xref: /freebsd/contrib/ldns/dnssec.c (revision d4eeb02986980bf33dd56c41ceb9fc5f180c0d47)
1 /*
2  * dnssec.c
3  *
4  * contains the cryptographic function needed for DNSSEC in ldns
5  * The crypto library used is openssl
6  *
7  * (c) NLnet Labs, 2004-2008
8  *
9  * See the file LICENSE for the license
10  */
11 
12 #include <ldns/config.h>
13 
14 #include <ldns/ldns.h>
15 #include <ldns/dnssec.h>
16 
17 #include <strings.h>
18 #include <time.h>
19 
20 #ifdef HAVE_SSL
21 #include <openssl/ssl.h>
22 #include <openssl/evp.h>
23 #include <openssl/rand.h>
24 #include <openssl/err.h>
25 #include <openssl/md5.h>
26 #endif
27 
28 ldns_rr *
29 ldns_dnssec_get_rrsig_for_name_and_type(const ldns_rdf *name,
30                                         const ldns_rr_type type,
31                                         const ldns_rr_list *rrs)
32 {
33 	size_t i;
34 	ldns_rr *candidate;
35 
36 	if (!name || !rrs) {
37 		return NULL;
38 	}
39 
40 	for (i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
41 		candidate = ldns_rr_list_rr(rrs, i);
42 		if (ldns_rr_get_type(candidate) == LDNS_RR_TYPE_RRSIG) {
43 			if (ldns_dname_compare(ldns_rr_owner(candidate),
44 			                       name) == 0 &&
45 			    ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(candidate))
46 			    == type
47 			    ) {
48 				return candidate;
49 			}
50 		}
51 	}
52 
53 	return NULL;
54 }
55 
56 ldns_rr *
57 ldns_dnssec_get_dnskey_for_rrsig(const ldns_rr *rrsig,
58 						   const ldns_rr_list *rrs)
59 {
60 	size_t i;
61 	ldns_rr *candidate;
62 
63 	if (!rrsig || !rrs) {
64 		return NULL;
65 	}
66 
67 	for (i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
68 		candidate = ldns_rr_list_rr(rrs, i);
69 		if (ldns_rr_get_type(candidate) == LDNS_RR_TYPE_DNSKEY) {
70 			if (ldns_dname_compare(ldns_rr_owner(candidate),
71 			                       ldns_rr_rrsig_signame(rrsig)) == 0 &&
72 			    ldns_rdf2native_int16(ldns_rr_rrsig_keytag(rrsig)) ==
73 			    ldns_calc_keytag(candidate)
74 			    ) {
75 				return candidate;
76 			}
77 		}
78 	}
79 
80 	return NULL;
81 }
82 
83 ldns_rdf *
84 ldns_nsec_get_bitmap(const ldns_rr *nsec) {
85 	if (ldns_rr_get_type(nsec) == LDNS_RR_TYPE_NSEC) {
86 		return ldns_rr_rdf(nsec, 1);
87 	} else if (ldns_rr_get_type(nsec) == LDNS_RR_TYPE_NSEC3) {
88 		return ldns_rr_rdf(nsec, 5);
89 	} else {
90 		return NULL;
91 	}
92 }
93 
94 /*return the owner name of the closest encloser for name from the list of rrs */
95 /* this is NOT the hash, but the original name! */
96 ldns_rdf *
97 ldns_dnssec_nsec3_closest_encloser(const ldns_rdf *qname,
98                                    ATTR_UNUSED(ldns_rr_type qtype),
99                                    const ldns_rr_list *nsec3s)
100 {
101 	/* remember parameters, they must match */
102 	uint8_t algorithm;
103 	uint32_t iterations;
104 	uint8_t salt_length;
105 	uint8_t *salt;
106 
107 	ldns_rdf *sname, *hashed_sname, *tmp;
108 	bool flag;
109 
110 	bool exact_match_found;
111 	bool in_range_found;
112 
113 	ldns_status status;
114 	ldns_rdf *zone_name;
115 
116 	size_t nsec_i;
117 	ldns_rr *nsec;
118 	ldns_rdf *result = NULL;
119 
120 	if (!qname || !nsec3s || ldns_rr_list_rr_count(nsec3s) < 1) {
121 		return NULL;
122 	}
123 
124 	nsec = ldns_rr_list_rr(nsec3s, 0);
125 	algorithm = ldns_nsec3_algorithm(nsec);
126 	salt_length = ldns_nsec3_salt_length(nsec);
127 	salt = ldns_nsec3_salt_data(nsec);
128 	iterations = ldns_nsec3_iterations(nsec);
129 
130 	sname = ldns_rdf_clone(qname);
131 
132 	flag = false;
133 
134 	zone_name = ldns_dname_left_chop(ldns_rr_owner(nsec));
135 
136 	/* algorithm from nsec3-07 8.3 */
137 	while (ldns_dname_label_count(sname) > 0) {
138 		exact_match_found = false;
139 		in_range_found = false;
140 
141 		hashed_sname = ldns_nsec3_hash_name(sname,
142 									 algorithm,
143 									 iterations,
144 									 salt_length,
145 									 salt);
146 
147 		status = ldns_dname_cat(hashed_sname, zone_name);
148                 if(status != LDNS_STATUS_OK) {
149 	                LDNS_FREE(salt);
150 	                ldns_rdf_deep_free(zone_name);
151 	                ldns_rdf_deep_free(sname);
152                         return NULL;
153                 }
154 
155 		for (nsec_i = 0; nsec_i < ldns_rr_list_rr_count(nsec3s); nsec_i++) {
156 			nsec = ldns_rr_list_rr(nsec3s, nsec_i);
157 
158 			/* check values of iterations etc! */
159 
160 			/* exact match? */
161 			if (ldns_dname_compare(ldns_rr_owner(nsec), hashed_sname) == 0) {
162 			 	exact_match_found = true;
163 			} else if (ldns_nsec_covers_name(nsec, hashed_sname)) {
164 				in_range_found = true;
165 			}
166 
167 		}
168 		if (!exact_match_found && in_range_found) {
169 			flag = true;
170 		} else if (exact_match_found && flag) {
171 			result = ldns_rdf_clone(sname);
172 			/* RFC 5155: 8.3. 2.** "The proof is complete" */
173 			ldns_rdf_deep_free(hashed_sname);
174 			goto done;
175 		} else if (exact_match_found && !flag) {
176 			/* error! */
177 			ldns_rdf_deep_free(hashed_sname);
178 			goto done;
179 		} else {
180 			flag = false;
181 		}
182 
183 		ldns_rdf_deep_free(hashed_sname);
184 		tmp = sname;
185 		sname = ldns_dname_left_chop(sname);
186 		ldns_rdf_deep_free(tmp);
187 	}
188 
189 	done:
190 	LDNS_FREE(salt);
191 	ldns_rdf_deep_free(zone_name);
192 	ldns_rdf_deep_free(sname);
193 
194 	return result;
195 }
196 
197 bool
198 ldns_dnssec_pkt_has_rrsigs(const ldns_pkt *pkt)
199 {
200 	size_t i;
201 	for (i = 0; i < ldns_pkt_ancount(pkt); i++) {
202 		if (ldns_rr_get_type(ldns_rr_list_rr(ldns_pkt_answer(pkt), i)) ==
203 		    LDNS_RR_TYPE_RRSIG) {
204 			return true;
205 		}
206 	}
207 	for (i = 0; i < ldns_pkt_nscount(pkt); i++) {
208 		if (ldns_rr_get_type(ldns_rr_list_rr(ldns_pkt_authority(pkt), i)) ==
209 		    LDNS_RR_TYPE_RRSIG) {
210 			return true;
211 		}
212 	}
213 	return false;
214 }
215 
216 ldns_rr_list *
217 ldns_dnssec_pkt_get_rrsigs_for_name_and_type(const ldns_pkt *pkt,
218 									const ldns_rdf *name,
219 									ldns_rr_type type)
220 {
221 	uint16_t t_netorder;
222 	ldns_rr_list *sigs;
223 	ldns_rr_list *sigs_covered;
224 	ldns_rdf *rdf_t;
225 
226 	sigs = ldns_pkt_rr_list_by_name_and_type(pkt,
227 									 name,
228 									 LDNS_RR_TYPE_RRSIG,
229 									 LDNS_SECTION_ANY_NOQUESTION
230 									 );
231 
232 	t_netorder = htons(type); /* rdf are in network order! */
233 	rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE, LDNS_RDF_SIZE_WORD, &t_netorder);
234 	sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0);
235 
236 	ldns_rdf_free(rdf_t);
237 	ldns_rr_list_deep_free(sigs);
238 
239 	return sigs_covered;
240 
241 }
242 
243 ldns_rr_list *
244 ldns_dnssec_pkt_get_rrsigs_for_type(const ldns_pkt *pkt, ldns_rr_type type)
245 {
246 	uint16_t t_netorder;
247 	ldns_rr_list *sigs;
248 	ldns_rr_list *sigs_covered;
249 	ldns_rdf *rdf_t;
250 
251 	sigs = ldns_pkt_rr_list_by_type(pkt,
252 	                                LDNS_RR_TYPE_RRSIG,
253 	                                LDNS_SECTION_ANY_NOQUESTION
254 							  );
255 
256 	t_netorder = htons(type); /* rdf are in network order! */
257 	rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE,
