]> git.bitcoin.ninja Git - dnssec-prover/log
dnssec-prover
7 months agoIteratively hash rather than building a vec then hashing
Matt Corallo [Wed, 21 Feb 2024 07:08:20 +0000 (07:08 +0000)]
Iteratively hash rather than building a vec then hashing

... in signature checking.

Now that we control the signature checking API, we don't have to
pass a full buffer and can build our own hashes, avoiding the
allocation.

7 months agoMake `write_u16_len_prefixed_data` generic over the type of output
Matt Corallo [Wed, 21 Feb 2024 07:14:20 +0000 (07:14 +0000)]
Make `write_u16_len_prefixed_data` generic over the type of output

In the next commit this will be used to write RRs directly into
hashers when validating signatures, rather than serializing them
into `Vec`s then hashing.

7 months agoAdd the wycheproof test cases for our crypto implementation
Matt Corallo [Mon, 4 Mar 2024 18:38:39 +0000 (18:38 +0000)]
Add the wycheproof test cases for our crypto implementation

7 months agoSwap `ring` for our own in-crate ECDSA validator
Matt Corallo [Mon, 4 Mar 2024 03:22:08 +0000 (03:22 +0000)]
Swap `ring` for our own in-crate ECDSA validator

While `ring` is great, it struggles with platform support and has a
fairly involved dependency tree due to its reliance on C backends.

Further, while the `RustCrypto` org tries to stick to Rust, in
doing so it takes on more (unnecessary) dependencies and has a
particularly unusable MSRV policy. Finally, its contributor base
has historically not been particularly friendly.

Thus, sadly, there's not really a good option for doing ECDSA (non-
secp256k1) validation using a third-party crate.

Instead, we go our own way here, adding an in-crate ECDSA
validator over secp{256,384}r1.

This also adds a new bench, showing our secp256r1 validation is,
sadly, something like 50x slower than OpenSSL.

7 months agoAdd U256/U384 and mod-const-prime wrapper utilities of both.
Matt Corallo [Mon, 4 Mar 2024 18:43:52 +0000 (18:43 +0000)]
Add U256/U384 and mod-const-prime wrapper utilities of both.

In the next commit we'll add support for secp256r1 and secp384r1
validation, which require 256-bit and 384-bit integers. To make
their implementation simple, we also add wrapper structs around
the new integers which are modulo a const-prime, storing and
handling the values in montgommery representation.

7 months agoAdd a simple benchmark of 2048-bit RSA validation
Matt Corallo [Sat, 2 Mar 2024 20:20:11 +0000 (20:20 +0000)]
Add a simple benchmark of 2048-bit RSA validation

This shows our RSA is only roughly 3.5x slower than OpenSSL.

7 months agoSwap `ring` for our own in-crate RSA validator
Matt Corallo [Sun, 3 Mar 2024 15:05:08 +0000 (15:05 +0000)]
Swap `ring` for our own in-crate RSA validator

While `ring` is great, it struggles with platform support and has a
fairly involved dependency tree due to its reliance on C backends.

Further, while the `RustCrypto` org tries to stick to Rust, in
doing so it takes on more (unnecessary) dependencies and has a
particularly unusable MSRV policy. Finally, its contributor base
has historically not been particularly friendly.

Thus, sadly, there's not really a good option for doing RSA
validation using a third-party crate.

Instead, we go our own way here, adding an in-crate RSA validator.

7 months agoAdd a relatively simple mostly-const-fn bigint math implementation
Matt Corallo [Sun, 3 Mar 2024 14:23:39 +0000 (14:23 +0000)]
Add a relatively simple mostly-const-fn bigint math implementation

While `ring` is great, it struggles with platform support and has a
fairly involved dependency tree due to its reliance on C backends.

Further, while the `RustCrypto` org tries to stick to Rust, in
doing so it takes on more (unnecessary) dependencies and has a
particularly unusable MSRV policy. Finally, its contributor base
has historically not been particularly friendly.

Thus, sadly, there's not really a good option for doing RSA
validation using a third-party crate.

