Commit 8c7fa43b authored by Brian Wellington's avatar Brian Wellington
Browse files

Make dst_region_computeid() take an algorithm, since it was returning the

wrong id for RSA keys.  Also clean up a few error messages from dst routines.
parent c38cf70d
......@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: key_25.c,v 1.30 2000/08/10 01:59:39 bwelling Exp $ */
/* $Id: key_25.c,v 1.31 2000/09/08 14:23:43 bwelling Exp $ */
/*
* Reviewed: Wed Mar 15 16:47:10 PST 2000 by halley.
......@@ -70,6 +70,7 @@ totext_key(ARGS_TOTEXT) {
isc_region_t sr;
char buf[sizeof "64000"];
unsigned int flags;
unsigned char algorithm;
REQUIRE(rdata->type == 25);
......@@ -89,7 +90,8 @@ totext_key(ARGS_TOTEXT) {
RETERR(str_totext(" ", target));
/* algorithm */
sprintf(buf, "%u", sr.base[0]);
algorithm = sr.base[0];
sprintf(buf, "%u", algorithm);
isc_region_consume(&sr, 1);
RETERR(str_totext(buf, target));
......@@ -111,7 +113,7 @@ totext_key(ARGS_TOTEXT) {
RETERR(str_totext(" ; key id = ", target));
dns_rdata_toregion(rdata, &tmpr);
sprintf(buf, "%u", dst_region_computeid(&tmpr));
sprintf(buf, "%u", dst_region_computeid(&tmpr, algorithm));
RETERR(str_totext(buf, target));
}
return (ISC_R_SUCCESS);
......
......@@ -19,7 +19,7 @@
/*
* Principal Author: Brian Wellington
* $Id: dst_api.c,v 1.60 2000/09/02 01:15:21 bwelling Exp $
* $Id: dst_api.c,v 1.61 2000/09/08 14:23:44 bwelling Exp $
*/
#include <config.h>
......@@ -355,10 +355,7 @@ dst_key_fromnamedfile(const char *filename, const int type, isc_mem_t *mctx,
REQUIRE(keyp != NULL && *keyp == NULL);
result = read_public_key(filename, mctx, &pubkey);
if (result == ISC_R_NOTFOUND)
return (DST_R_INVALIDPUBLICKEY);
else if (result != ISC_R_SUCCESS)
if (result != ISC_R_SUCCESS)
return (result);
if (type == DST_TYPE_PUBLIC ||
......@@ -756,19 +753,22 @@ dst_key_secretsize(const dst_key_t *key, unsigned int *n) {
}
isc_uint16_t
dst_region_computeid(const isc_region_t *source) {
dst_region_computeid(const isc_region_t *source, const unsigned int alg) {
isc_uint32_t ac;
const unsigned char *p;
int size;
REQUIRE(source != NULL);
if (source->length == 0)
if (source->length < 4)
return (0);
p = source->base;
size = source->length;
if (alg == DST_ALG_RSAMD5)
return ((p[size - 3] << 8) + p[size - 2]);
for (ac = 0; size > 1; size -= 2, p += 2)
ac += ((*p) << 8) + *(p + 1);
......@@ -865,11 +865,8 @@ read_public_key(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) {
goto cleanup;
ret = isc_lex_openfile(lex, newfilename);
if (ret != ISC_R_SUCCESS) {
if (ret == ISC_R_FILENOTFOUND)
ret = ISC_R_NOTFOUND;
if (ret != ISC_R_SUCCESS)
goto cleanup;
}
#define NEXTTOKEN(lex, opt, token) { \
ret = isc_lex_gettoken(lex, opt, token); \
......
......@@ -19,7 +19,7 @@
/*
* Principal Author: Brian Wellington
* $Id: hmac_link.c,v 1.44 2000/08/16 00:30:54 bwelling Exp $
* $Id: hmac_link.c,v 1.45 2000/09/08 14:23:47 bwelling Exp $
*/
#include <config.h>
......@@ -212,7 +212,7 @@ hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data) {
r.base = hkey->key;
r.length = keylen;
key->key_id = dst_region_computeid(&r);
key->key_id = dst_region_computeid(&r, key->key_alg);
key->key_size = keylen * 8;
key->opaque = hkey;
......
