[ldns-users] ldns-signzone ECDSA random failure

Willem Toorop willem at nlnetlabs.nl
Tue Aug 18 13:04:54 UTC 2015

Op 18-08-15 om 10:51 schreef Matt Smith:
> On Aug 18 10:12, W.C.A. Wijngaards wrote:
>> Thank you for the details, I have worked out that the shorter RRSIG is
>> wrong.  It is generated because ldns is omitting leading zeroes when
>> generating the signature encoding, but the RFC mandates equal length
>> parts (of length curvebits / 8).
>> The fix is in git and basically adds leading zeroes to the created RRSIG
>> .
>> Because ecdsa signatures have a randomised component, this only
>> happens when the leading bytes randomly happen to be zero.
>> The ldns_convert_ecdsa_rrsig_asn12rdf is therefore not capable of
>> generating good signatures, and is removed, replaced with
>> ldns_convert_ecdsa_rrsig_asn1len2rdf that takes the curve length as a
>> function call parameter.
>> Best regards, Wouter
> Hi, excellent! Thank you very much for this. I've applied that patch
> from git and tested signing a zone around 20 times now and have seen no
> evidence of any failures this time. So it looks like the patch works
> fine. Hopefully there are enough other changes in the pipeline to make a
> new release worthwhile soon which would contain this patch.

There definitely are (for a while).  But there are also remaining
issues.  I cannot promise for a specific date yet but a release does
have top priority with me.

-- Willem

More information about the ldns-users mailing list