mirror of
https://gitlab.isc.org/isc-projects/bind9
synced 2025-08-30 05:57:52 +00:00
converting from KEY records to dsa keys was broken.
This commit is contained in:
Brian Wellington
parent
b8fd630c4b
commit
587922e6d1
@ -19,7 +19,7 @@
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
* Principal Author: Brian Wellington
|
* Principal Author: Brian Wellington
|
||||||
* $Id: openssl_link.c,v 1.14 2000/03/07 19:27:50 bwelling Exp $
|
* $Id: openssl_link.c,v 1.15 2000/04/05 22:22:51 bwelling Exp $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@ -272,7 +272,7 @@ dst_openssl_to_dns(const dst_key_t *key, isc_buffer_t *data) {
|
|||||||
DSA *dsa;
|
DSA *dsa;
|
||||||
isc_region_t r;
|
isc_region_t r;
|
||||||
int dnslen;
|
int dnslen;
|
||||||
unsigned int t;
|
unsigned int t, p_bytes;
|
||||||
|
|
||||||
REQUIRE(key->opaque != NULL);
|
REQUIRE(key->opaque != NULL);
|
||||||
|
|
||||||
@ -283,6 +283,7 @@ dst_openssl_to_dns(const dst_key_t *key, isc_buffer_t *data) {
|
|||||||
t = (BN_num_bytes(dsa->p) - 64) / 8;
|
t = (BN_num_bytes(dsa->p) - 64) / 8;
|
||||||
if (t > 8)
|
if (t > 8)
|
||||||
return (DST_R_INVALIDPUBLICKEY);
|
return (DST_R_INVALIDPUBLICKEY);
|
||||||
|
p_bytes = 64 + 8 * t;
|
||||||
|
|
||||||
dnslen = 1 + (key->key_size * 3)/8 + SHA_DIGEST_LENGTH;
|
dnslen = 1 + (key->key_size * 3)/8 + SHA_DIGEST_LENGTH;
|
||||||
if (r.length < (unsigned int) dnslen)
|
if (r.length < (unsigned int) dnslen)
|
||||||
@ -292,11 +293,11 @@ dst_openssl_to_dns(const dst_key_t *key, isc_buffer_t *data) {
|
|||||||
BN_bn2bin_fixed(dsa->q, r.base, SHA_DIGEST_LENGTH);
|
BN_bn2bin_fixed(dsa->q, r.base, SHA_DIGEST_LENGTH);
|
||||||
r.base += SHA_DIGEST_LENGTH;
|
r.base += SHA_DIGEST_LENGTH;
|
||||||
BN_bn2bin_fixed(dsa->p, r.base, key->key_size/8);
|
BN_bn2bin_fixed(dsa->p, r.base, key->key_size/8);
|
||||||
r.base += key->key_size/8;
|
r.base += p_bytes;
|
||||||
BN_bn2bin_fixed(dsa->g, r.base, key->key_size/8);
|
BN_bn2bin_fixed(dsa->g, r.base, key->key_size/8);
|
||||||
r.base += key->key_size/8;
|
r.base += p_bytes;
|
||||||
BN_bn2bin_fixed(dsa->pub_key, r.base, key->key_size/8);
|
BN_bn2bin_fixed(dsa->pub_key, r.base, key->key_size/8);
|
||||||
r.base += key->key_size/8;
|
r.base += p_bytes;
|
||||||
|
|
||||||
isc_buffer_add(data, dnslen);
|
isc_buffer_add(data, dnslen);
|
||||||
|
|
||||||
@ -327,7 +328,6 @@ dst_openssl_from_dns(dst_key_t *key, isc_buffer_t *data, isc_mem_t *mctx) {
|
|||||||
return (ISC_R_SUCCESS);
|
return (ISC_R_SUCCESS);
|
||||||
|
|
||||||
dsa = DSA_new();
|
dsa = DSA_new();
|
||||||
/* dsa = (DSA *) isc_mem_get(mctx, sizeof(DSA));*/
|
|
||||||
if (dsa == NULL)
|
if (dsa == NULL)
|
||||||
return (ISC_R_NOMEMORY);
|
return (ISC_R_NOMEMORY);
|
||||||
|
|
||||||
@ -347,20 +347,20 @@ dst_openssl_from_dns(dst_key_t *key, isc_buffer_t *data, isc_mem_t *mctx) {
|
|||||||
r.base += SHA_DIGEST_LENGTH;
|
r.base += SHA_DIGEST_LENGTH;
|
||||||
|
|
||||||
dsa->p = BN_bin2bn(r.base, p_bytes, NULL);
|
dsa->p = BN_bin2bn(r.base, p_bytes, NULL);
|
||||||
r.base += SHA_DIGEST_LENGTH;
|
r.base += p_bytes;
|
||||||
|
|
||||||
dsa->g = BN_bin2bn(r.base, p_bytes, NULL);
|
dsa->g = BN_bin2bn(r.base, p_bytes, NULL);
|
||||||
r.base += SHA_DIGEST_LENGTH;
|
r.base += p_bytes;
|
||||||
|
|
||||||
dsa->pub_key = BN_bin2bn(r.base, p_bytes, NULL);
|
dsa->pub_key = BN_bin2bn(r.base, p_bytes, NULL);
|
||||||
r.base += SHA_DIGEST_LENGTH;
|
r.base += p_bytes;
|
||||||
|
|
||||||
isc_buffer_remaining(data, &r);
|
isc_buffer_remaining(data, &r);
|
||||||
key->key_id = dst_s_id_calc(r.base,
|
key->key_id = dst_s_id_calc(r.base,
|
||||||
1 + SHA_DIGEST_LENGTH + 3 * p_bytes);
|
1 + SHA_DIGEST_LENGTH + 3 * p_bytes);
|
||||||
key->key_size = p_bytes * 8;
|
key->key_size = p_bytes * 8;
|
||||||
|
|
||||||
isc_buffer_forward(data, SHA_DIGEST_LENGTH + 3 * p_bytes);
|
isc_buffer_forward(data, 1 + SHA_DIGEST_LENGTH + 3 * p_bytes);
|
||||||
|
|
||||||
key->opaque = (void *) dsa;
|
key->opaque = (void *) dsa;
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user