mirrors/dns
1
0
Fork 0
mirror of https://github.com/miekg/dns.git synced 2025-10-01 04:51:01 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add support for HmacSHA512 algorithm in TSIG

Browse Source
This commit is contained in:
Flavien Lebarbe 2015-01-23 10:51:56 +01:00
parent 3fcd28bab1
commit 067cfe8d4e
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
tsig.go
View File

@ -1,7 +1,7 @@
// TRANSACTION SIGNATURE // TRANSACTION SIGNATURE
// //
// An TSIG or transaction signature adds a HMAC TSIG record to each message sent. // An TSIG or transaction signature adds a HMAC TSIG record to each message sent.
// The supported algorithms include: HmacMD5, HmacSHA1 and HmacSHA256. // The supported algorithms include: HmacMD5, HmacSHA1, HmacSHA256 and HmacSHA512.
// //
// Basic use pattern when querying with a TSIG name "axfr." (note that these key names // Basic use pattern when querying with a TSIG name "axfr." (note that these key names
// must be fully qualified - as they are domain names) and the base64 secret // must be fully qualified - as they are domain names) and the base64 secret
@ -58,6 +58,7 @@ import (
"crypto/md5" "crypto/md5"
"crypto/sha1" "crypto/sha1"
"crypto/sha256" "crypto/sha256"
"crypto/sha512"
"encoding/hex" "encoding/hex"
"hash" "hash"
"io" "io"
@ -71,6 +72,7 @@ const (
HmacMD5 = "hmac-md5.sig-alg.reg.int." HmacMD5 = "hmac-md5.sig-alg.reg.int."
HmacSHA1 = "hmac-sha1." HmacSHA1 = "hmac-sha1."
HmacSHA256 = "hmac-sha256." HmacSHA256 = "hmac-sha256."
HmacSHA512 = "hmac-sha512."
) )
type TSIG struct { type TSIG struct {
@ -181,6 +183,8 @@ func TsigGenerate(m *Msg, secret, requestMAC string, timersOnly bool) ([]byte, s
h = hmac.New(sha1.New, []byte(rawsecret)) h = hmac.New(sha1.New, []byte(rawsecret))
case HmacSHA256: case HmacSHA256:
h = hmac.New(sha256.New, []byte(rawsecret)) h = hmac.New(sha256.New, []byte(rawsecret))
case HmacSHA512:
h = hmac.New(sha512.New, []byte(rawsecret))
default: default:
return nil, "", ErrKeyAlg return nil, "", ErrKeyAlg
} }
@ -245,6 +249,8 @@ func TsigVerify(msg []byte, secret, requestMAC string, timersOnly bool) error {
h = hmac.New(sha1.New, rawsecret) h = hmac.New(sha1.New, rawsecret)
case HmacSHA256: case HmacSHA256:
h = hmac.New(sha256.New, rawsecret) h = hmac.New(sha256.New, rawsecret)
case HmacSHA512:
h = hmac.New(sha512.New, rawsecret)
default: default:
return ErrKeyAlg return ErrKeyAlg
} }