].name = "RSAMD5"
self.alg_policy['RSASHA1'] = copy(p)
self.alg_policy['RSASHA1'].algorithm = "RSASHA1"
self.alg_policy['RSASHA1'].name = "RSASHA1"

2
lib/bind9/check.c
View File

@ -3132,7 +3132,7 @@ check_trusted_key(const cfg_obj_t *key, bool managed,
} else {
isc_buffer_usedregion(&b, &r);
if ((alg == DST_ALG_RSASHA1 || alg == DST_ALG_RSAMD5) &&
if ((alg == DST_ALG_RSASHA1) &&
r.length > 1 && r.base[0] == 1 && r.base[1] == 3)
cfg_obj_log(key, logctx, ISC_LOG_WARNING,
"%s key '%s' has a weak exponent",

2
lib/dns/ds.c
View File

@ -108,7 +108,7 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key,
ds.common.rdclass = key->rdclass;
ds.common.rdtype = dns_rdatatype_ds;
ds.algorithm = r.base[3];
ds.key_tag = dst_region_computeid(&r, ds.algorithm);
ds.key_tag = dst_region_computeid(&r);
ds.digest_type = digest_type;
ds.digest = digest;
ds.length = digestlen;

15
lib/dns/dst_api.c
View File

@ -143,8 +143,6 @@ dst_lib_init(isc_mem_t *mctx, const char *engine) {
RETERR(dst__openssl_init(mctx, engine));
RETERR(dst__openssldh_init(&dst_t_func[DST_ALG_DH]));
#if USE_OPENSSL
RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSAMD5],
DST_ALG_RSAMD5));
RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA1],
DST_ALG_RSASHA1));
RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_NSEC3RSASHA1],
@ -165,7 +163,6 @@ dst_lib_init(isc_mem_t *mctx, const char *engine) {
#if USE_PKCS11
RETERR(dst__pkcs11_init(mctx, engine));
RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSAMD5]));
RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSASHA1]));
RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_NSEC3RSASHA1]));
RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSASHA256]));
@ -643,8 +640,8 @@ dst_key_fromdns(const dns_name_t *name, dns_rdataclass_t rdclass,
proto = isc_buffer_getuint8(source);
alg = isc_buffer_getuint8(source);
id = dst_region_computeid(&r, alg);
rid = dst_region_computerid(&r, alg);
id = dst_region_computeid(&r);
rid = dst_region_computerid(&r);
if ((flags & DNS_KEYFLAG_EXTENDED) != 0) {
if (isc_buffer_remaininglength(source) < 2)
@ -986,8 +983,6 @@ comparekeys(const dst_key_t *key1, const dst_key_t *key2,
if (key1->key_id != key2->key_id) {
if (!match_revoked_key)
return (false);
if (key1->key_alg == DST_ALG_RSAMD5)
return (false);
if ((key1->key_flags & DNS_KEYFLAG_REVOKE) ==
(key2->key_flags & DNS_KEYFLAG_REVOKE))
return (false);
@ -1143,7 +1138,6 @@ dst_key_sigsize(const dst_key_t *key, unsigned int *n) {
/* XXXVIX this switch statement is too sparse to gen a jump table. */
switch (key->key_alg) {
case DST_ALG_RSAMD5:
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
case DST_ALG_RSASHA256:
@ -1473,7 +1467,6 @@ issymmetric(const dst_key_t *key) {
/* XXXVIX this switch statement is too sparse to gen a jump table. */
switch (key->key_alg) {
case DST_ALG_RSAMD5:
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
case DST_ALG_RSASHA256:
@ -1697,8 +1690,8 @@ computeid(dst_key_t *key) {
return (ret);
isc_buffer_usedregion(&dnsbuf, &r);
key->key_id = dst_region_computeid(&r, key->key_alg);
key->key_rid = dst_region_computerid(&r, key->key_alg);
key->key_id = dst_region_computeid(&r);
key->key_rid = dst_region_computerid(&r);
return (ISC_R_SUCCESS);
}

