View | Details | Raw Unified | Return to bug 594
Collapse All | Expand All

(-)b/Makefile.in (-2 / +2 lines)
 Lines 295-301   longtest: tests Link Here 
295
lib:	libunbound.la unbound.h
295
lib:	libunbound.la unbound.h
296
296
297
libunbound.la:	$(LIBUNBOUND_OBJ_LINK)
297
libunbound.la:	$(LIBUNBOUND_OBJ_LINK)
298
	$(LINK_LIB) $(UBSYMS) -o $@ $(LIBUNBOUND_OBJ_LINK) -rpath $(libdir) -lssl $(LIBS)
298
	$(LINK_LIB) $(UBSYMS) -o $@ $(LIBUNBOUND_OBJ_LINK) -rpath $(libdir) $(LIBS)
299
299
300
unbound$(EXEEXT):	$(DAEMON_OBJ_LINK) libunbound.la
300
unbound$(EXEEXT):	$(DAEMON_OBJ_LINK) libunbound.la
301
	$(LINK) -o $@ $(DAEMON_OBJ_LINK) $(EXTRALINK) -lssl $(LIBS)
301
	$(LINK) -o $@ $(DAEMON_OBJ_LINK) $(EXTRALINK) -lssl $(LIBS)
 Lines 322-328   anchor-update$(EXEEXT): $(ANCHORUPD_OBJ_LINK) libunbound.la Link Here 
322
	$(LINK) -o $@ $(ANCHORUPD_OBJ_LINK) -L. -L.libs -lunbound $(LIBS)
322
	$(LINK) -o $@ $(ANCHORUPD_OBJ_LINK) -L. -L.libs -lunbound $(LIBS)
323
323
324
unittest$(EXEEXT):	$(UNITTEST_OBJ_LINK)
324
unittest$(EXEEXT):	$(UNITTEST_OBJ_LINK)
325
	$(LINK) -o $@ $(UNITTEST_OBJ_LINK) -lssl $(LIBS)
325
	$(LINK) -o $@ $(UNITTEST_OBJ_LINK) $(LIBS)
326
326
327
testbound$(EXEEXT):	$(TESTBOUND_OBJ_LINK)
327
testbound$(EXEEXT):	$(TESTBOUND_OBJ_LINK)
328
	$(LINK) -o $@ $(TESTBOUND_OBJ_LINK) -lssl $(LIBS)
328
	$(LINK) -o $@ $(TESTBOUND_OBJ_LINK) -lssl $(LIBS)
(-)b/compat/getentropy_linux.c (-3 / +20 lines)
 Lines 46-52    Link Here 
46
#include <errno.h>
46
#include <errno.h>
47
#include <unistd.h>
47
#include <unistd.h>
48
#include <time.h>
48
#include <time.h>
49
50
#if defined(HAVE_SSL)
49
#include <openssl/sha.h>
51
#include <openssl/sha.h>
52
#elif defined(HAVE_NETTLE)
53
#include <nettle/sha.h>
54
#endif
50
55
51
#include <linux/types.h>
56
#include <linux/types.h>
52
#include <linux/random.h>
57
#include <linux/random.h>
 Lines 67-75    Link Here 
67
			HD(b); \
72
			HD(b); \
68
	} while (0)
73
	} while (0)
69
74
75
#if defined(HAVE_SSL)
76
#define CRYPTO_SHA512_CTX		SHA512_CTX
77
#define CRYPTO_SHA512_INIT(x)		SHA512_Init(x)
78
#define CRYPTO_SHA512_FINAL(r, c)	SHA512_Final(r, c)
70
#define HR(x, l) (SHA512_Update(&ctx, (char *)(x), (l)))
79
#define HR(x, l) (SHA512_Update(&ctx, (char *)(x), (l)))
71
#define HD(x)	 (SHA512_Update(&ctx, (char *)&(x), sizeof (x)))
80
#define HD(x)	 (SHA512_Update(&ctx, (char *)&(x), sizeof (x)))
72
#define HF(x)    (SHA512_Update(&ctx, (char *)&(x), sizeof (void*)))
81
#define HF(x)    (SHA512_Update(&ctx, (char *)&(x), sizeof (void*)))
82
#elif defined(HAVE_NETTLE)
83
#define CRYPTO_SHA512_CTX		struct sha512_ctx
84
#define CRYPTO_SHA512_INIT(x)		sha512_init(x)
85
#define CRYPTO_SHA512_FINAL(r, c)	sha512_digest(c, SHA512_DIGEST_SIZE, r)
86
#define HR(x, l) (sha512_update(&ctx, (l), (char *)(x)))
87
#define HD(x)	 (sha512_update(&ctx, sizeof (x), (char *)&(x)))
88
#define HF(x)    (sha512_update(&ctx, sizeof (void*), (char *)&(x)))
89
#endif
73
90
74
int	getentropy(void *buf, size_t len);
91
int	getentropy(void *buf, size_t len);
75
92
 Lines 337-343   getentropy_fallback(void *buf, size_t len) Link Here 
337
	struct rusage ru;
354
	struct rusage ru;
338
	sigset_t sigset;
355
	sigset_t sigset;
339
	struct stat st;
356
	struct stat st;
340
	SHA512_CTX ctx;
357
	CRYPTO_SHA512_CTX ctx;
341
	static pid_t lastpid;
358
	static pid_t lastpid;
342
	pid_t pid;
359
	pid_t pid;
343
	size_t i, ii, m;
360
	size_t i, ii, m;
 Lines 354-360   getentropy_fallback(void *buf, size_t len) Link Here 
354
	}
371
	}
355
	for (i = 0; i < len; ) {
372
	for (i = 0; i < len; ) {
356
		int j;
373
		int j;
357
		SHA512_Init(&ctx);
374
		CRYPTO_SHA512_INIT(&ctx);
358
		for (j = 0; j < repeat; j++) {
375
		for (j = 0; j < repeat; j++) {
359
			HX((e = gettimeofday(&tv, NULL)) == -1, tv);
376
			HX((e = gettimeofday(&tv, NULL)) == -1, tv);
360
			if (e != -1) {
377
			if (e != -1) {
 Lines 526-532   getentropy_fallback(void *buf, size_t len) Link Here 
526
#  endif
543
#  endif
527
#endif /* HAVE_GETAUXVAL */
544
#endif /* HAVE_GETAUXVAL */
528
545
529
		SHA512_Final(results, &ctx);
546
		CRYPTO_SHA512_FINAL(results, &ctx);
530
		memcpy((char*)buf + i, results, min(sizeof(results), len - i));
547
		memcpy((char*)buf + i, results, min(sizeof(results), len - i));
531
		i += min(sizeof(results), len - i);
548
		i += min(sizeof(results), len - i);
532
	}
549
	}
(-)b/config.h.in (+3 lines)
 Lines 242-247    Link Here 
242
/* Define to 1 if you have the <netinet/in.h> header file. */
242
/* Define to 1 if you have the <netinet/in.h> header file. */
243
#undef HAVE_NETINET_IN_H
243
#undef HAVE_NETINET_IN_H
244
244
245
/* Use libnettle for crypto */
246
#undef HAVE_NETTLE
247
245
/* Use libnss for crypto */
248
/* Use libnss for crypto */
246
#undef HAVE_NSS
249
#undef HAVE_NSS
247
250
(-)b/configure.ac (-4 / +22 lines)
 Lines 566-573   AC_ARG_WITH([nss], AC_HELP_STRING([--with-nss=path], Link Here 
566
	]
566
	]
567
)
567
)
568
568
569
# libnettle
570
USE_NETTLE="no"
571
AC_ARG_WITH([nettle], AC_HELP_STRING([--with-nettle=path],
572
	[use libnettle as crypto library, installed at path.]),
573
	[
574
	USE_NETTLE="yes"
575
	AC_DEFINE(HAVE_NETTLE, 1, [Use libnettle for crypto])
576
	if test "$withval" != "" -a "$withval" != "yes"; then
577
		CPPFLAGS="$CPPFLAGS -I$withval/include/nettle"
578
		LDFLAGS="$LDFLAGS -L$withval/lib"
579
		ACX_RUNTIME_PATH_ADD([$withval/lib])
580
	else
581
		CPPFLAGS="$CPPFLAGS -I/usr/include/nettle"
582
	fi
583
        LIBS="$LIBS -lhogweed -lnettle -lgmp"
584
	]
585
)
586
569
# openssl
587
# openssl
570
if test $USE_NSS = "no"; then
588
if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
571
ACX_WITH_SSL
589
ACX_WITH_SSL
572
ACX_LIB_SSL
590
ACX_LIB_SSL
573
AC_MSG_CHECKING([for LibreSSL])
591
AC_MSG_CHECKING([for LibreSSL])
 Lines 715-721   AC_MSG_RESULT($ac_cv_c_gost_works) Link Here 
715
733
716
AC_ARG_ENABLE(gost, AC_HELP_STRING([--disable-gost], [Disable GOST support]))
734
