mirror of
https://github.com/pi-hole/dnsmasq.git
synced 2025-12-19 10:18:25 +00:00
Swap crypto library from openSSL to nettle.
This commit is contained in:
Simon Kelley
28
Makefile
28
Makefile
@@ -51,24 +51,24 @@ top!=pwd
|
||||
# GNU make way.
|
||||
top?=$(CURDIR)
|
||||
|
||||
dbus_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DBUS $(PKG_CONFIG) --cflags dbus-1`
|
||||
dbus_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DBUS $(PKG_CONFIG) --libs dbus-1`
|
||||
idn_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_IDN $(PKG_CONFIG) --cflags libidn`
|
||||
idn_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_IDN $(PKG_CONFIG) --libs libidn`
|
||||
ct_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_CONNTRACK $(PKG_CONFIG) --cflags libnetfilter_conntrack`
|
||||
ct_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_CONNTRACK $(PKG_CONFIG) --libs libnetfilter_conntrack`
|
||||
lua_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --cflags lua5.1`
|
||||
lua_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --libs lua5.1`
|
||||
sec_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --cflags libcrypto`
|
||||
sec_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --libs libcrypto`
|
||||
sunos_libs = `if uname | grep SunOS >/dev/null 2>&1; then echo -lsocket -lnsl -lposix4; fi`
|
||||
dbus_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DBUS $(PKG_CONFIG) --cflags dbus-1`
|
||||
dbus_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DBUS $(PKG_CONFIG) --libs dbus-1`
|
||||
idn_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_IDN $(PKG_CONFIG) --cflags libidn`
|
||||
idn_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_IDN $(PKG_CONFIG) --libs libidn`
|
||||
ct_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_CONNTRACK $(PKG_CONFIG) --cflags libnetfilter_conntrack`
|
||||
ct_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_CONNTRACK $(PKG_CONFIG) --libs libnetfilter_conntrack`
|
||||
lua_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --cflags lua5.1`
|
||||
lua_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --libs lua5.1`
|
||||
nettle_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --cflags nettle hogweed`
|
||||
nettle_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --libs nettle hogweed`
|
||||
sunos_libs = `if uname | grep SunOS >/dev/null 2>&1; then echo -lsocket -lnsl -lposix4; fi`
|
||||
version = -DVERSION='\"`$(top)/bld/get-version $(top)`\"'
|
||||
|
||||
objs = cache.o rfc1035.o util.o option.o forward.o network.o \
|
||||
dnsmasq.o dhcp.o lease.o rfc2131.o netlink.o dbus.o bpf.o \
|
||||
helper.o tftp.o log.o conntrack.o dhcp6.o rfc3315.o \
|
||||
dhcp-common.o outpacket.o radv.o slaac.o auth.o ipset.o \
|
||||
domain.o dnssec.o dnssec-openssl.o blockdata.o
|
||||
domain.o dnssec.o blockdata.o
|
||||
|
||||
hdrs = dnsmasq.h config.h dhcp-protocol.h dhcp6-protocol.h \
|
||||
dns-protocol.h radv-protocol.h
|
||||
@@ -76,8 +76,8 @@ hdrs = dnsmasq.h config.h dhcp-protocol.h dhcp6-protocol.h \
|
||||
all : $(BUILDDIR)
|
||||
@cd $(BUILDDIR) && $(MAKE) \
|
||||
top="$(top)" \
|
||||
build_cflags="$(version) $(dbus_cflags) $(idn_cflags) $(ct_cflags) $(lua_cflags) $(sec_cflags)" \
|
||||
build_libs="$(dbus_libs) $(idn_libs) $(ct_libs) $(lua_libs) $(sunos_libs) $(sec_libs)" \
|
||||
build_cflags="$(version) $(dbus_cflags) $(idn_cflags) $(ct_cflags) $(lua_cflags) $(nettle_cflags)" \
|
||||
build_libs="$(dbus_libs) $(idn_libs) $(ct_libs) $(lua_libs) $(sunos_libs) $(nettle_libs)" \
|
||||
-f $(top)/Makefile dnsmasq
|
||||
|
||||
mostly_clean :
|
||||
|
||||
@@ -67,21 +67,6 @@ struct blockdata *blockdata_alloc(char *data, size_t len)
|
||||
return ret;
|
||||
}
|
||||
|
||||
size_t blockdata_walk(struct blockdata **key, unsigned char **p, size_t cnt)
|
||||
{
|
||||
if (*p == NULL)
|
||||
*p = (*key)->key;
|
||||
else if (*p == (*key)->key + KEYBLOCK_LEN)
|
||||
{
|
||||
*key = (*key)->next;
|
||||
if (*key == NULL)
|
||||
return 0;
|
||||
*p = (*key)->key;
|
||||
