Cross Reference: /freebsd-11.0-release/contrib/unbound/validator/val

Deleted Added

sdiff udiff text old ( 287917 ) new ( 292206 )

full compact

val_secalgo.c (287917)	val_secalgo.c (292206)
1/* 2 * validator/val_secalgo.c - validator security algorithm functions. 3 * 4 * Copyright (c) 2012, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 30 unchanged lines hidden (view full) --- 39 * This file contains helper functions for the validator module. 40 * These functions take raw data buffers, formatted for crypto verification, 41 * and do the library calls (for the crypto library in use). 42 / 43#include "config.h" 44/ packed_rrset on top to define enum types (forced by c99 standard) */ 45#include "util/data/packed_rrset.h" 46#include "validator/val_secalgo.h"	1/* 2 * validator/val_secalgo.c - validator security algorithm functions. 3 * 4 * Copyright (c) 2012, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 30 unchanged lines hidden (view full) --- 39 * This file contains helper functions for the validator module. 40 * These functions take raw data buffers, formatted for crypto verification, 41 * and do the library calls (for the crypto library in use). 42 / 43#include "config.h" 44/ packed_rrset on top to define enum types (forced by c99 standard) */ 45#include "util/data/packed_rrset.h" 46#include "validator/val_secalgo.h"
	47#include "validator/val_nsec3.h"
47#include "util/log.h" 48#include "sldns/rrdef.h" 49#include "sldns/keyraw.h" 50#include "sldns/sbuffer.h" 51	48#include "util/log.h" 49#include "sldns/rrdef.h" 50#include "sldns/keyraw.h" 51#include "sldns/sbuffer.h" 52
52#if !defined(HAVE_SSL) && !defined(HAVE_NSS)	53#if !defined(HAVE_SSL) && !defined(HAVE_NSS) && !defined(HAVE_NETTLE)
53#error "Need crypto library to do digital signature cryptography" 54#endif 55 56/* OpenSSL implementation / 57#ifdef HAVE_SSL 58#ifdef HAVE_OPENSSL_ERR_H 59#include <openssl/err.h> 60#endif --- 5 unchanged lines hidden* (view full) --- 66#ifdef HAVE_OPENSSL_CONF_H 67#include <openssl/conf.h> 68#endif 69 70#ifdef HAVE_OPENSSL_ENGINE_H 71#include <openssl/engine.h> 72#endif 73	54#error "Need crypto library to do digital signature cryptography" 55#endif 56 57/* OpenSSL implementation / 58#ifdef HAVE_SSL 59#ifdef HAVE_OPENSSL_ERR_H 60#include <openssl/err.h> 61#endif --- 5 unchanged lines hidden* (view full) --- 67#ifdef HAVE_OPENSSL_CONF_H 68#include <openssl/conf.h> 69#endif 70 71#ifdef HAVE_OPENSSL_ENGINE_H 72#include <openssl/engine.h> 73#endif 74
	75/* return size of digest if supported, or 0 otherwise / 76size_t 77nsec3_hash_algo_size_supported(int id) 78{ 79 switch(id) { 80 case NSEC3_HASH_SHA1: 81 return SHA_DIGEST_LENGTH; 82 default: 83 return 0; 84 } 85} 86 87/ perform nsec3 hash. return false on failure / 88int 89secalgo_nsec3_hash(int algo, unsigned char buf, size_t len, 90 unsigned char* res) 91{ 92 switch(algo) { 93 case NSEC3_HASH_SHA1: 94 (void)SHA1(buf, len, res); 95 return 1; 96 default: 97 return 0; 98 } 99} 100
74/** 75 * Return size of DS digest according to its hash algorithm. 76 * @param algo: DS digest algo.	101/** 102 * Return size of DS digest according to its hash algorithm. 103 * @param algo: DS digest algo.
77 * @return size in bytes of digest, or 0 if not supported.	104 * @return size in bytes of digest, or 0 if not supported.
