From 5bce77fb51cd969a35c088a5489f0e72e790defd Mon Sep 17 00:00:00 2001
From: cketti <ck@cketti.de>
Date: Thu, 28 Mar 2024 19:45:10 +0100
Subject: [PATCH] Avoid exception when DNSKEY record references unknown
 signature algorithm

---
 .../src/main/java/org/minidns/record/DNSKEY.java    |  4 ++--
 .../test/java/org/minidns/record/RecordsTest.java   | 13 +++++++++++++
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/minidns-core/src/main/java/org/minidns/record/DNSKEY.java b/minidns-core/src/main/java/org/minidns/record/DNSKEY.java
index 5d7f5bb2..967366e6 100644
--- a/minidns-core/src/main/java/org/minidns/record/DNSKEY.java
+++ b/minidns-core/src/main/java/org/minidns/record/DNSKEY.java
@@ -102,7 +102,7 @@ private DNSKEY(short flags, byte protocol, SignatureAlgorithm algorithm, byte al
     }
 
     public DNSKEY(short flags, byte protocol, byte algorithm, byte[] key) {
-        this(flags, protocol, SignatureAlgorithm.forByte(algorithm), key);
+        this(flags, protocol, SignatureAlgorithm.forByte(algorithm), algorithm, key);
     }
 
     public DNSKEY(short flags, byte protocol, SignatureAlgorithm algorithm, byte[] key) {
@@ -140,7 +140,7 @@ public TYPE getType() {
     public void serialize(DataOutputStream dos) throws IOException {
         dos.writeShort(flags);
         dos.writeByte(protocol);
-        dos.writeByte(algorithm.number);
+        dos.writeByte(algorithmByte);
         dos.write(key);
     }
 
diff --git a/minidns-core/src/test/java/org/minidns/record/RecordsTest.java b/minidns-core/src/test/java/org/minidns/record/RecordsTest.java
index a983fa2b..cabb5ff2 100644
--- a/minidns-core/src/test/java/org/minidns/record/RecordsTest.java
+++ b/minidns-core/src/test/java/org/minidns/record/RecordsTest.java
@@ -28,6 +28,7 @@
 
 import static org.junit.jupiter.api.Assertions.assertArrayEquals;
 import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 
 /**
@@ -111,6 +112,18 @@ public void testDnskeyRecord() throws Exception {
         assertArrayEquals(new byte[] {42}, dnskey.getKey());
     }
 
+    @Test
+    public void testDnskeyRecordWithUnknownSignatureAlgorithm() throws Exception {
+        byte unknownSignatureAlgorithm = (byte) 255;
+        DNSKEY dnskey = new DNSKEY(DNSKEY.FLAG_ZONE, DNSKEY.PROTOCOL_RFC4034, unknownSignatureAlgorithm, new byte[]{42});
+        assertEquals(unknownSignatureAlgorithm, dnskey.algorithmByte);
+        assertNull(dnskey.algorithm);
+        byte[] dnskeyb = dnskey.toByteArray();
+        dnskey = DNSKEY.parse(new DataInputStream(new ByteArrayInputStream(dnskeyb)), dnskeyb.length);
+        assertEquals(unknownSignatureAlgorithm, dnskey.algorithmByte);
+        assertNull(dnskey.algorithm);
+    }
+
     @Test
     public void testDsRecord() throws Exception {
         DS ds = new DS(42, (byte) 8, (byte) 2, new byte[] {0x13, 0x37});