}
|
||||
|
||||
return MIN(cnt, (size_t)((*key)->key + KEYBLOCK_LEN - (*p)));
|
||||
}
|
||||
|
||||
void blockdata_free(struct blockdata *blocks)
|
||||
{
|
||||
struct blockdata *tmp;
|
||||
@@ -96,24 +81,38 @@ void blockdata_free(struct blockdata *blocks)
|
||||
}
|
||||
}
|
||||
|
||||
/* copy blocks into data[], return 1 if data[] unchanged by so doing */
|
||||
int blockdata_retrieve(struct blockdata *block, size_t len, void *data)
|
||||
/* if data == NULL, return pointer to static block of sufficient size */
|
||||
void *blockdata_retrieve(struct blockdata *block, size_t len, void *data)
|
||||
{
|
||||
size_t blen;
|
||||
struct blockdata *b;
|
||||
int match = 1;
|
||||
void *new, *d;
|
||||
|
||||
for (b = block; len > 0 && b; b = b->next)
|
||||
static unsigned int buff_len = 0;
|
||||
static unsigned char *buff = NULL;
|
||||
|
||||
if (!data)
|
||||
{
|
||||
if (len > buff_len)
|
||||
{
|
||||
if (!(new = whine_malloc(len)))
|
||||
return NULL;
|
||||
if (buff)
|
||||
free(buff);
|
||||
buff = new;
|
||||
}
|
||||
data = buff;
|
||||
}
|
||||
|
||||
for (d = data, b = block; len > 0 && b; b = b->next)
|
||||
{
|
||||
blen = len > KEYBLOCK_LEN ? KEYBLOCK_LEN : len;
|
||||
if (memcmp(data, b->key, blen) != 0)
|
||||
match = 0;
|
||||
memcpy(data, b->key, blen);
|
||||
data += blen;
|
||||
memcpy(d, b->key, blen);
|
||||
d += blen;
|
||||
len -= blen;
|
||||
}
|
||||
|
||||
return match;
|
||||
return data;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
@@ -136,24 +136,6 @@ struct dns_header {
|
||||
(cp) += 4; \
|
||||
}
|
||||
|
||||
#define CHECKED_GETCHAR(var, ptr, len) do { \
|
||||
if ((len) < 1) return 0; \
|
||||
var = *ptr++; \
|
||||
(len) -= 1; \
|
||||
} while (0)
|
||||
|
||||
#define CHECKED_GETSHORT(var, ptr, len) do { \
|
||||
if ((len) < 2) return 0; \
|
||||
GETSHORT(var, ptr); \
|
||||
(len) -= 2; \
|
||||
} while (0)
|
||||
|
||||
#define CHECKED_GETLONG(var, ptr, len) do { \
|
||||
if ((len) < 4) return 0; \
|
||||
GETLONG(var, ptr); \
|
||||
(len) -= 4; \
|
||||
} while (0)
|
||||
|
||||
#define CHECK_LEN(header, pp, plen, len) \
|
||||
((size_t)((pp) - (unsigned char *)(header) + (len)) <= (plen))
|
||||
|
||||
|
||||
@@ -993,8 +993,7 @@ struct crec *cache_enumerate(int init);
|
||||
#ifdef HAVE_DNSSEC
|
||||
void blockdata_report(void);
|
||||
struct blockdata *blockdata_alloc(char *data, size_t len);
|
||||
size_t blockdata_walk(struct blockdata **key, unsigned char **p, size_t cnt);
|
||||
int blockdata_retrieve(struct blockdata *block, size_t len, void *data);
|
||||
void *blockdata_retrieve(struct blockdata *block, size_t len, void *data);
|
||||
void blockdata_free(struct blockdata *blocks);
|
||||
#endif
|
||||
|
||||
|
||||
@@ -1,83 +0,0 @@
|
||||
/* dnssec-crypto.h is Copyright (c) 2012 Giovanni Bajo <rasky@develer.com>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; version 2 dated June, 1991, or
|
||||
(at your option) version 3 dated 29 June, 2007.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#ifndef DNSSEC_CRYPTO_H
|
||||
#define DNSSEC_CRYPTO_H
|
||||
|
||||
struct blockdata;
|
||||
|
||||
/*
|
||||
* vtable for a signature verification algorithm.
|
||||
*
|
||||
* Each algorithm verifies that a certain signature over a (possibly non-contigous)
|
||||
* array of data has been made with the specified key.
|
||||
*
|
||||
* Sample of usage:
|
||||
*
|
||||
* // First, set the signature we need to check. Notice: data is not copied
|
||||
* // nor consumed, so the pointer must stay valid.
|
||||
* alg->set_signature(sig, 16);
|
||||
*
|
||||
* // Second, get push the data through the corresponding digest algorithm;
|
||||
* // data is consumed immediately, so the buffers can be freed or modified.
|
||||
* digestalg_begin(alg->get_digestalgo());
|
||||
* digestalg_add_data(buf1, 123);
|
||||
* digestalg_add_data(buf2, 45);
|
||||
* digestalg_add_data(buf3, 678);
|
||||
* alg->set_digest(digestalg_final());
|
||||
*
|
||||
* // Third, verify if we got the correct key for this signature.
