[ldns-users] Zone signing problem with DSA keys

Patrick Fedick fedick at denic.de
Fri Mar 14 11:45:54 UTC 2014 

Hello Willem,

I've applied the patch and can confirm that it solves the problem. Thanks.

Best regards,
Patrick Fedick


Am 14.03.2014 11:24, schrieb Willem Toorop:
> Hi Patrick,
> 
> You probably already know, but your colleague Peter Koch has beaten me
> to it and has found and solved the issue.  It is committed on the
> developers branch.
> 
> http://git.nlnetlabs.nl/ldns/commit/?h=develop&id=1063b441
> 
> Thank you for finding and reporting this not so easily to pin point but
> serious bug.  Much appreciated!
> 
> -- Willem
> 
> op 12-03-14 16:16, Patrick Fedick schreef:
>> Hello,
>>
>> I have a testsuite, which basically generates DNSKEYs, signs a small zone with them and then verifies the signed zone. This is done with different algorithms, keysizes and other variations. The testsuite is written in C++ using the ldns library (ldns version 1.6.17, openssl 1.0.1e, CentOS 6.5 or Ubuntu 12.04). The code is based on ldns-keygen, ldns-signzone and ldns-verify-zone. 
>>
>> It is expected that none of these tests fail, but in practice some of them do fail with the error "Bogus DNSSEC signature for xxxxxx.      DNSKEY" or other RR.
>>
>> It seems the tests only fail when using DSA or DSA-NSEC3-SHA1 keys (I've not tested ECDSA). Keysize doesn't matter. To exclude an error in my code, I've written a small shell script, which only uses the tools ldns-keygen, ldns-signzone and ldns-verify-zone and I could reproduce the problem.
>>
>> The script is doing the following steps in a loop a 1000 times:
>>   1. Generate ZSK with "ldns-keygen -a DSA -b 1024 -r /dev/urandom test.de"
>>   2. Append DNSKEY RR to a testzone, which only consists of the SOA and two NS RR
>>   3. Sign zone with: ldns-signzone -o test.de -n  db.test.de $ZSK_KEYNAME
>>   5. Verify zone with: ldns-verify-zone db.test.de.signed
>>
>> There are no errors detected in ldns-keygen and ldns-signzone, but ldns-verify-zone randomly reports bogus signatures.
>>
>> I've also tested what happens, when using always the same key for signing. I can see that the RRSIG records change in each iteration (probably a random component), but when using a ZSK which worked before, ldns-verify-zone always succeeds and when using a ZSK which failed before, verification always fails. I believe there is something wrong in the DSA key generation, but it could also be a bug in the signing process. I'm unable to track this issue down any further.
>>
>> I have attached an archive which contains my demo script as well as a "good key" and a "bad key". The script creates a "tmp" folder in the current directory and expects the ldns-tools in the PATH and needs /bin/bash.
>>
>> It would be nice, if someone could confirm, if this is a bug in ldns (or openssl?) or if I'm doing something completely wrong.
>>
>> Best regards,
>>
>> Gruss,
>> Patrick Fedick
>>
>>
>>
>> _______________________________________________
>> ldns-users mailing list
>> ldns-users at open.nlnetlabs.nl
>> http://open.nlnetlabs.nl/mailman/listinfo/ldns-users
>>
> 
> _______________________________________________
> ldns-users mailing list
> ldns-users at open.nlnetlabs.nl
> http://open.nlnetlabs.nl/mailman/listinfo/ldns-users
>

More information about the ldns-users mailing list