258 					 2,
259 					 &t_netorder);
260 	sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0);
261 
262 	ldns_rdf_free(rdf_t);
263 	ldns_rr_list_deep_free(sigs);
264 
265 	return sigs_covered;
266 
267 }
268 
269 /* used only on the public key RR */
270 uint16_t
271 ldns_calc_keytag(const ldns_rr *key)
272 {
273 	uint16_t ac16;
274 	ldns_buffer *keybuf;
275 	size_t keysize;
276 
277 	if (!key) {
278 		return 0;
279 	}
280 
281 	if (ldns_rr_get_type(key) != LDNS_RR_TYPE_DNSKEY &&
282 	    ldns_rr_get_type(key) != LDNS_RR_TYPE_KEY
283 	    ) {
284 		return 0;
285 	}
286 
287 	/* rdata to buf - only put the rdata in a buffer */
288 	keybuf = ldns_buffer_new(LDNS_MIN_BUFLEN); /* grows */
289 	if (!keybuf) {
290 		return 0;
291 	}
292 	(void)ldns_rr_rdata2buffer_wire(keybuf, key);
293 	/* the current pos in the buffer is the keysize */
294 	keysize= ldns_buffer_position(keybuf);
295 
296 	ac16 = ldns_calc_keytag_raw(ldns_buffer_begin(keybuf), keysize);
297 	ldns_buffer_free(keybuf);
298 	return ac16;
299 }
300 
301 uint16_t ldns_calc_keytag_raw(const uint8_t* key, size_t keysize)
302 {
303 	unsigned int i;
304 	uint32_t ac32;
305 	uint16_t ac16;
306 
307 	if(keysize < 4) {
308 		return 0;
309 	}
310 	/* look at the algorithm field, copied from 2535bis */
311 	if (key[3] == LDNS_RSAMD5) {
312 		ac16 = 0;
313 		if (keysize > 4) {
314 			memmove(&ac16, key + keysize - 3, 2);
315 		}
316 		ac16 = ntohs(ac16);
317 		return (uint16_t) ac16;
318 	} else {
319 		ac32 = 0;
320 		for (i = 0; (size_t)i < keysize; ++i) {
321 			ac32 += (i & 1) ? key[i] : key[i] << 8;
322 		}
323 		ac32 += (ac32 >> 16) & 0xFFFF;
324 		return (uint16_t) (ac32 & 0xFFFF);
325 	}
326 }
327 
328 #ifdef HAVE_SSL
329 DSA *
330 ldns_key_buf2dsa(const ldns_buffer *key)
331 {
332 	return ldns_key_buf2dsa_raw((const unsigned char*)ldns_buffer_begin(key),
333 						   ldns_buffer_position(key));
334 }
335 
336 DSA *
337 ldns_key_buf2dsa_raw(const unsigned char* key, size_t len)
338 {
339 	uint8_t T;
340 	uint16_t length;
341 	uint16_t offset;
342 	DSA *dsa;
343 	BIGNUM *Q; BIGNUM *P;
344 	BIGNUM *G; BIGNUM *Y;
345 
346 	if(len == 0)
347 		return NULL;
348 	T = (uint8_t)key[0];
349 	length = (64 + T * 8);
350 	offset = 1;
351 
352 	if (T > 8) {
353 		return NULL;
354 	}
355 	if(len < (size_t)1 + SHA_DIGEST_LENGTH + 3*length)
356 		return NULL;
357 
358 	Q = BN_bin2bn(key+offset, SHA_DIGEST_LENGTH, NULL);
359 	offset += SHA_DIGEST_LENGTH;
360 
361 	P = BN_bin2bn(key+offset, (int)length, NULL);
362 	offset += length;
363 
364 	G = BN_bin2bn(key+offset, (int)length, NULL);
365 	offset += length;
366 
367 	Y = BN_bin2bn(key+offset, (int)length, NULL);
368 	offset += length;
369 
370 	/* create the key and set its properties */
371 	if(!Q || !P || !G || !Y || !(dsa = DSA_new())) {
372 		BN_free(Q);
373 		BN_free(P);
374 		BN_free(G);
375 		BN_free(Y);
376 		return NULL;
377 	}
378 #if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL)
379 #ifndef S_SPLINT_S
380 	dsa->p = P;
381 	dsa->q = Q;
382 	dsa->g = G;
383 	dsa->pub_key = Y;
384 #endif /* splint */
385 #else /* OPENSSL_VERSION_NUMBER */
386 	if (!DSA_set0_pqg(dsa, P, Q, G)) {
387 		/* QPG not yet attached, need to free */
388 		BN_free(Q);
389 		BN_free(P);
390 		BN_free(G);
391 
392 		DSA_free(dsa);
393 		BN_free(Y);
394 		return NULL;
395 	}
396 	if (!DSA_set0_key(dsa, Y, NULL)) {
397 		/* QPG attached, cleaned up by DSA_fre() */
398 		DSA_free(dsa);
399 		BN_free(Y);
400 		return NULL;
401 	}
402 #endif /* OPENSSL_VERSION_NUMBER */
403 	return dsa;
404 }
405 
406 RSA *
407 ldns_key_buf2rsa(const ldns_buffer *key)
408 {
409 	return ldns_key_buf2rsa_raw((const unsigned char*)ldns_buffer_begin(key),
410 						   ldns_buffer_position(key));
411 }
412 
413 RSA *
414 ldns_key_buf2rsa_raw(const unsigned char* key, size_t len)
415 {
416 	uint16_t offset;
417 	uint16_t exp;
418 	uint16_t int16;
419 	RSA *rsa;
420 	BIGNUM *modulus;
421 	BIGNUM *exponent;
422 
423 	if (len == 0)
424 		return NULL;
425 	if (key[0] == 0) {
426 		if(len < 3)
427 			return NULL;
428 		/* need some smart comment here XXX*/
429 		/* the exponent is too large so it's places
430 		 * futher...???? */
431 		memmove(&int16, key+1, 2);
432 		exp = ntohs(int16);
433 		offset = 3;
434 	} else {
435 		exp = key[0];
436 		offset = 1;
437 	}
438 
439 	/* key length at least one */
440 	if(len < (size_t)offset + exp + 1)
441 		return NULL;
442 
443 	/* Exponent */
444 	exponent = BN_new();
445 	if(!exponent) return NULL;
446 	(void) BN_bin2bn(key+offset, (int)exp, exponent);
447 	offset += exp;
448 
449 	/* Modulus */
450 	modulus = BN_new();
451 	if(!modulus) {
452 		BN_free(exponent);
453 		return NULL;
454 	}
455 	/* length of the buffer must match the key length! */
456 	(void) BN_bin2bn(key+offset, (int)(len - offset), modulus);
457 
458 	rsa = RSA_new();
459 	if(!rsa) {
460 		BN_free(exponent);
461 		BN_free(modulus);
462 		return NULL;
463 	}
464 #if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL)
465 #ifndef S_SPLINT_S
466 	rsa->n = modulus;
467 	rsa->e = exponent;
468 #endif /* splint */
469 #else /* OPENSSL_VERSION_NUMBER */
470 	if (!RSA_set0_key(rsa, modulus, exponent, NULL)) {
471 		BN_free(exponent);
472 		BN_free(modulus);
473 		RSA_free(rsa);
474 		return NULL;
475 	}
476 #endif /* OPENSSL_VERSION_NUMBER */
477 
478 	return rsa;
479 }
480 
481 int
482 ldns_digest_evp(const unsigned char* data, unsigned int len, unsigned char* dest,
483 	const EVP_MD* md)
484 {
485 	EVP_MD_CTX* ctx;
486 	ctx = EVP_MD_CTX_create();
487 	if(!ctx)
488 		return false;
489 	if(!EVP_DigestInit_ex(ctx, md, NULL) ||
490 		!EVP_DigestUpdate(ctx, data, len) ||
491 		!EVP_DigestFinal_ex(ctx, dest, NULL)) {
492 		EVP_MD_CTX_destroy(ctx);
493 		return false;
494 	}
495 	EVP_MD_CTX_destroy(ctx);
496 	return true;
497 }
498 #endif /* HAVE_SSL */
499 
500 ldns_rr *
501 ldns_key_rr2ds(const ldns_rr *key, ldns_hash h)
502 {
503 	ldns_rdf *tmp;
504 	ldns_rr *ds;
505 	uint16_t keytag;
506 	uint8_t  sha1hash;
507 	uint8_t *digest;
508 	ldns_buffer *data_buf;
509 #ifdef USE_GOST
510 	const EVP_MD* md = NULL;
511 #endif
512 
513 	if (ldns_rr_get_type(key) != LDNS_RR_TYPE_DNSKEY) {
514 		return NULL;
515 	}
516 
517 	ds = ldns_rr_new();
518 	if (!ds) {
519 		return NULL;
520 	}
521 	ldns_rr_set_type(ds, LDNS_RR_TYPE_DS);
522 	ldns_rr_set_owner(ds, ldns_rdf_clone(
523 								  ldns_rr_owner(key)));
524 	ldns_rr_set_ttl(ds, ldns_rr_ttl(key));
525 	ldns_rr_set_class(ds, ldns_rr_get_class(key));
526 
527 	switch(h) {
528 	default:
529 	case LDNS_SHA1:
530 		digest = LDNS_XMALLOC(uint8_t, LDNS_SHA1_DIGEST_LENGTH);
531 		if (!digest) {
532 			ldns_rr_free(ds);
533 			return NULL;
534 		}
535 		break;
536 	case LDNS_SHA256:
537 		digest = LDNS_XMALLOC(uint8_t, LDNS_SHA256_DIGEST_LENGTH);
538 		if (!digest) {
539 			ldns_rr_free(ds);
540 			return NULL;
541 		}
542 		break;
543 	case LDNS_HASH_GOST:
544 #ifdef USE_GOST
545 		(void)ldns_key_EVP_load_gost_id();
546 		md = EVP_get_digestbyname("md_gost94");
547 		if(!md) {
548 			ldns_rr_free(ds);
549 			return NULL;
550 		}
551 		digest = LDNS_XMALLOC(uint8_t, EVP_MD_size(md));
552 		if (!digest) {