|
||||
* alg->verify(key1, 16);
|
||||
* alg->verify(key2, 16);
|
||||
*/
|
||||
|
||||
typedef struct VerifyAlgCtx VerifyAlgCtx;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
int digest_algo;
|
||||
int (*verify)(VerifyAlgCtx *ctx, struct blockdata *key, unsigned key_len);
|
||||
} VerifyAlg;
|
||||
|
||||
struct VerifyAlgCtx
|
||||
{
|
||||
const VerifyAlg *vtbl;
|
||||
unsigned char *sig;
|
||||
size_t siglen;
|
||||
unsigned char digest[64]; /* TODO: if memory problems, use VLA */
|
||||
};
|
||||
|
||||
int verifyalg_supported(int algo);
|
||||
VerifyAlgCtx* verifyalg_alloc(int algo);
|
||||
void verifyalg_free(VerifyAlgCtx *a);
|
||||
int verifyalg_algonum(VerifyAlgCtx *a);
|
||||
|
||||
/* Functions to calculate the digest of a key */
|
||||
|
||||
/* RFC4034 digest algorithms */
|
||||
#define DIGESTALG_SHA1 1
|
||||
#define DIGESTALG_SHA256 2
|
||||
#define DIGESTALG_MD5 256
|
||||
#define DIGESTALG_SHA512 257
|
||||
|
||||
int digestalg_supported(int algo);
|
||||
void digestalg_begin(int algo);
|
||||
void digestalg_add_data(void *data, unsigned len);
|
||||
void digestalg_add_keydata(struct blockdata *key, size_t len);
|
||||
unsigned char *digestalg_final(void);
|
||||
int digestalg_len(void);
|
||||
|
||||
#endif /* DNSSEC_CRYPTO_H */
|
||||
@@ -1,316 +0,0 @@
|
||||
/* dnssec-openssl.c is Copyright (c) 2012 Giovanni Bajo <rasky@develer.com>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; version 2 dated June, 1991, or
|
||||
(at your option) version 3 dated 29 June, 2007.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include "dnsmasq.h"
|
||||
|
||||
#ifdef HAVE_DNSSEC
|
||||
|
||||
#include "dnssec-crypto.h"
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/rsa.h>
|
||||
#include <openssl/dsa.h>
|
||||
#include <openssl/err.h>
|
||||
#include <string.h>
|
||||
|
||||
#define POOL_SIZE 1
|
||||
static union _Pool
|
||||
{
|
||||
VerifyAlgCtx ctx;
|
||||
} Pool[POOL_SIZE];
|
||||
static char pool_used = 0;
|
||||
|
||||
static void print_hex(unsigned char *data, unsigned len)
|
||||
{
|
||||
while (len > 0)
|
||||
{
|
||||
printf("%02x", *data++);
|
||||
--len;
|
||||
}
|
||||
printf("\n");
|
||||
}
|
||||
|
||||
static int keydata_to_bn(BIGNUM *ret, struct blockdata **key_data, unsigned char **p, unsigned len)
|
||||
{
|
||||
size_t cnt;
|
||||
BIGNUM temp;
|
||||
|
||||
BN_init(ret);
|
||||
|
||||
cnt = blockdata_walk(key_data, p, len);
|
||||
BN_bin2bn(*p, cnt, ret);
|
||||
len -= cnt;
|
||||
*p += cnt;
|
||||
while (len > 0)
|
||||
{
|
||||
if (!(cnt = blockdata_walk(key_data, p, len)))
|
||||
return 0;
|
||||
BN_lshift(ret, ret, cnt*8);
|
||||
BN_init(&temp);
|
||||
BN_bin2bn(*p, cnt, &temp);
|
||||
BN_add(ret, ret, &temp);
|
||||
len -= cnt;
|
||||
*p += cnt;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int rsasha1_parse_key(BIGNUM *exp, BIGNUM *mod, struct blockdata *key_data, unsigned key_len)
|
||||
{
|
||||
unsigned char *p = key_data->key;
|
||||
size_t exp_len, mod_len;
|
||||
|
||||
CHECKED_GETCHAR(exp_len, p, key_len);
|
||||
if (exp_len == 0)
|
||||
CHECKED_GETSHORT(exp_len, p, key_len);
|
||||
if (exp_len >= key_len)
|
||||
return 0;
|
||||
mod_len = key_len - exp_len;
|
||||
|
||||
return keydata_to_bn(exp, &key_data, &p, exp_len) &&
|
||||
keydata_to_bn(mod, &key_data, &p, mod_len);
|
||||
}
|
||||
|
||||
static int dsasha1_parse_key(BIGNUM *Q, BIGNUM *P, BIGNUM *G, BIGNUM *Y, struct blockdata *key_data, unsigned key_len)
|
||||
{
|
||||
unsigned char *p = key_data->key;
|
||||
int T;
|
||||
|
||||
CHECKED_GETCHAR(T, p, key_len);
|
||||
return
|
||||
keydata_to_bn(Q, &key_data, &p, 20) &&
|
||||
keydata_to_bn(P, &key_data, &p, 64+T*8) &&
|
||||
keydata_to_bn(G, &key_data, &p, 64+T*8) &&
|
||||
keydata_to_bn(Y, &key_data, &p, 64+T*8);
|
||||
}
|
||||
|
||||
static int rsa_verify(VerifyAlgCtx *ctx, struct blockdata *key_data, unsigned key_len, int nid, int dlen)
|
||||
{
|
||||
int validated = 0;
|
||||
|
||||
