major TSIG/TKEY cleanup

lib/dns/include/dns/message.h

@@ -190,6 +190,7 @@ struct dns_message {
 	ISC_LIST(dns_rdata_t)		freerdata;
 	ISC_LIST(dns_rdatalist_t)	freerdatalist;
 
+	dns_tsig_keyring_t	       *ring;
 	dns_rcode_t			tsigstatus;
 	dns_rcode_t			querytsigstatus;
 	dns_rdata_any_tsig_t	       *tsig;
@@ -272,9 +273,7 @@ dns_message_parse(dns_message_t *msg, isc_buffer_t *source,
  * DNS message.
  *
  * OPT records are detected and stored in the pseudo-section "opt".
- * TSIGs are detected and stored in the pseudo-section "tsig".  At detection
- * time, the TSIG is verified (XXX) and the message fails if the TSIG fails
- * to verify.
+ * TSIGs are detected and stored in the pseudo-section "tsig".
  *
  * If 'preserve_order' is true, or if the opcode of the message is UPDATE,
  * a separate dns_name_t object will be created for each RR in the message.
@@ -887,6 +886,26 @@ dns_message_signer(dns_message_t *msg, dns_name_t *signer);
  *				  the signature has not been verified yet
  */
 
+isc_result_t
+dns_message_checksig(dns_message_t *msg, dns_view_t *view);
+/*
+ * If this message was signed, verify the signature.
+ *
+ * Requires:
+ *
+ *	msg is a valid parsed message.
+ *	view is a valid view
+ *
+ * Returns:
+ *
+ *	ISC_R_SUCCESS		- the message was unsigned, or the message
+ *				  was signed correctly.
+ *
+ *	DNS_R_EXPECTEDTSIG	- A TSIG was expected, but not seen
+ *	DNS_R_UNEXPECTEDTSIG	- A TSIG was seen but not expected
+ *	DNS_R_TSIGVERIFYFAILURE - The TSIG failed to verify
+ */
+
 ISC_LANG_ENDDECLS
 
 #endif	/* DNS_MESSAGE_H */

lib/dns/include/dns/tkey.h

@@ -36,15 +36,22 @@ ISC_LANG_BEGINDECLS
 #define DNS_TKEYMODE_RESOLVERASSIGNED		4
 #define DNS_TKEYMODE_DELETE			5
 
+struct dns_tkey_ctx {
+	dst_key_t *dhkey;
+	dns_name_t *domain;
+	isc_mem_t *mctx;
+};
+
 isc_result_t
-dns_tkey_init(isc_log_t *lctx, dns_c_ctx_t *cfg, isc_mem_t *mctx);
+dns_tkey_init(dns_c_ctx_t *cfg, isc_mem_t *mctx, dns_tkey_ctx_t **tctx);
 /*
  *	Obtains TKEY configuration information, including default DH key
  *	and default domain from the configuration, if it's not NULL.
  *
  * 	Requires:
- *		'lctx' is not NULL
  *		'mctx' is not NULL
+ *		'tctx' is not NULL
+ *		'*tctx' is NULL
  *
  *	Returns
  *		ISC_R_SUCCESS
@@ -53,19 +60,26 @@ dns_tkey_init(isc_log_t *lctx, dns_c_ctx_t *cfg, isc_mem_t *mctx);
  */
 
 void
-dns_tkey_destroy(void);
+dns_tkey_destroy(dns_tkey_ctx_t **tctx);
 /*
- *      Frees all data associated with the TKEY subsystem
+ *      Frees all data associated with the TKEY context
+ *
+ * 	Requires:
+ *		'tctx' is not NULL
+ *		'*tctx' is not NULL
  */
 
 isc_result_t
-dns_tkey_processquery(dns_message_t *msg);
+dns_tkey_processquery(dns_message_t *msg, dns_tkey_ctx_t *tctx,
+		      dns_tsig_keyring_t *ring);
 /*
  *	Processes a query containing a TKEY record, adding or deleting TSIG
  *	keys if necessary, and modifies the message to contain the response.
  *
  *	Requires:
  *		'msg' is a valid message
+ *		'tctx' is a valid TKEY context
+ *		'ring' is a valid TSIG keyring
  *
  *	Returns
  *		ISC_R_SUCCESS	msg was updated (the TKEY operation succeeded,
@@ -117,7 +131,8 @@ dns_tkey_builddeletequery(dns_message_t *msg, dns_tsigkey_t *key);
 
 isc_result_t
 dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg,
-                           dst_key_t *key, dns_tsigkey_t **outkey);
+                           dst_key_t *key, isc_buffer_t *nonce,
+			   dns_tsigkey_t **outkey, dns_tsig_keyring_t *ring);
 /*
  *	Processes a response to a query containing a TKEY that was
  *	designed to generate a shared secret using a Diffie-Hellman key
@@ -129,6 +144,7 @@ dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg,
  *		'rmsg' is a valid message (the response)
  *		'key' is a valid Diffie Hellman dst key
  *		'outkey' is either NULL or a pointer to NULL
+ *		'ring' is not NULL
  *
  *	Returns:
  *		ISC_R_SUCCESS	the shared key was successfully added
@@ -137,7 +153,8 @@ dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg,
  */
 
 isc_result_t
-dns_tkey_processdeleteresponse(dns_message_t *qmsg, dns_message_t *rmsg);
+dns_tkey_processdeleteresponse(dns_message_t *qmsg, dns_message_t *rmsg,
+			       dns_tsig_keyring_t *ring);
 /*
  *	Processes a response to a query containing a TKEY that was
  *	designed to delete a shared secret.  If the query was successful,
@@ -146,6 +163,7 @@ dns_tkey_processdeleteresponse(dns_message_t *qmsg, dns_message_t *rmsg);
  *	Requires:
  *		'qmsg' is a valid message (the query)
  *		'rmsg' is a valid message (the response)
+ *		'ring' is not NULL
  *
  *	Returns:
  *		ISC_R_SUCCESS	the shared key was successfully deleted

lib/dns/include/dns/tsig.h

@@ -20,7 +20,7 @@
 
 #include <isc/types.h>
 #include <isc/lang.h>
-#include <isc/log.h>
+#include <isc/rwlock.h>
 
 #include <dns/types.h>
 #include <dns/name.h>
@@ -38,6 +38,12 @@ extern dns_name_t *dns_tsig_hmacmd5_name;
 /* Default fudge value. */
 #define DNS_TSIG_FUDGE			300
 
+struct dns_tsig_keyring {
+	ISC_LIST(dns_tsigkey_t) keys;
+	isc_rwlock_t lock;
+	isc_mem_t *mctx;
+}; 
+
 struct dns_tsigkey {
 	/* Unlocked */
 	unsigned int		magic;		/* Magic number. */
@@ -62,10 +68,11 @@ struct dns_tsigkey {
 isc_result_t
 dns_tsigkey_create(dns_name_t *name, dns_name_t *algorithm,
 		   unsigned char *secret, int length, isc_boolean_t generated,
-		   dns_name_t *creator, isc_mem_t *mctx, dns_tsigkey_t **key);
+		   dns_name_t *creator, isc_mem_t *mctx,
+		   dns_tsig_keyring_t *ring, dns_tsigkey_t **key);
 /*
- *	Creates and saves a tsig key structure.  If key is not NULL, *key
- *	will contain a copy of the key.
+ *	Creates a tsig key structure and saves it in the keyring.  If key is
+ *	not NULL, *key *	will contain a copy of the key.
  *
  *	Requires:
  *		'name' is a valid dns_name_t
@@ -74,6 +81,7 @@ dns_tsigkey_create(dns_name_t *name, dns_name_t *algorithm,
  *		'length' is an integer greater than 0
  *		'creator' points to a valid dns_name_t or is NULL
  *		'mctx' is a valid memory context
+ *		'ring' is a valid TSIG keyring
  *		'key' or '*key' must be NULL
  *
  *	Returns:
@@ -84,12 +92,13 @@ dns_tsigkey_create(dns_name_t *name, dns_name_t *algorithm,
  */
 