7
lib/dns/dst_parse.c
View File

@ -186,7 +186,7 @@ check_rsa(const dst_private_t *priv, bool external) {
for (j = 0; j < priv->nelements; j++) {
for (i = 0; i < RSA_NTAGS; i++)
if (priv->elements[j].tag == TAG(DST_ALG_RSAMD5, i))
if (priv->elements[j].tag == TAG(DST_ALG_RSA, i))
break;
if (i == RSA_NTAGS)
return (-1);
@ -336,7 +336,7 @@ check_data(const dst_private_t *priv, const unsigned int alg,
{
/* XXXVIX this switch statement is too sparse to gen a jump table. */
switch (alg) {
case DST_ALG_RSAMD5:
case DST_ALG_RSA:
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
case DST_ALG_RSASHA256:
@ -661,9 +661,6 @@ dst__privstruct_writefile(const dst_key_t *key, const dst_private_t *priv,
/* XXXVIX this switch statement is too sparse to gen a jump table. */
switch (dst_key_alg(key)) {
case DST_ALG_RSAMD5:
fprintf(fp, "(RSA)\n");
break;
case DST_ALG_DH:
fprintf(fp, "(DH)\n");
break;

22
lib/dns/dst_parse.h
View File

@ -44,18 +44,18 @@
#define TAG_ALG(tag) ((unsigned int)(tag) >> TAG_SHIFT)
#define TAG(alg, off) (((alg) << TAG_SHIFT) + (off))
/* These are used by both RSA-MD5 and RSA-SHA1 */
/* These are used by RSA-SHA1, RSASHA256 and RSASHA512 */
#define RSA_NTAGS 11
#define TAG_RSA_MODULUS ((DST_ALG_RSAMD5 << TAG_SHIFT) + 0)
#define TAG_RSA_PUBLICEXPONENT ((DST_ALG_RSAMD5 << TAG_SHIFT) + 1)
#define TAG_RSA_PRIVATEEXPONENT ((DST_ALG_RSAMD5 << TAG_SHIFT) + 2)
#define TAG_RSA_PRIME1 ((DST_ALG_RSAMD5 << TAG_SHIFT) + 3)
#define TAG_RSA_PRIME2 ((DST_ALG_RSAMD5 << TAG_SHIFT) + 4)
#define TAG_RSA_EXPONENT1 ((DST_ALG_RSAMD5 << TAG_SHIFT) + 5)
#define TAG_RSA_EXPONENT2 ((DST_ALG_RSAMD5 << TAG_SHIFT) + 6)
#define TAG_RSA_COEFFICIENT ((DST_ALG_RSAMD5 << TAG_SHIFT) + 7)
#define TAG_RSA_ENGINE ((DST_ALG_RSAMD5 << TAG_SHIFT) + 8)
#define TAG_RSA_LABEL ((DST_ALG_RSAMD5 << TAG_SHIFT) + 9)
#define TAG_RSA_MODULUS ((DST_ALG_RSA << TAG_SHIFT) + 0)
#define TAG_RSA_PUBLICEXPONENT ((DST_ALG_RSA << TAG_SHIFT) + 1)
#define TAG_RSA_PRIVATEEXPONENT ((DST_ALG_RSA << TAG_SHIFT) + 2)
#define TAG_RSA_PRIME1 ((DST_ALG_RSA << TAG_SHIFT) + 3)
#define TAG_RSA_PRIME2 ((DST_ALG_RSA << TAG_SHIFT) + 4)
#define TAG_RSA_EXPONENT1 ((DST_ALG_RSA << TAG_SHIFT) + 5)
#define TAG_RSA_EXPONENT2 ((DST_ALG_RSA << TAG_SHIFT) + 6)
#define TAG_RSA_COEFFICIENT ((DST_ALG_RSA << TAG_SHIFT) + 7)
#define TAG_RSA_ENGINE ((DST_ALG_RSA << TAG_SHIFT) + 8)
#define TAG_RSA_LABEL ((DST_ALG_RSA << TAG_SHIFT) + 9)
#define DH_NTAGS 4
#define TAG_DH_PRIME ((DST_ALG_DH << TAG_SHIFT) + 0)

2
lib/dns/include/dns/keyvalues.h
View File

@ -53,7 +53,7 @@
/* The Algorithm field of the KEY and SIG RR's is an integer, {1..254} */
#define DNS_KEYALG_RSAMD5 1 /*%< RSA with MD5 */
#define DNS_KEYALG_RSA DNS_KEYALG_RSAMD5
#define DNS_KEYALG_RSA 1 /*%< Used just for tagging */
#define DNS_KEYALG_DH 2 /*%< Diffie Hellman KEY */
#define DNS_KEYALG_DSA 3 /*%< DSA KEY */
#define DNS_KEYALG_NSEC3DSA 6

