Created
September 8, 2025 17:50
-
-
Save nputnam/afa782e8b09f2930c91b47544a094483 to your computer and use it in GitHub Desktop.
Working sign
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #[test] | |
| fn test_sign_response() { | |
| let key_bin = BASE64_STANDARD.decode("C8OEeCc18V4Krat0iOSHN1ITrbwjJUKpbuxCpkOuK/Y=").unwrap(); | |
| let request = BASE64_STANDARD.decode(b"Cr0AAAABAAAAAAABBHRlc3QDbGFuAAAGAAEIa2VhLWJpbmQAAPoA/wAAAAAAPQtobWFjLXNoYTI1NgAAAGi95UgBLAAghkZktC1IihaLQ2Ll1Sw91GuliJY7/TuIQUajY2KAIPUKvQAAAAA=").unwrap(); | |
| let request_message = Message::from_vec(request.as_slice()).unwrap(); | |
| let signature = request_message.signature(); | |
| let previous_mac = match signature { | |
| MessageSignature::Unsigned => { None } | |
| MessageSignature::Sig0(_) => { None } | |
| MessageSignature::Tsig(record) => { | |
| let dns_sec = record.data().as_dnssec().unwrap(); | |
| let tsig = dns_sec.as_tsig().unwrap(); | |
| Some(tsig.mac()) | |
| } | |
| }; | |
| let response = BASE64_STANDARD.decode(b"Cr2EgAABAAAAAQABBHRlc3QDbGFuAAAGAAHAEQAGAAEAAA4QACYDbnMxA2xhbsARBWFkbWluwBEAAJYKAAk6gAABUYAAJOoAAAk6gAhrZWEtYmluZAAA+gD/AAAAAAA9C2htYWMtc2hhMjU2AAAAaL3lSAEsACBG840eD/V805ed9mw6Fi4Z2PjRuOP8RtaM5XVv8C05Pwq9AAAAAA==").unwrap(); | |
| let mut response_message = Message::from_vec(response.as_slice()).unwrap(); | |
| println!("response : {:?}", response_message); | |
| let tsig = match response_message.signature() { | |
| MessageSignature::Unsigned => { None } | |
| MessageSignature::Sig0(_) => { None } | |
| Tsig(record) => { | |
| let dns_sec = record.data().as_dnssec().unwrap(); | |
| let tsig = dns_sec.as_tsig().unwrap(); | |
| Some(tsig.clone()) | |
| } | |
| }; | |
| let tsig = tsig.unwrap(); | |
| response_message.take_signature(); | |
| let pre_tsig = TSIG::new( | |
| tsig.algorithm().clone(), | |
| tsig.time(), | |
| tsig.fudge(), | |
| vec![], | |
| request_message.id(), | |
| 0, | |
| vec![] | |
| ); | |
| //let message_tbs = message_tbs(&response_message, &pre_tsig, &Name::from_ascii("kea-bind.").unwrap()).unwrap(); | |
| let record = make_tsig_record(Name::from_ascii("kea-bind.").unwrap(), pre_tsig); | |
| response_message.set_signature(MessageSignature::Tsig(record)); | |
| let message_signed = signed_bitmessage_to_buf(response_message.to_bytes().unwrap().as_slice(), previous_mac,true).unwrap(); | |
| let signer = TSigner::new(key_bin, tsig.algorithm().clone(), Name::from_ascii("kea-bind.").unwrap(), tsig.fudge()).unwrap(); | |
| let signed = signer.sign(message_signed.0.as_slice()).unwrap(); | |
| assert_eq!(tsig.mac(), signed); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment