The “Return of the Coppersmith Attack” (ROCA) vulnerability, which is caused by an error in RSA key generation in Infineon security chips, could potentially be of concern to DNSSEC key holders, in case those keys were generated from an affected hardware TPM device or smartcard.

Luckily, the researchers who found the vulnerability also published a tool to test if your key is vulnerable. This tool can be used online (https://keychest.net/roca or offline as a python script.

This tool requires the key to be tested in RSA PEM fomat, so you must convert the typical DNSSEC keys in DNSKEY RR presentation format (such as a dig output or zone file content) to a X509 RSA PEM key. I wrote a simple perl script to such a conversion, suitable to be feed directly from a dig command like:

$ dig cl dnskey | grep 257 | dnskey-to-pem.pl - MIIDeDANBgkqhkiG9w0BAQEFAAOCA2UAMIIDYAKCA1MBADWwL7y1xJfn8F7mwcJI ... SUPTlYCd/5DpocD8+ZE3LdQQkgvV5zIGwGernrLlBOEgHsZS18N0HXb6ifHfmKCj u+4nc8sDJKi2E2YOaa+U/+TUV7Us61FNjeoiRTtvWt6mfLwtRpbeFUq9toCs1hjr vQs70rMhS90YLfzG0gHzjBXlKQIHI4byb8EAAQ==

You can collect as many keys as you want, put them each one in a .pem file, and then test everything at once:

$ roca-detect . 2017-10-25 11:48:32 [8372] INFO ### SUMMARY #################### 2017-10-25 11:48:32 [8372] INFO Records tested: 15 2017-10-25 11:48:32 [8372] INFO .. PEM certs: ... 0 2017-10-25 11:48:32 [8372] INFO .. DER certs: ... 0 2017-10-25 11:48:32 [8372] INFO .. RSA key files: . 15 2017-10-25 11:48:32 [8372] INFO .. PGP master keys: 0 2017-10-25 11:48:32 [8372] INFO .. PGP total keys:  0 2017-10-25 11:48:32 [8372] INFO .. SSH keys:  ... 0 2017-10-25 11:48:32 [8372] INFO .. APK keys:  ... 0 2017-10-25 11:48:32 [8372] INFO .. JSON keys: ... 0 2017-10-25 11:48:32 [8372] INFO .. LDIFF certs: . . 0 2017-10-25 11:48:32 [8372] INFO .. JKS certs: ... 0 2017-10-25 11:48:32 [8372] INFO .. PKCS7: ... . . 0 2017-10-25 11:48:32 [8372] INFO No fingerprinted keys found (OK) 2017-10-25 11:48:32 [8372] INFO ################################