553 			ldns_rr_free(ds);
554 			return NULL;
555 		}
556                 break;
557 #else
558 		/* not implemented */
559 		ldns_rr_free(ds);
560 		return NULL;
561 #endif
562 	case LDNS_SHA384:
563 #ifdef USE_ECDSA
564 		digest = LDNS_XMALLOC(uint8_t, SHA384_DIGEST_LENGTH);
565 		if (!digest) {
566 			ldns_rr_free(ds);
567 			return NULL;
568 		}
569                 break;
570 #else
571 		/* not implemented */
572 		ldns_rr_free(ds);
573 		return NULL;
574 #endif
575 	}
576 
577 	data_buf = ldns_buffer_new(LDNS_MAX_PACKETLEN);
578 	if (!data_buf) {
579 		LDNS_FREE(digest);
580 		ldns_rr_free(ds);
581 		return NULL;
582 	}
583 
584 	/* keytag */
585 	keytag = htons(ldns_calc_keytag((ldns_rr*)key));
586 	tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT16,
587 						   sizeof(uint16_t),
588 						   &keytag);
589 	ldns_rr_push_rdf(ds, tmp);
590 
591 	/* copy the algorithm field */
592 	if ((tmp = ldns_rr_rdf(key, 2)) == NULL) {
593 		LDNS_FREE(digest);
594 		ldns_buffer_free(data_buf);
595 		ldns_rr_free(ds);
596 		return NULL;
597 	} else {
598 		ldns_rr_push_rdf(ds, ldns_rdf_clone( tmp ));
599 	}
600 
601 	/* digest hash type */
602 	sha1hash = (uint8_t)h;
603 	tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT8,
604 						   sizeof(uint8_t),
605 						   &sha1hash);
606 	ldns_rr_push_rdf(ds, tmp);
607 
608 	/* digest */
609 	/* owner name */
610 	tmp = ldns_rdf_clone(ldns_rr_owner(key));
611 	ldns_dname2canonical(tmp);
612 	if (ldns_rdf2buffer_wire(data_buf, tmp) != LDNS_STATUS_OK) {
613 		LDNS_FREE(digest);
614 		ldns_buffer_free(data_buf);
615 		ldns_rr_free(ds);
616 		ldns_rdf_deep_free(tmp);
617 		return NULL;
618 	}
619 	ldns_rdf_deep_free(tmp);
620 
621 	/* all the rdata's */
622 	if (ldns_rr_rdata2buffer_wire(data_buf,
623 							(ldns_rr*)key) != LDNS_STATUS_OK) {
624 		LDNS_FREE(digest);
625 		ldns_buffer_free(data_buf);
626 		ldns_rr_free(ds);
627 		return NULL;
628 	}
629 	switch(h) {
630 	case LDNS_SHA1:
631 		(void) ldns_sha1((unsigned char *) ldns_buffer_begin(data_buf),
632 		                 (unsigned int) ldns_buffer_position(data_buf),
633 		                 (unsigned char *) digest);
634 
635 		tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_HEX,
636 		                            LDNS_SHA1_DIGEST_LENGTH,
637 		                            digest);
638 		ldns_rr_push_rdf(ds, tmp);
639 
640 		break;
641 	case LDNS_SHA256:
642 		(void) ldns_sha256((unsigned char *) ldns_buffer_begin(data_buf),
643 		                   (unsigned int) ldns_buffer_position(data_buf),
644 		                   (unsigned char *) digest);
645 		tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_HEX,
646 		                            LDNS_SHA256_DIGEST_LENGTH,
647 		                            digest);
648 		ldns_rr_push_rdf(ds, tmp);
649 		break;
650 	case LDNS_HASH_GOST:
651 #ifdef USE_GOST
652 		if(!ldns_digest_evp((unsigned char *) ldns_buffer_begin(data_buf),
653 				(unsigned int) ldns_buffer_position(data_buf),
654 				(unsigned char *) digest, md)) {
655 			LDNS_FREE(digest);
656 			ldns_buffer_free(data_buf);
657 			ldns_rr_free(ds);
658 			return NULL;
659 		}
660 		tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_HEX,
661 		                            (size_t)EVP_MD_size(md),
662 		                            digest);
663 		ldns_rr_push_rdf(ds, tmp);
664 #endif
665 		break;
666 	case LDNS_SHA384:
667 #ifdef USE_ECDSA
668 		(void) SHA384((unsigned char *) ldns_buffer_begin(data_buf),
669 		                 (unsigned int) ldns_buffer_position(data_buf),
670 		                 (unsigned char *) digest);
671 		tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_HEX,
672 		                            SHA384_DIGEST_LENGTH,
673 		                            digest);
674 		ldns_rr_push_rdf(ds, tmp);
675 #endif
676 		break;
677 	}
678 
679 	LDNS_FREE(digest);
680 	ldns_buffer_free(data_buf);
681 	return ds;
682 }
683 
684 /* From RFC3845:
685  *
686  * 2.1.2.  The List of Type Bit Map(s) Field
687  *
688  *    The RR type space is split into 256 window blocks, each representing
689  *    the low-order 8 bits of the 16-bit RR type space.  Each block that
690  *    has at least one active RR type is encoded using a single octet
691  *    window number (from 0 to 255), a single octet bitmap length (from 1
692  *    to 32) indicating the number of octets used for the window block's
693  *    bitmap, and up to 32 octets (256 bits) of bitmap.
694  *
695  *    Window blocks are present in the NSEC RR RDATA in increasing
696  *    numerical order.
697  *
698  *    "|" denotes concatenation
699  *
700  *    Type Bit Map(s) Field = ( Window Block # | Bitmap Length | Bitmap ) +
701  *
702  *    <cut>
703  *
704  *    Blocks with no types present MUST NOT be included.  Trailing zero
705  *    octets in the bitmap MUST be omitted.  The length of each block's
706  *    bitmap is determined by the type code with the largest numerical
707  *    value within that block, among the set of RR types present at the
708  *    NSEC RR's owner name.  Trailing zero octets not specified MUST be
709  *    interpreted as zero octets.
710  */
711 ldns_rdf *
712 ldns_dnssec_create_nsec_bitmap(ldns_rr_type rr_type_list[],
713                                size_t size,
714                                ldns_rr_type nsec_type)
715 {
716 	uint8_t  window;		/*  most significant octet of type */
717 	uint8_t  subtype;		/* least significant octet of type */
718 	int      windows[256];		/* Max subtype per window */
719 	uint8_t  windowpresent[256];	/* bool if window appears in bitmap */
720 	ldns_rr_type* d;	/* used to traverse rr_type_list*/
721 	size_t i;		/* used to traverse windows array */
722 
723 	size_t sz;			/* size needed for type bitmap rdf */
724 	uint8_t* data = NULL;		/* rdf data */
725 	uint8_t* dptr;			/* used to itraverse rdf data */
726 	ldns_rdf* rdf;			/* bitmap rdf to return */
727 
728 	if (nsec_type != LDNS_RR_TYPE_NSEC &&
729 	    nsec_type != LDNS_RR_TYPE_NSEC3) {
730 		return NULL;
731 	}
732 	memset(windows, 0, sizeof(int)*256);
733 	memset(windowpresent, 0, 256);
734 
735 	/* Which other windows need to be in the bitmap rdf?
736 	 */
737 	for (d = rr_type_list; d < rr_type_list + size; d++) {
738 		window  = *d >> 8;
739 		subtype = *d & 0xff;
740 		windowpresent[window] = 1;
741 		if (windows[window] < (int)subtype) {
742 			windows[window] = (int)subtype;
743 		}
744 	}
745 
746 	/* How much space do we need in the rdf for those windows?
747 	 */
748 	sz = 0;
749 	for (i = 0; i < 256; i++) {
750 		if (windowpresent[i]) {
751 			sz += windows[i] / 8 + 3;
752 		}
753 	}
754 	if (sz > 0) {
755 		/* Format rdf data according RFC3845 Section 2.1.2 (see above)
756 		 */
757 		dptr = data = LDNS_CALLOC(uint8_t, sz);
758 		if (!data) {
759 			return NULL;
760 		}
761 		for (i = 0; i < 256; i++) {
762 			if (windowpresent[i]) {
763 				*dptr++ = (uint8_t)i;
764 				*dptr++ = (uint8_t)(windows[i] / 8 + 1);
765 
766 				/* Now let windows[i] index the bitmap
767 				 * within data
768 				 */
769 				windows[i] = (int)(dptr - data);
770 
771 				dptr += dptr[-1];
772 			}
773 		}
774 	}
775 
776 	/* Set the bits?
777 	 */
778 	for (d = rr_type_list; d < rr_type_list + size; d++) {
779 		subtype = *d & 0xff;
780 		data[windows[*d >> 8] + subtype/8] |= (0x80 >> (subtype % 8));
781 	}
782 
783 	/* Allocate and return rdf structure for the data
784 	 */
785 	rdf = ldns_rdf_new(LDNS_RDF_TYPE_BITMAP, sz, data);
786 	if (!rdf) {
787 		LDNS_FREE(data);
788 		return NULL;
789 	}
790 	return rdf;
791 }
792 
793 int
794 ldns_dnssec_rrsets_contains_type(const ldns_dnssec_rrsets *rrsets,
795                                  ldns_rr_type type)
796 {
797 	const ldns_dnssec_rrsets *cur_rrset = rrsets;
798 	while (cur_rrset) {
799 		if (cur_rrset->type == type) {
800 			return 1;
801 		}
802 		cur_rrset = cur_rrset->next;
803 	}
804 	return 0;
805 }
806 
807 ldns_rr *
808 ldns_dnssec_create_nsec(const ldns_dnssec_name *from,
809                         const ldns_dnssec_name *to,
810                         ldns_rr_type nsec_type)
811 {
812 	ldns_rr *nsec_rr;
813 	ldns_rr_type types[65536];
814 	size_t type_count = 0;
815 	ldns_dnssec_rrsets *cur_rrsets;
816 	int on_delegation_point;
817 
818 	if (!from || !to || (nsec_type != LDNS_RR_TYPE_NSEC)) {
819 		return NULL;
820 	}
821 
822 	nsec_rr = ldns_rr_new();
823 	ldns_rr_set_type(nsec_rr, nsec_type);
824 	ldns_rr_set_owner(nsec_rr, ldns_rdf_clone(ldns_dnssec_name_name(from)));
825 	ldns_rr_push_rdf(nsec_rr, ldns_rdf_clone(ldns_dnssec_name_name(to)));
826 
827 	on_delegation_point = ldns_dnssec_rrsets_contains_type(
828 			from->rrsets, LDNS_RR_TYPE_NS)
829 		&& !ldns_dnssec_rrsets_contains_type(
830 			from->rrsets, LDNS_RR_TYPE_SOA);
831 
832 	cur_rrsets = from->rrsets;
833 	while (cur_rrsets) {
834 		/* Do not include non-authoritative rrsets on the delegation point
835 		 * in the type bitmap */
836 		if ((on_delegation_point && (
837 				cur_rrsets->type == LDNS_RR_TYPE_NS
838 			     || cur_rrsets->type == LDNS_RR_TYPE_DS))
839 			|| (!on_delegation_point &&
840 				cur_rrsets->type != LDNS_RR_TYPE_RRSIG
841 			     && cur_rrsets->type != LDNS_RR_TYPE_NSEC)) {
842 
843 			types[type_count] = cur_rrsets->type;
844 			type_count++;
845 		}
846 		cur_rrsets = cur_rrsets->next;
847 
848 	}
849 	types[type_count] = LDNS_RR_TYPE_RRSIG;
850 	type_count++;
851 	types[type_count] = LDNS_RR_TYPE_NSEC;
852 	type_count++;
853 
854 	ldns_rr_push_rdf(nsec_rr, ldns_dnssec_create_nsec_bitmap(types,
855 	                               type_count,
856 	                               nsec_type));
857 
858 	return nsec_rr;
859 }
860 
861 ldns_rr *
862 ldns_dnssec_create_nsec3(const ldns_dnssec_name *from,
863 					const ldns_dnssec_name *to,
864 					const ldns_rdf *zone_name,
865 					uint8_t algorithm,
866 					uint8_t flags,
867 					uint16_t iterations,
868 					uint8_t salt_length,
869 					const uint8_t *salt)
870 {
871 	ldns_rr *nsec_rr;
872 	ldns_rr_type types[65536];
873 	size_t type_count = 0;
874 	ldns_dnssec_rrsets *cur_rrsets;
875 	ldns_status status;
876 	int on_delegation_point;
877 
878 	if (!from) {
879 		return NULL;
880 	}
881 
882 	nsec_rr = ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3);
883 	ldns_rr_set_owner(nsec_rr,
884 	                  ldns_nsec3_hash_name(ldns_dnssec_name_name(from),
885 	                  algorithm,
886 	                  iterations,
887 	                  salt_length,
888 	                  salt));
889 	status = ldns_dname_cat(ldns_rr_owner(nsec_rr), zone_name);
890         if(status != LDNS_STATUS_OK) {
891                 ldns_rr_free(nsec_rr);
892                 return NULL;
893         }
894 	ldns_nsec3_add_param_rdfs(nsec_rr,
895 	                          algorithm,
896 	                          flags,
897 	                          iterations,
898 	                          salt_length,
899 	                          salt);
900 
901 	on_delegation_point = ldns_dnssec_rrsets_contains_type(
902 			from->rrsets, LDNS_RR_TYPE_NS)
903 		&& !ldns_dnssec_rrsets_contains_type(
904 			from->rrsets, LDNS_RR_TYPE_SOA);
905 	cur_rrsets = from->rrsets;
906 	while (cur_rrsets) {
907 		/* Do not include non-authoritative rrsets on the delegation point
908 		 * in the type bitmap. Potentionally not skipping insecure
909 		 * delegation should have been done earlier, in function
910 		 * ldns_dnssec_zone_create_nsec3s, or even earlier in:
911 		 * ldns_dnssec_zone_sign_nsec3_flg .
912 		 */
913 		if ((on_delegation_point && (
914 				cur_rrsets->type == LDNS_RR_TYPE_NS
915 			     || cur_rrsets->type == LDNS_RR_TYPE_DS))
916 			|| (!on_delegation_point &&
917 				cur_rrsets->type != LDNS_RR_TYPE_RRSIG)) {
918 
919 			types[type_count] = cur_rrsets->type;
920 			type_count++;
921 		}
922 		cur_rrsets = cur_rrsets->next;
923 	}
924 	/* always add rrsig type if this is not an unsigned
925 	 * delegation
926 	 */
927 	if (type_count > 0 &&
928 	    !(type_count == 1 && types[0] == LDNS_RR_TYPE_NS)) {
929 		types[type_count] = LDNS_RR_TYPE_RRSIG;
930 		type_count++;
931 	}
932 
933 	/* leave next rdata empty if they weren't precomputed yet */
934 	if (to && to->hashed_name) {
935 		(void) ldns_rr_set_rdf(nsec_rr,
936 		                       ldns_rdf_clone(to->hashed_name),
937 		                       4);
938 	} else {
939 		(void) ldns_rr_set_rdf(nsec_rr, NULL, 4);
940 	}
941 
942 	ldns_rr_push_rdf(nsec_rr,
943 	                 ldns_dnssec_create_nsec_bitmap(types,
944 	                 type_count,
945 	                 LDNS_RR_TYPE_NSEC3));
946 
947 	return nsec_rr;
948 }
949 
950 ldns_rr *
951 ldns_create_nsec(ldns_rdf *cur_owner, ldns_rdf *next_owner, ldns_rr_list *rrs)
952 {
953 	/* we do not do any check here - garbage in, garbage out */
954 
955 	/* the the start and end names - get the type from the
956 	 * before rrlist */
957 
958 	/* inefficient, just give it a name, a next name, and a list of rrs */
959 	/* we make 1 big uberbitmap first, then windows */
960 	/* todo: make something more efficient :) */
961 	uint16_t i;
962 	ldns_rr *i_rr;
963 	uint16_t i_type;
964 
965 	ldns_rr *nsec = NULL;
966 	ldns_rr_type i_type_list[65536];
967 	size_t type_count = 0;
968 
969 	nsec = ldns_rr_new();
970 	ldns_rr_set_type(nsec, LDNS_RR_TYPE_NSEC);
971 	ldns_rr_set_owner(nsec, ldns_rdf_clone(cur_owner));
972 	ldns_rr_push_rdf(nsec, ldns_rdf_clone(next_owner));
973 
974 	for (i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
975 		i_rr = ldns_rr_list_rr(rrs, i);
976 		if (ldns_rdf_compare(cur_owner,
977 						 ldns_rr_owner(i_rr)) == 0) {
978 			i_type = ldns_rr_get_type(i_rr);
979 			if (i_type != LDNS_RR_TYPE_RRSIG && i_type != LDNS_RR_TYPE_NSEC) {
980 				if (type_count == 0 || i_type_list[type_count-1] != i_type) {
981 					i_type_list[type_count] = i_type;
982 					type_count++;
983 				}
984 			}
985 		}
986 	}
987 
988 	i_type_list[type_count] = LDNS_RR_TYPE_RRSIG;
989 	type_count++;
990 	i_type_list[type_count] = LDNS_RR_TYPE_NSEC;
991 	type_count++;
992 
993 	ldns_rr_push_rdf(nsec,
994 				  ldns_dnssec_create_nsec_bitmap(i_type_list,
995 						type_count, LDNS_RR_TYPE_NSEC));
996 
997 	return nsec;
998 }
999 
1000 ldns_rdf *
1001 ldns_nsec3_hash_name(const ldns_rdf *name,
1002 				 uint8_t algorithm,
1003 				 uint16_t iterations,
1004 				 uint8_t salt_length,
1005 				 const uint8_t *salt)
1006 {
1007 	size_t hashed_owner_str_len;
1008 	ldns_rdf *cann;
1009 	ldns_rdf *hashed_owner;
1010 	unsigned char *hashed_owner_str;
1011 	char *hashed_owner_b32;
1012 	size_t hashed_owner_b32_len;
1013 	uint32_t cur_it;
1014 	/* define to contain the largest possible hash, which is
1015 	 * sha1 at the moment */
1016 	unsigned char hash[LDNS_SHA1_DIGEST_LENGTH];
1017 	ldns_status status;
1018 
1019 	/* TODO: mnemonic list for hash algs SHA-1, default to 1 now (sha1) */
1020 	if (algorithm != LDNS_SHA1) {
1021 		return NULL;
1022 	}
1023 
1024 	/* prepare the owner name according to the draft section bla */
1025 	cann = ldns_rdf_clone(name);
1026 	if(!cann) {
1027 #ifdef STDERR_MSGS
1028 		fprintf(stderr, "Memory error\n");
1029 #endif
1030 		return NULL;
1031 	}
1032 	ldns_dname2canonical(cann);
1033 
1034 	hashed_owner_str_len = salt_length + ldns_rdf_size(cann);
1035 	hashed_owner_str = LDNS_XMALLOC(unsigned char, hashed_owner_str_len);
1036         if(!hashed_owner_str) {
1037 	        ldns_rdf_deep_free(cann);
1038                 return NULL;
1039         }
1040 	memcpy(hashed_owner_str, ldns_rdf_data(cann), ldns_rdf_size(cann));
1041 	memcpy(hashed_owner_str + ldns_rdf_size(cann), salt, salt_length);
1042 	ldns_rdf_deep_free(cann);
1043 
1044 	for (cur_it = iterations + 1; cur_it > 0; cur_it--) {
1045 		(void) ldns_sha1((unsigned char *) hashed_owner_str,
1046 		                 (unsigned int) hashed_owner_str_len, hash);
1047 
1048 		LDNS_FREE(hashed_owner_str);
1049 		hashed_owner_str_len = salt_length + LDNS_SHA1_DIGEST_LENGTH;
1050 		hashed_owner_str = LDNS_XMALLOC(unsigned char, hashed_owner_str_len);
1051 		if (!hashed_owner_str) {
1052 			return NULL;
1053 		}
1054 		memcpy(hashed_owner_str, hash, LDNS_SHA1_DIGEST_LENGTH);
1055 		memcpy(hashed_owner_str + LDNS_SHA1_DIGEST_LENGTH, salt, salt_length);
1056 		hashed_owner_str_len = LDNS_SHA1_DIGEST_LENGTH + salt_length;
1057 	}
1058 
1059 	LDNS_FREE(hashed_owner_str);
1060 	hashed_owner_str = hash;
1061 	hashed_owner_str_len = LDNS_SHA1_DIGEST_LENGTH;
1062 
1063 	hashed_owner_b32 = LDNS_XMALLOC(char,
1064                   ldns_b32_ntop_calculate_size(hashed_owner_str_len) + 1);
1065         if(!hashed_owner_b32) {
1066                 return NULL;
1067         }
1068         hashed_owner_b32_len = (size_t) ldns_b32_ntop_extended_hex(
1069                 (uint8_t *) hashed_owner_str,
1070                 hashed_owner_str_len,
1071                 hashed_owner_b32,
1072                 ldns_b32_ntop_calculate_size(hashed_owner_str_len)+1);
1073 	if (hashed_owner_b32_len < 1) {
1074 #ifdef STDERR_MSGS
