Handle DS records for unsupported crypto algorithms correctly.

Such a DS, as long as it is validated, should allow answers in the domain is attests to be returned as unvalidated, and not as a validation error.
2025-12-19 18:28:25 +00:00 · 2022-11-16 16:49:30 +00:00
parent 1f9215f5f9
commit 9ed3ee67ec
3 changed files with 44 additions and 24 deletions
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -452,7 +452,7 @@ char *algo_digest_name(int algo)
    case 8: return "sha256";      /* RSA/SHA-256 */
    case 10: return "sha512";     /* RSA/SHA-512 */
 #if MIN_VERSION(3, 6)
-    case 12: return "gosthash94cp"; /* ECC-GOST */
+    case 12: return "gosthash94cp"; /* ECC-GOST */ 
 #endif
    case 13: return "sha256";     /* ECDSAP256SHA256 */
    case 14: return "sha384";     /* ECDSAP384SHA384 */