dnsimple / dns_erlang / 22874211896

89%

push

github

fix(dnssec): convert ECDSA signatures between DER and RFC 6605 format (#118)

* fix(dnssec): convert ECDSA signatures between DER and RFC 6605 format

Erlang's `crypto:sign/4` for ECDSA returns DER-encoded ASN.1 (`SEQUENCE
{ INTEGER r, INTEGER s }`), which is variable-length (~70-72 bytes for
P-256, ~102-104 for P-384) due to ASN.1 framing: type tags, length
prefixes, and leading zero bytes for sign-bit padding.

RFC 6605 §4 requires DNSSEC RRSIG signatures to be fixed-size `r || s`
concatenation: exactly 64 bytes for P-256 (32+32) and 96 bytes for P-384
(48+48).

Without this conversion, signatures produced by `dns_erlang` are rejected
by external resolvers (BIND, Unbound, Google DNS). The bug was masked in
end-to-end tests because both sign and verify used DER, cancelling out
the format mismatch.

Uses OTP's `public_key:der_decode/2` and `public_key:der_encode/2` with
the `'ECDSA-Sig-Value'` ASN.1 type for the DER conversion, matching how
the existing DSA code already handled the same problem via
`'Dss-Sig-Value'`.

Adds regression tests that assert exact signature sizes (64 and 96
bytes) which would have caught this — DER signatures never hit those
sizes due to the ASN.1 overhead.

* Correct the number of octecs comment for ed448

* Update CHANGELOG.md

17 of 19 new or added lines in 1 file covered. (89.47%)

2680 of 3023 relevant lines covered (88.65%)

3529.38 hits per line