Use DNSName for sigName in Verifier.combine()

Flowdalic · Apr 9, 2016 · 902c7a7 · 902c7a7
1 parent 6818e93
commit 902c7a7
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 14 deletions.
diff --git a/minidns-core/src/main/java/de/measite/minidns/Record.java b/minidns-core/src/main/java/de/measite/minidns/Record.java
@@ -381,6 +381,15 @@ public Record(String name, TYPE type, int clazzValue, long ttl, Data payloadData
         this.payloadData = payloadData;
     }
 
+    public Record(DNSName name, TYPE type, int clazzValue, long ttl, Data payloadData) {
+        this.name = name;
+        this.type = type;
+        this.clazz = CLASS.NONE;
+        this.clazzValue = clazzValue;
+        this.ttl = ttl;
+        this.payloadData = payloadData;
+    }
+
     public byte[] toByteArray() {
         if (payloadData == null) {
             throw new IllegalStateException("Empty Record has no byte representation");

diff --git a/minidns-dnssec/src/main/java/de/measite/minidns/dnssec/Verifier.java b/minidns-dnssec/src/main/java/de/measite/minidns/dnssec/Verifier.java
@@ -123,30 +123,26 @@ static byte[] combine(RRSIG rrsig, List<Record> records) {
         try {
             rrsig.writePartialSignature(dos);
 
-            // TODO Convert sigName from String to DNSName.
-            String sigName = records.get(0).name.ace;
-            if (!sigName.isEmpty()) {
-                String[] name = sigName.split("\\.");
-                if (name.length > rrsig.labels) {
-                    // Expand wildcards
-                    sigName = name[name.length - 1];
-                    for (int i = 1; i < rrsig.labels; i++) {
-                        sigName = name[name.length - i - 1] + "." + sigName;
-                    }
-                    sigName = "*." + sigName;
-                } else if (name.length < rrsig.labels) {
+            DNSName sigName = records.get(0).name;
+            if (!sigName.isRootLabel()) {
+                if (sigName.getLabelCount() < rrsig.labels) {
                     throw new DNSSECValidationFailedException("Invalid RRsig record");
                 }
+
+                if (sigName.getLabelCount() > rrsig.labels) {
+                    // Expand wildcards
+                    sigName = DNSName.from("*." + sigName.stripToLabels(rrsig.labels));
+                }
             }
 
             List<byte[]> recordBytes = new ArrayList<>();
             for (Record record : records) {
-                Record ref = new Record(sigName.toLowerCase(), record.type, record.clazzValue, rrsig.originalTtl, record.payloadData);
+                Record ref = new Record(sigName, record.type, record.clazzValue, rrsig.originalTtl, record.payloadData);
                 recordBytes.add(ref.toByteArray());
             }
 
             // Sort correctly (cause they might be ordered randomly)
-            final int offset = (DNSName.from(sigName)).size() + 10; // Where the RDATA begins
+            final int offset = sigName.size() + 10; // Where the RDATA begins
             Collections.sort(recordBytes, new Comparator<byte[]>() {
                 @Override
                 public int compare(byte[] b1, byte[] b2) {