Avoid exception when DNSKEY record references unknown signature algor…

…ithm
MiniDNS · Mar 28, 2024 · 5bce77f · 5bce77f
1 parent 15a8da3
commit 5bce77f
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 2 deletions.
diff --git a/minidns-core/src/main/java/org/minidns/record/DNSKEY.java b/minidns-core/src/main/java/org/minidns/record/DNSKEY.java
@@ -102,7 +102,7 @@ private DNSKEY(short flags, byte protocol, SignatureAlgorithm algorithm, byte al
     }
 
     public DNSKEY(short flags, byte protocol, byte algorithm, byte[] key) {
-        this(flags, protocol, SignatureAlgorithm.forByte(algorithm), key);
+        this(flags, protocol, SignatureAlgorithm.forByte(algorithm), algorithm, key);
     }
 
     public DNSKEY(short flags, byte protocol, SignatureAlgorithm algorithm, byte[] key) {
@@ -140,7 +140,7 @@ public TYPE getType() {
     public void serialize(DataOutputStream dos) throws IOException {
         dos.writeShort(flags);
         dos.writeByte(protocol);
-        dos.writeByte(algorithm.number);
+        dos.writeByte(algorithmByte);
         dos.write(key);
     }
 

diff --git a/minidns-core/src/test/java/org/minidns/record/RecordsTest.java b/minidns-core/src/test/java/org/minidns/record/RecordsTest.java
@@ -28,6 +28,7 @@
 
 import static org.junit.jupiter.api.Assertions.assertArrayEquals;
 import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 
 /**
@@ -111,6 +112,18 @@ public void testDnskeyRecord() throws Exception {
         assertArrayEquals(new byte[] {42}, dnskey.getKey());
     }
 
+    @Test
+    public void testDnskeyRecordWithUnknownSignatureAlgorithm() throws Exception {
+        byte unknownSignatureAlgorithm = (byte) 255;
+        DNSKEY dnskey = new DNSKEY(DNSKEY.FLAG_ZONE, DNSKEY.PROTOCOL_RFC4034, unknownSignatureAlgorithm, new byte[]{42});
+        assertEquals(unknownSignatureAlgorithm, dnskey.algorithmByte);
+        assertNull(dnskey.algorithm);
+        byte[] dnskeyb = dnskey.toByteArray();
+        dnskey = DNSKEY.parse(new DataInputStream(new ByteArrayInputStream(dnskeyb)), dnskeyb.length);
+        assertEquals(unknownSignatureAlgorithm, dnskey.algorithmByte);
+        assertNull(dnskey.algorithm);
+    }
+
     @Test
     public void testDsRecord() throws Exception {
         DS ds = new DS(42, (byte) 8, (byte) 2, new byte[] {0x13, 0x37});