verify() function must take a keydata chained buffer for input key.

262ac851 · Giovanni Bajo · Simon Kelley · 4c70046d · 262ac851 · 262ac851
Commit 262ac851 authored Apr 27, 2012 by Giovanni Bajo Committed by Simon Kelley Aug 20, 2013
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 23 deletions

src/dnssec-crypto.h src/dnssec-crypto.h +3 -1

src/dnssec-openssl.c src/dnssec-openssl.c +3 -3

src/dnssec.c src/dnssec.c +1 -19

No files found.
--- a/src/dnssec-crypto.h
+++ b/src/dnssec-crypto.h
 #ifndef DNSSEC_CRYPTO_H
 #define DNSSEC_CRYPTO_H
+struct keydata;
 /* 
 * vtable for a signature verification algorithm.
 *
@@ -34,7 +36,7 @@ typedef struct
  void (*begin_data)(VerifyAlgCtx *ctx);
  void (*add_data)(VerifyAlgCtx *ctx, void *data, unsigned len);
  void (*end_data)(VerifyAlgCtx *ctx);
-  int (*verify)(VerifyAlgCtx *ctx, unsigned char *key, unsigned key_len);
+  int (*verify)(VerifyAlgCtx *ctx, struct keydata *key, unsigned key_len);
 } VerifyAlg;
 struct VerifyAlgCtx

--- a/src/dnssec-openssl.c
+++ b/src/dnssec-openssl.c
@@ -90,13 +90,13 @@ static void rsasha256_end_data(VerifyAlgCtx *ctx_)
  memcpy(ctx->digest, digest, 32);
 }
-static int rsasha1_verify(VerifyAlgCtx *ctx_, unsigned char *key, unsigned key_len)
+static int rsasha1_verify(VerifyAlgCtx *ctx_, struct keydata *key_data, unsigned key_len)
 {
  VACTX_rsasha1 *ctx = (VACTX_rsasha1 *)ctx_;
  return 0;
 }
-static int rsasha256_verify(VerifyAlgCtx *ctx_, unsigned char *key, unsigned key_len)
+static int rsasha256_verify(VerifyAlgCtx *ctx_, struct keydata *key, unsigned key_len)
 {
  VACTX_rsasha256 *ctx = (VACTX_rsasha256 *)ctx_;
  return 0;
@@ -107,7 +107,7 @@ static int rsasha256_verify(VerifyAlgCtx *ctx_, unsigned char *key, unsigned key
  void alg ## _begin_data(VerifyAlgCtx *ctx); \
  void alg ## _add_data(VerifyAlgCtx *ctx, void *data, unsigned len); \
  void alg ## _end_data(VerifyAlgCtx *ctx); \
-  int alg ## _verify(VerifyAlgCtx *ctx, unsigned char *key, unsigned key_len) \
+  int alg ## _verify(VerifyAlgCtx *ctx, struct keydata *key, unsigned key_len) \
  /**/
 #define VALG_VTABLE(alg) { \

--- a/src/dnssec.c
+++ b/src/dnssec.c
@@ -285,25 +285,7 @@ int dnssec_parsekey(struct dns_header *header, size_t pktlen, char *owner, unsig
  if (!(flags & 0x100))
    return 0;
-  switch (alg)
+  key = keydata_alloc(rdata, rdlen);
-    {
-      case 5: /* RSASHA1 */
-        CHECKED_GETCHAR(explen, rdata, rdlen);
-        if (explen == 0)
-          {
-            printf("DNSKEY: RSASHA1: Unsupported huge exponents\n");
-            return 0;
-          }
-        if (rdlen < explen)
-          return 0;
-        key = keydata_alloc(rdata, rdlen);
-        break;
-      default:
-        printf("DNSKEY: Unsupported algorithm: %d\n", alg);
-        return 0;
-    }
  /* TODO: time(0) is correct here? */
  crecp = cache_insert(owner, NULL, time(0), ttl, F_FORWARD | F_DNSKEY);