[ldns-users] ldns-signzone ECDSA random failure
Willem Toorop
willem at nlnetlabs.nl
Tue Aug 18 13:04:54 UTC 2015
Op 18-08-15 om 10:51 schreef Matt Smith:
> On Aug 18 10:12, W.C.A. Wijngaards wrote:
>> Thank you for the details, I have worked out that the shorter RRSIG is
>> wrong. It is generated because ldns is omitting leading zeroes when
>> generating the signature encoding, but the RFC mandates equal length
>> parts (of length curvebits / 8).
>>
>> The fix is in git and basically adds leading zeroes to the created RRSIG
>> .
>>
>> Because ecdsa signatures have a randomised component, this only
>> happens when the leading bytes randomly happen to be zero.
>>
>> The ldns_convert_ecdsa_rrsig_asn12rdf is therefore not capable of
>> generating good signatures, and is removed, replaced with
>> ldns_convert_ecdsa_rrsig_asn1len2rdf that takes the curve length as a
>> function call parameter.
>>
>> Best regards, Wouter
>>
>
> Hi, excellent! Thank you very much for this. I've applied that patch
> from git and tested signing a zone around 20 times now and have seen no
> evidence of any failures this time. So it looks like the patch works
> fine. Hopefully there are enough other changes in the pipeline to make a
> new release worthwhile soon which would contain this patch.
There definitely are (for a while). But there are also remaining
issues. I cannot promise for a specific date yet but a release does
have top priority with me.
-- Willem
More information about the ldns-users
mailing list