RSA *rsa = RSA_new();
|
||||
rsa->e = BN_new();
|
||||
rsa->n = BN_new();
|
||||
if (rsasha1_parse_key(rsa->e, rsa->n, key_data, key_len)
|
||||
&& RSA_verify(nid, ctx->digest, dlen, ctx->sig, ctx->siglen, rsa))
|
||||
validated = 1;
|
||||
|
||||
RSA_free(rsa);
|
||||
return validated;
|
||||
}
|
||||
|
||||
static int rsamd5_verify(VerifyAlgCtx *ctx, struct blockdata *key_data, unsigned key_len)
|
||||
{
|
||||
return rsa_verify(ctx, key_data, key_len, NID_md5, 16);
|
||||
}
|
||||
|
||||
static int rsasha1_verify(VerifyAlgCtx *ctx, struct blockdata *key_data, unsigned key_len)
|
||||
{
|
||||
return rsa_verify(ctx, key_data, key_len, NID_sha1, 20);
|
||||
}
|
||||
|
||||
static int rsasha256_verify(VerifyAlgCtx *ctx, struct blockdata *key_data, unsigned key_len)
|
||||
{
|
||||
return rsa_verify(ctx, key_data, key_len, NID_sha256, 32);
|
||||
}
|
||||
|
||||
static int rsasha512_verify(VerifyAlgCtx *ctx, struct blockdata *key_data, unsigned key_len)
|
||||
{
|
||||
return rsa_verify(ctx, key_data, key_len, NID_sha512, 64);
|
||||
}
|
||||
|
||||
static int dsasha1_verify(VerifyAlgCtx *ctx, struct blockdata *key_data, unsigned key_len)
|
||||
{
|
||||
static unsigned char asn1_signature[] =
|
||||
{
|
||||
0x30, 0x2E, // sequence
|
||||
0x02, 21, // large integer (21 bytes)
|
||||
0x00, 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, // R
|
||||
0x02, 21, // large integer (21 bytes)
|
||||
0x00, 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, // S
|
||||
};
|
||||
int validated = 0;
|
||||
|
||||
/* A DSA signature is made of 2 bignums (R & S). We could parse them manually with BN_bin2bn(),
|
||||
but OpenSSL does not have an API to verify a DSA signature given R and S, and insists
|
||||
in having a ASN.1 BER sequence (as per RFC3279).
|
||||
We prepare a hard-coded ASN.1 sequence, and just fill in the R&S numbers in it. */
|
||||
memcpy(asn1_signature+5, ctx->sig+1, 20);
|
||||
memcpy(asn1_signature+28, ctx->sig+21, 20);
|
||||
|
||||
DSA *dsa = DSA_new();
|
||||
dsa->q = BN_new();
|
||||
dsa->p = BN_new();
|
||||
dsa->g = BN_new();
|
||||
dsa->pub_key = BN_new();
|
||||
|
||||
if (dsasha1_parse_key(dsa->q, dsa->p, dsa->g, dsa->pub_key, key_data, key_len)
|
||||
&& DSA_verify(0, ctx->digest, 20, asn1_signature, countof(asn1_signature), dsa) > 0)
|
||||
validated = 1;
|
||||
|
||||
DSA_free(dsa);
|
||||
return validated;
|
||||
}
|
||||
|
||||
#define VALG_UNSUPPORTED() { \
|
||||
0,0 \
|
||||
} /**/
|
||||
|
||||
#define VALG_VTABLE(alg, digest) { \
|
||||
digest, \
|
||||
alg ## _verify \
|
||||
} /**/
|
||||
|
||||
/* Updated registry that merges various RFCs:
|
||||
https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xml */
|
||||
static const VerifyAlg valgs[] =
|
||||
{
|
||||
VALG_UNSUPPORTED(), /* 0: reserved */
|
||||
VALG_VTABLE(rsamd5, DIGESTALG_MD5), /* 1: RSAMD5 */
|
||||
VALG_UNSUPPORTED(), /* 2: DH */
|
||||
VALG_VTABLE(dsasha1, DIGESTALG_SHA1), /* 3: DSA */
|
||||
VALG_UNSUPPORTED(), /* 4: ECC */
|
||||
VALG_VTABLE(rsasha1, DIGESTALG_SHA1), /* 5: RSASHA1 */
|
||||
VALG_VTABLE(dsasha1, DIGESTALG_SHA1), /* 6: DSA-NSEC3-SHA1 */
|
||||
VALG_VTABLE(rsasha1, DIGESTALG_SHA1), /* 7: RSASHA1-NSEC3-SHA1 */
|
||||
VALG_VTABLE(rsasha256, DIGESTALG_SHA256), /* 8: RSASHA256 */
|
||||
VALG_UNSUPPORTED(), /* 9: unassigned */
|
||||
VALG_VTABLE(rsasha512, DIGESTALG_SHA512), /* 10: RSASHA512 */
|
||||
VALG_UNSUPPORTED(), /* 11: unassigned */
|
||||
VALG_UNSUPPORTED(), /* 12: ECC-GOST */
|
||||
VALG_UNSUPPORTED(), /* 13: ECDSAP256SHA256 */
|
||||
VALG_UNSUPPORTED(), /* 14: ECDSAP384SHA384 */
|
||||
};
|
||||
|
||||
/* TODO: remove if we don't need this anymore
|
||||
(to be rechecked if we ever remove OpenSSL) */
|
||||
static const int valgctx_size[] =
|
||||
{
|
||||
0, /* 0: reserved */
|
||||
sizeof(VerifyAlgCtx), /* 1: RSAMD5 */
|
||||
0, /* 2: DH */
|
||||
sizeof(VerifyAlgCtx), /* 3: DSA */
|
||||
0, /* 4: ECC */
|
||||
sizeof(VerifyAlgCtx), /* 5: RSASHA1 */
|
||||
sizeof(VerifyAlgCtx), /* 6: DSA-NSEC3-SHA1 */
|
||||
sizeof(VerifyAlgCtx), /* 7: RSASHA1-NSEC3-SHA1 */
|
||||
sizeof(VerifyAlgCtx), /* 8: RSASHA256 */
|
||||
0, /* 9: unassigned */
|
||||
sizeof(VerifyAlgCtx), /* 10: RSASHA512 */
|
||||
0, /* 11: unassigned */
|
||||
0, /* 12: ECC-GOST */
|
||||
0, /* 13: ECDSAP256SHA256 */
|
||||
0, /* 14: ECDSAP384SHA384 */
|
||||
};
|
||||
|
||||
int verifyalg_supported(int algo)
|
||||
{
|
||||
return (algo < countof(valgctx_size) && valgctx_size[algo] != 0);
|
||||
}
|
||||
|
||||
VerifyAlgCtx* verifyalg_alloc(int algo)
|
||||
{
|
||||
int i;
|
||||
VerifyAlgCtx *ret = 0;
|
||||
|
||||
if (pool_used == (1<<POOL_SIZE)-1)
|
||||
ret = whine_malloc(valgctx_size[algo]);
|
||||
else
|
||||
for (i = 0; i < POOL_SIZE; ++i)
|
||||
if (!(pool_used & (1 << i)))
|
||||
{
|
||||
ret = (VerifyAlgCtx*)&Pool[i];
|
||||
pool_used |= 1 << i;
|
||||
break;
|
||||
}
|
||||
|
||||
if (ret)
|
||||
ret->vtbl = &valgs[algo];
|
||||
return ret;
|
||||
}
|
||||
|
||||
void verifyalg_free(VerifyAlgCtx *a)
|
||||
{
|
||||
int pool_idx = ((char*)a - (char*)&Pool[0]) / sizeof(Pool[0]);
|
||||
if (pool_idx < 0 || pool_idx >= POOL_SIZE)
|
||||
{
|
||||
free(a);
|
||||
return;
|
||||
}
|
||||
|
||||
pool_used &= ~(1 << pool_idx);
|
||||
}
|
||||
|
||||
int verifyalg_algonum(VerifyAlgCtx *a)
|
||||
{
|
||||
int num = a->vtbl - valgs;
|
||||
if (num < 0 || num >= countof(valgs))
|
||||
return -1;
|
||||
return num;
|
||||
}
|
||||
|
||||
static EVP_MD_CTX digctx;
|
||||
|
||||
int digestalg_supported(int algo)
|
||||
{
|
||||
return (algo == DIGESTALG_SHA1 ||
|
||||
algo == DIGESTALG_SHA256 ||
|
||||
algo == DIGESTALG_MD5 ||
|
||||
algo == DIGESTALG_SHA512);
|
||||
}
|
||||
|
||||
void digestalg_begin(int algo)
|
||||
{
|
||||
EVP_MD_CTX_init(&digctx);
|
||||
if (algo == DIGESTALG_SHA1)
|
||||
EVP_DigestInit_ex(&digctx, EVP_sha1(), NULL);
|
||||
else if (algo == DIGESTALG_SHA256)
|
||||
EVP_DigestInit_ex(&digctx, EVP_sha256(), NULL);
|
||||
else if (algo == DIGESTALG_SHA512)
|
||||
EVP_DigestInit_ex(&digctx, EVP_sha512(), NULL);
|
||||
else if (algo == DIGESTALG_MD5)
|
||||
EVP_DigestInit_ex(&digctx, EVP_md5(), NULL);
|
||||
}
|
||||
|
||||
int digestalg_len()
|
||||
{
|
||||
return EVP_MD_CTX_size(&digctx);
|
||||
}
|
||||
|
||||
void digestalg_add_data(void *data, unsigned len)
|
||||
{
|
||||
EVP_DigestUpdate(&digctx, data, len);
|
||||
}
|
||||
|
||||
void digestalg_add_keydata(struct blockdata *key, size_t len)
|
||||
{
|
||||
size_t cnt; unsigned char *p = NULL;
|
||||
while (len)
|
||||
{
|
||||
cnt = blockdata_walk(&key, &p, len);
|
||||
EVP_DigestUpdate(&digctx, p, cnt);
|
||||
p += cnt;
|
||||
len -= cnt;
|
||||
}
|
||||
}
|
||||
|
||||
unsigned char* digestalg_final(void)
|
||||
{
|
||||
static unsigned char digest[32];
|
||||
EVP_DigestFinal(&digctx, digest, NULL);
|
||||
return digest;
|
||||
}
|
||||
|
||||
#endif /* HAVE_DNSSEC */
|
||||
303
src/dnssec.c
303
src/dnssec.c
@@ -19,13 +19,210 @@
|
||||
|
||||
#ifdef HAVE_DNSSEC
|
||||
|
||||
#include "dnssec-crypto.h"
|
||||
#include <nettle/rsa.h>
|
||||
#include <nettle/dsa.h>
|
||||
#include <nettle/nettle-meta.h>
|
||||
#include <gmp.h>
|
||||
|
||||
#define SERIAL_UNDEF -100
|
||||
#define SERIAL_EQ 0
|
||||
#define SERIAL_LT -1
|
||||
#define SERIAL_GT 1
|
||||
|
||||
/* http://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml */
|
||||
static char *ds_digest_name(int digest)
|
||||
{
|
||||
switch (digest)
|
||||
{
|
||||
case 1: return "sha1";
|
||||
case 2: return "sha256";
|
||||
case 3: return "gosthash94";
|
||||
case 4: return "sha384";
|
||||
default: return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
/* http://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml */
|
||||
static char *algo_digest_name(int algo)
|
||||
{
|
||||
switch (algo)
|
||||
{
|
||||
case 1: return "md5";
|
||||
case 3: return "sha1";
|
||||
case 5: return "sha1";
|
||||
case 6: return "sha1";
|
||||
case 7: return "sha1";
|
||||
case 8: return "sha256";
|
||||
case 10: return "sha512";
|
||||
case 12: return "gosthash94";
|
||||
case 13: return "sha256";
|
||||
case 14: return "sha384";
|
||||
default: return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
/* Find pointer to correct hash function in nettle library */
|
||||
static const struct nettle_hash *hash_find(char *name)
|
||||
{
|
||||
int i;
|
||||
|
||||
if (!name)
|
||||
return NULL;
|
||||
|
||||
for (i = 0; nettle_hashes[i]; i++)
|
||||
{
|
||||
if (strcmp(nettle_hashes[i]->name, name) == 0)
|
||||
return nettle_hashes[i];
|
||||
}
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* expand ctx and digest memory allocations if necessary and init hash function */
|
||||
static int hash_init(const struct nettle_hash *hash, void **ctxp, unsigned char **digestp)
|
||||
{
|
||||
static void *ctx = NULL;
|
||||
static unsigned char *digest = NULL;
|
||||
static unsigned int ctx_sz = 0;
|
||||
static unsigned int digest_sz = 0;
|
||||
|
||||
void *new;
|
||||
|
||||
if (ctx_sz < hash->context_size)
|
||||
{
|
||||
if (!(new = whine_malloc(hash->context_size)))
|
||||
return 0;
|
||||
if (ctx)
|
||||
free(ctx);
|
||||
ctx = new;
|
||||
ctx_sz = hash->context_size;
|
||||
}
|
||||
|
||||
if (digest_sz < hash->digest_size)
|
||||
{
|
||||
if (!(new = whine_malloc(hash->digest_size)))
|
||||
return 0;
|
||||
if (digest)
|
||||
free(digest);
|
||||
digest = new;
|
||||
digest_sz = hash->digest_size;
|
||||
}
|
||||
|
||||
*ctxp = ctx;
|
||||
*digestp = digest;
|
||||
|
||||
hash->init(ctx);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int rsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len,
|
||||
unsigned char *digest, int algo)
|
||||
{
|
||||
unsigned char *p;
|
||||
size_t exp_len;
|
||||
|
||||
static struct rsa_public_key *key = NULL;
|
||||
static mpz_t sig_mpz;
|
||||
|
||||
if (key == NULL)
|
||||
{
|
||||
if (!(key = whine_malloc(sizeof(struct rsa_public_key))))
|
||||
return 0;
|
||||
|
||||
nettle_rsa_public_key_init(key);
|
||||
mpz_init(sig_mpz);
|
||||
}
|
||||
|
||||
if ((key_len < 3) || !(p = blockdata_retrieve(key_data, key_len, NULL)))
|
||||
return 0;
|
||||
|
||||
key_len--;
|
||||
if ((exp_len = *p++) == 0)
|
||||
{
|
||||
GETSHORT(exp_len, p);
|
||||
key_len -= 2;
|
||||
}
|
||||
|
||||
if (exp_len >= key_len)
|
||||
return 0;
|
||||
|
||||
key->size = key_len - exp_len;
|
||||
mpz_import(key->e, exp_len, 1, 1, 0, 0, p);
|
||||
mpz_import(key->n, key->size, 1, 1, 0, 0, p + exp_len);
|
||||
|
||||
mpz_import(sig_mpz, sig_len, 1, 1, 0, 0, sig);
|
||||
|
||||
switch (algo)
|
||||
{
|
||||
case 1:
|
||||
return nettle_rsa_md5_verify_digest(key, digest, sig_mpz);
|
||||
case 5: case 7:
|
||||
return nettle_rsa_sha1_verify_digest(key, digest, sig_mpz);
|
||||
case 8:
|
||||
return nettle_rsa_sha256_verify_digest(key, digest, sig_mpz);
|
||||
case 10:
|
||||
return nettle_rsa_sha512_verify_digest(key, digest, sig_mpz);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int dsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len,
|
||||
unsigned char *digest, int algo)
|
||||
{
|
||||
unsigned char *p;
|
||||
unsigned int t;
|
||||
|
||||
static struct dsa_public_key *key = NULL;
|
||||
static struct dsa_signature *sig_struct;
|
||||
|
||||
if (key == NULL)
|
||||
{
|
||||
if (!(sig_struct = whine_malloc(sizeof(struct dsa_signature))) ||
|
||||
!(key = whine_malloc(sizeof(struct dsa_public_key))))
|
||||
return 0;
|
||||
|
||||
nettle_dsa_public_key_init(key);
|
||||
nettle_dsa_signature_init(sig_struct);
|
||||
}
|
||||
|
||||
if ((sig_len < 41) || !(p = blockdata_retrieve(key_data, key_len, NULL)))
|
||||
return 0;
|
||||
|
||||
t = *p++;
|
||||
|
||||
if (key_len < (213 + (t * 24)))
|
||||
return 0;
|
||||
|
||||
mpz_import(key->q, 20, 1, 1, 0, 0, p); p += 20;
|
||||
mpz_import(key->p, 64 + (t*8), 1, 1, 0, 0, p); p += 64 + (t*8);
|
||||
