Example 11 with Record
use of org.minidns.record.Record in project minidns by MiniDNS.
the class Verifier method combine.
static byte[] combine(RRSIG rrsig, List<Record<? extends Data>> records) {
ByteArrayOutputStream bos = new ByteArrayOutputStream();
DataOutputStream dos = new DataOutputStream(bos);
// Write RRSIG without signature
try {
rrsig.writePartialSignature(dos);
DNSName sigName = records.get(0).name;
if (!sigName.isRootLabel()) {
if (sigName.getLabelCount() < rrsig.labels) {
throw new DNSSECValidationFailedException("Invalid RRsig record");
}
if (sigName.getLabelCount() > rrsig.labels) {
// Expand wildcards
sigName = DNSName.from("*." + sigName.stripToLabels(rrsig.labels));
}
}
List<byte[]> recordBytes = new ArrayList<>();
for (Record<? extends Data> record : records) {
Record<Data> ref = new Record<>(sigName, record.type, record.clazzValue, rrsig.originalTtl, (Data) record.payloadData);
recordBytes.add(ref.toByteArray());
}
// Sort correctly (cause they might be ordered randomly)
// Where the RDATA begins
final int offset = sigName.size() + 10;
Collections.sort(recordBytes, new Comparator<byte[]>() {
@Override
public int compare(byte[] b1, byte[] b2) {
for (int i = offset; i < b1.length && i < b2.length; i++) {
if (b1[i] != b2[i]) {
return (b1[i] & 0xFF) - (b2[i] & 0xFF);
}
}
return b1.length - b2.length;
}
});
for (byte[] recordByte : recordBytes) {
dos.write(recordByte);
}
dos.flush();
} catch (IOException e) {
// Never happens
throw new RuntimeException(e);
}
return bos.toByteArray();
}
Also used :
DataOutputStream(java.io.DataOutputStream)
ArrayList(java.util.ArrayList)
Data(org.minidns.record.Data)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
IOException(java.io.IOException)
DNSName(org.minidns.dnsname.DNSName)
Record(org.minidns.record.Record)
Example 12 with Record
use of org.minidns.record.Record in project minidns by MiniDNS.
the class DNSSECWorld method rrsigRecord.
@SuppressWarnings("unchecked")
public static Record<? extends Data> rrsigRecord(DNSKEY key, String signerName, PrivateKey privateKey, SignatureAlgorithm algorithm, Record<? extends Data>... records) {
Record.TYPE typeCovered = records[0].type;
String name = records[0].name.ace;
int labels = name.isEmpty() ? 0 : name.split("\\.").length;
long originalTtl = records[0].ttl;
Date signatureExpiration = new Date(System.currentTimeMillis() + 14 * 24 * 60 * 60 * 1000);
Date signatureInception = new Date(System.currentTimeMillis() - 14 * 24 * 60 * 60 * 1000);
RRSIG rrsig = rrsig(typeCovered, algorithm, labels, originalTtl, signatureExpiration, signatureInception, key.getKeyTag(), signerName, new byte[0]);
return rrsigRecord(privateKey, rrsig, records);
}Example 13 with Record
use of org.minidns.record.Record in project minidns by MiniDNS.
the class DNSMessageTest method testComDsAndRrsigLookup.
@Test
public void testComDsAndRrsigLookup() throws Exception {
DNSMessage m = getMessageFromResource("com-ds-rrsig");
assertFalse(m.authoritativeAnswer);
assertTrue(m.recursionDesired);
assertTrue(m.recursionAvailable);
List<Record<? extends Data>> answers = m.answerSection;
assertEquals(2, answers.size());
assertEquals(TYPE.DS, answers.get(0).type);
assertEquals(TYPE.DS, answers.get(0).payloadData.getType());
DS ds = (DS) answers.get(0).payloadData;
assertEquals(30909, ds.keyTag);
assertEquals(SignatureAlgorithm.RSASHA256, ds.algorithm);
assertEquals(DigestAlgorithm.SHA256, ds.digestType);
assertCsEquals("E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CFC41A5766", ds.getDigestHex());
assertEquals(TYPE.RRSIG, answers.get(1).type);
assertEquals(TYPE.RRSIG, answers.get(1).payloadData.getType());
RRSIG rrsig = (RRSIG) answers.get(1).payloadData;
assertEquals(TYPE.DS, rrsig.typeCovered);
assertEquals(SignatureAlgorithm.RSASHA256, rrsig.algorithm);
assertEquals(1, rrsig.labels);
assertEquals(86400, rrsig.originalTtl);
SimpleDateFormat dateFormat = new SimpleDateFormat("yyyyMMddHHmmss");
dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));
assertCsEquals("20150629170000", dateFormat.format(rrsig.signatureExpiration));
assertCsEquals("20150619160000", dateFormat.format(rrsig.signatureInception));
assertEquals(48613, rrsig.keyTag);
assertCsEquals(".", rrsig.signerName);
assertEquals(128, rrsig.signature.length);
List<Record<? extends Data>> arr = m.additionalSection;
assertEquals(1, arr.size());
assertEquals(TYPE.OPT, arr.get(0).getPayload().getType());
Record<? extends Data> opt = arr.get(0);
EDNS edns = EDNS.fromRecord(opt);
assertEquals(512, edns.udpPayloadSize);
assertEquals(0, edns.version);
assertTrue(edns.dnssecOk);
}
Also used :
EDNS(org.minidns.edns.EDNS)
Record(org.minidns.record.Record)
Data(org.minidns.record.Data)
RRSIG(org.minidns.record.RRSIG)
SimpleDateFormat(java.text.SimpleDateFormat)
DNSMessage(org.minidns.dnsmessage.DNSMessage)
DS(org.minidns.record.DS)
Test(org.junit.Test)
Example 14 with Record
use of org.minidns.record.Record in project minidns by MiniDNS.
