[2387] Add DNSKEY support in wire data generator

Also convert some existing DNSKEY test data to use wire data generated from spec files.
2025-09-02 23:15:20 +00:00 · 2013-04-01 16:19:57 +05:30
parent ea89361128
commit 8117b69a1c
10 changed files with 89 additions and 49 deletions
--- a/src/lib/dns/tests/rdata_dnskey_unittest.cc
+++ b/src/lib/dns/tests/rdata_dnskey_unittest.cc
@@ -136,7 +136,7 @@ TEST_F(Rdata_DNSKEY_Test, toWireRenderer) {
    rdata_dnskey.toWire(renderer);

    vector<unsigned char> data;
-    UnitTestUtil::readWireData("rdata_dnskey_fromWire", data);
+    UnitTestUtil::readWireData("rdata_dnskey_fromWire.wire", data);
    EXPECT_PRED_FORMAT4(UnitTestUtil::matchWireData,
                        static_cast<const uint8_t *>(renderer.getData()) + 2,
                        renderer.getLength() - 2, &data[2], data.size() - 2);
@@ -146,7 +146,7 @@ TEST_F(Rdata_DNSKEY_Test, toWireBuffer) {
    rdata_dnskey.toWire(obuffer);

    vector<unsigned char> data;
-    UnitTestUtil::readWireData("rdata_dnskey_fromWire", data);
+    UnitTestUtil::readWireData("rdata_dnskey_fromWire.wire", data);
    EXPECT_PRED_FORMAT4(UnitTestUtil::matchWireData,
                        obuffer.getData(), obuffer.getLength(),
                        &data[2], data.size() - 2);
@@ -155,14 +155,16 @@ TEST_F(Rdata_DNSKEY_Test, toWireBuffer) {
 TEST_F(Rdata_DNSKEY_Test, createFromWire) {
    EXPECT_EQ(0, rdata_dnskey.compare(
                  *rdataFactoryFromFile(RRType("DNSKEY"), RRClass("IN"),
-                                        "rdata_dnskey_fromWire")));
+                                        "rdata_dnskey_fromWire.wire")));
    // Empty keydata should throw
-    EXPECT_THROW(rdataFactoryFromFile(RRType("DNSKEY"), RRClass("IN"),
-                                      "rdata_dnskey_empty_keydata_fromWire"),
+    EXPECT_THROW(rdataFactoryFromFile
+                 (RRType("DNSKEY"), RRClass("IN"),
+                  "rdata_dnskey_empty_keydata_fromWire.wire"),
                 InvalidRdataLength);
    // Short keydata for RSA/MD5 should throw
-    EXPECT_THROW(rdataFactoryFromFile(RRType("DNSKEY"), RRClass("IN"),
-                                      "rdata_dnskey_short_keydata1_fromWire"),
+    EXPECT_THROW(rdataFactoryFromFile
+                 (RRType("DNSKEY"), RRClass("IN"),
+                  "rdata_dnskey_short_keydata1_fromWire.wire"),
                 InvalidRdataLength);
 }

