[2387] Add DNSKEY implementation

src/lib/dns/gen-rdatacode.py.in

@@ -36,6 +36,7 @@ new_rdata_factory_users = [('a', 'in'), ('aaaa', 'in'),
                            ('cname', 'generic'),
                            ('dlv', 'generic'),
                            ('dname', 'generic'),
+                           ('dnskey', 'generic'),
                            ('ds', 'generic'),
                            ('hinfo', 'generic'),
                            ('naptr', 'generic'),

src/lib/dns/rdata/generic/dnskey_48.cc

@@ -26,6 +26,7 @@
 #include <dns/name.h>
 #include <dns/rdata.h>
 #include <dns/rdataclass.h>
+#include <dns/master_lexer.h>
 
 #include <stdio.h>
 #include <time.h>
@@ -98,6 +99,42 @@ DNSKEY::DNSKEY(InputBuffer& buffer, size_t rdata_len) {
     impl_ = new DNSKEYImpl(flags, protocol, algorithm, keydata);
 }
 
+DNSKEY::DNSKEY(MasterLexer& lexer, const Name*,
+               MasterLoader::Options, MasterLoaderCallbacks&)
+{
+    const uint32_t flags = lexer.getNextToken(MasterToken::NUMBER).getNumber();
+    if (flags > 0xffff) {
+        isc_throw(InvalidRdataText,
+                  "DNSKEY flags out of range: " << flags);
+    }
+
+    const uint32_t protocol =
+        lexer.getNextToken(MasterToken::NUMBER).getNumber();
+    if (protocol > 0xff) {
+        isc_throw(InvalidRdataText,
+                  "DNSKEY protocol out of range: " << protocol);
+    }
+
+    const uint32_t algorithm =
+        lexer.getNextToken(MasterToken::NUMBER).getNumber();
+    if (algorithm > 0xff) {
+        isc_throw(InvalidRdataText,
+                  "DNSKEY algorithm out of range: " << algorithm);
+    }
+
+    const std::string keydatastr =
+        lexer.getNextToken(MasterToken::STRING).getString();
+
+    vector<uint8_t> keydata;
+    decodeBase64(keydatastr, keydata);
+
+    if (algorithm == 1 && keydata.size() < 3) {
+        isc_throw(InvalidRdataLength, "DNSKEY keydata too short");
+    }
+
+    impl_ = new DNSKEYImpl(flags, protocol, algorithm, keydata);
+}
+
 DNSKEY::DNSKEY(const DNSKEY& source) :
     Rdata(), impl_(new DNSKEYImpl(*source.impl_))
 {}

src/lib/dns/tests/rdata_dnskey_unittest.cc

@@ -70,6 +70,10 @@ TEST_F(Rdata_DNSKEY_Test, badText) {
     EXPECT_THROW(generic::DNSKEY("257 3 500 BAAAAAAAAAAAD"),
                  InvalidRdataText);
     EXPECT_THROW(generic::DNSKEY("257 3 5 BAAAAAAAAAAAD"), BadValue);
+
+    // Key data too short for algorithm=1
+    EXPECT_THROW(generic::DNSKEY("1 1 1 YQ=="),
+                 InvalidRdataLength);
 }
 
 TEST_F(Rdata_DNSKEY_Test, DISABLED_badText) {
@@ -89,8 +93,22 @@ TEST_F(Rdata_DNSKEY_Test, createFromLexer) {
                                      dnskey_txt)));
 
     // Exceptions cause NULL to be returned.
+
+    // Key data missing
     EXPECT_FALSE(test::createRdataUsingLexer(RRType::DNSKEY(), RRClass::IN(),
                                              "257 3 5"));
+    // Bad flags
+    EXPECT_FALSE(test::createRdataUsingLexer(RRType::DNSKEY(), RRClass::IN(),
+                                             "65536 3 5 ABCDABCD"));
+    // Bad protocol
+    EXPECT_FALSE(test::createRdataUsingLexer(RRType::DNSKEY(), RRClass::IN(),
+                                             "1 256 1 ABCDABCD"));
+    // Bad algorithm
+    EXPECT_FALSE(test::createRdataUsingLexer(RRType::DNSKEY(), RRClass::IN(),
+                                             "1 1 256 ABCDABCD"));
+    // Key data too short for algorithm=1
+    EXPECT_FALSE(test::createRdataUsingLexer(RRType::DNSKEY(), RRClass::IN(),
+                                             "1 1 1 YQ=="));
 }
 
 TEST_F(Rdata_DNSKEY_Test, toWireRenderer) {