[svn] commit: r1158 - in /trunk/src/lib/auth: TODO data_source.cc datasrc_unittest.cc

[BIND 10 source code commits]

Author: each
Date: Sat Mar  6 21:45:48 2010
New Revision: 1158

Log:
- added a unit test for Nsec3Param.getHash()
- fixed a bug in the NSEC3 hashing algorithm

Modified:
    trunk/src/lib/auth/TODO
    trunk/src/lib/auth/data_source.cc
    trunk/src/lib/auth/datasrc_unittest.cc

Modified: trunk/src/lib/auth/TODO
==============================================================================
--- trunk/src/lib/auth/TODO (original)
+++ trunk/src/lib/auth/TODO Sat Mar  6 21:45:48 2010
@@ -1,4 +1,6 @@
 - change filenames so we don't have everything starting with "data_source_"?
-- clean up SQL data source code
 - store rdata in the database as binary blobs instead of text
-- correct NSEC3 logic
+- correct NSEC3 logic:
+  - closest encloser proof is incorrect; need to send covering NSEC3
+    for the "next closest" name, not necessarily for the name itself
+  - need to check for duplication in the resulting NSEC3's

Modified: trunk/src/lib/auth/data_source.cc
==============================================================================
--- trunk/src/lib/auth/data_source.cc (original)
+++ trunk/src/lib/auth/data_source.cc Sat Mar  6 21:45:48 2010
@@ -821,20 +821,25 @@
 string
 Nsec3Param::getHash(const Name& name) const {
     OutputBuffer buf(0);
-
     name.toWire(buf);
-    buf.writeData(&salt_[0], salt_.size());
-    uint8_t* in = (uint8_t*) buf.getData();
+
+    uint8_t digest[SHA1_HASHSIZE];
+    uint8_t* input = (uint8_t*) buf.getData();
     size_t inlength = buf.getLength();
-    uint8_t digest[SHA1_HASHSIZE];
+    uint8_t saltlen = salt_.size();
+    uint8_t salt[saltlen];
+    for (int i = 0; i < saltlen; ++i) {
+        salt[i] = salt_[i];
+    }
+
     int n = 0;
-
     SHA1Context sha;
     do {
         SHA1Reset(&sha);
-        SHA1Input(&sha, in, inlength);
+        SHA1Input(&sha, input, inlength);
+        SHA1Input(&sha, salt, saltlen);
         SHA1Result(&sha, digest);
-        in = digest;
+        input = digest;
         inlength = SHA1_HASHSIZE;
     } while (n++ < iterations_);
 

Modified: trunk/src/lib/auth/datasrc_unittest.cc
==============================================================================
--- trunk/src/lib/auth/datasrc_unittest.cc (original)
+++ trunk/src/lib/auth/datasrc_unittest.cc Sat Mar  6 21:45:48 2010
@@ -478,5 +478,16 @@
     //                    RRType::A());
 }
 
-}
-
+TEST_F(DataSrcTest, Nsec3Hash) {
+    vector<uint8_t> salt;
+    salt.push_back(0xfe);
+    salt.push_back(0xed);
+    salt.push_back(0xab);
+    salt.push_back(0xee);
+    Nsec3Param nsec3(1, 0, 10, salt);
+    EXPECT_EQ("VIR9KJAPN2FHRLS6EP0JBQ89MBLUE296", nsec3.getHash(Name("test1")));
+    EXPECT_EQ("FHA27EURONFH5640SFJQ8MJAKMCVB7UJ", nsec3.getHash(Name("test2")));
+    EXPECT_EQ("A4M93LR7A60IDDQMO6TCVUPCC60CU38A", nsec3.getHash(Name("test3")));
+}
+}
+