From 80788e72d0698f93e92a0e8f1aa60ff982623997 Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Thu, 18 Jan 2018 17:29:28 -0800 Subject: [PATCH] [master] remove HMAC support from dnssec-keygen 4868. [func] dnssec-keygen can no longer generate HMAC keys. Use tsig-keygen instead. [RT #46404] --- CHANGES | 3 + bin/dnssec/dnssec-keygen.c | 144 +++++-------------------------- bin/dnssec/dnssec-keygen.docbook | 23 ++--- bin/dnssec/dnssectool.c | 16 +--- bin/tests/system/conf.sh.in | 1 + bin/tests/system/tsig/clean.sh | 4 +- bin/tests/system/tsig/tests.sh | 9 +- doc/arm/notes.xml | 12 +++ 8 files changed, 58 insertions(+), 154 deletions(-) diff --git a/CHANGES b/CHANGES index a54fa3bc5d..0f4fc9e183 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +4868. [func] dnssec-keygen can no longer generate HMAC keys. + Use tsig-keygen instead. [RT #46404] + 4867. [cleanup] Normalize rndc on/off commands (validation, querylog, serve-stale) so they all accept the same synonyms for on/off (yes/no, true/false, diff --git a/bin/dnssec/dnssec-keygen.c b/bin/dnssec/dnssec-keygen.c index 1221d2913e..54c8007cde 100644 --- a/bin/dnssec/dnssec-keygen.c +++ b/bin/dnssec/dnssec-keygen.c @@ -79,10 +79,7 @@ usage(void) { " | NSEC3DSA |\n"); fprintf(stderr, " RSASHA256 | RSASHA512 | ECCGOST |\n"); fprintf(stderr, " ECDSAP256SHA256 | ECDSAP384SHA384 |\n"); - fprintf(stderr, " ED25519 | ED448 | DH |\n"); - fprintf(stderr, " HMAC-MD5 | HMAC-SHA1 | HMAC-SHA224 | " - "HMAC-SHA256 | \n"); - fprintf(stderr, " HMAC-SHA384 | HMAC-SHA512\n"); + fprintf(stderr, " ED25519 | ED448 | DH\n"); fprintf(stderr, " -3: use NSEC3-capable algorithm\n"); fprintf(stderr, " -b :\n"); fprintf(stderr, " RSAMD5:\t[1024..%d]\n", MAX_RSA); @@ -99,12 +96,6 @@ usage(void) { fprintf(stderr, " ECDSAP384SHA384:\tignored\n"); fprintf(stderr, " ED25519:\tignored\n"); fprintf(stderr, " ED448:\tignored\n"); - fprintf(stderr, " HMAC-MD5:\t[1..512]\n"); - fprintf(stderr, " HMAC-SHA1:\t[1..160]\n"); - fprintf(stderr, " HMAC-SHA224:\t[1..224]\n"); - fprintf(stderr, " HMAC-SHA256:\t[1..256]\n"); - fprintf(stderr, " HMAC-SHA384:\t[1..384]\n"); - fprintf(stderr, " HMAC-SHA512:\t[1..512]\n"); fprintf(stderr, " (key size defaults are set according to\n" " algorithm and usage (ZSK or KSK)\n"); fprintf(stderr, " -n : ZONE | HOST | ENTITY | " @@ -542,8 +533,6 @@ main(int argc, char **argv) { "\"-a RSAMD5\"\n"); INSIST(freeit == NULL); return (1); - } else if (strcasecmp(algname, "HMAC-MD5") == 0) { - alg = DST_ALG_HMACMD5; #else fprintf(stderr, "The use of RSA (RSAMD5) was disabled\n"); @@ -553,47 +542,26 @@ main(int argc, char **argv) { fprintf(stderr, "The use of RSAMD5 was disabled\n"); INSIST(freeit == NULL); return (1); - } else if (strcasecmp(algname, "HMAC-MD5") == 0) { - fprintf(stderr, - "The use of HMAC-MD5 was disabled\n"); - return (1); #endif - } else if (strcasecmp(algname, "HMAC-SHA1") == 0) - alg = DST_ALG_HMACSHA1; - else if (strcasecmp(algname, "HMAC-SHA224") == 0) - alg = DST_ALG_HMACSHA224; - else if (strcasecmp(algname, "HMAC-SHA256") == 0) - alg = DST_ALG_HMACSHA256; - else if (strcasecmp(algname, "HMAC-SHA384") == 0) - alg = DST_ALG_HMACSHA384; - else if (strcasecmp(algname, "HMAC-SHA512") == 0) - alg = DST_ALG_HMACSHA512; - else { + } else { r.base = algname; r.length = strlen(algname); ret = dns_secalg_fromtext(&alg, &r); - if (ret != ISC_R_SUCCESS) + if (ret != ISC_R_SUCCESS) { fatal("unknown algorithm %s", algname); - if (alg == DST_ALG_DH) + } + if (alg == DST_ALG_DH) { options |= DST_TYPE_KEY; + } } #ifdef PK11_MD5_DISABLE - INSIST((alg != DNS_KEYALG_RSAMD5) && (alg != DST_ALG_HMACMD5)); + INSIST((alg != DNS_KEYALG_RSAMD5)); #endif - - if (alg == DST_ALG_HMACMD5 || alg == DST_ALG_HMACSHA1 || - alg == DST_ALG_HMACSHA224 || alg == DST_ALG_HMACSHA256 || - alg == DST_ALG_HMACSHA384 || alg == DST_ALG_HMACSHA512) - { - fprintf(stderr, - "Use of dnssec-keygen for HMAC keys is " - "deprecated: use tsig-keygen\n"); - } - - if (!dst_algorithm_supported(alg)) + if (!dst_algorithm_supported(alg)) { fatal("unsupported algorithm: %d", alg); + } if (use_nsec3) { switch (alg) { @@ -620,20 +588,20 @@ main(int argc, char **argv) { } if (type != NULL && (options & DST_TYPE_KEY) != 0) { - if (strcasecmp(type, "NOAUTH") == 0) + if (strcasecmp(type, "NOAUTH") == 0) { flags |= DNS_KEYTYPE_NOAUTH; - else if (strcasecmp(type, "NOCONF") == 0) + } else if (strcasecmp(type, "NOCONF") == 0) { flags |= DNS_KEYTYPE_NOCONF; - else if (strcasecmp(type, "NOAUTHCONF") == 0) { + } else if (strcasecmp(type, "NOAUTHCONF") == 0) { flags |= (DNS_KEYTYPE_NOAUTH | DNS_KEYTYPE_NOCONF); if (size < 0) size = 0; - } - else if (strcasecmp(type, "AUTHCONF") == 0) + } else if (strcasecmp(type, "AUTHCONF") == 0) { /* nothing */; - else + } else { fatal("invalid type %s", type); + } } if (size < 0) { @@ -803,78 +771,18 @@ main(int argc, char **argv) { case DST_ALG_ED448: size = 456; break; - case DST_ALG_HMACMD5: - options |= DST_TYPE_KEY; - if (size < 1 || size > 512) - fatal("HMAC-MD5 key size %d out of range", size); - if (dbits != 0 && (dbits < 80 || dbits > 128)) - fatal("HMAC-MD5 digest bits %d out of range", dbits); - if ((dbits % 8) != 0) - fatal("HMAC-MD5 digest bits %d not divisible by 8", - dbits); - break; - case DST_ALG_HMACSHA1: - options |= DST_TYPE_KEY; - if (size < 1 || size > 160) - fatal("HMAC-SHA1 key size %d out of range", size); - if (dbits != 0 && (dbits < 80 || dbits > 160)) - fatal("HMAC-SHA1 digest bits %d out of range", dbits); - if ((dbits % 8) != 0) - fatal("HMAC-SHA1 digest bits %d not divisible by 8", - dbits); - break; - case DST_ALG_HMACSHA224: - options |= DST_TYPE_KEY; - if (size < 1 || size > 224) - fatal("HMAC-SHA224 key size %d out of range", size); - if (dbits != 0 && (dbits < 112 || dbits > 224)) - fatal("HMAC-SHA224 digest bits %d out of range", dbits); - if ((dbits % 8) != 0) - fatal("HMAC-SHA224 digest bits %d not divisible by 8", - dbits); - break; - case DST_ALG_HMACSHA256: - options |= DST_TYPE_KEY; - if (size < 1 || size > 256) - fatal("HMAC-SHA256 key size %d out of range", size); - if (dbits != 0 && (dbits < 128 || dbits > 256)) - fatal("HMAC-SHA256 digest bits %d out of range", dbits); - if ((dbits % 8) != 0) - fatal("HMAC-SHA256 digest bits %d not divisible by 8", - dbits); - break; - case DST_ALG_HMACSHA384: - options |= DST_TYPE_KEY; - if (size < 1 || size > 384) - fatal("HMAC-384 key size %d out of range", size); - if (dbits != 0 && (dbits < 192 || dbits > 384)) - fatal("HMAC-SHA384 digest bits %d out of range", dbits); - if ((dbits % 8) != 0) - fatal("HMAC-SHA384 digest bits %d not divisible