mpz_import(key->g, 64 + (t*8), 1, 1, 0, 0, p); p += 64 + (t*8);
|
||||
mpz_import(key->y, 64 + (t*8), 1, 1, 0, 0, p); p += 64 + (t*8);
|
||||
|
||||
mpz_import(sig_struct->r, 20, 1, 1, 0, 0, sig+1);
|
||||
mpz_import(sig_struct->s, 20, 1, 1, 0, 0, sig+21);
|
||||
|
||||
(void)algo;
|
||||
|
||||
return nettle_dsa_sha1_verify_digest(key, digest, sig_struct);
|
||||
}
|
||||
|
||||
static int verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len,
|
||||
unsigned char *digest, int algo)
|
||||
{
|
||||
switch (algo)
|
||||
{
|
||||
case 1: case 5: case 7: case 8: case 10:
|
||||
return rsa_verify(key_data, key_len, sig, sig_len, digest, algo);
|
||||
|
||||
case 3: case 6:
|
||||
return dsa_verify(key_data, key_len, sig, sig_len, digest, algo);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Convert from presentation format to wire format, in place.
|
||||
Also map UC -> LC.
|
||||
Note that using extract_name to get presentation format
|
||||
@@ -362,7 +559,7 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in
|
||||
|
||||
if (type_covered == type &&
|
||||
check_date_range(sig_inception, sig_expiration) &&
|
||||
verifyalg_supported(algo) &&
|
||||
hash_find(algo_digest_name(algo)) &&
|
||||
labels <= name_labels)
|
||||
{
|
||||
if (sigidx == sig_sz)
|
||||
@@ -404,9 +601,11 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in
|
||||
/* Now try all the sigs to try and find one which validates */
|
||||
for (j = 0; j <sigidx; j++)
|
||||
{
|
||||
unsigned char *psav;
|
||||
int i, wire_len;
|
||||
VerifyAlgCtx *alg;
|
||||
unsigned char *psav, *sig;
|
||||
int i, wire_len, sig_len;
|
||||
const struct nettle_hash *hash;
|
||||
void *ctx;
|
||||
unsigned char *digest;
|
||||
u32 nsigttl;
|
||||
|
||||
p = sigs[j];
|
||||
@@ -427,16 +626,18 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in
|
||||
if (!key && !(crecp = cache_find_by_name(NULL, keyname, now, F_DNSKEY)))
|
||||
return STAT_NEED_KEY;
|
||||
|
||||
alg = verifyalg_alloc(algo);
|
||||
alg->sig = p;
|
||||
alg->siglen = rdlen - (p - psav);
|
||||
sig = p;
|
||||
sig_len = rdlen - (p - psav);
|
||||
|
||||
if (!(hash = hash_find(algo_digest_name(algo))) ||
|
||||
!hash_init(hash, &ctx, &digest))
|
||||
continue;
|
||||
|
||||
nsigttl = htonl(orig_ttl);
|
||||
|
||||
digestalg_begin(alg->vtbl->digest_algo);
|
||||
digestalg_add_data(psav, 18);
|
||||
hash->update(ctx, 18, psav);
|
||||
wire_len = to_wire(keyname);
|
||||
digestalg_add_data(keyname, wire_len);
|
||||
hash->update(ctx, (unsigned int)wire_len, (unsigned char*)keyname);
|
||||
from_wire(keyname);
|
||||
|
||||
for (i = 0; i < rrsetidx; ++i)
|
||||
@@ -462,9 +663,9 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in
|
||||
}
|
||||
|
||||
wire_len = to_wire(name_start);
|
||||
digestalg_add_data(name_start, wire_len);
|
||||
digestalg_add_data(p, 4); /* class and type */
|
||||
digestalg_add_data(&nsigttl, 4);
|
||||
hash->update(ctx, (unsigned int)wire_len, (unsigned char *)name_start);
|
||||
hash->update(ctx, 4, p); /* class and type */
|
||||
hash->update(ctx, 4, (unsigned char *)&nsigttl);
|
||||
|
||||
p += 8; /* skip class, type, ttl */
|
||||
GETSHORT(rdlen, p);
|
||||
@@ -479,27 +680,27 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in
|
||||
for (len = 0; (seg = get_rdata(header, plen, end, name, &cp, &dp)) != 0; len += seg);
|
||||
len += end - cp;
|
||||
len = htons(len);
|
||||
digestalg_add_data(&len, 2);
|
||||
hash->update(ctx, 2, (unsigned char *)&len);
|
||||
|
||||
/* Now canonicalise again and digest. */
|
||||
cp = p;
|
||||
dp = rr_desc;
|
||||
while ((seg = get_rdata(header, plen, end, name, &cp, &dp)))
|
||||
digestalg_add_data(name, seg);
|
||||
hash->update(ctx, seg, (unsigned char *)name);
|
||||
if (cp != end)
|
||||
digestalg_add_data(cp, end - cp);
|
||||
hash->update(ctx, end - cp, cp);
|
||||
}
|
||||
|
||||
|
||||
hash->digest(ctx, hash->digest_size, digest);
|
||||
|
||||
