Search in sources :

Example 31 with DNSMessage

use of org.minidns.dnsmessage.DNSMessage in project minidns by MiniDNS.

the class DNSSECClientTest method testNoSEPAtKSK.

@SuppressWarnings("unchecked")
@Test
public void testNoSEPAtKSK() throws IOException {
    DNSKEY comKSK = dnskey(DNSKEY.FLAG_ZONE, algorithm, publicKey(algorithm, comPrivateKSK));
    applyZones(client, signedRootZone(sign(rootKSK, "", rootPrivateKSK, algorithm, record("", rootKSK), record("", rootZSK)), sign(rootZSK, "", rootPrivateZSK, algorithm, record("com", ds("com", digestType, comKSK))), sign(rootZSK, "", rootPrivateZSK, algorithm, record("com", ns("ns.com"))), sign(rootZSK, "", rootPrivateZSK, algorithm, record("ns.com", a("1.1.1.1")))), signedZone("com", "ns.com", "1.1.1.1", sign(comKSK, "com", comPrivateKSK, algorithm, record("com", comKSK), record("com", comZSK)), sign(comZSK, "com", comPrivateZSK, algorithm, record("example.com", a("1.1.1.2")))));
    DNSMessage message = client.query("example.com", Record.TYPE.A);
    assertNotNull(message);
    assertTrue(message.authenticData);
    checkCorrectExampleMessage(message);
}
Also used : DNSKEY(org.minidns.record.DNSKEY) DNSMessage(org.minidns.dnsmessage.DNSMessage) Test(org.junit.Test)

Example 32 with DNSMessage

use of org.minidns.dnsmessage.DNSMessage in project minidns by MiniDNS.

the class DNSSECClientTest method testSignatureOutOfDate.

@SuppressWarnings("unchecked")
@Test
public void testSignatureOutOfDate() throws IOException {
    Date signatureExpiration = new Date(System.currentTimeMillis() - 14 * 24 * 60 * 60 * 1000);
    Date signatureInception = new Date(System.currentTimeMillis() - 28L * 24L * 60L * 60L * 1000L);
    RRSIG outOfDateSig = rrsig(Record.TYPE.A, algorithm, 2, 3600, signatureExpiration, signatureInception, comZSK.getKeyTag(), "com", new byte[0]);
    applyZones(client, signedRootZone(sign(rootKSK, "", rootPrivateKSK, algorithm, record("", rootKSK), record("", rootZSK)), sign(rootZSK, "", rootPrivateZSK, algorithm, record("com", ds("com", digestType, comKSK))), sign(rootZSK, "", rootPrivateZSK, algorithm, record("com", ns("ns.com"))), sign(rootZSK, "", rootPrivateZSK, algorithm, record("ns.com", a("1.1.1.1")))), signedZone("com", "ns.com", "1.1.1.1", sign(comKSK, "com", comPrivateKSK, algorithm, record("com", comKSK), record("com", comZSK)), sign(comPrivateZSK, outOfDateSig, record("example.com", a("1.1.1.2")))));
    DNSMessage message = client.query("example.com", Record.TYPE.A);
    assertNotNull(message);
    assertFalse(message.authenticData);
    checkCorrectExampleMessage(message);
}
Also used : RRSIG(org.minidns.record.RRSIG) Date(java.util.Date) DNSMessage(org.minidns.dnsmessage.DNSMessage) Test(org.junit.Test)

Example 33 with DNSMessage

use of org.minidns.dnsmessage.DNSMessage in project minidns by MiniDNS.

the class DNSSECClientTest method testMissingDelegation.

@SuppressWarnings("unchecked")
@Test
public void testMissingDelegation() throws IOException {
    applyZones(client, signedRootZone(sign(rootKSK, "", rootPrivateKSK, algorithm, record("", rootKSK), record("", rootZSK)), sign(rootZSK, "", rootPrivateZSK, algorithm, record("com", ns("ns.com"))), sign(rootZSK, "", rootPrivateZSK, algorithm, record("ns.com", a("1.1.1.1")))), signedZone("com", "ns.com", "1.1.1.1", sign(comKSK, "com", comPrivateKSK, algorithm, record("com", comKSK), record("com", comZSK)), sign(comZSK, "com", comPrivateZSK, algorithm, record("example.com", a("1.1.1.2")))));
    DNSMessage message = client.query("example.com", Record.TYPE.A);
    assertNotNull(message);
    assertFalse(message.authenticData);
    checkCorrectExampleMessage(message);
}
Also used : DNSMessage(org.minidns.dnsmessage.DNSMessage) Test(org.junit.Test)

Example 34 with DNSMessage

use of org.minidns.dnsmessage.DNSMessage in project minidns by MiniDNS.

the class DNSSECClientTest method testValidDLV.