1075 		fprintf(stderr, "Error in base32 extended hex encoding ");
1076 		fprintf(stderr, "of hashed owner name (name: ");
1077 		ldns_rdf_print(stderr, name);
1078 		fprintf(stderr, ", return code: %u)\n",
1079 		        (unsigned int) hashed_owner_b32_len);
1080 #endif
1081 		LDNS_FREE(hashed_owner_b32);
1082 		return NULL;
1083 	}
1084 	hashed_owner_b32[hashed_owner_b32_len] = '\0';
1085 
1086 	status = ldns_str2rdf_dname(&hashed_owner, hashed_owner_b32);
1087 	if (status != LDNS_STATUS_OK) {
1088 #ifdef STDERR_MSGS
1089 		fprintf(stderr, "Error creating rdf from %s\n", hashed_owner_b32);
1090 #endif
1091 		LDNS_FREE(hashed_owner_b32);
1092 		return NULL;
1093 	}
1094 
1095 	LDNS_FREE(hashed_owner_b32);
1096 	return hashed_owner;
1097 }
1098 
1099 void
1100 ldns_nsec3_add_param_rdfs(ldns_rr *rr,
1101 					 uint8_t algorithm,
1102 					 uint8_t flags,
1103 					 uint16_t iterations,
1104 					 uint8_t salt_length,
1105 					 const uint8_t *salt)
1106 {
1107 	ldns_rdf *salt_rdf = NULL;
1108 	uint8_t *salt_data = NULL;
1109 	ldns_rdf *old;
1110 
1111 	old = ldns_rr_set_rdf(rr,
1112 	                      ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT8,
1113 	                                            1, (void*)&algorithm),
1114 	                      0);
1115 	if (old) ldns_rdf_deep_free(old);
1116 
1117 	old = ldns_rr_set_rdf(rr,
1118 	                      ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT8,
1119 	                                            1, (void*)&flags),
1120 	                      1);
1121 	if (old) ldns_rdf_deep_free(old);
1122 
1123 	old = ldns_rr_set_rdf(rr,
1124                           ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16,
1125                                                 iterations),
1126 	                      2);
1127 	if (old) ldns_rdf_deep_free(old);
1128 
1129 	salt_data = LDNS_XMALLOC(uint8_t, salt_length + 1);
1130         if(!salt_data) {
1131                 /* no way to return error */
1132                 return;
1133         }
1134 	salt_data[0] = salt_length;
1135 	memcpy(salt_data + 1, salt, salt_length);
1136 	salt_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_NSEC3_SALT,
1137 							   salt_length + 1,
1138 							   salt_data);
1139         if(!salt_rdf) {
1140                 LDNS_FREE(salt_data);
1141                 /* no way to return error */
1142                 return;
1143         }
1144 
1145 	old = ldns_rr_set_rdf(rr, salt_rdf, 3);
1146 	if (old) ldns_rdf_deep_free(old);
1147 	LDNS_FREE(salt_data);
1148 }
1149 
1150 static int
1151 rr_list_delegation_only(const ldns_rdf *origin, const ldns_rr_list *rr_list)
1152 {
1153 	size_t i;
1154 	ldns_rr *cur_rr;
1155 	if (!origin || !rr_list) return 0;
1156 	for (i = 0; i < ldns_rr_list_rr_count(rr_list); i++) {
1157 		cur_rr = ldns_rr_list_rr(rr_list, i);
1158 		if (ldns_dname_compare(ldns_rr_owner(cur_rr), origin) == 0) {
1159 			return 0;
1160 		}
1161 		if (ldns_rr_get_type(cur_rr) != LDNS_RR_TYPE_NS) {
1162 			return 0;
1163 		}
1164 	}
1165 	return 1;
1166 }
1167 
1168 /* this will NOT return the NSEC3  completed, you will have to run the
1169    finalize function on the rrlist later! */
1170 ldns_rr *
1171 ldns_create_nsec3(const ldns_rdf *cur_owner,
1172                   const ldns_rdf *cur_zone,
1173                   const ldns_rr_list *rrs,
1174                   uint8_t algorithm,
1175                   uint8_t flags,
1176                   uint16_t iterations,
1177                   uint8_t salt_length,
1178                   const uint8_t *salt,
1179                   bool emptynonterminal)
1180 {
1181 	size_t i;
1182 	ldns_rr *i_rr;
1183 	uint16_t i_type;
1184 
1185 	ldns_rr *nsec = NULL;
1186 	ldns_rdf *hashed_owner = NULL;
1187 
1188 	ldns_status status;
1189 
1190     ldns_rr_type i_type_list[1024];
1191 	size_t type_count = 0;
1192 
1193 	hashed_owner = ldns_nsec3_hash_name(cur_owner,
1194 								 algorithm,
1195 								 iterations,
1196 								 salt_length,
1197 								 salt);
1198 	status = ldns_dname_cat(hashed_owner, cur_zone);
1199         if(status != LDNS_STATUS_OK) {
1200 		ldns_rdf_deep_free(hashed_owner);
1201                 return NULL;
1202 	}
1203 	nsec = ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3);
1204         if(!nsec) {
1205 		ldns_rdf_deep_free(hashed_owner);
1206                 return NULL;
1207 	}
1208 	ldns_rr_set_type(nsec, LDNS_RR_TYPE_NSEC3);
1209 	ldns_rr_set_owner(nsec, hashed_owner);
1210 
1211 	ldns_nsec3_add_param_rdfs(nsec,
1212 						 algorithm,
1213 						 flags,
1214 						 iterations,
1215 						 salt_length,
1216 						 salt);
1217 	(void) ldns_rr_set_rdf(nsec, NULL, 4);
1218 
1219 
1220 	for (i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
1221 		i_rr = ldns_rr_list_rr(rrs, i);
1222 		if (ldns_rdf_compare(cur_owner,
1223 						 ldns_rr_owner(i_rr)) == 0) {
1224 			i_type = ldns_rr_get_type(i_rr);
1225 			if (type_count == 0 || i_type_list[type_count-1] != i_type) {
1226 				i_type_list[type_count] = i_type;
1227 				type_count++;
1228 			}
1229 		}
1230 	}
1231 
1232 	/* add RRSIG anyway, but only if this is not an ENT or
1233 	 * an unsigned delegation */
1234 	if (!emptynonterminal && !rr_list_delegation_only(cur_zone, rrs)) {
1235 		i_type_list[type_count] = LDNS_RR_TYPE_RRSIG;
1236 		type_count++;
1237 	}
1238 
1239 	/* and SOA if owner == zone */
1240 	if (ldns_dname_compare(cur_zone, cur_owner) == 0) {
1241 		i_type_list[type_count] = LDNS_RR_TYPE_SOA;
1242 		type_count++;
1243 	}
1244 
1245 	ldns_rr_push_rdf(nsec,
1246 				  ldns_dnssec_create_nsec_bitmap(i_type_list,
1247 						type_count, LDNS_RR_TYPE_NSEC3));
1248 
1249 	return nsec;
1250 }
1251 
1252 uint8_t
1253 ldns_nsec3_algorithm(const ldns_rr *nsec3_rr)
1254 {
1255 	if (nsec3_rr &&
1256 	      (ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 ||
1257 	       ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3PARAM)
1258 	    && (ldns_rr_rdf(nsec3_rr, 0) != NULL)
1259 	    && ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 0)) > 0) {
1260 		return ldns_rdf2native_int8(ldns_rr_rdf(nsec3_rr, 0));
1261 	}
1262 	return 0;
1263 }
1264 
1265 uint8_t
1266 ldns_nsec3_flags(const ldns_rr *nsec3_rr)
1267 {
1268 	if (nsec3_rr &&
1269 	      (ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 ||
1270 	       ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3PARAM)
1271 	    && (ldns_rr_rdf(nsec3_rr, 1) != NULL)
1272 	    && ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 1)) > 0) {
1273 		return ldns_rdf2native_int8(ldns_rr_rdf(nsec3_rr, 1));
1274 	}
1275 	return 0;
1276 }
1277 
1278 bool
1279 ldns_nsec3_optout(const ldns_rr *nsec3_rr)
1280 {
1281 	return (ldns_nsec3_flags(nsec3_rr) & LDNS_NSEC3_VARS_OPTOUT_MASK);
1282 }
1283 
1284 uint16_t
1285 ldns_nsec3_iterations(const ldns_rr *nsec3_rr)
1286 {
1287 	if (nsec3_rr &&
1288 	      (ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 ||
1289 	       ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3PARAM)
1290 	    && (ldns_rr_rdf(nsec3_rr, 2) != NULL)
1291 	    && ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 2)) > 0) {
1292 		return ldns_rdf2native_int16(ldns_rr_rdf(nsec3_rr, 2));
1293 	}
1294 	return 0;
1295 
1296 }
1297 
1298 ldns_rdf *
1299 ldns_nsec3_salt(const ldns_rr *nsec3_rr)
1300 {
1301 	if (nsec3_rr &&
1302 	      (ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 ||
1303 	       ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3PARAM)
1304 	    ) {
1305 		return ldns_rr_rdf(nsec3_rr, 3);
1306 	}
1307 	return NULL;
1308 }
1309 
1310 uint8_t
1311 ldns_nsec3_salt_length(const ldns_rr *nsec3_rr)
1312 {
1313 	ldns_rdf *salt_rdf = ldns_nsec3_salt(nsec3_rr);
1314 	if (salt_rdf && ldns_rdf_size(salt_rdf) > 0) {
1315 		return (uint8_t) ldns_rdf_data(salt_rdf)[0];
1316 	}
1317 	return 0;
1318 }
1319 
1320 /* allocs data, free with LDNS_FREE() */
1321 uint8_t *
1322 ldns_nsec3_salt_data(const ldns_rr *nsec3_rr)
1323 {
1324 	uint8_t salt_length;
1325 	uint8_t *salt;
1326 
1327 	ldns_rdf *salt_rdf = ldns_nsec3_salt(nsec3_rr);
1328 	if (salt_rdf && ldns_rdf_size(salt_rdf) > 0) {
1329 	    	salt_length = ldns_rdf_data(salt_rdf)[0];
1330 		salt = LDNS_XMALLOC(uint8_t, salt_length);
1331                 if(!salt) return NULL;
1332 		memcpy(salt, &ldns_rdf_data(salt_rdf)[1], salt_length);
1333 		return salt;
1334 	}
1335 	return NULL;
1336 }
1337 
1338 ldns_rdf *
1339 ldns_nsec3_next_owner(const ldns_rr *nsec3_rr)
1340 {
1341 	if (!nsec3_rr || ldns_rr_get_type(nsec3_rr) != LDNS_RR_TYPE_NSEC3) {
1342 		return NULL;
1343 	} else {
1344 		return ldns_rr_rdf(nsec3_rr, 4);
1345 	}
1346 }
1347 
1348 ldns_rdf *
1349 ldns_nsec3_bitmap(const ldns_rr *nsec3_rr)
1350 {
1351 	if (!nsec3_rr || ldns_rr_get_type(nsec3_rr) != LDNS_RR_TYPE_NSEC3) {
1352 		return NULL;
1353 	} else {
1354 		return ldns_rr_rdf(nsec3_rr, 5);
1355 	}
1356 }
1357 
1358 ldns_rdf *
1359 ldns_nsec3_hash_name_frm_nsec3(const ldns_rr *nsec, const ldns_rdf *name)
1360 {
1361 	uint8_t algorithm;
1362 	uint16_t iterations;
1363 	uint8_t salt_length;
1364 	uint8_t *salt = 0;
1365 
1366 	ldns_rdf *hashed_owner;
1367 
1368 	algorithm = ldns_nsec3_algorithm(nsec);
1369 	salt_length = ldns_nsec3_salt_length(nsec);
1370 	salt = ldns_nsec3_salt_data(nsec);
1371 	iterations = ldns_nsec3_iterations(nsec);
1372 
1373 	hashed_owner = ldns_nsec3_hash_name(name,
1374 								 algorithm,
1375 								 iterations,
1376 								 salt_length,
1377 								 salt);
1378 
1379 	LDNS_FREE(salt);
1380 	return hashed_owner;
1381 }
1382 
1383 bool
1384 ldns_nsec_bitmap_covers_type(const ldns_rdf* bitmap, ldns_rr_type type)
1385 {
1386 	uint8_t* dptr;
1387 	uint8_t* dend;
1388 
1389 	/* From RFC3845 Section 2.1.2:
1390 	 *
1391 	 *	"The RR type space is split into 256 window blocks, each re-
1392 	 *	 presenting the low-order 8 bits of the 16-bit RR type space."