/* namebuff used for workspace above, restore to leave unchanged on exit */
|
||||
p = (unsigned char*)(rrset[0]);
|
||||
extract_name(header, plen, &p, name, 1, 0);
|
||||
|
||||
memcpy(alg->digest, digestalg_final(), digestalg_len());
|
||||
|
||||
if (key)
|
||||
{
|
||||
if (algo_in == algo && keytag_in == key_tag &&
|
||||
alg->vtbl->verify(alg, key, keylen))
|
||||
verify(key, keylen, sig, sig_len, digest, algo))
|
||||
return STAT_SECURE;
|
||||
}
|
||||
else
|
||||
@@ -507,7 +708,7 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in
|
||||
/* iterate through all possible keys 4035 5.3.1 */
|
||||
for (; crecp; crecp = cache_find_by_name(crecp, keyname, now, F_DNSKEY))
|
||||
if (crecp->addr.key.algo == algo && crecp->addr.key.keytag == key_tag &&
|
||||
alg->vtbl->verify(alg, crecp->addr.key.keydata, crecp->uid))
|
||||
verify(crecp->addr.key.keydata, crecp->uid, sig, sig_len, digest, algo))
|
||||
return STAT_SECURE;
|
||||
}
|
||||
}
|
||||
@@ -579,7 +780,6 @@ int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t plen, ch
|
||||
|
||||
psave = p;
|
||||
|
||||
/* length at least covers flags, protocol and algo now. */
|
||||
GETSHORT(flags, p);
|
||||
if (*p++ != 3)
|
||||
return STAT_INSECURE;
|
||||
@@ -606,30 +806,41 @@ int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t plen, ch
|
||||
continue;
|
||||
|
||||
for (recp1 = crecp; recp1; recp1 = cache_find_by_name(recp1, name, now, F_DS))
|
||||
if (recp1->addr.key.algo == algo &&
|
||||
recp1->addr.key.keytag == keytag &&
|
||||
(flags & 0x100) && /* zone key flag */
|
||||
digestalg_supported(recp1->addr.key.digest))
|
||||
{
|
||||
int wire_len = to_wire(name);
|
||||
{
|
||||
void *ctx;
|
||||
unsigned char *digest, *ds_digest;
|
||||
const struct nettle_hash *hash;
|
||||
|
||||
if (recp1->addr.key.algo == algo &&
|
||||
recp1->addr.key.keytag == keytag &&
|
||||
(flags & 0x100) && /* zone key flag */
|
||||
(hash = hash_find(ds_digest_name(recp1->addr.key.digest))) &&
|
||||
hash_init(hash, &ctx, &digest))
|
||||
|
||||
digestalg_begin(recp1->addr.key.digest);
|
||||
digestalg_add_data(name, wire_len);
|
||||
digestalg_add_data((char *)psave, rdlen);
|
||||
|
||||
from_wire(name);
|
||||
|
||||
if (recp1->uid == digestalg_len() &&
|
||||
blockdata_retrieve(recp1->addr.key.keydata, recp1->uid, digestalg_final()) &&
|
||||
validate_rrset(now, header, plen, class, T_DNSKEY, name, keyname, key, rdlen - 4, algo, keytag))
|
||||
{
|
||||
struct all_addr a;
|
||||
valid = 1;
|
||||
a.addr.keytag = keytag;
|
||||
log_query(F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %u");
|
||||
break;
|
||||
}
|
||||
}
|
||||
{
|
||||
int wire_len = to_wire(name);
|
||||
|
||||
/* Note that digest may be different between DSs, so
|
||||
we can't move this outside the loop. */
|
||||
hash->update(ctx, (unsigned int)wire_len, (unsigned char *)name);
|
||||
hash->update(ctx, (unsigned int)rdlen, psave);
|
||||
hash->digest(ctx, hash->digest_size, digest);
|
||||
|
||||
from_wire(name);
|
||||
|
||||
if (recp1->uid == (int)hash->digest_size &&
|
||||
(ds_digest = blockdata_retrieve(recp1->addr.key.keydata, recp1->uid, NULL)) &&
|
||||
memcmp (ds_digest, digest, recp1->uid) == 0 &&
|
||||
validate_rrset(now, header, plen, class, T_DNSKEY, name, keyname, key, rdlen - 4, algo, keytag))
|
||||
{
|
||||
struct all_addr a;
|
||||
valid = 1;
|
||||
a.addr.keytag = keytag;
|
||||
log_query(F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %u");
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (valid)
|
||||
|
||||
@@ -3687,7 +3687,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
|
||||
|
||||
|
||||
/* Upper bound on length */
|
||||
new->key = opt_malloc((3*strlen(key64)/4));
|
||||
new->key = opt_malloc((3*strlen(key64)/4)+1);
|
||||
unhide_metas(key64);
|
||||
if ((new->keylen = parse_base64(key64, new->key)) == -1)
|
||||
ret_err(_("bad base64 in DNSKEY"));
|
||||
|
||||
Reference in New Issue
Block a user