[ldns-users] Zone signing problem with DSA keys

Willem Toorop willem at nlnetlabs.nl
Fri Mar 14 10:24:58 UTC 2014 

Hi Patrick,

You probably already know, but your colleague Peter Koch has beaten me
to it and has found and solved the issue.  It is committed on the
developers branch.

http://git.nlnetlabs.nl/ldns/commit/?h=develop&id=1063b441

Thank you for finding and reporting this not so easily to pin point but
serious bug.  Much appreciated!

-- Willem

op 12-03-14 16:16, Patrick Fedick schreef:
> Hello,
> 
> I have a testsuite, which basically generates DNSKEYs, signs a small zone with them and then verifies the signed zone. This is done with different algorithms, keysizes and other variations. The testsuite is written in C++ using the ldns library (ldns version 1.6.17, openssl 1.0.1e, CentOS 6.5 or Ubuntu 12.04). The code is based on ldns-keygen, ldns-signzone and ldns-verify-zone. 
> 
> It is expected that none of these tests fail, but in practice some of them do fail with the error "Bogus DNSSEC signature for xxxxxx.      DNSKEY" or other RR.
> 
> It seems the tests only fail when using DSA or DSA-NSEC3-SHA1 keys (I've not tested ECDSA). Keysize doesn't matter. To exclude an error in my code, I've written a small shell script, which only uses the tools ldns-keygen, ldns-signzone and ldns-verify-zone and I could reproduce the problem.
> 
> The script is doing the following steps in a loop a 1000 times:
>   1. Generate ZSK with "ldns-keygen -a DSA -b 1024 -r /dev/urandom test.de"
>   2. Append DNSKEY RR to a testzone, which only consists of the SOA and two NS RR
>   3. Sign zone with: ldns-signzone -o test.de -n  db.test.de $ZSK_KEYNAME
>   5. Verify zone with: ldns-verify-zone db.test.de.signed
> 
> There are no errors detected in ldns-keygen and ldns-signzone, but ldns-verify-zone randomly reports bogus signatures.
> 
> I've also tested what happens, when using always the same key for signing. I can see that the RRSIG records change in each iteration (probably a random component), but when using a ZSK which worked before, ldns-verify-zone always succeeds and when using a ZSK which failed before, verification always fails. I believe there is something wrong in the DSA key generation, but it could also be a bug in the signing process. I'm unable to track this issue down any further.
> 
> I have attached an archive which contains my demo script as well as a "good key" and a "bad key". The script creates a "tmp" folder in the current directory and expects the ldns-tools in the PATH and needs /bin/bash.
> 
> It would be nice, if someone could confirm, if this is a bug in ldns (or openssl?) or if I'm doing something completely wrong.
> 
> Best regards,
> 
> Gruss,
> Patrick Fedick
> 
> 
> 
> _______________________________________________
> ldns-users mailing list
> ldns-users at open.nlnetlabs.nl
> http://open.nlnetlabs.nl/mailman/listinfo/ldns-users
>

More information about the ldns-users mailing list