1393 	 */
1394 	uint8_t  window = type >> 8;
1395 	uint8_t subtype = type & 0xff;
1396 
1397 	if (! bitmap) {
1398 		return false;
1399 	}
1400 	assert(ldns_rdf_get_type(bitmap) == LDNS_RDF_TYPE_BITMAP);
1401 
1402 	dptr = ldns_rdf_data(bitmap);
1403 	dend = ldns_rdf_data(bitmap) + ldns_rdf_size(bitmap);
1404 
1405 	/* Type Bitmap = ( Window Block # | Bitmap Length | Bitmap ) +
1406 	 *                 dptr[0]          dptr[1]         dptr[2:]
1407 	 */
1408 	while (dptr < dend && dptr[0] <= window) {
1409 
1410 		if (dptr[0] == window && subtype / 8 < dptr[1] &&
1411 				dptr + dptr[1] + 2 <= dend) {
1412 
1413 			return dptr[2 + subtype / 8] & (0x80 >> (subtype % 8));
1414 		}
1415 		dptr += dptr[1] + 2; /* next window */
1416 	}
1417 	return false;
1418 }
1419 
1420 ldns_status
1421 ldns_nsec_bitmap_set_type(ldns_rdf* bitmap, ldns_rr_type type)
1422 {
1423 	uint8_t* dptr;
1424 	uint8_t* dend;
1425 
1426 	/* From RFC3845 Section 2.1.2:
1427 	 *
1428 	 *	"The RR type space is split into 256 window blocks, each re-
1429 	 *	 presenting the low-order 8 bits of the 16-bit RR type space."
1430 	 */
1431 	uint8_t  window = type >> 8;
1432 	uint8_t subtype = type & 0xff;
1433 
1434 	if (! bitmap) {
1435 		return false;
1436 	}
1437 	assert(ldns_rdf_get_type(bitmap) == LDNS_RDF_TYPE_BITMAP);
1438 
1439 	dptr = ldns_rdf_data(bitmap);
1440 	dend = ldns_rdf_data(bitmap) + ldns_rdf_size(bitmap);
1441 
1442 	/* Type Bitmap = ( Window Block # | Bitmap Length | Bitmap ) +
1443 	 *                 dptr[0]          dptr[1]         dptr[2:]
1444 	 */
1445 	while (dptr < dend && dptr[0] <= window) {
1446 
1447 		if (dptr[0] == window && subtype / 8 < dptr[1] &&
1448 				dptr + dptr[1] + 2 <= dend) {
1449 
1450 			dptr[2 + subtype / 8] |= (0x80 >> (subtype % 8));
1451 			return LDNS_STATUS_OK;
1452 		}
1453 		dptr += dptr[1] + 2; /* next window */
1454 	}
1455 	return LDNS_STATUS_TYPE_NOT_IN_BITMAP;
1456 }
1457 
1458 ldns_status
1459 ldns_nsec_bitmap_clear_type(ldns_rdf* bitmap, ldns_rr_type type)
1460 {
1461 	uint8_t* dptr;
1462 	uint8_t* dend;
1463 
1464 	/* From RFC3845 Section 2.1.2:
1465 	 *
1466 	 *	"The RR type space is split into 256 window blocks, each re-
1467 	 *	 presenting the low-order 8 bits of the 16-bit RR type space."
1468 	 */
1469 	uint8_t  window = type >> 8;
1470 	uint8_t subtype = type & 0xff;
1471 
1472 	if (! bitmap) {
1473 		return false;
1474 	}
1475 
1476 	assert(ldns_rdf_get_type(bitmap) == LDNS_RDF_TYPE_BITMAP);
1477 
1478 	dptr = ldns_rdf_data(bitmap);
1479 	dend = ldns_rdf_data(bitmap) + ldns_rdf_size(bitmap);
1480 
1481 	/* Type Bitmap = ( Window Block # | Bitmap Length | Bitmap ) +
1482 	 *                 dptr[0]          dptr[1]         dptr[2:]
1483 	 */
1484 	while (dptr < dend && dptr[0] <= window) {
1485 
1486 		if (dptr[0] == window && subtype / 8 < dptr[1] &&
1487 				dptr + dptr[1] + 2 <= dend) {
1488 
1489 			dptr[2 + subtype / 8] &= ~(0x80 >> (subtype % 8));
1490 			return LDNS_STATUS_OK;
1491 		}
1492 		dptr += dptr[1] + 2; /* next window */
1493 	}
1494 	return LDNS_STATUS_TYPE_NOT_IN_BITMAP;
1495 }
1496 
1497 
1498 bool
1499 ldns_nsec_covers_name(const ldns_rr *nsec, const ldns_rdf *name)
1500 {
1501 	ldns_rdf *nsec_owner = ldns_rr_owner(nsec);
1502 	ldns_rdf *hash_next;
1503 	char *next_hash_str;
1504 	ldns_rdf *nsec_next = NULL;
1505 	ldns_status status;
1506 	ldns_rdf *chopped_dname;
1507 	bool result;
1508 
1509 	if (ldns_rr_get_type(nsec) == LDNS_RR_TYPE_NSEC) {
1510 		if (ldns_rr_rdf(nsec, 0) != NULL) {
1511 			nsec_next = ldns_rdf_clone(ldns_rr_rdf(nsec, 0));
1512 		} else {
1513 			return false;
1514 		}
1515 	} else if (ldns_rr_get_type(nsec) == LDNS_RR_TYPE_NSEC3) {
1516 		hash_next = ldns_nsec3_next_owner(nsec);
1517 		next_hash_str = ldns_rdf2str(hash_next);
1518 		nsec_next = ldns_dname_new_frm_str(next_hash_str);
1519 		LDNS_FREE(next_hash_str);
1520 		chopped_dname = ldns_dname_left_chop(nsec_owner);
1521 		status = ldns_dname_cat(nsec_next, chopped_dname);
1522 		ldns_rdf_deep_free(chopped_dname);
1523 		if (status != LDNS_STATUS_OK) {
1524 			printf("error catting: %s\n", ldns_get_errorstr_by_id(status));
1525 		}
1526 	} else {
1527 		ldns_rdf_deep_free(nsec_next);
1528 		return false;
1529 	}
1530 
1531 	/* in the case of the last nsec */
1532 	if(ldns_dname_compare(nsec_owner, nsec_next) > 0) {
1533 		result = (ldns_dname_compare(nsec_owner, name) <= 0 ||
1534 				ldns_dname_compare(name, nsec_next) < 0);
1535 	} else if(ldns_dname_compare(nsec_owner, nsec_next) < 0) {
1536 		result = (ldns_dname_compare(nsec_owner, name) <= 0 &&
1537 		          ldns_dname_compare(name, nsec_next) < 0);
1538 	} else {
1539 		result = true;
1540 	}
1541 
1542 	ldns_rdf_deep_free(nsec_next);
1543 	return result;
1544 }
1545 
1546 #ifdef HAVE_SSL
1547 /* sig may be null - if so look in the packet */
1548 
1549 ldns_status
1550 ldns_pkt_verify_time(const ldns_pkt *p, ldns_rr_type t, const ldns_rdf *o,
1551 		const ldns_rr_list *k, const ldns_rr_list *s,
1552 		time_t check_time, ldns_rr_list *good_keys)
1553 {
1554 	ldns_rr_list *rrset;
1555 	ldns_rr_list *sigs;
1556 	ldns_rr_list *sigs_covered;
1557 	ldns_rdf *rdf_t;
1558 	ldns_rr_type t_netorder;
1559 
1560 	if (!k) {
1561 		return LDNS_STATUS_ERR;
1562 		/* return LDNS_STATUS_CRYPTO_NO_DNSKEY; */
1563 	}
1564 
1565 	if (t == LDNS_RR_TYPE_RRSIG) {
1566 		/* we don't have RRSIG(RRSIG) (yet? ;-) ) */
1567 		return LDNS_STATUS_ERR;
1568 	}
1569 
1570 	if (s) {
1571 		/* if s is not NULL, the sigs are given to use */
1572 		sigs = (ldns_rr_list *)s;
1573 	} else {
1574 		/* otherwise get them from the packet */
1575 		sigs = ldns_pkt_rr_list_by_name_and_type(p, o,
1576 				LDNS_RR_TYPE_RRSIG,
1577 				LDNS_SECTION_ANY_NOQUESTION);
1578 		if (!sigs) {
1579 			/* no sigs */
1580 			return LDNS_STATUS_ERR;
1581 			/* return LDNS_STATUS_CRYPTO_NO_RRSIG; */
1582 		}
1583 	}
1584 
1585 	/* rrsig are subtyped, so now we need to find the correct
1586 	 * sigs for the type t
1587 	 */
1588 	t_netorder = htons(t); /* rdf are in network order! */
1589 	/* a type identifier is a 16-bit number, so the size is 2 bytes */
1590 	rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE, 2, &t_netorder);
1591 
1592 	sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0);
1593 	ldns_rdf_free(rdf_t);
1594 	if (! sigs_covered) {
1595 		if (! s) {
1596 			ldns_rr_list_deep_free(sigs);
1597 		}
1598 		return LDNS_STATUS_ERR;
1599 	}
1600 	ldns_rr_list_deep_free(sigs_covered);
1601 
1602 	rrset = ldns_pkt_rr_list_by_name_and_type(p, o, t,
1603 			LDNS_SECTION_ANY_NOQUESTION);
1604 	if (!rrset) {
1605 		if (! s) {
1606 			ldns_rr_list_deep_free(sigs);
1607 		}
1608 		return LDNS_STATUS_ERR;
1609 	}