78 / 79size_t 80ds_digest_size_supported(int algo) 81{ 82 switch(algo) { 83#ifdef HAVE_EVP_SHA1 84 case LDNS_SHA1: 85 return SHA_DIGEST_LENGTH; --- 474 unchanged lines hidden* (view full) --- 560#include "sechash.h" 561#include "pk11pub.h" 562#include "keyhi.h" 563#include "secerr.h" 564#include "cryptohi.h" 565/* nspr4 / 566#include "prerror.h" 567*	105 / 106size_t 107ds_digest_size_supported(int algo) 108{ 109* switch(algo) { 110#ifdef HAVE_EVP_SHA1 111 case LDNS_SHA1: 112 return SHA_DIGEST_LENGTH; --- 474 unchanged lines hidden (view full) --- 587#include "sechash.h" 588#include "pk11pub.h" 589#include "keyhi.h" 590#include "secerr.h" 591#include "cryptohi.h" 592/* nspr4 / 593#include "prerror.h" 594*
	595/* return size of digest if supported, or 0 otherwise */
568size_t	596size_t
	597nsec3_hash_algo_size_supported(int id) 598{ 599 switch(id) { 600 case NSEC3_HASH_SHA1: 601 return SHA1_LENGTH; 602 default: 603 return 0; 604 } 605} 606 607/* perform nsec3 hash. return false on failure / 608int 609secalgo_nsec3_hash(int algo, unsigned char buf, size_t len, 610 unsigned char* res) 611{ 612 switch(algo) { 613 case NSEC3_HASH_SHA1: 614 (void)HASH_HashBuf(HASH_AlgSHA1, res, buf, (unsigned long)len); 615 return 1; 616 default: 617 return 0; 618 } 619} 620 621size_t
569ds_digest_size_supported(int algo) 570{ 571 /* uses libNSS / 572* switch(algo) { 573 case LDNS_SHA1: 574 return SHA1_LENGTH; 575#ifdef USE_SHA2 576 case LDNS_SHA256: --- 487 unchanged lines hidden (view full) --- 1064 return sec_status_bogus; 1065 } 1066 verbose(VERB_QUERY, "verify: signature mismatch: %s", 1067 PORT_ErrorToString(err)); 1068 reason = "signature crypto failed"; 1069* return sec_status_bogus; 1070} 1071	622ds_digest_size_supported(int algo) 623{ 624 /* uses libNSS / 625* switch(algo) { 626 case LDNS_SHA1: 627 return SHA1_LENGTH; 628#ifdef USE_SHA2 629 case LDNS_SHA256: --- 487 unchanged lines hidden (view full) --- 1117 return sec_status_bogus; 1118 } 1119 verbose(VERB_QUERY, "verify: signature mismatch: %s", 1120 PORT_ErrorToString(err)); 1121 reason = "signature crypto failed"; 1122* return sec_status_bogus; 1123} 1124
	1125#elif defined(HAVE_NETTLE)
1072	1126
1073#endif /* HAVE_SSL or HAVE_NSS */	1127#include "sha.h" 1128#include "bignum.h" 1129#include "macros.h" 1130#include "rsa.h" 1131#include "dsa.h" 1132#include "asn1.h" 1133#ifdef USE_ECDSA 1134#include "ecdsa.h" 1135#include "ecc-curve.h" 1136#endif 1137 1138static int 1139_digest_nettle(int algo, uint8_t* buf, size_t len, 1140 unsigned char* res) 1141{ 1142 switch(algo) { 1143 case SHA1_DIGEST_SIZE: 1144 { 1145 struct sha1_ctx ctx; 1146 sha1_init(&ctx); 1147 sha1_update(&ctx, len, buf); 1148 sha1_digest(&ctx, SHA1_DIGEST_SIZE, res); 1149 return 1; 1150 } 1151 case SHA256_DIGEST_SIZE: 1152 { 1153 struct sha256_ctx ctx; 1154 sha256_init(&ctx); 1155 sha256_update(&ctx, len, buf); 1156 sha256_digest(&ctx, SHA256_DIGEST_SIZE, res); 1157 return 1; 1158 } 1159 case SHA384_DIGEST_SIZE: 1160 { 1161 struct sha384_ctx ctx; 1162 sha384_init(&ctx); 1163 sha384_update(&ctx, len, buf); 1164 sha384_digest(&ctx, SHA384_DIGEST_SIZE, res); 1165 return 1; 1166 } 1167 case SHA512_DIGEST_SIZE: 1168 { 1169 struct sha512_ctx ctx; 1170 sha512_init(&ctx); 1171 sha512_update(&ctx, len, buf); 1172 sha512_digest(&ctx, SHA512_DIGEST_SIZE, res); 1173 return 1; 1174 } 1175 default: 1176 break; 1177 } 1178 return 0; 1179} 1180 1181/* return size of digest if supported, or 0 otherwise / 1182size_t 1183nsec3_hash_algo_size_supported(int id) 1184{ 1185* switch(id) { 1186 case NSEC3_HASH_SHA1: 1187 return SHA1_DIGEST_SIZE; 1188 default: 1189 return 0; 1190 } 1191} 1192 1193/* perform nsec3 hash. return false on failure / 1194int 1195secalgo_nsec3_hash(int algo, unsigned char buf, size_t len, 1196 unsigned char* res) 1197{ 1198 switch(algo) { 1199 case NSEC3_HASH_SHA1: 1200 return _digest_nettle(SHA1_DIGEST_SIZE, (uint8_t)buf, len, 1201* res); 1202 default: 1203 return 0; 1204 } 1205} 1206 1207/** 1208 * Return size of DS digest according to its hash algorithm. 1209 * @param algo: DS digest algo. 1210 * @return size in bytes of digest, or 0 if not supported. 1211 / 1212size_t 1213ds_digest_size_supported(int algo) 1214{ 1215* switch(algo) { 1216 case LDNS_SHA1: 1217 return SHA1_DIGEST_SIZE; 1218#ifdef USE_SHA2 1219 case LDNS_SHA256: 1220 return SHA256_DIGEST_SIZE; 1221#endif 1222#ifdef USE_ECDSA 1223 case LDNS_SHA384: 1224 return SHA384_DIGEST_SIZE; 1225#endif 1226 /* GOST not supported / 1227* case LDNS_HASH_GOST: 1228 default: 1229 break; 1230 } 1231 return 0; 1232} 1233 1234int 1235secalgo_ds_digest(int algo, unsigned char* buf, size_t len, 1236 unsigned char* res) 1237{ 1238 switch(algo) { 1239 case LDNS_SHA1: 1240 return _digest_nettle(SHA1_DIGEST_SIZE, buf, len, res); 1241#if defined(USE_SHA2) 1242 case LDNS_SHA256: 1243 return _digest_nettle(SHA256_DIGEST_SIZE, buf, len, res); 1244#endif 1245#ifdef USE_ECDSA 1246 case LDNS_SHA384: 1247 return _digest_nettle(SHA384_DIGEST_SIZE, buf, len, res); 1248 1249#endif 1250 case LDNS_HASH_GOST: 1251 default: 1252 verbose(VERB_QUERY, "unknown DS digest algorithm %d", 1253 algo); 1254 break; 1255 } 1256 return 0; 1257} 1258 1259int 1260dnskey_algo_id_is_supported(int id) 1261{ 1262 /* uses libnettle / 1263* switch(id) { 1264 case LDNS_DSA: 1265 case LDNS_DSA_NSEC3: 1266 case LDNS_RSASHA1: 1267 case LDNS_RSASHA1_NSEC3: 1268#ifdef USE_SHA2 1269 case LDNS_RSASHA256: 1270 case LDNS_RSASHA512: 1271#endif 1272#ifdef USE_ECDSA 1273 case LDNS_ECDSAP256SHA256: 1274 case LDNS_ECDSAP384SHA384: 1275#endif 1276 return 1; 1277 case LDNS_RSAMD5: /* RFC 6725 deprecates RSAMD5 / 1278* case LDNS_ECC_GOST: 1279 default: 1280 return 0; 1281 } 1282} 1283 1284static char * 1285_verify_nettle_dsa(sldns_buffer* buf, unsigned char* sigblock, 1286 unsigned int sigblock_len, unsigned char* key, unsigned int keylen) 1287{ 1288 uint8_t digest[SHA1_DIGEST_SIZE]; 1289 uint8_t key_t; 1290 int res = 0; 1291 size_t offset; 1292 struct dsa_public_key pubkey; 1293 struct dsa_signature signature; 1294 unsigned int expected_len; 1295 1296 /* Extract DSA signature from the record / 1297* nettle_dsa_signature_init(&signature); 1298 /* Signature length: 41 bytes - RFC 2536 sec. 3 / 1299* if(sigblock_len == 41) { 1300 if(key[0] != sigblock[0]) 1301 return "invalid T value in DSA signature or pubkey"; 1302 nettle_mpz_set_str_256_u(signature.r, 20, sigblock+1); 1303 nettle_mpz_set_str_256_u(signature.s, 20, sigblock+1+20); 1304 } else { 1305 /* DER encoded, decode the ASN1 notated R and S bignums / 1306* /* SEQUENCE { r INTEGER, s INTEGER } / 1307* struct asn1_der_iterator i, seq; 1308 if(asn1_der_iterator_first(&i, sigblock_len, 1309 (uint8_t)sigblock) != ASN1_ITERATOR_CONSTRUCTED 1310* \|\| i.type != ASN1_SEQUENCE) 1311 return "malformed DER encoded DSA signature"; 1312 /* decode this element of i using the seq iterator / 1313* if(asn1_der_decode_constructed(&i, &seq) != 1314 ASN1_ITERATOR_PRIMITIVE \|\| seq.type != ASN1_INTEGER) 1315 return "malformed DER encoded DSA signature"; 1316 if(!asn1_der_get_bignum(&seq, signature.r, 208)) 1317* return "malformed DER encoded DSA signature"; 1318 if(asn1_der_iterator_next(&seq) != ASN1_ITERATOR_PRIMITIVE 1319 \|\| seq.type != ASN1_INTEGER) 1320 return "malformed DER encoded DSA signature"; 1321 if(!asn1_der_get_bignum(&seq, signature.s, 208)) 1322* return "malformed DER encoded DSA signature"; 1323 if(asn1_der_iterator_next(&i) != ASN1_ITERATOR_END) 1324 return "malformed DER encoded DSA signature"; 1325 } 1326 1327 /* Validate T values constraints - RFC 2536 sec. 2 & sec. 3 / 1328* key_t = key[0]; 1329 if (key_t > 8) { 1330 return "invalid T value in DSA pubkey"; 1331 } 1332 1333 /* Pubkey minimum length: 21 bytes - RFC 2536 sec. 2 / 1334* if (keylen < 21) { 1335 return "DSA pubkey too short"; 1336 } 1337 1338 expected_len = 1 + /* T / 1339* 20 + /* Q / 1340* (64 + key_t8) + / P / 1341* (64 + key_t8) + / G / 1342* (64 + key_t8); / Y / 1343* if (keylen != expected_len ) { 1344 return "invalid DSA pubkey length"; 1345 } 1346 1347 /* Extract DSA pubkey from the record / 1348* nettle_dsa_public_key_init(&pubkey); 1349 offset = 1; 1350 nettle_mpz_set_str_256_u(pubkey.q, 20, key+offset); 1351 offset += 20; 1352 nettle_mpz_set_str_256_u(pubkey.p, (64 + key_t8), key+offset); 1353* offset += (64 + key_t8); 1354* nettle_mpz_set_str_256_u(pubkey.g, (64 + key_t8), key+offset); 1355* offset += (64 + key_t8); 1356* nettle_mpz_set_str_256_u(pubkey.y, (64 + key_t8), key+offset); 1357* 1358 /* Digest content of "buf" and verify its DSA signature in "sigblock"/ 1359* res = _digest_nettle(SHA1_DIGEST_SIZE, (unsigned char)sldns_buffer_begin(buf), 1360* (unsigned int)sldns_buffer_limit(buf), (unsigned char)digest); 1361* res &= dsa_sha1_verify_digest(&pubkey, digest, &signature); 1362 1363 /* Clear and return / 1364* nettle_dsa_signature_clear(&signature); 1365 nettle_dsa_public_key_clear(&pubkey); 1366 if (!res) 1367 return "DSA signature verification failed"; 1368 else 1369 return NULL; 1370} 1371 1372static char * 1373_verify_nettle_rsa(sldns_buffer* buf, unsigned int digest_size, char* sigblock, 1374 unsigned int sigblock_len, uint8_t* key, unsigned int keylen) 1375{ 1376 uint16_t exp_len = 0; 1377 size_t exp_offset = 0, mod_offset = 0; 1378 struct rsa_public_key pubkey; 1379 mpz_t signature; 1380 int res = 0; 1381 1382 /* RSA pubkey parsing as per RFC 3110 sec. 2 / 1383* if( keylen <= 1) { 1384 return "null RSA key"; 1385 } 1386 if (key[0] != 0) { 1387 /* 1-byte length / 1388* exp_len = key[0]; 1389 exp_offset = 1; 1390 } else { 1391 /* 1-byte NUL + 2-bytes exponent length / 1392* if (keylen < 3) { 1393 return "incorrect RSA key length"; 1394 } 1395 exp_len = READ_UINT16(key+1); 1396 if (exp_len == 0) 1397 return "null RSA exponent length"; 1398 exp_offset = 3; 1399 } 1400 /* Check that we are not over-running input length / 1401* if (keylen < exp_offset + exp_len + 1) { 1402 return "RSA key content shorter than expected"; 1403 } 1404 mod_offset = exp_offset + exp_len; 1405 nettle_rsa_public_key_init(&pubkey); 1406 pubkey.size = keylen - mod_offset; 1407 nettle_mpz_set_str_256_u(pubkey.e, exp_len, &key[exp_offset]); 1408 nettle_mpz_set_str_256_u(pubkey.n, pubkey.size, &key[mod_offset]); 1409 1410 /* Digest content of "buf" and verify its RSA signature in "sigblock"/ 1411* nettle_mpz_init_set_str_256_u(signature, sigblock_len, (uint8_t)sigblock); 1412* switch (digest_size) { 1413 case SHA1_DIGEST_SIZE: 1414 { 1415 uint8_t digest[SHA1_DIGEST_SIZE]; 1416 res = _digest_nettle(SHA1_DIGEST_SIZE, (unsigned char)sldns_buffer_begin(buf), 1417* (unsigned int)sldns_buffer_limit(buf), (unsigned char)digest); 1418* res &= rsa_sha1_verify_digest(&pubkey, digest, signature); 1419 break; 1420 } 1421 case SHA256_DIGEST_SIZE: 1422 { 1423 uint8_t digest[SHA256_DIGEST_SIZE]; 1424 res = _digest_nettle(SHA256_DIGEST_SIZE, (unsigned char)sldns_buffer_begin(buf), 1425* (unsigned int)sldns_buffer_limit(buf), (unsigned char)digest); 1426* res &= rsa_sha256_verify_digest(&pubkey, digest, signature); 1427 break; 1428 } 1429 case SHA512_DIGEST_SIZE: 1430 { 1431 uint8_t digest[SHA512_DIGEST_SIZE]; 1432 res = _digest_nettle(SHA512_DIGEST_SIZE, (unsigned char)sldns_buffer_begin(buf), 1433* (unsigned int)sldns_buffer_limit(buf), (unsigned char)digest); 1434* res &= rsa_sha512_verify_digest(&pubkey, digest, signature); 1435 break; 1436 } 1437 default: 1438 break; 1439 } 1440 1441 /* Clear and return / 1442* nettle_rsa_public_key_clear(&pubkey); 1443 mpz_clear(signature); 1444 if (!res) { 1445 return "RSA signature verification failed"; 1446 } else { 1447 return NULL; 1448 } 1449} 1450 1451#ifdef USE_ECDSA 1452static char * 1453_verify_nettle_ecdsa(sldns_buffer* buf, unsigned int digest_size, unsigned char* sigblock, 1454 unsigned int sigblock_len, unsigned char* key, unsigned int keylen) 1455{ 1456 int res = 0; 1457 struct ecc_point pubkey; 1458 struct dsa_signature signature; 1459 1460 /* Always matched strength, as per RFC 6605 sec. 1 / 1461* if (sigblock_len != 2digest_size \|\| keylen != 2digest_size) { 1462 return "wrong ECDSA signature length"; 1463 } 1464 1465 /* Parse ECDSA signature as per RFC 6605 sec. 4 / 1466* nettle_dsa_signature_init(&signature); 1467 switch (digest_size) { 1468 case SHA256_DIGEST_SIZE: 1469 { 1470 uint8_t digest[SHA256_DIGEST_SIZE]; 1471 mpz_t x, y; 1472 nettle_ecc_point_init(&pubkey, &nettle_secp_256r1); 1473 nettle_mpz_init_set_str_256_u(x, SHA256_DIGEST_SIZE, key); 1474 nettle_mpz_init_set_str_256_u(y, SHA256_DIGEST_SIZE, key+SHA256_DIGEST_SIZE); 1475 nettle_mpz_set_str_256_u(signature.r, SHA256_DIGEST_SIZE, sigblock); 1476 nettle_mpz_set_str_256_u(signature.s, SHA256_DIGEST_SIZE, sigblock+SHA256_DIGEST_SIZE); 1477 res = _digest_nettle(SHA256_DIGEST_SIZE, (unsigned char)sldns_buffer_begin(buf), 1478* (unsigned int)sldns_buffer_limit(buf), (unsigned char)digest); 1479* res &= nettle_ecc_point_set(&pubkey, x, y); 1480 res &= nettle_ecdsa_verify (&pubkey, SHA256_DIGEST_SIZE, digest, &signature); 1481 mpz_clear(x); 1482 mpz_clear(y); 1483 break; 1484 } 1485 case SHA384_DIGEST_SIZE: 1486 { 1487 uint8_t digest[SHA384_DIGEST_SIZE]; 1488 mpz_t x, y; 1489 nettle_ecc_point_init(&pubkey, &nettle_secp_384r1); 1490 nettle_mpz_init_set_str_256_u(x, SHA384_DIGEST_SIZE, key); 