the class DNSMessageTest method testAAAALookup.
@Test
public void testAAAALookup() throws Exception {
DNSMessage m = getMessageFromResource("google-aaaa");
assertFalse(m.authoritativeAnswer);
List<Record<? extends Data>> answers = m.answerSection;
assertEquals(1, answers.size());
Record<? extends Data> answer = answers.get(0);
assertCsEquals("google.com", answer.name);
assertTrue(answer.getPayload() instanceof AAAA);
assertEquals(TYPE.AAAA, answer.getPayload().getType());
assertCsEquals("2a00:1450:400c:c02:0:0:0:8a", answer.getPayload().toString());
}
Also used :
Record(org.minidns.record.Record)
Data(org.minidns.record.Data)
AAAA(org.minidns.record.AAAA)
DNSMessage(org.minidns.dnsmessage.DNSMessage)
Test(org.junit.Test)
Example 15 with Record
use of org.minidns.record.Record in project minidns by MiniDNS.
the class DNSMessageTest method testComNsLookup.
@Test
public void testComNsLookup() throws Exception {
DNSMessage m = getMessageFromResource("com-ns");
assertFalse(m.authoritativeAnswer);
assertFalse(m.authenticData);
assertTrue(m.recursionDesired);
assertTrue(m.recursionAvailable);
assertTrue(m.qr);
List<Record<? extends Data>> answers = m.answerSection;
assertEquals(13, answers.size());
for (Record<? extends Data> answer : answers) {
assertCsEquals("com", answer.name);
assertEquals(Record.CLASS.IN, answer.clazz);
assertEquals(TYPE.NS, answer.type);
assertEquals(112028, answer.ttl);
assertTrue(((NS) answer.payloadData).target.ace.endsWith(".gtld-servers.net"));
}
List<Record<? extends Data>> arr = m.additionalSection;
assertEquals(1, arr.size());
EDNS edns = EDNS.fromRecord(arr.get(0));
assertEquals(4096, edns.udpPayloadSize);
assertEquals(0, edns.version);
}
Also used :
EDNS(org.minidns.edns.EDNS)
Record(org.minidns.record.Record)
Data(org.minidns.record.Data)
DNSMessage(org.minidns.dnsmessage.DNSMessage)
Test(org.junit.Test)
Aggregations
Record (org.minidns.record.Record)22
Data (org.minidns.record.Data)21
DNSMessage (org.minidns.dnsmessage.DNSMessage)16
Test (org.junit.Test)14
HashSet (java.util.HashSet)4
DNSName (org.minidns.dnsname.DNSName)4
DNSKEY (org.minidns.record.DNSKEY)4
ArrayList (java.util.ArrayList)3
Question (org.minidns.dnsmessage.Question)3
EDNS (org.minidns.edns.EDNS)3
RRSIG (org.minidns.record.RRSIG)3
IOException (java.io.IOException)2
Date (java.util.Date)2
LinkedList (java.util.LinkedList)2
LRUCache (org.minidns.cache.LRUCache)2
NoSignaturesReason (org.minidns.dnssec.UnverifiedReason.NoSignaturesReason)2
AAAA (org.minidns.record.AAAA)2
SOA (org.minidns.record.SOA)2
ByteArrayOutputStream (java.io.ByteArrayOutputStream)1
DataOutputStream (java.io.DataOutputStream)1