--- a/src/lib/dns/tests/testdata/.gitignore
+++ b/src/lib/dns/tests/testdata/.gitignore
@@ -41,6 +41,9 @@
 /rdata_minfo_toWire2.wire
 /rdata_minfo_toWireUncompressed1.wire
 /rdata_minfo_toWireUncompressed2.wire
+/rdata_dnskey_fromWire.wire
+/rdata_dnskey_empty_keydata_fromWire.wire
+/rdata_dnskey_short_keydata1_fromWire.wire
 /rdata_nsec3_fromWire10.wire
 /rdata_nsec3_fromWire11.wire
 /rdata_nsec3_fromWire12.wire
--- a/src/lib/dns/tests/testdata/Makefile.am
+++ b/src/lib/dns/tests/testdata/Makefile.am
@@ -16,6 +16,8 @@ BUILT_SOURCES += message_toText3.wire
 BUILT_SOURCES += name_toWire5.wire name_toWire6.wire
 BUILT_SOURCES += rdatafields1.wire rdatafields2.wire rdatafields3.wire
 BUILT_SOURCES += rdatafields4.wire rdatafields5.wire rdatafields6.wire
+BUILT_SOURCES += rdata_dnskey_fromWire.wire rdata_dnskey_empty_keydata_fromWire.wire
+BUILT_SOURCES += rdata_dnskey_short_keydata1_fromWire.wire
 BUILT_SOURCES += rdata_nsec_fromWire4.wire rdata_nsec_fromWire5.wire
 BUILT_SOURCES += rdata_nsec_fromWire6.wire rdata_nsec_fromWire7.wire
 BUILT_SOURCES += rdata_nsec_fromWire8.wire rdata_nsec_fromWire9.wire
@@ -102,8 +104,8 @@ EXTRA_DIST += question_fromWire question_toWire1 question_toWire2
 EXTRA_DIST += rdatafields1.spec rdatafields2.spec rdatafields3.spec
 EXTRA_DIST += rdatafields4.spec rdatafields5.spec rdatafields6.spec
 EXTRA_DIST += rdata_cname_fromWire rdata_dname_fromWire
-EXTRA_DIST += rdata_dnskey_fromWire rdata_dnskey_empty_keydata_fromWire
-EXTRA_DIST += rdata_dnskey_short_keydata1_fromWire
+EXTRA_DIST += rdata_dnskey_fromWire.spec rdata_dnskey_empty_keydata_fromWire.spec
+EXTRA_DIST += rdata_dnskey_short_keydata1_fromWire.spec
 EXTRA_DIST += rdata_dhcid_fromWire rdata_dhcid_toWire
 EXTRA_DIST += rdata_ds_fromWire rdata_in_a_fromWire rdata_in_aaaa_fromWire
 EXTRA_DIST += rdata_mx_fromWire rdata_mx_toWire1 rdata_mx_toWire2
--- a/src/lib/dns/tests/testdata/rdata_dnskey_empty_keydata_fromWire
+++ b/src/lib/dns/tests/testdata/rdata_dnskey_empty_keydata_fromWire
@@ -1,7 +0,0 @@
-# RDLENGTH = 4 bytes
- 00 04
-# DNSKEY, flags 257
- 01 01
-# protocol 3, algorithm 5
- 03 05
-# no keydata
--- a/src/lib/dns/tests/testdata/rdata_dnskey_empty_keydata_fromWire.spec
+++ b/src/lib/dns/tests/testdata/rdata_dnskey_empty_keydata_fromWire.spec
@@ -0,0 +1,10 @@
+# DNSKEY test data with empty digest
+
+[custom]
+sections: dnskey
+
+[dnskey]
+flags: 257
+protocol: 3
+algorithm: 5
+digest:
--- a/src/lib/dns/tests/testdata/rdata_dnskey_fromWire
+++ b/src/lib/dns/tests/testdata/rdata_dnskey_fromWire
@@ -1,24 +0,0 @@
-# RDLENGTH = 265 bytes
- 01 09
-# DNSKEY, flags 257
- 01 01
-# protocol 3, algorithm 5
- 03 05
-# keydata:
- 04 40 00 00 03 a1 1d 00 c1 ae 14 1b b6 98 60 ab
- 6c 10 52 91 10 e6 de 03 b5 41 f1 a0 c5 45 bb 68
- 56 2c 33 2f a0 e3 11 5e 31 ab 86 10 9e 16 f0 19
- 8a 1e f2 24 77 fc 64 67 d6 ea 17 77 f2 15 c6 ff
- 1c a5 60 23 ba 2a ba 5b 76 88 f0 c7 c6 0c 5c b0
- 39 fe 40 3e bb 9d 16 20 bf 19 47 54 7a 29 36 ec
- 61 53 1f fd 0c 79 46 23 5b 3c 29 70 fa f4 fe 53
- c7 97 10 99 8e db 48 c8 4b 55 0b 82 ac b7 e3 b7
- 01 07 5c cc 9e 7c ff e0 b2 69 03 47 5a f4 26 ca
- 8f 70 36 e7 84 f9 d7 9b 0d 20 c7 30 b0 1f 3f db
- ed 84 eb 7f f3 66 b4 33 06 48 f4 06 b3 7f f4 17
- b1 8e 98 a4 b3 78 d1 85 96 ad 12 c5 e7 dd d4 f2
- e3 b4 74 f5 48 b1 e5 67 09 b7 ec 73 a9 9e fe ca
- cc 8b 28 e3 9e 75 2d fd 67 b4 83 9a c9 f6 78 0d
- 05 2a d4 29 c0 0e 8b 5d e1 b6 c3 e8 f1 9b 0d e8
- 03 c9 55 52 01 1f fe bc de 0b f6 c1 c8 13 6c 3b
- bd 1a 10 54 dd
--- a/src/lib/dns/tests/testdata/rdata_dnskey_fromWire.spec
+++ b/src/lib/dns/tests/testdata/rdata_dnskey_fromWire.spec
@@ -0,0 +1,10 @@
+# DNSKEY test data
+
+[custom]
+sections: dnskey
+
+[dnskey]
+flags: 257
+protocol: 3
+algorithm: 5
+digest: BEAAAAOhHQDBrhQbtphgq2wQUpEQ5t4DtUHxoMVFu2hWLDMvoOMRXjGrhhCeFvAZih7yJHf8ZGfW6hd38hXG/xylYCO6Krpbdojwx8YMXLA5/kA+u50WIL8ZR1R6KTbsYVMf/Qx5RiNbPClw+vT+U8eXEJmO20jIS1ULgqy347cBB1zMnnz/4LJpA0da9CbKj3A254T515sNIMcwsB8/2+2E63/zZrQzBkj0BrN/9Bexjpiks3jRhZatEsXn3dTy47R09Uix5WcJt+xzqZ7+ysyLKOOedS39Z7SDmsn2eA0FKtQpwA6LXeG2w+jxmw3oA8lVUgEf/rzeC/bByBNsO70aEFTd
--- a/src/lib/dns/tests/testdata/rdata_dnskey_short_keydata1_fromWire
+++ b/src/lib/dns/tests/testdata/rdata_dnskey_short_keydata1_fromWire
@@ -1,8 +0,0 @@
-# RDLENGTH = 6 bytes
- 00 06
-# DNSKEY, flags 257
- 01 01
-# protocol 3, algorithm 1
- 03 01
-# keydata (only 2 bytes long for algorithm 1):
- 04 40
--- a/src/lib/dns/tests/testdata/rdata_dnskey_short_keydata1_fromWire.spec
+++ b/src/lib/dns/tests/testdata/rdata_dnskey_short_keydata1_fromWire.spec
@@ -0,0 +1,11 @@
+# DNSKEY test data with algorithm 1 (RSA/MD5) and digest less than 3
+# bytes long.
+
+[custom]
+sections: dnskey
+
+[dnskey]
+flags: 257
+protocol: 3
+algorithm: 1
+digest: BEA=
--- a/src/lib/util/python/gen_wiredata.py.in
+++ b/src/lib/util/python/gen_wiredata.py.in
@@ -325,7 +325,7 @@ What you are expected to do is as follows:
  examples.
 """

