Beispiel #1
0
  static byte[] buildDH(DHPublicKey key) {
    DataByteOutputStream out = new DataByteOutputStream();
    BigInteger p = key.getParams().getP();
    BigInteger g = key.getParams().getG();
    BigInteger y = key.getY();

    int pLength, gLength, yLength;
    if (g.equals(TWO) && (p.equals(DHPRIME768) || p.equals(DHPRIME1024))) {
      pLength = 1;
      gLength = 0;
    } else {
      pLength = BigIntegerLength(p);
      gLength = BigIntegerLength(g);
    }
    yLength = BigIntegerLength(y);

    out.writeShort(pLength);
    if (pLength == 1) {
      if (p.bitLength() == 768) out.writeByte((byte) 1);
      else out.writeByte((byte) 2);
    } else out.writeBigInteger(p);
    out.writeShort(gLength);
    if (gLength > 0) out.writeBigInteger(g);
    out.writeShort(yLength);
    out.writeBigInteger(y);

    return out.toByteArray();
  }
Beispiel #2
0
  /** Returns the key's footprint (after computing it) */
  public short getFootprint() {
    if (footprint >= 0) return (short) footprint;

    int foot = 0;

    DataByteOutputStream out = new DataByteOutputStream();
    try {
      rrToWire(out, null);
    } catch (IOException e) {
    }
    byte[] rdata = out.toByteArray();

    if (alg == DNSSEC.RSA) {
      int d1 = rdata[rdata.length - 3] & 0xFF;
      int d2 = rdata[rdata.length - 2] & 0xFF;
      foot = (d1 << 8) + d2;
    } else {
      int i;
      for (i = 0; i < rdata.length - 1; i += 2) {
        int d1 = rdata[i] & 0xFF;
        int d2 = rdata[i + 1] & 0xFF;
        foot += ((d1 << 8) + d2);
      }
      if (i < rdata.length) {
        int d1 = rdata[i] & 0xFF;
        foot += (d1 << 8);
      }
      foot += ((foot >> 16) & 0xffff);
    }
    footprint = (foot & 0xffff);
    return (short) footprint;
  }
Beispiel #3
0
  void rrToWire(DataByteOutputStream out, Compression c) throws IOException {
    if (key == null && (flags & (FLAG_NOKEY)) != (FLAG_NOKEY)) return;

    out.writeShort(flags);
    out.writeByte(proto);
    out.writeByte(alg);
    if (key != null) out.write(key);
  }
Beispiel #4
0
  void rrToWire(DataByteOutputStream out, Compression c, boolean canonical) {
    if (cert == null) return;

    out.writeShort(certType);
    out.writeShort(keyTag);
    out.writeByte(alg);
    out.writeArray(cert);
  }
Beispiel #5
0
  /**
   * Creates an array containing fields of the SIG record and the message to be signed.
   *
   * @param sig The SIG record used to sign/verify the rrset.
   * @param msg The message to be signed/verified.
   * @param previous If this is a response, the signature from the query.
   * @return The data to be cryptographically signed or verified.
   */
  public static byte[] digestMessage(SIGRecord sig, Message msg, byte[] previous) {
    DataByteOutputStream out = new DataByteOutputStream();
    digestSIG(out, sig);

    if (previous != null) out.writeArray(previous);

    msg.toWire(out);
    return out.toByteArray();
  }
Beispiel #6
0
  static byte[] buildDSA(DSAPublicKey key) {
    DataByteOutputStream out = new DataByteOutputStream();
    BigInteger q = key.getParams().getQ();
    BigInteger p = key.getParams().getP();
    BigInteger g = key.getParams().getG();
    BigInteger y = key.getY();
    int t = (p.toByteArray().length - 64) / 8;

    out.writeByte(t);
    out.writeBigInteger(q);
    out.writeBigInteger(p);
    out.writeBigInteger(g);
    out.writeBigInteger(y);

    return out.toByteArray();
  }
Beispiel #7
0
  void rrToWire(DataByteOutputStream out, Compression c, boolean canonical) {
    if (signature == null) return;

    out.writeShort(covered);
    out.writeByte(alg);
    out.writeByte(labels);
    out.writeInt(origttl);
    out.writeInt((int) (expire.getTime() / 1000));
    out.writeInt((int) (timeSigned.getTime() / 1000));
    out.writeShort(footprint);
    signer.toWire(out, null, canonical);
    out.writeArray(signature);
  }
Beispiel #8
0
  /**
   * Creates an array containing fields of the SIG record and the RRsets to be signed/verified.
   *
   * @param sig The SIG record used to sign/verify the rrset.
   * @param rrset The data to be signed/verified.
   * @return The data to be cryptographically signed or verified.
   */
  public static byte[] digestRRset(SIGRecord sig, RRset rrset) {
    DataByteOutputStream out = new DataByteOutputStream();
    digestSIG(out, sig);

    int size = rrset.size();
    byte[][] records = new byte[size][];

    Iterator it = rrset.rrs();
    Name name = rrset.getName();
    Name wild = null;
    if (name.labels() > sig.getLabels()) wild = name.wild(name.labels() - sig.getLabels());
    while (it.hasNext()) {
      Record rec = (Record) it.next();
      if (wild != null) rec = rec.withName(wild);
      records[--size] = rec.toWireCanonical();
    }
    Arrays.sort(records);
    for (int i = 0; i < records.length; i++) out.writeArray(records[i]);
    return out.toByteArray();
  }
Beispiel #9
0
 private static void digestSIG(DataByteOutputStream out, SIGRecord sig) {
   out.writeShort(sig.getTypeCovered());
   out.writeByte(sig.getAlgorithm());
   out.writeByte(sig.getLabels());
   out.writeUnsignedInt(sig.getOrigTTL());
   out.writeInt((int) (sig.getExpire().getTime() / 1000));
   out.writeInt((int) (sig.getTimeSigned().getTime() / 1000));
   out.writeShort(sig.getFootprint());
   sig.getSigner().toWireCanonical(out);
 }
Beispiel #10
0
  static byte[] buildRSA(RSAPublicKey key) {
    DataByteOutputStream out = new DataByteOutputStream();
    BigInteger exponent = key.getPublicExponent();
    BigInteger modulus = key.getModulus();
    int exponentLength = BigIntegerLength(exponent);

    if (exponentLength < 256) out.writeByte(exponentLength);
    else {
      out.writeByte(0);
      out.writeShort(exponentLength);
    }
    out.writeBigInteger(exponent);
    out.writeBigInteger(modulus);

    return out.toByteArray();
  }
Beispiel #11
0
 void rrToWire(DataByteOutputStream out, Compression c) throws IOException {
   if (data != null) out.write(data);
 }