Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 18:28:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

verify() function must take a keydata chained buffer for input key.

Browse Source
This commit is contained in:
Giovanni Bajo
2012-04-27 03:13:34 +02:00
committed by Simon Kelley
parent 4c70046d93
commit 262ac85107
3 changed files with 7 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/dnssec-crypto.h
View File

@@ -1,6 +1,8 @@
#ifndef DNSSEC_CRYPTO_H #ifndef DNSSEC_CRYPTO_H
#define DNSSEC_CRYPTO_H #define DNSSEC_CRYPTO_H
struct keydata;
/* /*
* vtable for a signature verification algorithm. * vtable for a signature verification algorithm.
* *
@@ -34,7 +36,7 @@ typedef struct
void (*begin_data)(VerifyAlgCtx *ctx); void (*begin_data)(VerifyAlgCtx *ctx);
void (*add_data)(VerifyAlgCtx *ctx, void *data, unsigned len); void (*add_data)(VerifyAlgCtx *ctx, void *data, unsigned len);
void (*end_data)(VerifyAlgCtx *ctx); void (*end_data)(VerifyAlgCtx *ctx);
int (*verify)(VerifyAlgCtx *ctx, unsigned char *key, unsigned key_len); int (*verify)(VerifyAlgCtx *ctx, struct keydata *key, unsigned key_len);
} VerifyAlg; } VerifyAlg;
struct VerifyAlgCtx struct VerifyAlgCtx

6
src/dnssec-openssl.c
View File

@@ -90,13 +90,13 @@ static void rsasha256_end_data(VerifyAlgCtx *ctx_)
memcpy(ctx->digest, digest, 32); memcpy(ctx->digest, digest, 32);
} }
static int rsasha1_verify(VerifyAlgCtx *ctx_, unsigned char *key, unsigned key_len) static int rsasha1_verify(VerifyAlgCtx *ctx_, struct keydata *key_data, unsigned key_len)
{ {
VACTX_rsasha1 *ctx = (VACTX_rsasha1 *)ctx_; VACTX_rsasha1 *ctx = (VACTX_rsasha1 *)ctx_;
return 0; return 0;
} }
static int rsasha256_verify(VerifyAlgCtx *ctx_, unsigned char *key, unsigned key_len) static int rsasha256_verify(VerifyAlgCtx *ctx_, struct keydata *key, unsigned key_len)
{ {
VACTX_rsasha256 *ctx = (VACTX_rsasha256 *)ctx_; VACTX_rsasha256 *ctx = (VACTX_rsasha256 *)ctx_;
return 0; return 0;
@@ -107,7 +107,7 @@ static int rsasha256_verify(VerifyAlgCtx *ctx_, unsigned char *key, unsigned key
void alg ## _begin_data(VerifyAlgCtx *ctx); \ void alg ## _begin_data(VerifyAlgCtx *ctx); \
void alg ## _add_data(VerifyAlgCtx *ctx, void *data, unsigned len); \ void alg ## _add_data(VerifyAlgCtx *ctx, void *data, unsigned len); \
void alg ## _end_data(VerifyAlgCtx *ctx); \ void alg ## _end_data(VerifyAlgCtx *ctx); \
int alg ## _verify(VerifyAlgCtx *ctx, unsigned char *key, unsigned key_len) \ int alg ## _verify(VerifyAlgCtx *ctx, struct keydata *key, unsigned key_len) \
/**/ /**/
#define VALG_VTABLE(alg) { \ #define VALG_VTABLE(alg) { \

18
src/dnssec.c
View File

@@ -285,25 +285,7 @@ int dnssec_parsekey(struct dns_header *header, size_t pktlen, char *owner, unsig
if (!(flags & 0x100)) if (!(flags & 0x100))
return 0; return 0;
switch (alg)
{
case 5: /* RSASHA1 */
CHECKED_GETCHAR(explen, rdata, rdlen);
if (explen == 0)
{
printf("DNSKEY: RSASHA1: Unsupported huge exponents\n");
return 0;
}
if (rdlen < explen)
return 0;
key = keydata_alloc(rdata, rdlen); key = keydata_alloc(rdata, rdlen);
break;
default:
printf("DNSKEY: Unsupported algorithm: %d\n", alg);
return 0;
}
/* TODO: time(0) is correct here? */ /* TODO: time(0) is correct here? */
crecp = cache_insert(owner, NULL, time(0), ttl, F_FORWARD | F_DNSKEY); crecp = cache_insert(owner, NULL, time(0), ttl, F_FORWARD | F_DNSKEY);