From 262ac85107bed292a75c454b3b5a3c36be129b65 Mon Sep 17 00:00:00 2001
From: Giovanni Bajo <rasky@develer.com>
Date: Fri, 27 Apr 2012 03:13:34 +0200
Subject: [PATCH] verify() function must take a keydata chained buffer for
 input key.

---
 src/dnssec-crypto.h  |  4 +++-
 src/dnssec-openssl.c |  6 +++---
 src/dnssec.c         | 20 +-------------------
 3 files changed, 7 insertions(+), 23 deletions(-)

diff --git a/src/dnssec-crypto.h b/src/dnssec-crypto.h
index c89dd25..31b20ac 100644
--- a/src/dnssec-crypto.h
+++ b/src/dnssec-crypto.h
@@ -1,6 +1,8 @@
 #ifndef DNSSEC_CRYPTO_H
 #define DNSSEC_CRYPTO_H
 
+struct keydata;
+
 /* 
  * vtable for a signature verification algorithm.
  *
@@ -34,7 +36,7 @@ typedef struct
   void (*begin_data)(VerifyAlgCtx *ctx);
   void (*add_data)(VerifyAlgCtx *ctx, void *data, unsigned len);
   void (*end_data)(VerifyAlgCtx *ctx);
-  int (*verify)(VerifyAlgCtx *ctx, unsigned char *key, unsigned key_len);
+  int (*verify)(VerifyAlgCtx *ctx, struct keydata *key, unsigned key_len);
 } VerifyAlg;
 
 struct VerifyAlgCtx
diff --git a/src/dnssec-openssl.c b/src/dnssec-openssl.c
index e4cc3ea..e74c9d2 100644
--- a/src/dnssec-openssl.c
+++ b/src/dnssec-openssl.c
@@ -90,13 +90,13 @@ static void rsasha256_end_data(VerifyAlgCtx *ctx_)
   memcpy(ctx->digest, digest, 32);
 }
 
-static int rsasha1_verify(VerifyAlgCtx *ctx_, unsigned char *key, unsigned key_len)
+static int rsasha1_verify(VerifyAlgCtx *ctx_, struct keydata *key_data, unsigned key_len)
 {
   VACTX_rsasha1 *ctx = (VACTX_rsasha1 *)ctx_;
   return 0;
 }
 
-static int rsasha256_verify(VerifyAlgCtx *ctx_, unsigned char *key, unsigned key_len)
+static int rsasha256_verify(VerifyAlgCtx *ctx_, struct keydata *key, unsigned key_len)
 {
   VACTX_rsasha256 *ctx = (VACTX_rsasha256 *)ctx_;
   return 0;
@@ -107,7 +107,7 @@ static int rsasha256_verify(VerifyAlgCtx *ctx_, unsigned char *key, unsigned key
   void alg ## _begin_data(VerifyAlgCtx *ctx); \
   void alg ## _add_data(VerifyAlgCtx *ctx, void *data, unsigned len); \
   void alg ## _end_data(VerifyAlgCtx *ctx); \
-  int alg ## _verify(VerifyAlgCtx *ctx, unsigned char *key, unsigned key_len) \
+  int alg ## _verify(VerifyAlgCtx *ctx, struct keydata *key, unsigned key_len) \
   /**/
 
 #define VALG_VTABLE(alg) { \
diff --git a/src/dnssec.c b/src/dnssec.c
index ff556fe..a19d5e1 100644
--- a/src/dnssec.c
+++ b/src/dnssec.c
@@ -285,25 +285,7 @@ int dnssec_parsekey(struct dns_header *header, size_t pktlen, char *owner, unsig
   if (!(flags & 0x100))
     return 0;
 
-  switch (alg)
-    {
-      case 5: /* RSASHA1 */
-        CHECKED_GETCHAR(explen, rdata, rdlen);
-        if (explen == 0)
-          {
-            printf("DNSKEY: RSASHA1: Unsupported huge exponents\n");
-            return 0;
-          }
-
-        if (rdlen < explen)
-          return 0;
-        key = keydata_alloc(rdata, rdlen);
-        break;
-
-      default:
-        printf("DNSKEY: Unsupported algorithm: %d\n", alg);
-        return 0;
-    }
+  key = keydata_alloc(rdata, rdlen);
 
   /* TODO: time(0) is correct here? */
   crecp = cache_insert(owner, NULL, time(0), ttl, F_FORWARD | F_DNSKEY);