Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 18:28:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Implement RSA-SHA512.

Browse Source
This commit is contained in:
Giovanni Bajo
2012-05-02 20:10:55 +02:00
committed by Simon Kelley
parent ccd1d32c3a
commit 5c32841934
2 changed files with 14 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/dnssec-crypto.h
View File

@@ -41,7 +41,7 @@ struct VerifyAlgCtx
const VerifyAlg *vtbl; const VerifyAlg *vtbl;
unsigned char *sig; unsigned char *sig;
size_t siglen; size_t siglen;
unsigned char digest[32]; unsigned char digest[64]; /* TODO: if memory problems, use VLA */
}; };
int verifyalg_supported(int algo); int verifyalg_supported(int algo);
@@ -55,6 +55,7 @@ int verifyalg_algonum(VerifyAlgCtx *a);
#define DIGESTALG_SHA1 1 #define DIGESTALG_SHA1 1
#define DIGESTALG_SHA256 2 #define DIGESTALG_SHA256 2
#define DIGESTALG_MD5 256 #define DIGESTALG_MD5 256
#define DIGESTALG_SHA512 257
int digestalg_supported(int algo); int digestalg_supported(int algo);
int digestalg_begin(int algo); int digestalg_begin(int algo);

16
src/dnssec-openssl.c
View File

@@ -107,6 +107,11 @@ static int rsasha256_verify(VerifyAlgCtx *ctx, struct keydata *key_data, unsigne
return rsa_verify(ctx, key_data, key_len, NID_sha256, 32); return rsa_verify(ctx, key_data, key_len, NID_sha256, 32);
} }
static int rsasha512_verify(VerifyAlgCtx *ctx, struct keydata *key_data, unsigned key_len)
{
return rsa_verify(ctx, key_data, key_len, NID_sha512, 64);
}
static int dsasha1_verify(VerifyAlgCtx *ctx, struct keydata *key_data, unsigned key_len) static int dsasha1_verify(VerifyAlgCtx *ctx, struct keydata *key_data, unsigned key_len)
{ {
static unsigned char asn1_signature[] = static unsigned char asn1_signature[] =
@@ -159,11 +164,11 @@ static const VerifyAlg valgs[] =
VALG_VTABLE(dsasha1, DIGESTALG_SHA1), /* 3: DSA */ VALG_VTABLE(dsasha1, DIGESTALG_SHA1), /* 3: DSA */
VALG_UNSUPPORTED(), /* 4: ECC */ VALG_UNSUPPORTED(), /* 4: ECC */
VALG_VTABLE(rsasha1, DIGESTALG_SHA1), /* 5: RSASHA1 */ VALG_VTABLE(rsasha1, DIGESTALG_SHA1), /* 5: RSASHA1 */
VALG_UNSUPPORTED(), /* 6: DSA-NSEC3-SHA1 */ VALG_VTABLE(dsasha1, DIGESTALG_SHA1), /* 6: DSA-NSEC3-SHA1 */
VALG_VTABLE(rsasha1, DIGESTALG_SHA1), /* 7: RSASHA1-NSEC3-SHA1 */ VALG_VTABLE(rsasha1, DIGESTALG_SHA1), /* 7: RSASHA1-NSEC3-SHA1 */
VALG_VTABLE(rsasha256, DIGESTALG_SHA256), /* 8: RSASHA256 */ VALG_VTABLE(rsasha256, DIGESTALG_SHA256), /* 8: RSASHA256 */
VALG_UNSUPPORTED(), /* 9: unassigned */ VALG_UNSUPPORTED(), /* 9: unassigned */
VALG_UNSUPPORTED(), /* 10: RSASHA512 */ VALG_VTABLE(rsasha512, DIGESTALG_SHA512), /* 10: RSASHA512 */
VALG_UNSUPPORTED(), /* 11: unassigned */ VALG_UNSUPPORTED(), /* 11: unassigned */
VALG_UNSUPPORTED(), /* 12: ECC-GOST */ VALG_UNSUPPORTED(), /* 12: ECC-GOST */
VALG_UNSUPPORTED(), /* 13: ECDSAP256SHA256 */ VALG_UNSUPPORTED(), /* 13: ECDSAP256SHA256 */
@@ -184,7 +189,7 @@ static const int valgctx_size[] =
sizeof(VerifyAlgCtx), /* 7: RSASHA1-NSEC3-SHA1 */ sizeof(VerifyAlgCtx), /* 7: RSASHA1-NSEC3-SHA1 */
sizeof(VerifyAlgCtx), /* 8: RSASHA256 */ sizeof(VerifyAlgCtx), /* 8: RSASHA256 */
0, /* 9: unassigned */ 0, /* 9: unassigned */
0, /* 10: RSASHA512 */ sizeof(VerifyAlgCtx), /* 10: RSASHA512 */
0, /* 11: unassigned */ 0, /* 11: unassigned */
0, /* 12: ECC-GOST */ 0, /* 12: ECC-GOST */
0, /* 13: ECDSAP256SHA256 */ 0, /* 13: ECDSAP256SHA256 */
@@ -246,7 +251,8 @@ int digestalg_supported(int algo)
{ {
return (algo == DIGESTALG_SHA1 || return (algo == DIGESTALG_SHA1 ||
algo == DIGESTALG_SHA256 || algo == DIGESTALG_SHA256 ||
algo == DIGESTALG_MD5); algo == DIGESTALG_MD5 ||
algo == DIGESTALG_SHA512);
} }
int digestalg_begin(int algo) int digestalg_begin(int algo)
@@ -256,6 +262,8 @@ int digestalg_begin(int algo)
EVP_DigestInit_ex(&digctx, EVP_sha1(), NULL); EVP_DigestInit_ex(&digctx, EVP_sha1(), NULL);
else if (algo == DIGESTALG_SHA256) else if (algo == DIGESTALG_SHA256)
EVP_DigestInit_ex(&digctx, EVP_sha256(), NULL); EVP_DigestInit_ex(&digctx, EVP_sha256(), NULL);
else if (algo == DIGESTALG_SHA512)
EVP_DigestInit_ex(&digctx, EVP_sha512(), NULL);
else if (algo == DIGESTALG_MD5) else if (algo == DIGESTALG_MD5)
EVP_DigestInit_ex(&digctx, EVP_md5(), NULL); EVP_DigestInit_ex(&digctx, EVP_md5(), NULL);
else else