@SuppressWarnings("unchecked")
@Test
public void testValidDLV() throws IOException {
    PrivateKey dlvPrivateKSK = generatePrivateKey(algorithm, 2048);
    DNSKEY dlvKSK = dnskey(DNSKEY.FLAG_ZONE | DNSKEY.FLAG_SECURE_ENTRY_POINT, algorithm, publicKey(algorithm, dlvPrivateKSK));
    PrivateKey dlvPrivateZSK = generatePrivateKey(algorithm, 1024);
    DNSKEY dlvZSK = dnskey(DNSKEY.FLAG_ZONE, algorithm, publicKey(algorithm, dlvPrivateZSK));
    applyZones(client, signedRootZone(sign(rootKSK, "", rootPrivateKSK, algorithm, record("", rootKSK), record("", rootZSK)), sign(rootZSK, "", rootPrivateZSK, algorithm, record("dlv", ds("dlv", digestType, dlvKSK))), sign(rootZSK, "", rootPrivateZSK, algorithm, record("dlv", ns("ns.com"))), sign(rootZSK, "", rootPrivateZSK, algorithm, record("com", ns("ns.com"))), sign(rootZSK, "", rootPrivateZSK, algorithm, record("ns.com", a("1.1.1.1")))), signedZone("com", "ns.com", "1.1.1.1", sign(comKSK, "com", comPrivateKSK, algorithm, record("com", comKSK), record("com", comZSK)), sign(comZSK, "com", comPrivateZSK, algorithm, record("example.com", a("1.1.1.2")))), signedZone("dlv", "ns.com", "1.1.1.1", sign(dlvKSK, "dlv", dlvPrivateKSK, algorithm, record("dlv", dlvKSK), record("dlv", dlvZSK)), sign(dlvZSK, "dlv", dlvPrivateZSK, algorithm, record("com.dlv", dlv("com", digestType, comKSK)))));
    client.configureLookasideValidation(DNSName.from("dlv"));
    DNSMessage message = client.query("example.com", Record.TYPE.A);
    assertNotNull(message);
    assertTrue(message.authenticData);
    checkCorrectExampleMessage(message);
    client.disableLookasideValidation();
    message = client.query("example.com", Record.TYPE.A);
    assertNotNull(message);
    assertFalse(message.authenticData);
    checkCorrectExampleMessage(message);
}
Also used : DNSSECWorld.generatePrivateKey(org.minidns.dnssec.DNSSECWorld.generatePrivateKey) PrivateKey(java.security.PrivateKey) DNSKEY(org.minidns.record.DNSKEY) DNSMessage(org.minidns.dnsmessage.DNSMessage) Test(org.junit.Test)

Example 35 with DNSMessage

use of org.minidns.dnsmessage.DNSMessage in project minidns by MiniDNS.

the class DNSSECClientTest method testUnsignedRoot.

@SuppressWarnings("unchecked")
@Test
public void testUnsignedRoot() throws IOException {
    applyZones(client, rootZone(record("com", ds("com", digestType, comKSK)), record("com", ns("ns.com")), record("ns.com", a("1.1.1.1"))), signedZone("com", "ns.com", "1.1.1.1", sign(comKSK, "com", comPrivateKSK, algorithm, record("com", comKSK), record("com", comZSK)), sign(comZSK, "com", comPrivateZSK, algorithm, record("example.com", a("1.1.1.2")))));
    DNSMessage message = client.query("example.com", Record.TYPE.A);
    assertNotNull(message);
    assertFalse(message.authenticData);
    checkCorrectExampleMessage(message);
}
Also used : DNSMessage(org.minidns.dnsmessage.DNSMessage) Test(org.junit.Test)

Aggregations

DNSMessage (org.minidns.dnsmessage.DNSMessage)67 Test (org.junit.Test)35 Data (org.minidns.record.Data)16 Record (org.minidns.record.Record)16 IOException (java.io.IOException)15 Question (org.minidns.dnsmessage.Question)14 InetAddress (java.net.InetAddress)6 LRUCache (org.minidns.cache.LRUCache)6 ArrayList (java.util.ArrayList)5 DNSClient (org.minidns.DNSClient)5 LinkedList (java.util.LinkedList)4 EDNS (org.minidns.edns.EDNS)4 RRSIG (org.minidns.record.RRSIG)4 Date (java.util.Date)3 Level (java.util.logging.Level)3 InternalMiniDnsFuture (org.minidns.MiniDnsFuture.InternalMiniDnsFuture)3 DNSName (org.minidns.dnsname.DNSName)3 DNSKEY (org.minidns.record.DNSKEY)3 DatagramSocket (java.net.DatagramSocket)2 CopyOnWriteArrayList (java.util.concurrent.CopyOnWriteArrayList)2