 void
-dns_tsigkey_free(dns_tsigkey_t **key);
+dns_tsigkey_free(dns_tsigkey_t **key, dns_tsig_keyring_t *ring);
 /*
  *	Frees the tsig key structure pointed to by 'key'.
  *
  *	Requires:
  *		'key' is a valid TSIG key
+ *		'ring' is a valid TSIG keyring containing the key
  */
 
 void
@@ -119,7 +128,8 @@ dns_tsig_sign(dns_message_t *msg);
  */
 
 isc_result_t
-dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg);
+dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg,
+		dns_tsig_keyring_t *sring, dns_tsig_keyring_t *dring);
 /*
  *	Verifies the TSIG record in this message
  *
@@ -129,6 +139,8 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg);
  *		'msg->tsigkey' is a valid TSIG key if this is a response
  *		'msg->tsig' is NULL
  *		'msg->querytsig' is not NULL if this is a response
+ *		'sring' is a valid keyring or NULL
+ *		'dring' is a valid keyring or NULL
  *
  *	Returns:
  *		DNS_R_SUCCESS
@@ -140,28 +152,9 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg);
  *		DNS_R_TSIGVERIFYFAILURE - the TSIG failed to verify
  */
 
-isc_result_t
-dns_tsig_verify_tcp(isc_buffer_t *source, dns_message_t *msg);
-/*
- *	Verifies the TSIG record in this continuation of a TCP response,
- *	if there is one.
- *
- *	Requires:
- *		'source' is a valid buffer containing the unparsed message
- *		'msg' is a valid message
- *		'msg->tsigkey' is a valid TSIG key
- *		'msg->tsig' is NULL
- *		'msg->querytsig' is not NULL
- *
- *	Returns:
- *		DNS_R_SUCCESS
- *		ISC_R_NOMEMORY
- *		DNS_R_TSIGVERIFYFAILURE - the TSIG failed to verify
- */
-
 isc_result_t
 dns_tsigkey_find(dns_tsigkey_t **tsigkey, dns_name_t *name,
-		 dns_name_t *algorithm);
+		 dns_name_t *algorithm, dns_tsig_keyring_t *ring);
 /*
  *	Returns the TSIG key corresponding to this name and (possibly)
  *	algorithm.  Also increments the key's reference counter.
@@ -171,6 +164,7 @@ dns_tsigkey_find(dns_tsigkey_t **tsigkey, dns_name_t *name,
  *		'*tsigkey' is NULL
  *		'name' is a valid dns_name_t
  *		'algorithm' is a valid dns_name_t or NULL
+ *		'ring' is a valid keyring
  *
  *	Returns:
  *		ISC_R_SUCCESS
@@ -179,15 +173,15 @@ dns_tsigkey_find(dns_tsigkey_t **tsigkey, dns_name_t *name,
 
 
 isc_result_t
-dns_tsig_init(isc_log_t *lctx, dns_c_ctx_t *confctx, isc_mem_t *mctx);
+dns_tsig_init(dns_c_ctx_t *confctx, isc_mem_t *mctx, dns_tsig_keyring_t **ring);
 /*
  *	Initializes the TSIG subsystem.  If confctx is not NULL, any
  *	specified keys are loaded.
  *
  *	Requires:
- *		'lctx' is not NULL
  *		'mctx' is not NULL
-
+ *		'ring' is not NULL, and '*ring' is NULL
+ *
  *	Returns:
  *		ISC_R_SUCCESS
  *		ISC_R_NOMEMORY
@@ -195,9 +189,12 @@ dns_tsig_init(isc_log_t *lctx, dns_c_ctx_t *confctx, isc_mem_t *mctx);
 
 
 void
-dns_tsig_destroy(void);
+dns_tsig_destroy(dns_tsig_keyring_t **ring);
 /*
  *	Frees all data associated with the TSIG subsystem
+ *
+ *	Requires:
+ *		'ring' is not NULL
  */
 
 ISC_LANG_ENDDECLS

lib/dns/include/dns/types.h

@@ -78,6 +78,8 @@ typedef struct dns_dispatch			dns_dispatch_t;
 typedef struct dns_dispentry			dns_dispentry_t;
 typedef struct dns_dispatchevent		dns_dispatchevent_t;
 typedef struct dns_tsigkey			dns_tsigkey_t;
+typedef struct dns_tsig_keyring			dns_tsig_keyring_t;
+typedef struct dns_tkey_ctx			dns_tkey_ctx_t;
 typedef struct dns_view				dns_view_t;
 typedef ISC_LIST(dns_view_t)			dns_viewlist_t;
 typedef struct dns_zone				dns_zone_t;

lib/dns/include/dns/view.h

@@ -88,6 +88,8 @@ struct dns_view {
 	isc_task_t *			task;
 	isc_event_t			resevent;
 	isc_event_t			adbevent;
+	dns_tsig_keyring_t *		statickeys;
+	dns_tsig_keyring_t *		dynamickeys;
 	/* Locked by lock. */
 	unsigned int			references;
 	unsigned int			attributes;
@@ -226,6 +228,26 @@ dns_view_sethints(dns_view_t *view, dns_db_t *hints);
  *     	The hints database of 'view' is 'hints'.
  */
 
+void
+dns_view_setkeyring(dns_view_t *view, dns_tsig_keyring_t *ring);
+/*
+ * Set the view's static TSIG keys
+ *
+ * Requires:
+ *
+ *      'view' is a valid, unfrozen view, whose static TSIG keyring has not
+ *	been set.
+ *
+ *      'ring' is a valid TSIG keyring
+ *
+ * Ensures:
+ *
+ *      The static TSIG keyring of 'view' is 'ring'.
+ */
+
+
+
+
 isc_result_t
 dns_view_addzone(dns_view_t *view, dns_zone_t *zone);
 /*
@@ -421,6 +443,21 @@ dns_view_load(dns_view_t *view);
  *	'view' is a valid.
  */
 
+isc_result_t
+dns_view_checksig(dns_view_t *view, isc_buffer_t *source, dns_message_t *msg);
+/*
+ * Verifies the signature of a message.
+ *
+ * Requires:
+ *
+ *	'view' is a valid view.
+ *	'source' is a valid buffer containing the message
+ *	'msg' is a valid message
+ *
+ * Returns:
+ *	see dns_tsig_verify()
+ */
+
 ISC_LANG_ENDDECLS
 
 #endif /* DNS_VIEW_H */

lib/dns/message.c

@@ -38,6 +38,7 @@
 #include <dns/compress.h>
 #include <dns/tsig.h>
 #include <dns/dnssec.h>
+#include <dns/view.h>
 
 #define DNS_MESSAGE_OPCODE_MASK		0x7800U
 #define DNS_MESSAGE_OPCODE_SHIFT	11
@@ -287,6 +288,7 @@ msginitprivate(dns_message_t *m)
 static inline void
 msginittsig(dns_message_t *m)
 {
+	m->ring = NULL;
 	m->tsigstatus = m->querytsigstatus = dns_rcode_noerror;
 	m->tsig = m->querytsig = NULL;
 	m->tsigkey = NULL;
@@ -455,7 +457,7 @@ msgreset(dns_message_t *msg, isc_boolean_t everything)
         }
 
 	if (msg->tsigkey != NULL) {
-		dns_tsigkey_free(&msg->tsigkey);
+		dns_tsigkey_free(&msg->tsigkey, msg->ring);
 		msg->tsigkey = NULL;
 	}
 
@@ -1317,17 +1319,9 @@ dns_message_parse(dns_message_t *msg, isc_buffer_t *source,
 	if (r.length != 0)
 		return (DNS_R_FORMERR);
 
-	if (msg->tsigkey != NULL ||
-	    !ISC_LIST_EMPTY(msg->sections[DNS_SECTION_TSIG]))
+	if (!ISC_LIST_EMPTY(msg->sections[DNS_SECTION_TSIG]) ||
+	    !ISC_LIST_EMPTY(msg->sections[DNS_SECTION_SIG0]))
 	{
-		if (!msg->tcp_continuation)
-			ret = dns_tsig_verify(source, msg);
-		else
-			ret = dns_tsig_verify_tcp(source, msg);
-		if (ret != DNS_R_SUCCESS)
-			return ret;
-	}
-	else if (!ISC_LIST_EMPTY(msg->sections[DNS_SECTION_SIG0])) {
 		msg->saved = isc_mem_get(msg->mctx, sizeof(isc_region_t));
 		if (msg->saved == NULL)
 			return (ISC_R_NOMEMORY);
@@ -2148,3 +2142,21 @@ dns_message_signer(dns_message_t *msg, dns_name_t *signer) {
 
 	return (result);
 }
+
+isc_result_t
+dns_message_checksig(dns_message_t *msg, dns_view_t *view) {
+	isc_buffer_t b;
+
+	REQUIRE(DNS_MESSAGE_VALID(msg));
+	REQUIRE(view != NULL);
+
+	if (msg->tsigkey == NULL &&
+	    ISC_LIST_EMPTY(msg->sections[DNS_SECTION_TSIG]))
+		return (ISC_R_SUCCESS);
+	if (msg->saved == NULL)
+		return (DNS_R_EXPECTEDTSIG);
+	isc_buffer_init(&b, msg->saved->base, msg->saved->length,
+			ISC_BUFFERTYPE_BINARY);
+	isc_buffer_add(&b, msg->saved->length);
+	return dns_view_checksig(view, &b, msg);
+}

lib/dns/tkey.c

@@ -16,7 +16,7 @@
  */
 
 /*
- * $Id: tkey.c,v 1.15 1999/12/06 12:40:30 brister Exp $
+ * $Id: tkey.c,v 1.16 2000/01/21 20:18:36 bwelling Exp $
  * Principal Author: Brian Wellington
  */
 
@@ -31,6 +31,7 @@
 #include <isc/error.h>
 #include <isc/list.h>
 #include <isc/log.h>
+#include <isc/mem.h>
 #include <isc/net.h>
 #include <isc/result.h>
 #include <isc/rwlock.h>
@@ -63,12 +64,8 @@
 	} while (0)
 
 
-static dst_key_t *tkey_dhkey = NULL;
-static dns_name_t *tkey_domain = NULL;
-static isc_mem_t *tkey_mctx = NULL;
-
 isc_result_t
-dns_tkey_init(isc_log_t *lctx, dns_c_ctx_t *cfg, isc_mem_t *mctx) {
+dns_tkey_init(dns_c_ctx_t *cfg, isc_mem_t *mctx, dns_tkey_ctx_t **tctx) {
 	isc_result_t result;
 	char *s;
 	int n;
@@ -76,11 +73,16 @@ dns_tkey_init(isc_log_t *lctx, dns_c_ctx_t *cfg, isc_mem_t *mctx) {
 	unsigned char data[1024];
 	dns_name_t domain;
 
-	RUNTIME_CHECK(tkey_domain == NULL);
-	RUNTIME_CHECK(tkey_dhkey == NULL);
-
-	REQUIRE(lctx != NULL);		/* XXX lctx is now unused. */
 	REQUIRE(mctx != NULL);
+	REQUIRE(tctx != NULL);
+	REQUIRE(*tctx == NULL);
+
+	*tctx = isc_mem_get(mctx, sizeof(dns_tkey_ctx_t));
+	if (*tctx == NULL)
+		return (ISC_R_NOMEMORY);
+	(*tctx)->mctx = mctx;
+	(*tctx)->dhkey = NULL;
+	(*tctx)->domain = NULL;
 
 	if (cfg == NULL)
 		return (ISC_R_SUCCESS);
@@ -91,47 +93,50 @@ dns_tkey_init(isc_log_t *lctx, dns_c_ctx_t *cfg, isc_mem_t *mctx) {
 		return (ISC_R_SUCCESS);
 	RETERR(dst_key_fromfile(s, n, DNS_KEYALG_DH,
 				DST_TYPE_PUBLIC|DST_TYPE_PRIVATE,
-				mctx, &tkey_dhkey));
+				mctx, &(*tctx)->dhkey));
 	s = NULL;
 	RETERR(dns_c_ctx_gettkeydomain(cfg, &s));
 	dns_name_init(&domain, NULL);
-	tkey_domain = (dns_name_t *) isc_mem_get(mctx, sizeof(dns_name_t));
-	if (tkey_domain == NULL)
+	(*tctx)->domain = (dns_name_t *) isc_mem_get(mctx, sizeof(dns_name_t));
+	if ((*tctx)->domain == NULL)
 		return (ISC_R_NOMEMORY);
-	dns_name_init(tkey_domain, NULL);
+	dns_name_init((*tctx)->domain, NULL);
 	isc_buffer_init(&b, s, strlen(s), ISC_BUFFERTYPE_TEXT);
 	isc_buffer_add(&b, strlen(s));
 	isc_buffer_init(&namebuf, data, sizeof(data), ISC_BUFFERTYPE_BINARY);
 	RETERR(dns_name_fromtext(&domain, &b, dns_rootname, ISC_FALSE,
 				 &namebuf));
-	RETERR(dns_name_dup(&domain, mctx, tkey_domain));
-
-	tkey_mctx = mctx;
+	RETERR(dns_name_dup(&domain, mctx, (*tctx)->domain));
 
 	return (ISC_R_SUCCESS);
 
  failure:
-	if (tkey_dhkey != NULL) {
-		dst_key_free(tkey_dhkey);
-		tkey_dhkey = NULL;
+	if ((*tctx)->dhkey != NULL) {
+		dst_key_free((*tctx)->dhkey);
+		(*tctx)->dhkey = NULL;
 	}
-	if (tkey_domain != NULL) {
-		dns_name_free(tkey_domain, mctx);
-		isc_mem_put(mctx, tkey_domain, sizeof(dns_name_t));
-		tkey_domain = NULL;
+	if ((*tctx)->domain != NULL) {
+		dns_name_free((*tctx)->domain, mctx);
+		isc_mem_put(mctx, (*tctx)->domain, sizeof(dns_name_t));
+		(*tctx)->domain = NULL;
 	}
 	return (result);
 }
 
 void
-dns_tkey_destroy(void) {
-	if (tkey_mctx == NULL)
-		return;
-	if (tkey_dhkey != NULL)
-		dst_key_free(tkey_dhkey);
-	if (tkey_domain != NULL)
-		isc_mem_put(tkey_mctx, tkey_domain, sizeof(dns_name_t));
-	tkey_mctx = NULL;
+dns_tkey_destroy(dns_tkey_ctx_t **tctx) {
+	isc_mem_t *mctx;
+
+	REQUIRE(tctx != NULL);
+	REQUIRE(*tctx != NULL);
+
+	if ((*tctx)->dhkey != NULL)
+		dst_key_free((*tctx)->dhkey);
+	if ((*tctx)->domain != NULL)
+		isc_mem_put((*tctx)->mctx, (*tctx)->domain, sizeof(dns_name_t));
+
+	mctx = (*tctx)->mctx;
+	isc_mem_put(mctx, *tctx, sizeof(dns_tkey_ctx_t));
 }
 
 static isc_result_t
@@ -169,6 +174,7 @@ add_rdata_to_list(dns_message_t *msg, dns_name_t *name, dns_rdata_t *rdata,
 	RETERR(dns_message_gettemprdatalist(msg, &newlist));
 	newlist->rdclass = newrdata->rdclass;
 	newlist->type = newrdata->type;
+	newlist->covers = 0;
 	newlist->ttl = ttl;
 	ISC_LIST_INIT(newlist->rdata);
 	ISC_LIST_APPEND(newlist->rdata, newrdata, link);
@@ -191,27 +197,59 @@ add_rdata_to_list(dns_message_t *msg, dns_name_t *name, dns_rdata_t *rdata,
 		dns_message_puttempname(msg, &newname);
 	if (newlist != NULL)
 		dns_message_puttemprdatalist(msg, &newlist);
-	if (newset != NULL)
+	if (newset != NULL) {
+		dns_rdataset_disassociate(newset);
 		dns_message_puttemprdataset(msg, &newset);
+	}
 	return (result);
 }
 
 static isc_result_t
-compute_secret(isc_buffer_t *shared, isc_region_t *randomness,
-	       isc_buffer_t *secret)
+compute_secret(isc_buffer_t *shared, isc_region_t *queryrandomness,
+	       isc_region_t *serverrandomness, isc_buffer_t *secret)
 {
 	dst_context_t ctx;
 	isc_result_t result;
-	isc_region_t r;
+	isc_region_t r, r2;
+	char digests[32];
+	isc_buffer_t b;
+	unsigned int i;
 
+	isc_buffer_init(&b, digests, sizeof(digests), ISC_BUFFERTYPE_BINARY);
 	isc_buffer_used(shared, &r);
+
+	/* MD5 ( query data | DH value ) */
+	RETERR(dst_digest(DST_SIGMODE_INIT, DST_DIGEST_MD5, &ctx, NULL, NULL));
+	RETERR(dst_digest(DST_SIGMODE_UPDATE, DST_DIGEST_MD5, &ctx,
+			  queryrandomness, NULL));
+	RETERR(dst_digest(DST_SIGMODE_UPDATE, DST_DIGEST_MD5, &ctx, &r, NULL));
+	RETERR(dst_digest(DST_SIGMODE_FINAL, DST_DIGEST_MD5, &ctx, NULL, &b));
+			
+	/* MD5 ( server data | DH value ) */
 	RETERR(dst_digest(DST_SIGMODE_INIT, DST_DIGEST_MD5, &ctx, NULL, NULL));
+	RETERR(dst_digest(DST_SIGMODE_UPDATE, DST_DIGEST_MD5, &ctx,
+			  serverrandomness, NULL));
 	RETERR(dst_digest(DST_SIGMODE_UPDATE, DST_DIGEST_MD5, &ctx, &r, NULL));
-	if (randomness->length != 0)
-		RETERR(dst_digest(DST_SIGMODE_UPDATE, DST_DIGEST_MD5,
-				  &ctx, randomness, secret));
-	RETERR(dst_digest(DST_SIGMODE_FINAL, DST_DIGEST_MD5, &ctx, NULL,
-			  secret));
+	RETERR(dst_digest(DST_SIGMODE_FINAL, DST_DIGEST_MD5, &ctx, NULL, &b));
+
+	/* XOR ( DH value, MD5-1 | MD5-2) */
+	isc_buffer_available(secret, &r);
+	isc_buffer_used(shared, &r2);
+	if (r.length < sizeof(digests) || r.length < r2.length)
+		return (ISC_R_NOSPACE);
+	if (r2.length > sizeof(digests)) {
+		memcpy(r.base, r2.base, r2.length);
+		for (i = 0; i < sizeof(digests); i++)
+			r.base[i] ^= digests[i];
+		isc_buffer_add(secret, r2.length);
+	}
+	else {
+		memcpy(r.base, digests, sizeof(digests));
+		for (i = 0; i < r2.length; i++)
+			r.base[i] ^= r2.base[i];
+		isc_buffer_add(secret, sizeof(digests));
+	}
+
  failure:
 	return result;
 
@@ -219,8 +257,9 @@ compute_secret(isc_buffer_t *shared, isc_region_t *randomness,
 
 static isc_result_t
 process_dhtkey(dns_message_t *msg, dns_name_t *name,
-	       dns_rdata_generic_tkey_t *tkeyin,
-	       dns_rdata_generic_tkey_t *tkeyout, dns_namelist_t *namelist)
+	       dns_rdata_generic_tkey_t *tkeyin, dns_tkey_ctx_t *tctx,
+	       dns_rdata_generic_tkey_t *tkeyout,
+	       dns_tsig_keyring_t *ring, dns_namelist_t *namelist)
 {
 	isc_result_t result = ISC_R_SUCCESS;
 	dns_name_t *keyname, ourname, signer, *creator;
@@ -229,14 +268,14 @@ process_dhtkey(dns_message_t *msg, dns_name_t *name,
 	isc_boolean_t found_key = ISC_FALSE, found_incompatible = ISC_FALSE;
 	dst_key_t *pubkey = NULL;
 	isc_buffer_t ourkeybuf, ournamein, ournameout, *shared = NULL;
-	isc_region_t r, ourkeyr;
+	isc_region_t r, r2, ourkeyr;
 	isc_uint32_t ourttl;
 	unsigned char keydata[DST_KEY_MAXSIZE];
 	unsigned char namedata[1024];
 	dns_tsigkey_t *tsigkey;