Instead, in the next commit we'll go our own way and add an
in-crate RSA validator. This takes the first step, adding a bigint
implementation that works up to 4096 bits (the longest allowed RSA
keys in the DNS).

Sadly, once we get to EC math we'll really want most of our math
operations to be const fns, which provides some additional limits.
Absent a better way to do subslicing on rustc 1.63, this commit
introduces a dependency on the `const_slice_from_raw_parts`
feature, which appears to work fine on 1.63 with
`RUSTC_BOOTSTRAP=1` set, and was stabilized in 1.64.

7 months agoEnable (minimal) optimization in tests
Matt Corallo [Wed, 21 Feb 2024 07:17:01 +0000 (07:17 +0000)]
Enable (minimal) optimization in tests

As of the next commit, our tests now have to do in-crate crypto, so
even minimal optimization provide a huge speedup.

7 months agoTest fuzzers build and release build in test.sh
Matt Corallo [Mon, 4 Mar 2024 02:30:11 +0000 (02:30 +0000)]
Test fuzzers build and release build in test.sh

7 months agoAdd support back for SHA-384 DS records
Matt Corallo [Wed, 3 Apr 2024 08:21:37 +0000 (08:21 +0000)]
Add support back for SHA-384 DS records

While these are relatively unused, support for SHA-384 was recently
added in `bitcoin_hashes`, which we use here for DS validation.

8 months agoMove RRSig loop to after DS loop to be more mindful of KeyTrap
Matt Corallo [Wed, 20 Mar 2024 22:03:20 +0000 (22:03 +0000)]
Move RRSig loop to after DS loop to be more mindful of KeyTrap

In general we were mostly fine regarding KeyTrap, as we largely
fail after any invalid signature and only loop if a signature or
key required an unknown algorithm. Thus, addressing KeyTrap is
mostly an exercise in adding comments.

However, we did verify all DS hashes every time we went to verify
a single DNSKey RRSig, which is potentially some work, which we
fix here, leading to a nice simplification in `verify_rr_stream`.

8 months agoBump version for NSEC/3 validation
Matt Corallo [Sat, 2 Mar 2024 16:41:54 +0000 (16:41 +0000)]
Bump version for NSEC/3 validation

8 months agoAdd new tests to test NSEC validation behavior
Matt Corallo [Sat, 2 Mar 2024 15:55:15 +0000 (15:55 +0000)]
Add new tests to test NSEC validation behavior

8 months agoDrop NSEC/3 records from `VerifiedRRStream::verified_rrs`
Matt Corallo [Sat, 2 Mar 2024 15:56:39 +0000 (15:56 +0000)]
Drop NSEC/3 records from `VerifiedRRStream::verified_rrs`

`verified_rrs` is intended to include only the records a user may
want, not signatures and proof records. Thus, like we remove
RRSIG/DS records, here we also remove NSEC/3 records.

8 months agoValidate NSec/3 records prove non-existence when handling C/DNAMEs
Matt Corallo [Mon, 26 Feb 2024 03:06:02 +0000 (03:06 +0000)]
Validate NSec/3 records prove non-existence when handling C/DNAMEs

When handling C/DNAME RRs we're required to validate that NSEC/3
records exist proving non-existence of the sought record itself. We
do this here.

8 months agoRefresh existing test data and add NSEC/3 records
Matt Corallo [Wed, 28 Feb 2024 02:25:00 +0000 (02:25 +0000)]
Refresh existing test data and add NSEC/3 records

This refreshes all our existing test vectors to use new timestamps,
as well as including the newly-required NSEC/3 records.

8 months agoAdd base32 parser which is needed for NSEC3 validation
Matt Corallo [Mon, 26 Feb 2024 20:10:49 +0000 (20:10 +0000)]
Add base32 parser which is needed for NSEC3 validation

8 months agoCorrect `NSecTypeMask::contains_type` and add `from_types` builder
Matt Corallo [Wed, 28 Feb 2024 02:23:52 +0000 (02:23 +0000)]
Correct `NSecTypeMask::contains_type` and add `from_types` builder

The low-bit-masking in `NSecTypeMask::contains_type` was incorrect,
leading to spuriously looking at the wrong bit position within the
correct byte.

While we're at it, we also add a new constructor which allows for
bits to be set.

8 months agoUse `bitcoin_hashes` rather than `ring` for hashing
Matt Corallo [Wed, 21 Feb 2024 02:21:26 +0000 (02:21 +0000)]
Use `bitcoin_hashes` rather than `ring` for hashing

While `ring` is great, it struggles with platform support and has a
fairly involved dependency tree due to its reliance on C backends.

Further, while the `RustCrypto` org tries to stick to Rust, in
doing so it takes on more (unnecessary) dependencies and has a
particularly unusable MSRV policy. Finally, its contributor base
has historically not been particularly friendly.

Thus, for the best platform support, we'd like to avoid both. Here
we take the first of several steps towards that goal, using
`bitcoin_hashes` for our SHA-1/SHA-2 operations instead.

8 months agoBump version for NSEC/3 record type additions and proof inclusion
Matt Corallo [Mon, 26 Feb 2024 20:51:00 +0000 (20:51 +0000)]
Bump version for NSEC/3 record type additions and proof inclusion

8 months agoInclude any relevant NSec/NSec3 records in generated proofs
Matt Corallo [Mon, 26 Feb 2024 03:05:23 +0000 (03:05 +0000)]
Include any relevant NSec/NSec3 records in generated proofs

8 months agoAdd de/serialization and structs for NSec and NSec3 records
Matt Corallo [Mon, 26 Feb 2024 03:04:52 +0000 (03:04 +0000)]
Add de/serialization and structs for NSec and NSec3 records

8 months agoDefine a util method to convert a type value to the type's name
Matt Corallo [Mon, 26 Feb 2024 20:44:08 +0000 (20:44 +0000)]
Define a util method to convert a type value to the type's name

8 months agoAdd debug checks that we don't leave data behind after an RR
Matt Corallo [Mon, 26 Feb 2024 03:04:12 +0000 (03:04 +0000)]
Add debug checks that we don't leave data behind after an RR

8 months agoRefuse to include \s in the JSON output of a TXT record
Matt Corallo [Mon, 26 Feb 2024 03:02:21 +0000 (03:02 +0000)]
Refuse to include \s in the JSON output of a TXT record

8 months agoForce all names to lowercase ASCII as it is the canonical form
Matt Corallo [Mon, 26 Feb 2024 04:41:58 +0000 (04:41 +0000)]
Force all names to lowercase ASCII as it is the canonical form

8 months agoAdd trivial helper method to get the label count in a `Name`
Matt Corallo [Mon, 26 Feb 2024 03:01:59 +0000 (03:01 +0000)]
Add trivial helper method to get the label count in a `Name`

9 months agoBump version number for DNAME support
Matt Corallo [Mon, 12 Feb 2024 05:08:06 +0000 (05:08 +0000)]
Bump version number for DNAME support

9 months agoSwap test domain to something more sustainable
Matt Corallo [Mon, 12 Feb 2024 05:07:37 +0000 (05:07 +0000)]
Swap test domain to something more sustainable

9 months agoAdd support for DNAME resolution
Matt Corallo [Mon, 12 Feb 2024 04:21:45 +0000 (04:21 +0000)]
Add support for DNAME resolution

9 months agoAdd note about DoH proof building usage.
Matt Corallo [Mon, 12 Feb 2024 03:34:00 +0000 (03:34 +0000)]
Add note about DoH proof building usage.

9 months agoBump version for bug fixes and new query APIs
Matt Corallo [Mon, 12 Feb 2024 03:05:26 +0000 (03:05 +0000)]
Bump version for bug fixes and new query APIs

9 months agoAdd WASM/JS support for doing full lookups using DoH
Matt Corallo [Mon, 12 Feb 2024 03:04:51 +0000 (03:04 +0000)]
Add WASM/JS support for doing full lookups using DoH

9 months agoExpose `QueryBuf` constructors and utilities
Matt Corallo [Mon, 12 Feb 2024 03:04:32 +0000 (03:04 +0000)]
Expose `QueryBuf` constructors and utilities