8
lib/dns/include/dst/dst.h
View File

@ -46,8 +46,8 @@ typedef struct dst_context dst_context_t;
/* DST algorithm codes */
#define DST_ALG_UNKNOWN 0
#define DST_ALG_RSA 1 /* Used for parsing RSASHA1, RSASHA256 and RSASHA512 */
#define DST_ALG_RSAMD5 1
#define DST_ALG_RSA DST_ALG_RSAMD5 /*%< backwards compatibility */
#define DST_ALG_DH 2
#define DST_ALG_DSA 3
#define DST_ALG_ECC 4
@ -751,12 +751,12 @@ dst_key_secretsize(const dst_key_t *key, unsigned int *n);
*/
uint16_t
dst_region_computeid(const isc_region_t *source, unsigned int alg);
dst_region_computeid(const isc_region_t *source);
uint16_t
dst_region_computerid(const isc_region_t *source, unsigned int alg);
dst_region_computerid(const isc_region_t *source);
/*%<
* Computes the (revoked) key id of the key stored in the provided
* region with the given algorithm.
* region.
*
* Requires:
*\li "source" contains a valid, non-NULL region.

10
lib/dns/key.c
View File

@ -27,7 +27,7 @@
#include "dst_internal.h"
uint16_t
dst_region_computeid(const isc_region_t *source, unsigned int alg) {
dst_region_computeid(const isc_region_t *source) {
uint32_t ac;
const unsigned char *p;
int size;
@ -38,9 +38,6 @@ dst_region_computeid(const isc_region_t *source, unsigned int alg) {
p = source->base;
size = source->length;
if (alg == DST_ALG_RSAMD5)
return ((p[size - 3] << 8) + p[size - 2]);
for (ac = 0; size > 1; size -= 2, p += 2)
ac += ((*p) << 8) + *(p + 1);
@ -52,7 +49,7 @@ dst_region_computeid(const isc_region_t *source, unsigned int alg) {
}
uint16_t
dst_region_computerid(const isc_region_t *source, unsigned int alg) {
dst_region_computerid(const isc_region_t *source) {
uint32_t ac;
const unsigned char *p;
int size;
@ -63,9 +60,6 @@ dst_region_computerid(const isc_region_t *source, unsigned int alg) {
p = source->base;
size = source->length;
if (alg == DST_ALG_RSAMD5)
return ((p[size - 3] << 8) + p[size - 2]);
ac = ((*p) << 8) + *(p + 1);
ac |= DNS_KEYFLAG_REVOKE;
for (size -= 2, p +=2; size > 1; size -= 2, p += 2)

20
lib/dns/opensslrsa_link.c
View File

@ -191,8 +191,7 @@ opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) {
const EVP_MD *type = NULL;
UNUSED(key);
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1 ||
REQUIRE(dctx->key->key_alg == DST_ALG_RSASHA1 ||
dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
dctx->key->key_alg == DST_ALG_RSASHA256 ||
dctx->key->key_alg == DST_ALG_RSASHA512);
@ -201,7 +200,6 @@ opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) {
* Reject incorrect RSA key lengths.
*/
switch (dctx->key->key_alg) {
case DST_ALG_RSAMD5:
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
/* From RFC 3110 */
@ -230,9 +228,6 @@ opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) {
return (ISC_R_NOMEMORY);
switch (dctx->key->key_alg) {
case DST_ALG_RSAMD5:
type = EVP_md5(); /* MD5 + RSA */
break;
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
type = EVP_sha1(); /* SHA1 + RSA */
@ -263,8 +258,7 @@ static void
opensslrsa_destroyctx(dst_context_t *dctx) {
EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1 ||
REQUIRE(dctx->key->key_alg == DST_ALG_RSASHA1 ||
dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
dctx->key->key_alg == DST_ALG_RSASHA256 ||
dctx->key->key_alg == DST_ALG_RSASHA512);
@ -279,8 +273,7 @@ static isc_result_t
opensslrsa_adddata(dst_context_t *dctx, const isc_region_t *data) {
EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1 ||
REQUIRE(dctx->key->key_alg == DST_ALG_RSASHA1 ||
dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
dctx->key->key_alg == DST_ALG_RSASHA256 ||
dctx->key->key_alg == DST_ALG_RSASHA512);
@ -301,8 +294,7 @@ opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
EVP_PKEY *pkey = key->keydata.pkey;
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1 ||
REQUIRE(dctx->key->key_alg == DST_ALG_RSASHA1 ||
dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
dctx->key->key_alg == DST_ALG_RSASHA256 ||
dctx->key->key_alg == DST_ALG_RSASHA512);
@ -333,8 +325,7 @@ opensslrsa_verify2(dst_context_t *dctx, int maxbits, const isc_region_t *sig) {
RSA *rsa;
int bits;
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1 ||
REQUIRE(dctx->key->key_alg == DST_ALG_RSASHA1 ||
dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
dctx->key->key_alg == DST_ALG_RSASHA256 ||
dctx->key->key_alg == DST_ALG_RSASHA512);
@ -462,7 +453,6 @@ opensslrsa_generate(dst_key_t *key, int exp, void (*callback)(int)) {
* Reject incorrect RSA key lengths.
*/
switch (key->key_alg) {
case DST_ALG_RSAMD5:
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
/* From RFC 3110 */