......@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dst.h,v 1.36 2000/09/02 01:15:24 bwelling Exp $ */
/* $Id: dst.h,v 1.37 2000/09/08 14:23:49 bwelling Exp $ */
#ifndef DST_DST_H
#define DST_DST_H 1
......@@ -516,9 +516,10 @@ dst_key_secretsize(const dst_key_t *key, unsigned int *n);
*/
isc_uint16_t
dst_region_computeid(const isc_region_t *source);
dst_region_computeid(const isc_region_t *source, const unsigned int alg);
/*
* Computes the key id of the key stored in the provided region.
* Computes the key id of the key stored in the provided region with the
* given algorithm.
*
* Requires:
* "source" contains a valid, non-NULL region.
......
......@@ -19,7 +19,7 @@
/*
* Principal Author: Brian Wellington
* $Id: openssl_link.c,v 1.36 2000/08/16 00:30:55 bwelling Exp $
* $Id: openssl_link.c,v 1.37 2000/09/08 14:23:46 bwelling Exp $
*/
#if defined(OPENSSL)
......@@ -210,7 +210,7 @@ openssldsa_generate(dst_key_t *key, int unused) {
return (result);
}
isc_buffer_usedregion(&dns, &r);
key->key_id = dst_region_computeid(&r);
key->key_id = dst_region_computeid(&r, key->key_alg);
return (ISC_R_SUCCESS);
}
......@@ -309,7 +309,7 @@ openssldsa_fromdns(dst_key_t *key, isc_buffer_t *data) {
isc_buffer_remainingregion(data, &r);
r.length = 1 + ISC_SHA1_DIGESTLENGTH + 3 * p_bytes;
key->key_id = dst_region_computeid(&r);
key->key_id = dst_region_computeid(&r, key->key_alg);
key->key_size = p_bytes * 8;
isc_buffer_forward(data, 1 + ISC_SHA1_DIGESTLENGTH + 3 * p_bytes);
......@@ -422,7 +422,7 @@ openssldsa_fromfile(dst_key_t *key, const isc_uint16_t id, const char *filename)
if (ret != ISC_R_SUCCESS)
DST_RET(ret);
isc_buffer_usedregion(&dns, &r);
key->key_id = dst_region_computeid(&r);
key->key_id = dst_region_computeid(&r, key->key_alg);
if (key->key_id != id)
DST_RET(DST_R_INVALIDPRIVATEKEY);
......
......@@ -19,7 +19,7 @@
/*
* Principal Author: Brian Wellington
* $Id: openssldh_link.c,v 1.30 2000/08/16 00:30:56 bwelling Exp $
* $Id: openssldh_link.c,v 1.31 2000/09/08 14:23:48 bwelling Exp $
*/
#if defined(OPENSSL)
......@@ -171,7 +171,7 @@ openssldh_generate(dst_key_t *key, int generator) {
return (result);
}
isc_buffer_usedregion(&dns, &r);
key->key_id = dst_region_computeid(&r);
key->key_id = dst_region_computeid(&r, key->key_alg);
return (ISC_R_SUCCESS);
}
......@@ -371,7 +371,7 @@ openssldh_fromdns(dst_key_t *key, isc_buffer_t *data) {
isc_buffer_remainingregion(data, &r);
r.length = plen + glen + publen + 6;
key->key_id = dst_region_computeid(&r);
key->key_id = dst_region_computeid(&r, key->key_alg);
key->key_size = BN_num_bits(dh->p);
isc_buffer_forward(data, plen + glen + publen + 6);
......@@ -493,7 +493,7 @@ openssldh_fromfile(dst_key_t *key, const isc_uint16_t id, const char *filename)
if (ret != ISC_R_SUCCESS)
DST_RET(ret);
isc_buffer_usedregion(&dns, &r);
key->key_id = dst_region_computeid(&r);
key->key_id = dst_region_computeid(&r, key->key_alg);
if (key->key_id != id)
DST_RET(DST_R_INVALIDPRIVATEKEY);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment