BIND 10 #812: TSIG: Signing messages

BIND 10 Development do-not-reply at isc.org
Wed Apr 27 06:57:16 UTC 2011 

#812: TSIG: Signing messages
-------------------------------------+-------------------------------------
                   Reporter:         |                 Owner:  jinmei
  stephen                            |                Status:  accepted
                       Type:         |             Milestone:
  enhancement                        |  Sprint-20110503
                   Priority:         |            Resolution:
  blocker                            |             Sensitive:  0
                  Component:         |           Sub-Project:  DNS
  Unclassified                       |  Estimated Difficulty:  8.0
                   Keywords:         |           Total Hours:  0
            Defect Severity:  N/A    |
Feature Depending on Ticket:  tsig   |
        Add Hours to Ticket:  0      |
                  Internal?:  0      |
-------------------------------------+-------------------------------------

Comment (by jinmei):

 Branch trac812 is ready for review.

 This branch still misses some final parts of TSIG signing (which I'll
 soon complete), but the branch is already quite big, so I decided to
 get this part reviewed first.

 The entire diff is actually VERY big, so I guess some guidance and
 notes are necessary.

 - first two commits can (or even should) be ignored.  it simply
   incorporates a dependent branch (781) and makes minimal change to
   make the tree buildable.
 - next three commits (adfd101..ad13479) are not directly related to
   TSIG signing, but make some adjustments to the existing TSIGKey
   class for the use of crypto API with TSIG.  These are a separate
   chunk of changes.
 - changes to Makefiles should be trivial: they are addition of new
   files and addition of path to libcryptolink for tests/apps that
   implicitly rely on it.
 - other changes are new files: lib/dns/{tsig,tsigerror}.{cc,h} and
   their tests, and lib/util/unittests/newhook.{cc,h}.
   - tsigerror (ant its tests) should be mostly trivial.  so, if the
     entire diff is deemed to be too big, one possible breakdown is to
     complete the tsigkey changes and tsigerror first, and discuss the
     rest in the next step.
   - tsig.{h,cc} and its tests are the main subject of this ticket.
     the API design is detailed in tsig.h.  if the API design is okay,
     I believe the code itself is quite straightforward.  test cases
     are complicated, but I'm quite confident they worked correctly
     because I took the test data from actual packet generated by BIND
     9 and most of the tests check the integrity via HMAC.
   - newhook is a utility for a test in tsig_unittest.  See the
     description in newhook.h.  This may be too tricky.  If so, I'm
     okay with removing it and corresponding test.

 A couple of other notes:
 - TSIG is time-sensitive protocol, so I used the same trick to
   generate "fake current time" as that was used in
   lib/util/time_utilities.  It would be better to (internally) publish
   the wrapper trick and unify the implementation, but I didn't do this
   in this branch because the branch was already quite big.  I plan to
   do it in the next phase.
 - I'm not intending to create a changelog entry for this specific
   task.  It would make more sense to have a single entry when we
   provide a complete set of sign/verify.

-- 
Ticket URL: <http://bind10.isc.org/ticket/812#comment:6>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development

More information about the bind10-tickets mailing list