39
lib/dns/pkcs11rsa_link.c
View File

@ -81,8 +81,7 @@ pkcs11rsa_createctx_sign(dst_key_t *key, dst_context_t *dctx) {
isc_result_t ret;
unsigned int i;
REQUIRE(key->key_alg == DST_ALG_RSAMD5 ||
key->key_alg == DST_ALG_RSASHA1 ||
REQUIRE(key->key_alg == DST_ALG_RSASHA1 ||
key->key_alg == DST_ALG_NSEC3RSASHA1 ||
key->key_alg == DST_ALG_RSASHA256 ||
key->key_alg == DST_ALG_RSASHA512);
@ -91,7 +90,6 @@ pkcs11rsa_createctx_sign(dst_key_t *key, dst_context_t *dctx) {
* Reject incorrect RSA key lengths.
*/
switch (dctx->key->key_alg) {
case DST_ALG_RSAMD5:
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
/* From RFC 3110 */
@ -233,9 +231,6 @@ pkcs11rsa_createctx_sign(dst_key_t *key, dst_context_t *dctx) {
token_key:
switch (dctx->key->key_alg) {
case DST_ALG_RSAMD5:
mech.mechanism = CKM_MD5_RSA_PKCS;
break;
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
mech.mechanism = CKM_SHA1_RSA_PKCS;
@ -310,8 +305,7 @@ pkcs11rsa_createctx_verify(dst_key_t *key, unsigned int maxbits,
isc_result_t ret;
unsigned int i;
REQUIRE(key->key_alg == DST_ALG_RSAMD5 ||
key->key_alg == DST_ALG_RSASHA1 ||
REQUIRE(key->key_alg == DST_ALG_RSASHA1 ||
key->key_alg == DST_ALG_NSEC3RSASHA1 ||
key->key_alg == DST_ALG_RSASHA256 ||
key->key_alg == DST_ALG_RSASHA512);
@ -320,7 +314,6 @@ pkcs11rsa_createctx_verify(dst_key_t *key, unsigned int maxbits,
* Reject incorrect RSA key lengths.
*/
switch (dctx->key->key_alg) {
case DST_ALG_RSAMD5:
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
/* From RFC 3110 */
@ -394,9 +387,6 @@ pkcs11rsa_createctx_verify(dst_key_t *key, unsigned int maxbits,
ISC_R_FAILURE);
switch (dctx->key->key_alg) {
case DST_ALG_RSAMD5:
mech.mechanism = CKM_MD5_RSA_PKCS;
break;
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
mech.mechanism = CKM_SHA1_RSA_PKCS;
@ -577,8 +567,7 @@ pkcs11rsa_createctx(dst_key_t *key, dst_context_t *dctx) {
pk11_context_t *pk11_ctx;
isc_result_t ret;
REQUIRE(key->key_alg == DST_ALG_RSAMD5 ||
key->key_alg == DST_ALG_RSASHA1 ||
REQUIRE(key->key_alg == DST_ALG_RSASHA1 ||
key->key_alg == DST_ALG_NSEC3RSASHA1 ||
key->key_alg == DST_ALG_RSASHA256 ||
key->key_alg == DST_ALG_RSASHA512);
@ -588,7 +577,6 @@ pkcs11rsa_createctx(dst_key_t *key, dst_context_t *dctx) {
* Reject incorrect RSA key lengths.
*/
switch (dctx->key->key_alg) {
case DST_ALG_RSAMD5:
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
/* From RFC 3110 */
@ -613,9 +601,6 @@ pkcs11rsa_createctx(dst_key_t *key, dst_context_t *dctx) {
}
switch (key->key_alg) {
case DST_ALG_RSAMD5:
mech.mechanism = CKM_MD5;
break;
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
mech.mechanism = CKM_SHA_1;
@ -726,8 +711,7 @@ pkcs11rsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
isc_result_t ret = ISC_R_SUCCESS;
unsigned int i;
REQUIRE(key->key_alg == DST_ALG_RSAMD5 ||
key->key_alg == DST_ALG_RSASHA1 ||
REQUIRE(key->key_alg == DST_ALG_RSASHA1 ||
key->key_alg == DST_ALG_NSEC3RSASHA1 ||
key->key_alg == DST_ALG_RSASHA256 ||
key->key_alg == DST_ALG_RSASHA512);
@ -737,7 +721,6 @@ pkcs11rsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
* Reject incorrect RSA key lengths.
*/
switch (dctx->key->key_alg) {
case DST_ALG_RSAMD5:
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
/* From RFC 3110 */
@ -762,11 +745,6 @@ pkcs11rsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
}
switch (key->key_alg) {
case DST_ALG_RSAMD5:
der = md5_der;
derlen = sizeof(md5_der);
hashlen = ISC_MD5_DIGESTLENGTH;
break;
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
der = sha1_der;
@ -970,19 +948,13 @@ pkcs11rsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
isc_result_t ret = ISC_R_SUCCESS;
unsigned int i;
REQUIRE(key->key_alg == DST_ALG_RSAMD5 ||
key->key_alg == DST_ALG_RSASHA1 ||
REQUIRE(key->key_alg == DST_ALG_RSASHA1 ||
key->key_alg == DST_ALG_NSEC3RSASHA1 ||
key->key_alg == DST_ALG_RSASHA256 ||
key->key_alg == DST_ALG_RSASHA512);
REQUIRE(rsa != NULL);
switch (key->key_alg) {
case DST_ALG_RSAMD5:
der = md5_der;
derlen = sizeof(md5_der);
hashlen = ISC_MD5_DIGESTLENGTH;
break;
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
der = sha1_der;
@ -1172,7 +1144,6 @@ pkcs11rsa_generate(dst_key_t *key, int exp, void (*callback)(int)) {
* Reject incorrect RSA key lengths.
*/
switch (key->key_alg) {
case DST_ALG_RSAMD5:
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
/* From RFC 3110 */