by 8", - dbits); - break; - case DST_ALG_HMACSHA512: - options |= DST_TYPE_KEY; - if (size < 1 || size > 512) - fatal("HMAC-SHA512 key size %d out of range", size); - if (dbits != 0 && (dbits < 256 || dbits > 512)) - fatal("HMAC-SHA512 digest bits %d out of range", dbits); - if ((dbits % 8) != 0) - fatal("HMAC-SHA512 digest bits %d not divisible by 8", - dbits); - break; } if (alg != DNS_KEYALG_DH && generator != 0) fatal("specified DH generator for a non-DH key"); if (nametype == NULL) { - if ((options & DST_TYPE_KEY) != 0) /* KEY / HMAC */ + if ((options & DST_TYPE_KEY) != 0) /* KEY */ fatal("no nametype specified"); flags |= DNS_KEYOWNER_ZONE; /* DNSKEY */ } else if (strcasecmp(nametype, "zone") == 0) flags |= DNS_KEYOWNER_ZONE; - else if ((options & DST_TYPE_KEY) != 0) { /* KEY / HMAC */ + else if ((options & DST_TYPE_KEY) != 0) { /* KEY */ if (strcasecmp(nametype, "host") == 0 || strcasecmp(nametype, "entity") == 0) flags |= DNS_KEYOWNER_ENTITY; @@ -890,7 +798,7 @@ main(int argc, char **argv) { if (directory == NULL) directory = "."; - if ((options & DST_TYPE_KEY) != 0) /* KEY / HMAC */ + if ((options & DST_TYPE_KEY) != 0) /* KEY */ flags |= signatory; else if ((flags & DNS_KEYOWNER_ZONE) != 0) { /* DNSKEY */ flags |= kskflag; @@ -911,12 +819,11 @@ main(int argc, char **argv) { } if ((flags & DNS_KEYFLAG_OWNERMASK) == DNS_KEYOWNER_ZONE && - (alg == DNS_KEYALG_DH || alg == DST_ALG_HMACMD5 || - alg == DST_ALG_HMACSHA1 || alg == DST_ALG_HMACSHA224 || - alg == DST_ALG_HMACSHA256 || alg == DST_ALG_HMACSHA384 || - alg == DST_ALG_HMACSHA512)) + alg == DNS_KEYALG_DH) + { fatal("a key with algorithm '%s' cannot be a zone key", algname); + } switch(alg) { case DNS_KEYALG_RSAMD5: @@ -939,15 +846,6 @@ main(int argc, char **argv) { case DST_ALG_ED25519: case DST_ALG_ED448: show_progress = ISC_TRUE; - /* fall through */ - - case DST_ALG_HMACMD5: - case DST_ALG_HMACSHA1: - case DST_ALG_HMACSHA224: - case DST_ALG_HMACSHA256: - case DST_ALG_HMACSHA384: - case DST_ALG_HMACSHA512: - param = 0; break; } diff --git a/bin/dnssec/dnssec-keygen.docbook b/bin/dnssec/dnssec-keygen.docbook index 9348b556f8..efbb537c36 100644 --- a/bin/dnssec/dnssec-keygen.docbook +++ b/bin/dnssec/dnssec-keygen.docbook @@ -126,16 +126,6 @@ his value will automatically set the option as well. - - TSIG keys can also be generated by setting the value to - one of HMAC-MD5, HMAC-SHA1, HMAC-SHA224, HMAC-SHA256, - HMAC-SHA384, or HMAC-SHA512. As with DH, specifying these - values will automatically set . Note, - however, that tsig-keygen produces TSIG keys - in a more useful format. These algorithms have been deprecated - in dnssec-keygen, and will be removed in a - future release. - These values are case insensitive. In some cases, abbreviations are supported, such as ECDSA256 for ECDSAP256SHA256 and @@ -144,10 +134,15 @@ or NSEC3DSA will be used instead. - As of BIND 9.12.0, this option is mandatory except when using - the option, which copies the algorithm from - the predecessor key. Previously, the default for newly - generated keys was RSASHA1. + This parameter must be specified except + when using the option, which copies the + algorithm from the predecessor key. + + + In prior releases, HMAC algorithms could be generated for + use as TSIG keys, but that feature has been