9 months agoAdd a fuzzer of the proof building state machine
Matt Corallo [Mon, 12 Feb 2024 00:38:10 +0000 (00:38 +0000)]
Add a fuzzer of the proof building state machine

9 months agoAvoid allocating for all message buffers, expose querying in no-std
Matt Corallo [Mon, 12 Feb 2024 00:28:11 +0000 (00:28 +0000)]
Avoid allocating for all message buffers, expose querying in no-std

9 months agoUse (and expose) a `ProofBuilder` state machine for proving
Matt Corallo [Mon, 12 Feb 2024 00:03:37 +0000 (00:03 +0000)]
Use (and expose) a `ProofBuilder` state machine for proving

This will allow us to expose the state machine we use for building
proofs in, eg, javascript, allowing the construction of proofs
using DoH.

9 months agoExpose constants for various supported record wire types
Matt Corallo [Mon, 12 Feb 2024 00:03:14 +0000 (00:03 +0000)]
Expose constants for various supported record wire types

9 months agoImplement Display for Name
Matt Corallo [Sun, 11 Feb 2024 23:01:18 +0000 (23:01 +0000)]
Implement Display for Name

9 months agoAdd a parse + validate fuzzer
Matt Corallo [Sun, 11 Feb 2024 22:49:44 +0000 (22:49 +0000)]
Add a parse + validate fuzzer

9 months agoAdd fuzzing of DNS server response parsing
Matt Corallo [Sun, 11 Feb 2024 20:43:30 +0000 (20:43 +0000)]
Add fuzzing of DNS server response parsing

9 months agoLimit recursion when reading name labels from other packet data
Matt Corallo [Sun, 11 Feb 2024 20:41:28 +0000 (20:41 +0000)]
Limit recursion when reading name labels from other packet data

This fixes an infinite recursion issue where a label can refer to
itself and recurse until the stack ie exhausted.

9 months agoFix overflowing subtract in vec preallocation
Matt Corallo [Sun, 11 Feb 2024 20:33:35 +0000 (20:33 +0000)]
Fix overflowing subtract in vec preallocation

If a TXT record comes in with zero length data, we'll overflow in
the subtraction and try to allocate much too much data.

9 months agoNote lack of proof verification in query method docs
Matt Corallo [Sun, 11 Feb 2024 19:28:47 +0000 (19:28 +0000)]
Note lack of proof verification in query method docs

9 months agoBump version for cross-zone CNAME proofs and new util method
Matt Corallo [Sat, 10 Feb 2024 00:48:22 +0000 (00:48 +0000)]
Bump version for cross-zone CNAME proofs and new util method

9 months agoCorrect cross-zone CNAME handling in proof generation
Matt Corallo [Sat, 10 Feb 2024 00:47:47 +0000 (00:47 +0000)]
Correct cross-zone CNAME handling in proof generation

9 months agoFix various test runs in `test.sh`
Matt Corallo [Fri, 9 Feb 2024 23:28:42 +0000 (23:28 +0000)]
Fix various test runs in `test.sh`

9 months agoAdd testing of doc links in test.sh
Matt Corallo [Fri, 9 Feb 2024 23:28:27 +0000 (23:28 +0000)]
Add testing of doc links in test.sh

9 months agoAdd a utility function to resolve CNAMEs in verified RRs
Matt Corallo [Fri, 9 Feb 2024 23:06:04 +0000 (23:06 +0000)]
Add a utility function to resolve CNAMEs in verified RRs

9 months agoBump version for SHA-1 validation
Matt Corallo [Thu, 8 Feb 2024 23:55:14 +0000 (23:55 +0000)]
Bump version for SHA-1 validation

9 months agoSet a cache-control header on valid responses
Matt Corallo [Thu, 8 Feb 2024 23:54:52 +0000 (23:54 +0000)]
Set a cache-control header on valid responses

9 months agoAllow validating SHA1 DS records
Matt Corallo [Thu, 8 Feb 2024 23:53:29 +0000 (23:53 +0000)]
Allow validating SHA1 DS records

While these really shouldn't be used, they sometimes are, and
importantly we don't allow them for RRSig signature validation,
ensuring that if we find a SHA1 DS record it really is what was
meant in the parent zone and wasn't forged.