1
lib/dns/rcode.c
View File

@ -106,7 +106,6 @@
#define SECALGNAMES \
{ DNS_KEYALG_RSAMD5, "RSAMD5", 0 }, \
{ DNS_KEYALG_RSAMD5, "RSA", 0 }, \
{ DNS_KEYALG_DH, "DH", 0 }, \
{ DNS_KEYALG_DSA, "DSA", 0 }, \
{ DNS_KEYALG_RSASHA1, "RSASHA1", 0 }, \

16
lib/dns/rdata/generic/key_25.c
View File

@ -58,10 +58,6 @@ generic_fromtext_key(ARGS_FROMTEXT) {
if (result != ISC_R_SUCCESS)
return (result);
/* Ensure there's at least enough data to compute a key ID for MD5 */
if (alg == DST_ALG_RSAMD5 && isc_buffer_usedlength(target) < 7)
return (ISC_R_UNEXPECTEDEND);
return (ISC_R_SUCCESS);
}
@ -135,7 +131,7 @@ generic_totext_key(ARGS_TOTEXT) {
} else {
dns_rdata_toregion(rdata, &tmpr);
snprintf(buf, sizeof(buf), "[key id = %u]",
dst_region_computeid(&tmpr, algorithm));
dst_region_computeid(&tmpr));
RETERR(str_totext(buf, target));
}
@ -159,7 +155,7 @@ generic_totext_key(ARGS_TOTEXT) {
RETERR(str_totext(" ; key id = ", target));
dns_rdata_toregion(rdata, &tmpr);
snprintf(buf, sizeof(buf), "%u",
dst_region_computeid(&tmpr, algorithm));
dst_region_computeid(&tmpr));
RETERR(str_totext(buf, target));
}
return (ISC_R_SUCCESS);
@ -191,14 +187,6 @@ generic_fromwire_key(ARGS_FROMWIRE) {
RETERR(dns_name_fromwire(&name, source, dctx, options, target));
}
/*
* RSAMD5 computes key ID differently from other
* algorithms: we need to ensure there's enough data
* present for the computation
*/
if (algorithm == DST_ALG_RSAMD5 && sr.length < 3)
return (ISC_R_UNEXPECTEDEND);
isc_buffer_activeregion(source, &sr);
isc_buffer_forward(source, sr.length);
return (mem_tobuffer(target, sr.base, sr.length));

6
lib/dns/rdata/generic/keydata_65533.c
View File

@ -80,10 +80,6 @@ fromtext_keydata(ARGS_FROMTEXT) {
if (result != ISC_R_SUCCESS)
return (result);
/* Ensure there's at least enough data to compute a key ID for MD5 */
if (alg == DST_ALG_RSAMD5 && isc_buffer_usedlength(target) < 19)
return (ISC_R_UNEXPECTEDEND);
return (ISC_R_SUCCESS);
}
@ -190,7 +186,7 @@ totext_keydata(ARGS_TOTEXT) {
/* Skip over refresh, addhd, and removehd */
isc_region_consume(&tmpr, 12);
snprintf(buf, sizeof(buf), "%u",
dst_region_computeid(&tmpr, algorithm));
dst_region_computeid(&tmpr));
RETERR(str_totext(buf, target));
if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0) {

1
lib/dns/tests/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
/zone.data

1
lib/dns/tests/dst_test.c
View File

@ -261,7 +261,6 @@ sig_test(void **state) {
dns_secalg_t alg;
bool expect;
} testcases[] = {
/* XXXOND: Why isn't this failing? */
{
"testdata/dst/test1.data",
"testdata/dst/test1.ecdsa256sig",

