From a55014ff8a55a7d721e3db7832addb17967103c4 Mon Sep 17 00:00:00 2001 From: Miek Gieben Date: Wed, 11 Apr 2012 14:32:44 +0200 Subject: [PATCH] elliptic curve stuff --- dnssec.go | 20 ++++++++++---------- dnssec_test.go | 14 ++++++++++++++ 2 files changed, 24 insertions(+), 10 deletions(-) diff --git a/dnssec.go b/dnssec.go index aedefada..343292be 100644 --- a/dnssec.go +++ b/dnssec.go @@ -58,6 +58,7 @@ const ( SHA256 // RFC 4509 GOST94 // RFC 5933 SHA384 // Experimental + SHA512 // Experimental ) // DNSKEY flag values. @@ -439,19 +440,17 @@ func (k *RR_DNSKEY) pubKeyCurve() *ecdsa.PublicKey { if err != nil { return nil } - var c elliptic.Curve + pubkey := new(ecdsa.PublicKey) switch k.Algorithm { case ECDSAP256SHA256Y: - c = elliptic.P256() + pubkey.Curve = elliptic.P256() case ECDSAP384SHA384Y: - c = elliptic.P384() + pubkey.Curve = elliptic.P384() } - // This does not work, we need to split the buffer in two - x, y := elliptic.Unmarshal(c, keybuf) - pubkey := new(ecdsa.PublicKey) - pubkey.X = x - pubkey.Y = y - pubkey.Curve = c + pubkey.X = big.NewInt(0) + pubkey.X.SetBytes(keybuf[:len(keybuf)/2]) + pubkey.Y = big.NewInt(0) + pubkey.Y.SetBytes(keybuf[len(keybuf)/2:]) // +1? return pubkey } @@ -494,7 +493,8 @@ func exponentToBuf(_E int) []byte { return buf } -// Set the public key for X and Y for Curve. Experiment. +// Set the public key for X and Y for Curve. The two +// values are just concatenated. func curveToBuf(_X, _Y *big.Int) []byte { buf := _X.Bytes() buf = append(buf, _Y.Bytes()...) diff --git a/dnssec_test.go b/dnssec_test.go index b4cca894..9b89dbc7 100644 --- a/dnssec_test.go +++ b/dnssec_test.go @@ -31,6 +31,20 @@ func getSoa() *RR_SOA { return soa } +func TestGenerateEC(t *testing.T) { + key := new(RR_DNSKEY) + key.Hdr.Rrtype = TypeDNSKEY + key.Hdr.Name = "miek.nl." + key.Hdr.Class = ClassINET + key.Hdr.Ttl = 14400 + key.Flags = 256 + key.Protocol = 3 + key.Algorithm = ECDSAP256SHA256Y + privkey, _ := key.Generate(256) + t.Logf("%s\n", key.String()) + t.Logf("%s\n", key.PrivateKeyString(privkey)) +} + func TestSecure(t *testing.T) { soa := getSoa()