-import configparser, re, time, socket, sys
+import configparser, re, time, socket, sys, base64
 from datetime import datetime
 from optparse import OptionParser

@@ -413,6 +413,11 @@ def encode_string(name, len=None):
        return '%0.*x' % (len * 2, name)
    return ''.join(['%02x' % ord(ch) for ch in name])

+def encode_bytes(name, len=None):
+    if type(name) is int and len is not None:
+        return '%0.*x' % (len * 2, name)
+    return ''.join(['%02x' % ch for ch in name])
+
 def count_namelabels(name):
    if name == '.':             # special case
        return 0
@@ -888,6 +893,42 @@ class AFSDB(RR):
        f.write('# SUBTYPE=%d SERVER=%s\n' % (self.subtype, self.server))
        f.write('%04x %s\n' % (self.subtype, server_wire))

+class DNSKEY(RR):
+    '''Implements rendering DNSKEY RDATA in the test data format.
+
+    Configurable parameters are as follows (see code below for the
+    default values):
+    - flags (16-bit int): The flags field.
+    - protocol (8-bit int): The protocol field.
+    - algorithm (8-bit int): The algorithm field.
+    - digest (string): The key digest field.
+    '''
+    flags = 257
+    protocol = 3
+    algorithm = 5
+    digest = 'AAECAwQFBgcICQoLDA0ODw=='
+
+    def dump(self, f):
+        decoded_digest = base64.b64decode(bytes(self.digest, 'ascii'))
+        if self.rdlen is None:
+            self.rdlen = 4 + len(decoded_digest)
+        else:
+            self.rdlen = int(self.rdlen)
+
+        self.dump_header(f, self.rdlen)
+
+        f.write('# FLAGS=%d\n' % (self.flags))
+        f.write('%04x\n' % (self.flags))
+
+        f.write('# PROTOCOL=%d\n' % (self.protocol))
+        f.write('%02x\n' % (self.protocol))
+
+        f.write('# ALGORITHM=%d\n' % (self.algorithm))
+        f.write('%02x\n' % (self.algorithm))
+
+        f.write('# DIGEST=%s\n' % (self.digest))
+        f.write('%s\n' % (encode_bytes(decoded_digest)))
+
 class NSECBASE(RR):
    '''Implements rendering NSEC/NSEC3 type bitmaps commonly used for
    these RRs.  The NSEC and NSEC3 classes will be inherited from this