removed as of + BIND 9.13.0. Use tsig-keygen to generate + TSIG keys. diff --git a/bin/dnssec/dnssectool.c b/bin/dnssec/dnssectool.c index 280e6de69a..fb21c5a43a 100644 --- a/bin/dnssec/dnssectool.c +++ b/bin/dnssec/dnssectool.c @@ -510,19 +510,11 @@ key_collision(dst_key_t *dstkey, dns_name_t *name, const char *dir, alg = dst_key_alg(dstkey); /* - * For HMAC and Diffie Hellman just check if there is a - * direct collision as they can't be revoked. Additionally - * dns_dnssec_findmatchingkeys only handles DNSKEY which is - * not used for HMAC. + * For Diffie Hellman just check if there is a direct collision as + * they can't be revoked. Additionally dns_dnssec_findmatchingkeys + * only handles DNSKEY which is not used for HMAC. */ - switch (alg) { - case DST_ALG_HMACMD5: - case DST_ALG_HMACSHA1: - case DST_ALG_HMACSHA224: - case DST_ALG_HMACSHA256: - case DST_ALG_HMACSHA384: - case DST_ALG_HMACSHA512: - case DST_ALG_DH: + if (alg == DST_ALG_DH) { isc_buffer_init(&fileb, filename, sizeof(filename)); result = dst_key_buildfilename(dstkey, DST_TYPE_PRIVATE, dir, &fileb); diff --git a/bin/tests/system/conf.sh.in b/bin/tests/system/conf.sh.in index 6b2320e202..916fe8efb1 100644 --- a/bin/tests/system/conf.sh.in +++ b/bin/tests/system/conf.sh.in @@ -240,4 +240,5 @@ export SAMPLEUPDATE export SIGNER export SUBDIRS export TESTSOCK6 +export TSIGKEYGEN export WIRETEST diff --git a/bin/tests/system/tsig/clean.sh b/bin/tests/system/tsig/clean.sh index 18f162050d..025fc5f0a4 100644 --- a/bin/tests/system/tsig/clean.sh +++ b/bin/tests/system/tsig/clean.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: clean.sh,v 1.6 2007/09/26 03:22:44 marka Exp $ - # # Clean up after tsig tests. # @@ -16,5 +14,5 @@ rm -f dig.out.* rm -f */named.memstats rm -f */named.run rm -f ns*/named.lock -rm -f Kexample.net.+163+* +rm -f Kexample.net.* rm -f keygen.out? diff --git a/bin/tests/system/tsig/tests.sh b/bin/tests/system/tsig/tests.sh index e32c632d3f..c9025c4d77 100644 --- a/bin/tests/system/tsig/tests.sh +++ b/bin/tests/system/tsig/tests.sh @@ -228,13 +228,18 @@ fi echo "I:check that multiple dnssec-keygen calls don't emit dns_dnssec_findmatchingkeys warning" ret=0 -$KEYGEN -r $RANDFILE -a hmac-sha256 -b 128 -n host example.net > keygen.out1 2>&1 || ret=1 +$KEYGEN -r $RANDFILE -a dh -b 128 -n host example.net > keygen.out1 2>&1 || ret=1 grep dns_dnssec_findmatchingkeys keygen.out1 > /dev/null && ret=1 -$KEYGEN -r $RANDFILE -a hmac-sha256 -b 128 -n host example.net > keygen.out2 2>&1 || ret=1 +$KEYGEN -r $RANDFILE -a dh -b 128 -n host example.net > keygen.out2 2>&1 || ret=1 grep dns_dnssec_findmatchingkeys keygen.out2 > /dev/null && ret=1 if [ $ret -eq 1 ] ; then echo "I: failed"; status=1 fi +echo "I:check that dnssec-keygen won't generate TSIG keys" +ret=0 +$KEYGEN -r $RANDFILE -a hmac-sha256 -b 128 -n host example.net > keygen.out3 2>&1 && ret=1 +grep "unknown algorithm" keygen.out3 > /dev/null || ret=1 + echo "I:exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml index bf9463f9dc..57e492209f 100644 --- a/doc/arm/notes.xml +++ b/doc/arm/notes.xml @@ -60,6 +60,18 @@ +
Removed Features + + + + dnssec-keygen can no longer generate HMAC + keys for TSIG authentication. Use tsig-keygen + to generate these keys. [RT #46404] + + + +
+
Feature Changes