Remove the remnants of DSA support (#1184)

crypto/dsa is formally deprecated as of go1.16 and DSA support was
largely removed from this library in 9c315c5, but some remnants
remained.

dnssec.go

@@ -3,7 +3,6 @@ package dns
 import (
  "bytes"
  "crypto"
- "crypto/dsa"
  "crypto/ecdsa"
  "crypto/elliptic"
  _ "crypto/md5"
@@ -318,6 +317,7 @@ func (rr *RRSIG) Sign(k crypto.Signer, rrset []RR) error {
  }
 
  rr.Signature = toBase64(signature)
+ return nil
  case RSAMD5, DSA, DSANSEC3SHA1:
  // See RFC 6944.
  return ErrAlg
@@ -332,9 +332,8 @@ func (rr *RRSIG) Sign(k crypto.Signer, rrset []RR) error {
  }
 
  rr.Signature = toBase64(signature)
+ return nil
  }
-
- return nil
 }
 
 func sign(k crypto.Signer, hashed []byte, hash crypto.Hash, alg uint8) ([]byte, error) {
@@ -346,7 +345,6 @@ func sign(k crypto.Signer, hashed []byte, hash crypto.Hash, alg uint8) ([]byte,
  switch alg {
  case RSASHA1, RSASHA1NSEC3SHA1, RSASHA256, RSASHA512:
  return signature, nil
-
  case ECDSAP256SHA256, ECDSAP384SHA384:
  ecdsaSignature := &struct {
  R, S *big.Int
@@ -366,20 +364,11 @@ func sign(k crypto.Signer, hashed []byte, hash crypto.Hash, alg uint8) ([]byte,
  signature := intToBytes(ecdsaSignature.R, intlen)
  signature = append(signature, intToBytes(ecdsaSignature.S, intlen)...)
  return signature, nil
-
- // There is no defined interface for what a DSA backed crypto.Signer returns
- case DSA, DSANSEC3SHA1:
- // t := divRoundUp(divRoundUp(p.PublicKey.Y.BitLen(), 8)-64, 8)
- // signature := []byte{byte(t)}
- // signature = append(signature, intToBytes(r1, 20)...)
- // signature = append(signature, intToBytes(s1, 20)...)
- // rr.Signature = signature
-
  case ED25519:
  return signature, nil
+ default:
+ return nil, ErrAlg
  }
-
- return nil, ErrAlg
 }
 
 // Verify validates an RRSet with the signature and key. This is only the
@@ -600,30 +589,6 @@ func (k *DNSKEY) publicKeyECDSA() *ecdsa.PublicKey {
  return pubkey
 }
 
-func (k *DNSKEY) publicKeyDSA() *dsa.PublicKey {
- keybuf, err := fromBase64([]byte(k.PublicKey))
- if err != nil {
- return nil
- }
- if len(keybuf) < 22 {
- return nil
- }
- t, keybuf := int(keybuf[0]), keybuf[1:]
- size := 64 + t*8
- q, keybuf := keybuf[:20], keybuf[20:]
- if len(keybuf) != 3*size {
- return nil
- }
- p, keybuf := keybuf[:size], keybuf[size:]
- g, y := keybuf[:size], keybuf[size:]
- pubkey := new(dsa.PublicKey)
- pubkey.Parameters.Q = new(big.Int).SetBytes(q)
- pubkey.Parameters.P = new(big.Int).SetBytes(p)
- pubkey.Parameters.G = new(big.Int).SetBytes(g)
- pubkey.Y = new(big.Int).SetBytes(y)
- return pubkey
-}
-
 func (k *DNSKEY) publicKeyED25519() ed25519.PublicKey {
  keybuf, err := fromBase64([]byte(k.PublicKey))
  if err != nil {

dnssec_keygen.go

@@ -19,8 +19,6 @@ import (
 // bits should be set to the size of the algorithm.
 func (k *DNSKEY) Generate(bits int) (crypto.PrivateKey, error) {
  switch k.Algorithm {
- case RSAMD5, DSA, DSANSEC3SHA1:
- return nil, ErrAlg
  case RSASHA1, RSASHA256, RSASHA1NSEC3SHA1:
  if bits < 512 || bits > 4096 {
  return nil, ErrKeySize
@@ -41,6 +39,8 @@ func (k *DNSKEY) Generate(bits int) (crypto.PrivateKey, error) {
  if bits != 256 {
  return nil, ErrKeySize
  }
+ default:
+ return nil, ErrAlg
  }
 
  switch k.Algorithm {

dnssec_keyscan.go

@@ -43,15 +43,7 @@ func (k *DNSKEY) ReadPrivateKey(q io.Reader, file string) (crypto.PrivateKey, er
  return nil, ErrPrivKey
  }
  switch uint8(algo) {
- case RSAMD5, DSA, DSANSEC3SHA1:
- return nil, ErrAlg
- case RSASHA1:
- fallthrough
- case RSASHA1NSEC3SHA1:
- fallthrough
- case RSASHA256:
- fallthrough
- case RSASHA512:
+ case RSASHA1, RSASHA1NSEC3SHA1, RSASHA256, RSASHA512:
  priv, err := readPrivateKeyRSA(m)
  if err != nil {
  return nil, err
@@ -62,11 +54,7 @@ func (k *DNSKEY) ReadPrivateKey(q io.Reader, file string) (crypto.PrivateKey, er
  }
  priv.PublicKey = *pub
  return priv, nil
- case ECCGOST:
- return nil, ErrPrivKey
- case ECDSAP256SHA256:
- fallthrough
- case ECDSAP384SHA384:
+ case ECDSAP256SHA256, ECDSAP384SHA384:
  priv, err := readPrivateKeyECDSA(m)
  if err != nil {
  return nil, err
@@ -80,7 +68,7 @@ func (k *DNSKEY) ReadPrivateKey(q io.Reader, file string) (crypto.PrivateKey, er
  case ED25519:
  return readPrivateKeyED25519(m)
  default:
- return nil, ErrPrivKey
+ return nil, ErrAlg
  }
 }
 

dnssec_privkey.go

@@ -2,7 +2,6 @@ package dns
 
 import (
  "crypto"
- "crypto/dsa"
  "crypto/ecdsa"
  "crypto/rsa"
  "math/big"
@@ -17,8 +16,8 @@ var bigIntOne = big.NewInt(1)
 
 // PrivateKeyString converts a PrivateKey to a string. This string has the same
 // format as the private-key-file of BIND9 (Private-key-format: v1.3).
-// It needs some info from the key (the algorithm), so its a method of the DNSKEY
-// It supports rsa.PrivateKey, ecdsa.PrivateKey and dsa.PrivateKey
+// It needs some info from the key (the algorithm), so its a method of the DNSKEY.
+// It supports *rsa.PrivateKey, *ecdsa.PrivateKey and ed25519.PrivateKey.
 func (r *DNSKEY) PrivateKeyString(p crypto.PrivateKey) string {
  algorithm := strconv.Itoa(int(r.Algorithm))
  algorithm += " (" + AlgorithmToString[r.Algorithm] + ")"
@@ -67,21 +66,6 @@ func (r *DNSKEY) PrivateKeyString(p crypto.PrivateKey) string {
  "Algorithm: " + algorithm + "\n" +
  "PrivateKey: " + private + "\n"
 
- case *dsa.PrivateKey:
- T := divRoundUp(divRoundUp(p.PublicKey.Parameters.G.BitLen(), 8)-64, 8)
- prime := toBase64(intToBytes(p.PublicKey.Parameters.P, 64+T*8))
- subprime := toBase64(intToBytes(p.PublicKey.Parameters.Q, 20))
- base := toBase64(intToBytes(p.PublicKey.Parameters.G, 64+T*8))
- priv := toBase64(intToBytes(p.X, 20))
- pub := toBase64(intToBytes(p.PublicKey.Y, 64+T*8))
- return format +
- "Algorithm: " + algorithm + "\n" +
- "Prime(p): " + prime + "\n" +
- "Subprime(q): " + subprime + "\n" +
- "Base(g): " + base + "\n" +
- "Private_value(x): " + priv + "\n" +
- "Public_value(y): " + pub + "\n"
-
  case ed25519.PrivateKey:
  private := toBase64(p.Seed())
  return format +

doc.go

@@ -260,7 +260,7 @@ From RFC 2931:
  on requests and responses, and protection of the overall integrity of a response.
 
 It works like TSIG, except that SIG(0) uses public key cryptography, instead of
-the shared secret approach in TSIG. Supported algorithms: DSA, ECDSAP256SHA256,
+the shared secret approach in TSIG. Supported algorithms: ECDSAP256SHA256,
 ECDSAP384SHA384, RSASHA1, RSASHA256 and RSASHA512.
 
 Signing subsequent messages in multi-message sessions is not implemented.

sig0.go

@@ -2,7 +2,6 @@ package dns
 
 import (
  "crypto"
- "crypto/dsa"
  "crypto/ecdsa"
  "crypto/rsa"
  "encoding/binary"
@@ -85,7 +84,7 @@ func (rr *SIG) Verify(k *KEY, buf []byte) error {
 
  var hash crypto.Hash
  switch rr.Algorithm {
- case DSA, RSASHA1:
+ case RSASHA1:
  hash = crypto.SHA1
  case RSASHA256, ECDSAP256SHA256:
  hash = crypto.SHA256
@@ -178,17 +177,6 @@ func (rr *SIG) Verify(k *KEY, buf []byte) error {
  hashed := hasher.Sum(nil)
  sig := buf[sigend:]
  switch k.Algorithm {
- case DSA:
- pk := k.publicKeyDSA()
- sig = sig[1:]
- r := new(big.Int).SetBytes(sig[:len(sig)/2])
- s := new(big.Int).SetBytes(sig[len(sig)/2:])
- if pk != nil {
- if dsa.Verify(pk, hashed, r, s) {
- return nil
- }
- return ErrSig
- }
  case RSASHA1, RSASHA256, RSASHA512:
  pk := k.publicKeyRSA()
  if pk != nil {