9 months agoBump version mostly for docs.rs to display all methods
Matt Corallo [Thu, 8 Feb 2024 20:25:46 +0000 (20:25 +0000)]
Bump version mostly for docs.rs to display all methods

9 months agoEnable all features for docs.rs builds
Matt Corallo [Thu, 8 Feb 2024 20:23:34 +0000 (20:23 +0000)]
Enable all features for docs.rs builds

9 months agoReject names containing "s
Matt Corallo [Thu, 8 Feb 2024 20:21:11 +0000 (20:21 +0000)]
Reject names containing "s

9 months agoAdd JSON writing of records, primarily for the WASM verifier
Matt Corallo [Thu, 8 Feb 2024 20:20:24 +0000 (20:20 +0000)]
Add JSON writing of records, primarily for the WASM verifier

9 months agoBump release version for various cleanups
Matt Corallo [Thu, 8 Feb 2024 06:19:19 +0000 (06:19 +0000)]
Bump release version for various cleanups

9 months agoClean up some comments
Matt Corallo [Thu, 8 Feb 2024 06:19:06 +0000 (06:19 +0000)]
Clean up some comments

9 months agoAdd WASM validation library
Matt Corallo [Thu, 8 Feb 2024 06:18:38 +0000 (06:18 +0000)]
Add WASM validation library

9 months agoReturn early if we get a response with no answers
Matt Corallo [Thu, 8 Feb 2024 05:47:15 +0000 (05:47 +0000)]
Return early if we get a response with no answers

9 months agoInclude an octet-stream header/CORS headers in proof responses
Matt Corallo [Thu, 8 Feb 2024 05:35:03 +0000 (05:35 +0000)]
Include an octet-stream header/CORS headers in proof responses

9 months agoAccept query names by reference for downstream flexibility
Matt Corallo [Wed, 7 Feb 2024 05:23:42 +0000 (05:23 +0000)]
Accept query names by reference for downstream flexibility

9 months agoFeature-gate validation and document crate features
Matt Corallo [Wed, 7 Feb 2024 04:25:32 +0000 (04:25 +0000)]
Feature-gate validation and document crate features

9 months agoBump version to 0.3.2 for bug fixes
Matt Corallo [Tue, 6 Feb 2024 18:15:46 +0000 (18:15 +0000)]
Bump version to 0.3.2 for bug fixes

9 months agoMake HTTP server large-req DoS safe rather than using a frontend
Matt Corallo [Tue, 6 Feb 2024 18:03:22 +0000 (18:03 +0000)]
Make HTTP server large-req DoS safe rather than using a frontend

9 months agoCorrect TXT sort order on unlikely edge cases
Matt Corallo [Tue, 6 Feb 2024 17:53:41 +0000 (17:53 +0000)]
Correct TXT sort order on unlikely edge cases

9 months agoCorrect length calculation when writing TXT records
Matt Corallo [Tue, 6 Feb 2024 17:50:47 +0000 (17:50 +0000)]
Correct length calculation when writing TXT records

9 months agoBump version for bug fixes
Matt Corallo [Tue, 6 Feb 2024 05:47:40 +0000 (05:47 +0000)]
Bump version for bug fixes

9 months agoCorrect TXT record sort order
Matt Corallo [Tue, 6 Feb 2024 05:46:47 +0000 (05:46 +0000)]
Correct TXT record sort order

9 months agoCorrect proof validation for records at a zone root
Matt Corallo [Tue, 6 Feb 2024 05:46:31 +0000 (05:46 +0000)]
Correct proof validation for records at a zone root

9 months agoCorrect proof building for records at a zone root
Matt Corallo [Tue, 6 Feb 2024 05:45:51 +0000 (05:45 +0000)]
Correct proof building for records at a zone root

9 months agoInclude the resolver-provided TTL in the response
Matt Corallo [Tue, 6 Feb 2024 05:04:54 +0000 (05:04 +0000)]
Include the resolver-provided TTL in the response

9 months agoimpl Debug/Clone on VerifiedRRStream
Matt Corallo [Tue, 6 Feb 2024 04:54:26 +0000 (04:54 +0000)]
impl Debug/Clone on VerifiedRRStream

9 months agoAdd test script
Matt Corallo [Tue, 6 Feb 2024 04:22:27 +0000 (04:22 +0000)]
Add test script

9 months agoBump version now that we're (relatively) feature-complete
Matt Corallo [Tue, 6 Feb 2024 04:21:02 +0000 (04:21 +0000)]
Bump version now that we're (relatively) feature-complete

9 months agoClean up documentation TODO
Matt Corallo [Tue, 6 Feb 2024 04:20:54 +0000 (04:20 +0000)]
Clean up documentation TODO

9 months agoAdd trivial HTTP server which serves proofs
Matt Corallo [Tue, 6 Feb 2024 04:19:14 +0000 (04:19 +0000)]
Add trivial HTTP server which serves proofs

9 months agoMove validation into a validation module, rather than crate root
Matt Corallo [Tue, 6 Feb 2024 01:53:14 +0000 (01:53 +0000)]
Move validation into a validation module, rather than crate root

9 months agoMarginally resolve time rollovers, giving us until 2133
Matt Corallo [Tue, 6 Feb 2024 01:46:21 +0000 (01:46 +0000)]
Marginally resolve time rollovers, giving us until 2133

9 months agoReturn the time bounds on validated RR sets
Matt Corallo [Tue, 6 Feb 2024 01:32:22 +0000 (01:32 +0000)]
Return the time bounds on validated RR sets

9 months agoBump version to 0.2 as we now have full proof building support
Matt Corallo [Mon, 5 Feb 2024 10:04:29 +0000 (10:04 +0000)]
Bump version to 0.2 as we now have full proof building support

9 months agoEnable querying async using tokio
Matt Corallo [Mon, 5 Feb 2024 10:02:45 +0000 (10:02 +0000)]
Enable querying async using tokio

9 months agoAdd support for building proofs using a local recursive resolver
Matt Corallo [Mon, 5 Feb 2024 09:36:06 +0000 (09:36 +0000)]
Add support for building proofs using a local recursive resolver

9 months agoAdd support for parsing compressed names out of wire packets
Matt Corallo [Mon, 5 Feb 2024 10:03:58 +0000 (10:03 +0000)]
Add support for parsing compressed names out of wire packets

9 months agoAdd support for A/AAAA/NS records
Matt Corallo [Mon, 5 Feb 2024 09:34:12 +0000 (09:34 +0000)]
Add support for A/AAAA/NS records

9 months agoSplit the library into three modules for maintainability
Matt Corallo [Mon, 5 Feb 2024 07:49:04 +0000 (07:49 +0000)]
Split the library into three modules for maintainability

9 months agoAdd support for wildcard validation
Matt Corallo [Mon, 5 Feb 2024 06:18:01 +0000 (06:18 +0000)]
Add support for wildcard validation

9 months agoAdd support for CNAME resource records
Matt Corallo [Mon, 5 Feb 2024 05:48:30 +0000 (05:48 +0000)]
Add support for CNAME resource records

9 months agoSupport returning verified RRs from multiple zones at once.
Matt Corallo [Mon, 5 Feb 2024 05:36:05 +0000 (05:36 +0000)]
Support returning verified RRs from multiple zones at once.

9 months agoFix repository link
Matt Corallo [Mon, 5 Feb 2024 04:47:14 +0000 (04:47 +0000)]
Fix repository link

9 months agoShuffle the ordering of RRs when validating an RR stream in tests
Matt Corallo [Mon, 5 Feb 2024 04:42:42 +0000 (04:42 +0000)]
Shuffle the ordering of RRs when validating an RR stream in tests

RFC 9102 explicitly states that RRs in an RR stream can appear in
any order, so we should test that.

9 months agoAdd license and Cargo metadata
Matt Corallo [Mon, 5 Feb 2024 04:30:30 +0000 (04:30 +0000)]
Add license and Cargo metadata

9 months agoInitial checkin
Matt Corallo [Mon, 5 Feb 2024 04:22:37 +0000 (04:22 +0000)]
Initial checkin