1491 nettle_mpz_init_set_str_256_u(y, SHA384_DIGEST_SIZE, key+SHA384_DIGEST_SIZE); 1492 nettle_mpz_set_str_256_u(signature.r, SHA384_DIGEST_SIZE, sigblock); 1493 nettle_mpz_set_str_256_u(signature.s, SHA384_DIGEST_SIZE, sigblock+SHA384_DIGEST_SIZE); 1494 res = _digest_nettle(SHA384_DIGEST_SIZE, (unsigned char)sldns_buffer_begin(buf), 1495* (unsigned int)sldns_buffer_limit(buf), (unsigned char)digest); 1496* res &= nettle_ecc_point_set(&pubkey, x, y); 1497 res &= nettle_ecdsa_verify (&pubkey, SHA384_DIGEST_SIZE, digest, &signature); 1498 mpz_clear(x); 1499 mpz_clear(y); 1500 nettle_ecc_point_clear(&pubkey); 1501 break; 1502 } 1503 default: 1504 return "unknown ECDSA algorithm"; 1505 } 1506 1507 /* Clear and return / 1508* nettle_dsa_signature_clear(&signature); 1509 if (!res) 1510 return "ECDSA signature verification failed"; 1511 else 1512 return NULL; 1513} 1514#endif 1515 1516/** 1517 * Check a canonical sig+rrset and signature against a dnskey 1518 * @param buf: buffer with data to verify, the first rrsig part and the 1519 * canonicalized rrset. 1520 * @param algo: DNSKEY algorithm. 1521 * @param sigblock: signature rdata field from RRSIG 1522 * @param sigblock_len: length of sigblock data. 1523 * @param key: public key data from DNSKEY RR. 1524 * @param keylen: length of keydata. 1525 * @param reason: bogus reason in more detail. 1526 * @return secure if verification succeeded, bogus on crypto failure, 1527 * unchecked on format errors and alloc failures. 1528 / 1529enum sec_status 1530verify_canonrrset(sldns_buffer buf, int algo, unsigned char* sigblock, 1531 unsigned int sigblock_len, unsigned char* key, unsigned int keylen, 1532 char** reason) 1533{ 1534 unsigned int digest_size = 0; 1535 1536 if (sigblock_len == 0 \|\| keylen == 0) { 1537 reason = "null signature"; 1538* return sec_status_bogus; 1539 } 1540 1541 switch(algo) { 1542 case LDNS_DSA: 1543 case LDNS_DSA_NSEC3: 1544 reason = _verify_nettle_dsa(buf, sigblock, sigblock_len, key, keylen); 1545* if (reason != NULL) 1546* return sec_status_bogus; 1547 else 1548 return sec_status_secure; 1549 1550 case LDNS_RSASHA1: 1551 case LDNS_RSASHA1_NSEC3: 1552 digest_size = (digest_size ? digest_size : SHA1_DIGEST_SIZE); 1553#ifdef USE_SHA2 1554 case LDNS_RSASHA256: 1555 digest_size = (digest_size ? digest_size : SHA256_DIGEST_SIZE); 1556 case LDNS_RSASHA512: 1557 digest_size = (digest_size ? digest_size : SHA512_DIGEST_SIZE); 1558 1559#endif 1560 reason = _verify_nettle_rsa(buf, digest_size, (char)sigblock, 1561 sigblock_len, key, keylen); 1562 if (reason != NULL) 1563* return sec_status_bogus; 1564 else 1565 return sec_status_secure; 1566 1567#ifdef USE_ECDSA 1568 case LDNS_ECDSAP256SHA256: 1569 digest_size = (digest_size ? digest_size : SHA256_DIGEST_SIZE); 1570 case LDNS_ECDSAP384SHA384: 1571 digest_size = (digest_size ? digest_size : SHA384_DIGEST_SIZE); 1572 reason = _verify_nettle_ecdsa(buf, digest_size, sigblock, 1573* sigblock_len, key, keylen); 1574 if (reason != NULL) 1575* return sec_status_bogus; 1576 else 1577 return sec_status_secure; 1578#endif 1579 case LDNS_RSAMD5: 1580 case LDNS_ECC_GOST: 1581 default: 1582 reason = "unable to verify signature, unknown algorithm"; 1583* return sec_status_bogus; 1584 } 1585} 1586 1587#endif /* HAVE_SSL or HAVE_NSS or HAVE_NETTLE */