57
lib/dns/tests/rsa_test.c
View File

@ -95,41 +95,6 @@ static unsigned char sigsha1[256] = {
0x27, 0x7f, 0xb6, 0xe0, 0x04, 0x12, 0xd2, 0x81
};
static unsigned char sigmd5[256] = {
0xc0, 0x99, 0x90, 0xd6, 0xea, 0xc1, 0x5f, 0xc7,
0x23, 0x60, 0xfc, 0x13, 0x3d, 0xcc, 0xda, 0x93,
0x19, 0xf7, 0x22, 0xa9, 0x55, 0xbe, 0x70, 0x3c,
0x87, 0x24, 0x8a, 0x7e, 0xa7, 0x59, 0x58, 0xd3,
0x0e, 0x7c, 0x50, 0x3c, 0x81, 0x0f, 0x7a, 0x2b,
0xb1, 0x94, 0x21, 0x87, 0xe4, 0x87, 0xcd, 0x2b,
0xb9, 0xf1, 0xb8, 0x26, 0xc1, 0x02, 0xf4, 0x30,
0x83, 0x41, 0x89, 0x61, 0xcc, 0x3d, 0xe3, 0x0f,
0xec, 0x4a, 0x74, 0x95, 0x10, 0x65, 0xac, 0xd1,
0xf5, 0x95, 0xe9, 0x99, 0xa8, 0x45, 0x98, 0x99,
0xb5, 0xfd, 0x7a, 0x78, 0x80, 0xe5, 0x00, 0x33,
0xa5, 0x54, 0xe5, 0xa3, 0xc0, 0x1b, 0x6c, 0xb9,
0x77, 0x52, 0x6f, 0xe5, 0x85, 0xa8, 0xfa, 0x45,
0x78, 0x49, 0x14, 0xa0, 0x10, 0x58, 0x40, 0x80,
0x90, 0xc6, 0x55, 0x52, 0x6d, 0x46, 0x58, 0x50,
0x3d, 0x5e, 0x40, 0x25, 0x51, 0x7c, 0xc4, 0x12,
0x87, 0x2d, 0x7b, 0x10, 0xcd, 0x80, 0xec, 0x5d,
0x27, 0x15, 0x09, 0x37, 0x1f, 0xa7, 0x86, 0x15,
0xd1, 0xdd, 0xf1, 0x86, 0x1e, 0x42, 0x3a, 0xf9,
0x5a, 0xed, 0x33, 0x07, 0xa9, 0x98, 0x08, 0x79,
0xc5, 0xa4, 0x09, 0x95, 0x6e, 0x12, 0xfe, 0xee,
0x49, 0x61, 0xe0, 0x99, 0xaa, 0x34, 0xa5, 0xca,
0x82, 0xd3, 0x9b, 0x1c, 0x5b, 0x79, 0xf5, 0x0e,
0x2c, 0x6c, 0x3b, 0x48, 0xd1, 0xbc, 0xd0, 0xda,
0x73, 0xba, 0xe1, 0x81, 0x48, 0x27, 0x39, 0x2f,
0x98, 0x77, 0x08, 0xb3, 0xf7, 0x38, 0x28, 0x6d,
0x02, 0x56, 0xfa, 0x31, 0xbb, 0x14, 0x81, 0x6b,
0x3c, 0x24, 0xa2, 0x68, 0x7a, 0x0a, 0x53, 0xbd,
0x9d, 0x57, 0xd0, 0x99, 0x10, 0x28, 0x78, 0x69,
0x31, 0x93, 0xa4, 0x73, 0x8d, 0x1a, 0xe4, 0xdc,
0x0c, 0x15, 0xb8, 0x51, 0xd8, 0x66, 0x6a, 0x95,
0x56, 0x17, 0x0a, 0x45, 0x72, 0xb5, 0xb8, 0xc4
};
static unsigned char sigsha256[256] = {
0x83, 0x53, 0x15, 0xfc, 0xca, 0xdb, 0xf6, 0x0d,