1610 	return ldns_verify_time(rrset, sigs, k, check_time, good_keys);
1611 }
1612 
1613 ldns_status
1614 ldns_pkt_verify(const ldns_pkt *p, ldns_rr_type t, const ldns_rdf *o,
1615 		const ldns_rr_list *k, const ldns_rr_list *s, ldns_rr_list *good_keys)
1616 {
1617 	return ldns_pkt_verify_time(p, t, o, k, s, ldns_time(NULL), good_keys);
1618 }
1619 #endif /* HAVE_SSL */
1620 
1621 ldns_status
1622 ldns_dnssec_chain_nsec3_list(ldns_rr_list *nsec3_rrs)
1623 {
1624 	size_t i;
1625 	char *next_nsec_owner_str;
1626 	ldns_rdf *next_nsec_owner_label;
1627 	ldns_rdf *next_nsec_rdf;
1628 	ldns_status status = LDNS_STATUS_OK;
1629 
1630 	for (i = 0; i < ldns_rr_list_rr_count(nsec3_rrs); i++) {
1631 		if (i == ldns_rr_list_rr_count(nsec3_rrs) - 1) {
1632 			next_nsec_owner_label =
1633 				ldns_dname_label(ldns_rr_owner(ldns_rr_list_rr(nsec3_rrs,
1634 													  0)), 0);
1635 			next_nsec_owner_str = ldns_rdf2str(next_nsec_owner_label);
1636 			if (next_nsec_owner_str[strlen(next_nsec_owner_str) - 1]
1637 			    == '.') {
1638 				next_nsec_owner_str[strlen(next_nsec_owner_str) - 1]
1639 					= '\0';
1640 			}
1641 			status = ldns_str2rdf_b32_ext(&next_nsec_rdf,
1642 									next_nsec_owner_str);
1643 			if (!ldns_rr_set_rdf(ldns_rr_list_rr(nsec3_rrs, i),
1644 							 next_nsec_rdf, 4)) {
1645 				/* todo: error */
1646 			}
1647 
1648 			ldns_rdf_deep_free(next_nsec_owner_label);
1649 			LDNS_FREE(next_nsec_owner_str);
1650 		} else {
1651 			next_nsec_owner_label =
1652 				ldns_dname_label(ldns_rr_owner(ldns_rr_list_rr(nsec3_rrs,
1653 													  i + 1)),
1654 							  0);
1655 			next_nsec_owner_str = ldns_rdf2str(next_nsec_owner_label);
1656 			if (next_nsec_owner_str[strlen(next_nsec_owner_str) - 1]
1657 			    == '.') {
1658 				next_nsec_owner_str[strlen(next_nsec_owner_str) - 1]
1659 					= '\0';
1660 			}
1661 			status = ldns_str2rdf_b32_ext(&next_nsec_rdf,
1662 									next_nsec_owner_str);
1663 			ldns_rdf_deep_free(next_nsec_owner_label);
1664 			LDNS_FREE(next_nsec_owner_str);
1665 			if (!ldns_rr_set_rdf(ldns_rr_list_rr(nsec3_rrs, i),
1666 							 next_nsec_rdf, 4)) {
1667 				/* todo: error */
1668 			}
1669 		}
1670 	}
1671 	return status;
1672 }
1673 
1674 int
1675 qsort_rr_compare_nsec3(const void *a, const void *b)
1676 {
1677 	const ldns_rr *rr1 = * (const ldns_rr **) a;
1678 	const ldns_rr *rr2 = * (const ldns_rr **) b;
1679 	if (rr1 == NULL && rr2 == NULL) {
1680 		return 0;
1681 	}
1682 	if (rr1 == NULL) {
1683 		return -1;
1684 	}
1685 	if (rr2 == NULL) {
1686 		return 1;
1687 	}
1688 	return ldns_rdf_compare(ldns_rr_owner(rr1), ldns_rr_owner(rr2));
1689 }
1690 
1691 void
1692 ldns_rr_list_sort_nsec3(ldns_rr_list *unsorted)
1693 {
1694 	qsort(unsorted->_rrs,
1695 	      ldns_rr_list_rr_count(unsorted),
1696 	      sizeof(ldns_rr *),
1697 	      qsort_rr_compare_nsec3);
1698 }
1699 
1700 int
1701 ldns_dnssec_default_add_to_signatures( ATTR_UNUSED(ldns_rr *sig)
1702 				     , ATTR_UNUSED(void *n)
1703 				     )
1704 {
1705 	return LDNS_SIGNATURE_LEAVE_ADD_NEW;
1706 }
1707 
1708 int
1709 ldns_dnssec_default_leave_signatures( ATTR_UNUSED(ldns_rr *sig)
1710 				    , ATTR_UNUSED(void *n)
1711 				    )
1712 {
1713 	return LDNS_SIGNATURE_LEAVE_NO_ADD;
1714 }
1715 
1716 int
1717 ldns_dnssec_default_delete_signatures( ATTR_UNUSED(ldns_rr *sig)
1718 				     , ATTR_UNUSED(void *n)
1719 				     )
1720 {
1721 	return LDNS_SIGNATURE_REMOVE_NO_ADD;
1722 }
1723 
1724 int
1725 ldns_dnssec_default_replace_signatures( ATTR_UNUSED(ldns_rr *sig)
1726 				      , ATTR_UNUSED(void *n)
1727 				      )
1728 {
1729 	return LDNS_SIGNATURE_REMOVE_ADD_NEW;
1730 }
1731 
1732 #ifdef HAVE_SSL
1733 ldns_rdf *
1734 ldns_convert_dsa_rrsig_asn12rdf(const ldns_buffer *sig,
1735 						  const long sig_len)
1736 {
1737 #ifdef USE_DSA
1738 	ldns_rdf *sigdata_rdf;
1739 	DSA_SIG *dsasig;
1740 	const BIGNUM *R, *S;
1741 	unsigned char *dsasig_data = (unsigned char*)ldns_buffer_begin(sig);
1742 	size_t byte_offset;
1743 
1744 	dsasig = d2i_DSA_SIG(NULL,
1745 					 (const unsigned char **)&dsasig_data,
1746 					 sig_len);
1747 	if (!dsasig) {
1748                 DSA_SIG_free(dsasig);
1749 		return NULL;
1750 	}
1751 
1752 	dsasig_data = LDNS_XMALLOC(unsigned char, 41);
1753         if(!dsasig_data) {
1754                 DSA_SIG_free(dsasig);
1755                 return NULL;
1756         }
1757 	dsasig_data[0] = 0;
1758 # ifdef HAVE_DSA_SIG_GET0
1759 	DSA_SIG_get0(dsasig, &R, &S);
1760 # else
1761 	R = dsasig->r;
1762 	S = dsasig->s;
1763 # endif
1764 	byte_offset = (size_t) (20 - BN_num_bytes(R));
1765 	if (byte_offset > 20) {
1766                 DSA_SIG_free(dsasig);
1767                 LDNS_FREE(dsasig_data);
1768 		return NULL;
1769 	}
1770 	memset(&dsasig_data[1], 0, byte_offset);
1771 	BN_bn2bin(R, &dsasig_data[1 + byte_offset]);
1772 	byte_offset = (size_t) (20 - BN_num_bytes(S));
1773 	if (byte_offset > 20) {
1774                 DSA_SIG_free(dsasig);
1775                 LDNS_FREE(dsasig_data);
1776 		return NULL;
1777 	}
1778 	memset(&dsasig_data[21], 0, byte_offset);
1779 	BN_bn2bin(S, &dsasig_data[21 + byte_offset]);
1780 
1781 	sigdata_rdf = ldns_rdf_new(LDNS_RDF_TYPE_B64, 41, dsasig_data);
1782         if(!sigdata_rdf) {
1783                 LDNS_FREE(dsasig_data);
1784         }
1785 	DSA_SIG_free(dsasig);
1786 
1787 	return sigdata_rdf;
1788 #else
1789 	(void)sig; (void)sig_len;
1790 	return NULL;
1791 #endif
1792 }
1793 
1794 ldns_status
1795 ldns_convert_dsa_rrsig_rdf2asn1(ldns_buffer *target_buffer,
1796 						  const ldns_rdf *sig_rdf)
1797 {
1798 #ifdef USE_DSA
1799 	/* the EVP api wants the DER encoding of the signature... */
1800 	BIGNUM *R, *S;
1801 	DSA_SIG *dsasig;
1802 	unsigned char *raw_sig = NULL;
1803 	int raw_sig_len;
1804 
1805         if(ldns_rdf_size(sig_rdf) < 1 + 2*SHA_DIGEST_LENGTH)
1806                 return LDNS_STATUS_SYNTAX_RDATA_ERR;
1807 	/* extract the R and S field from the sig buffer */
1808 	R = BN_new();
1809 	if(!R) return LDNS_STATUS_MEM_ERR;
1810 	(void) BN_bin2bn((unsigned char *) ldns_rdf_data(sig_rdf) + 1,
1811 	                 SHA_DIGEST_LENGTH, R);
1812 	S = BN_new();
1813 	if(!S) {
1814 		BN_free(R);
1815 		return LDNS_STATUS_MEM_ERR;
1816 	}
1817 	(void) BN_bin2bn((unsigned char *) ldns_rdf_data(sig_rdf) + 21,
1818 	                 SHA_DIGEST_LENGTH, S);
1819 
1820 	dsasig = DSA_SIG_new();
1821 	if (!dsasig) {
1822 		BN_free(R);
1823 		BN_free(S);
1824 		return LDNS_STATUS_MEM_ERR;
1825 	}
1826 # ifdef HAVE_DSA_SIG_SET0
1827        if (! DSA_SIG_set0(dsasig, R, S))
1828 	       return LDNS_STATUS_SSL_ERR;
1829 # else
1830 	dsasig->r = R;
1831 	dsasig->s = S;
1832 # endif
1833 
1834 	raw_sig_len = i2d_DSA_SIG(dsasig, &raw_sig);