0x53, 0x24, 0x5b, 0x5a, 0x8e, 0xd0, 0xbe, 0x5e,
@ -241,26 +206,6 @@ isc_rsa_verify_test(void **state) {
dst_context_destroy(&ctx);
/* RSAMD5 */
key->key_alg = DST_ALG_RSAMD5;
ret = dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC,
false, 0, &ctx);
assert_int_equal(ret, ISC_R_SUCCESS);
r.base = d;
r.length = 10;
ret = dst_context_adddata(ctx, &r);
assert_int_equal(ret, ISC_R_SUCCESS);
r.base = sigmd5;
r.length = 256;
ret = dst_context_verify(ctx, &r);
assert_int_equal(ret, ISC_R_SUCCESS);
dst_context_destroy(&ctx);
/* RSASHA256 */
key->key_alg = DST_ALG_RSASHA256;
@ -325,4 +270,4 @@ main(void) {
return (0);
}
#endif
#endif /* HAVE_CMOCKA */

8
lib/dns/validator.c
View File

@ -1409,11 +1409,11 @@ get_key(dns_validator_t *val, dns_rdata_rrsig_t *siginfo) {
}
static dns_keytag_t
compute_keytag(dns_rdata_t *rdata, dns_rdata_dnskey_t *key) {
compute_keytag(dns_rdata_t *rdata) {
isc_region_t r;
dns_rdata_toregion(rdata, &r);
return (dst_region_computeid(&r, key->algorithm));
return (dst_region_computeid(&r));
}
/*%
@ -1452,7 +1452,7 @@ isselfsigned(dns_validator_t *val) {
dns_rdataset_current(rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &key, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
keytag = compute_keytag(&rdata, &key);
keytag = compute_keytag(&rdata);
for (result = dns_rdataset_first(sigrdataset);
result == ISC_R_SUCCESS;
result = dns_rdataset_next(sigrdataset))
@ -1776,7 +1776,7 @@ keyfromds(dns_validator_t *val, dns_rdataset_t *rdataset, dns_rdata_t *dsrdata,
dns_rdataset_current(rdataset, keyrdata);
result = dns_rdata_tostruct(keyrdata, &key, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
keytag = compute_keytag(keyrdata, &key);
keytag = compute_keytag(keyrdata);
if (keyid != keytag || algorithm != key.algorithm)
continue;
dns_rdata_reset(&newdsrdata);