1835 	if (raw_sig_len < 0) {
1836 		DSA_SIG_free(dsasig);
1837 		free(raw_sig);
1838 		return LDNS_STATUS_SSL_ERR;
1839 	}
1840 	if (ldns_buffer_reserve(target_buffer, (size_t) raw_sig_len)) {
1841 		ldns_buffer_write(target_buffer, raw_sig, (size_t)raw_sig_len);
1842 	}
1843 
1844 	DSA_SIG_free(dsasig);
1845 	free(raw_sig);
1846 
1847 	return ldns_buffer_status(target_buffer);
1848 #else
1849 	(void)target_buffer; (void)sig_rdf;
1850 	return LDNS_STATUS_CRYPTO_ALGO_NOT_IMPL;
1851 #endif
1852 }
1853 
1854 #ifdef USE_ECDSA
1855 #ifndef S_SPLINT_S
1856 ldns_rdf *
1857 ldns_convert_ecdsa_rrsig_asn1len2rdf(const ldns_buffer *sig,
1858 	const long sig_len, int num_bytes)
1859 {
1860         ECDSA_SIG* ecdsa_sig;
1861 	const BIGNUM *r, *s;
1862 	unsigned char *data = (unsigned char*)ldns_buffer_begin(sig);
1863         ldns_rdf* rdf;
1864 	ecdsa_sig = d2i_ECDSA_SIG(NULL, (const unsigned char **)&data, sig_len);
1865         if(!ecdsa_sig) return NULL;
1866 
1867 #ifdef HAVE_ECDSA_SIG_GET0
1868 	ECDSA_SIG_get0(ecdsa_sig, &r, &s);
1869 #else
1870 	r = ecdsa_sig->r;
1871 	s = ecdsa_sig->s;
1872 #endif
1873         /* "r | s". */
1874         if(BN_num_bytes(r) > num_bytes ||
1875 		BN_num_bytes(s) > num_bytes) {
1876                 ECDSA_SIG_free(ecdsa_sig);
1877 		return NULL; /* numbers too big for passed curve size */
1878 	}
1879         data = LDNS_XMALLOC(unsigned char, num_bytes*2);
1880         if(!data) {
1881                 ECDSA_SIG_free(ecdsa_sig);
1882                 return NULL;
1883         }
1884 	/* write the bignums (in big-endian) a little offset if the BN code
1885 	 * wants to write a shorter number of bytes, with zeroes prefixed */
1886 	memset(data, 0, num_bytes*2);
1887         BN_bn2bin(r, data+num_bytes-BN_num_bytes(r));
1888         BN_bn2bin(s, data+num_bytes*2-BN_num_bytes(s));
1889 	rdf = ldns_rdf_new(LDNS_RDF_TYPE_B64, (size_t)(num_bytes*2), data);
1890         ECDSA_SIG_free(ecdsa_sig);
1891         return rdf;
1892 }
1893 
1894 ldns_status
1895 ldns_convert_ecdsa_rrsig_rdf2asn1(ldns_buffer *target_buffer,
1896         const ldns_rdf *sig_rdf)
1897 {
1898         /* convert from two BIGNUMs in the rdata buffer, to ASN notation.
1899 	 * ASN preable:  30440220 <R 32bytefor256> 0220 <S 32bytefor256>
1900 	 * the '20' is the length of that field (=bnsize).
1901 	 * the '44' is the total remaining length.
1902 	 * if negative, start with leading zero.
1903 	 * if starts with 00s, remove them from the number.
1904 	 */
1905         uint8_t pre[] = {0x30, 0x44, 0x02, 0x20};
1906         int pre_len = 4;
1907         uint8_t mid[] = {0x02, 0x20};
1908         int mid_len = 2;
1909         int raw_sig_len, r_high, s_high, r_rem=0, s_rem=0;
1910         long bnsize = (long)ldns_rdf_size(sig_rdf) / 2;
1911         uint8_t* d = ldns_rdf_data(sig_rdf);
1912         /* if too short, or not even length, do not bother */
1913         if(bnsize < 16 || (size_t)bnsize*2 != ldns_rdf_size(sig_rdf))
1914                 return LDNS_STATUS_ERR;
1915         /* strip leading zeroes from r (but not last one) */
1916         while(r_rem < bnsize-1 && d[r_rem] == 0)
1917                 r_rem++;
1918         /* strip leading zeroes from s (but not last one) */
1919         while(s_rem < bnsize-1 && d[bnsize+s_rem] == 0)
1920                 s_rem++;
1921 
1922         r_high = ((d[0+r_rem]&0x80)?1:0);
1923         s_high = ((d[bnsize+s_rem]&0x80)?1:0);
1924         raw_sig_len = pre_len + r_high + bnsize - r_rem + mid_len +
1925 		s_high + bnsize - s_rem;
1926         if(ldns_buffer_reserve(target_buffer, (size_t) raw_sig_len)) {
1927                 ldns_buffer_write_u8(target_buffer, pre[0]);
1928                 ldns_buffer_write_u8(target_buffer, raw_sig_len-2);
1929                 ldns_buffer_write_u8(target_buffer, pre[2]);
1930                 ldns_buffer_write_u8(target_buffer, bnsize + r_high - r_rem);
1931                 if(r_high)
1932                         ldns_buffer_write_u8(target_buffer, 0);
1933                 ldns_buffer_write(target_buffer, d+r_rem, bnsize-r_rem);
1934                 ldns_buffer_write(target_buffer, mid, mid_len-1);
1935                 ldns_buffer_write_u8(target_buffer, bnsize + s_high - s_rem);
1936                 if(s_high)
1937                         ldns_buffer_write_u8(target_buffer, 0);
1938                 ldns_buffer_write(target_buffer, d+bnsize+s_rem, bnsize-s_rem);
1939         }
1940         return ldns_buffer_status(target_buffer);
1941 }
1942 
1943 #endif /* S_SPLINT_S */
1944 #endif /* USE_ECDSA */
1945 
1946 #if defined(USE_ED25519) || defined(USE_ED448)
1947 /* debug printout routine */
1948 static void print_hex(const char* str, uint8_t* d, int len)
1949 {
1950 	const char hex[] = "0123456789abcdef";
1951 	int i;
1952 	printf("%s [len=%d]: ", str, len);
1953 	for(i=0; i<len; i++) {
1954 		int x = (d[i]&0xf0)>>4;
1955 		int y = (d[i]&0x0f);
1956 		printf("%c%c", hex[x], hex[y]);
1957 	}
1958 	printf("\n");
1959 }
1960 #endif
1961 
1962 #ifdef USE_ED25519
1963 ldns_rdf *
1964 ldns_convert_ed25519_rrsig_asn12rdf(const ldns_buffer *sig, long sig_len)
1965 {
1966 	unsigned char *data = (unsigned char*)ldns_buffer_begin(sig);
1967         ldns_rdf* rdf = NULL;
1968 
1969 	/* TODO when Openssl supports signing and you can test this */
1970 	print_hex("sig in ASN", data, sig_len);
1971 
1972         return rdf;
1973 }
1974 
1975 ldns_status
1976 ldns_convert_ed25519_rrsig_rdf2asn1(ldns_buffer *target_buffer,
1977         const ldns_rdf *sig_rdf)
1978 {
1979 	/* TODO when Openssl supports signing and you can test this. */
1980 	/* convert sig_buf into ASN1 into the target_buffer */
1981 	print_hex("sig raw", ldns_rdf_data(sig_rdf), ldns_rdf_size(sig_rdf));
1982         return ldns_buffer_status(target_buffer);
1983 }
1984 #endif /* USE_ED25519 */
1985 
1986 #ifdef USE_ED448
1987 ldns_rdf *
1988 ldns_convert_ed448_rrsig_asn12rdf(const ldns_buffer *sig, long sig_len)
1989 {
1990 	unsigned char *data = (unsigned char*)ldns_buffer_begin(sig);
1991         ldns_rdf* rdf = NULL;
1992 
1993 	/* TODO when Openssl supports signing and you can test this */
1994 	print_hex("sig in ASN", data, sig_len);
1995 
1996 	return rdf;
1997 }
1998 
1999 ldns_status
2000 ldns_convert_ed448_rrsig_rdf2asn1(ldns_buffer *target_buffer,
2001         const ldns_rdf *sig_rdf)
2002 {
2003 	/* TODO when Openssl supports signing and you can test this. */
2004 	/* convert sig_buf into ASN1 into the target_buffer */
2005 	print_hex("sig raw", ldns_rdf_data(sig_rdf), ldns_rdf_size(sig_rdf));
2006         return ldns_buffer_status(target_buffer);
2007 }
2008 #endif /* USE_ED448 */
2009 
2010 #endif /* HAVE_SSL */
2011