38
lib/dns/zone.c
View File

@ -3189,7 +3189,7 @@ zone_check_dnskeys(dns_zone_t *zone, dns_db_t *db) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_t rdataset;
isc_result_t result;
bool logit, foundrsa = false, foundmd5 = false;
bool logit, foundrsa = false;
const char *algorithm;
result = dns_db_findnode(db, &zone->origin, false, &node);
@ -3211,27 +3211,37 @@ zone_check_dnskeys(dns_zone_t *zone, dns_db_t *db) {
result = dns_rdata_tostruct(&rdata, &dnskey, NULL);
INSIST(result == ISC_R_SUCCESS);
if ((dnskey.algorithm == DST_ALG_RSASHA1 ||
dnskey.algorithm == DST_ALG_RSAMD5) &&
dnskey.datalen > 1 && dnskey.data[0] == 1 &&
dnskey.data[1] == 3)
/* RFC 3110, section 4: Performance Considerations:
*
* A public exponent of 3 minimizes the effort needed to verify
* a signature. Use of 3 as the public exponent is weak for
* confidentiality uses since, if the same data can be collected
* encrypted under three different keys with an exponent of 3
* then, using the Chinese Remainder Theorem [NETSEC], the
* original plain text can be easily recovered. If a key is
* known to be used only for authentication, as is the case with
* DNSSEC, then an exponent of 3 is acceptable. However other
* applications in the future may wish to leverage DNS
* distributed keys for applications that do require
* confidentiality. For keys which might have such other uses,
* a more conservative choice would be 65537 (F4, the fourth
* fermat number).
*/
if (dnskey.algorithm == DST_ALG_RSASHA1 &&
dnskey.datalen > 1 && dnskey.data[0] == 1 &&
dnskey.data[1] == 3)
{
if (dnskey.algorithm == DST_ALG_RSASHA1) {
logit = !foundrsa;
foundrsa = true;
algorithm = "RSASHA1";
} else {
logit = !foundmd5;
foundmd5 = true;
algorithm = "RSAMD5";
}
if (logit)
if (logit) {
dns_zone_log(zone, ISC_LOG_WARNING,
"weak %s (%u) key found "
"(exponent=3)", algorithm,
dnskey.algorithm);
if (foundrsa && foundmd5)
break;
}
}
dns_rdata_reset(&rdata);
}
@ -17763,7 +17773,7 @@ add_signing_records(dns_db_t *db, dns_rdatatype_t privatetype,
dns_rdata_toregion(&tuple->rdata, &r);
keyid = dst_region_computeid(&r, dnskey.algorithm);
keyid = dst_region_computeid(&r);
buf[0] = dnskey.algorithm;
buf[1] = (keyid & 0xff00) >> 8;
@ -17910,7 +17920,7 @@ dnskey_sane(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver,
continue;
alg = tuple->rdata.data[3];
if (alg == DST_ALG_RSAMD5 || alg == DST_ALG_RSASHA1) {
if (alg == DST_ALG_RSASHA1) {
nseconly = true;
break;
}

6
lib/ns/update.c
View File

@ -1960,7 +1960,7 @@ check_dnssec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db,
if (tuple->rdata.type == dns_rdatatype_dnskey) {
uint8_t alg;
alg = tuple->rdata.data[3];
if (alg == DST_ALG_RSAMD5 || alg == DST_ALG_RSASHA1) {
if (alg == DST_ALG_RSASHA1) {
nseconly = true;
break;
}
@ -2443,7 +2443,7 @@ add_signing_records(dns_db_t *db, dns_rdatatype_t privatetype,
dns_rdata_toregion(&tuple->rdata, &r);
keyid = dst_region_computeid(&r, dnskey.algorithm);
keyid = dst_region_computeid(&r);
buf[0] = dnskey.algorithm;
buf[1] = (keyid & 0xff00) >> 8;
@ -3283,7 +3283,7 @@ update_action(isc_task_t *task, isc_event_t *event) {
dns_rdata_toregion(&tuple->rdata, &r);
algorithm = dnskey.algorithm;
keyid = dst_region_computeid(&r, algorithm);
keyid = dst_region_computeid(&r);
result = dns_zone_signwithkey(zone, algorithm, keyid,
(tuple->op == DNS_DIFFOP_DEL));