AC_ARG_ENABLE(gost, AC_HELP_STRING([--disable-gost], [Disable GOST support]))
717
use_gost="no"
735
use_gost="no"
718
if test $USE_NSS = "no"; then
736
if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
719
case "$enable_gost" in
737
case "$enable_gost" in
720
	no)
738
	no)
721
	;;
739
	;;
 Lines 729-735   case "$enable_gost" in Link Here 
729
	fi
747
	fi
730
	;;
748
	;;
731
esac
749
esac
732
fi dnl !USE_NSS
750
fi dnl !USE_NSS && !USE_NETTLE
733
751
734
AC_ARG_ENABLE(ecdsa, AC_HELP_STRING([--disable-ecdsa], [Disable ECDSA support]))
752
AC_ARG_ENABLE(ecdsa, AC_HELP_STRING([--disable-ecdsa], [Disable ECDSA support]))
735
use_ecdsa="no"
753
use_ecdsa="no"
 Lines 737-743   case "$enable_ecdsa" in Link Here 
737
    no)
755
    no)
738
      ;;
756
      ;;
739
    *)
757
    *)
740
      if test $USE_NSS = "no"; then
758
      if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
741
	      AC_CHECK_FUNC(ECDSA_sign, [], [AC_MSG_ERROR([OpenSSL does not support ECDSA: please upgrade or rerun with --disable-ecdsa])])
759
	      AC_CHECK_FUNC(ECDSA_sign, [], [AC_MSG_ERROR([OpenSSL does not support ECDSA: please upgrade or rerun with --disable-ecdsa])])
742
	      AC_CHECK_FUNC(SHA384_Init, [], [AC_MSG_ERROR([OpenSSL does not support SHA384: please upgrade or rerun with --disable-ecdsa])])
760
	      AC_CHECK_FUNC(SHA384_Init, [], [AC_MSG_ERROR([OpenSSL does not support SHA384: please upgrade or rerun with --disable-ecdsa])])
743
	      AC_CHECK_DECLS([NID_X9_62_prime256v1, NID_secp384r1], [], [AC_MSG_ERROR([OpenSSL does not support the ECDSA curves: please upgrade or rerun with --disable-ecdsa])], [AC_INCLUDES_DEFAULT
761
	      AC_CHECK_DECLS([NID_X9_62_prime256v1, NID_secp384r1], [], [AC_MSG_ERROR([OpenSSL does not support the ECDSA curves: please upgrade or rerun with --disable-ecdsa])], [AC_INCLUDES_DEFAULT
(-)b/testcode/testbound.c (-1 / +1 lines)
 Lines 286-292   main(int argc, char* argv[]) Link Here 
286
			testbound_selftest();
286
			testbound_selftest();
287
			exit(0);
287
			exit(0);
288
		case '2':
288
		case '2':
289
#if (defined(HAVE_EVP_SHA256) || defined(HAVE_NSS)) && defined(USE_SHA2)
289
#if (defined(HAVE_EVP_SHA256) || defined(HAVE_NSS) || defined(HAVE_NETTLE)) && defined(USE_SHA2)
290
			printf("SHA256 supported\n");
290
			printf("SHA256 supported\n");
291
			exit(0);
291
			exit(0);
292
#else
292
#else
(-)b/testcode/unitverify.c (-3 / +4 lines)
 Lines 191-197   verifytest_rrset(struct module_env* env, struct val_env* ve, Link Here 
191
		printf("verify outcome is: %s %s\n", sec_status_to_string(sec),
191
		printf("verify outcome is: %s %s\n", sec_status_to_string(sec),
192
			reason?reason:"");
192
			reason?reason:"");
193
	}
193
	}
194
	if(should_be_bogus(rrset, qinfo)) {
194
	if(should_be_bogus(rrset, qinfo) ||
195
		(reason && strncmp(reason, "(custom)", 8) == 0)) {
195
		unit_assert(sec == sec_status_bogus);
196
		unit_assert(sec == sec_status_bogus);
196
	} else {
197
	} else {
197
		unit_assert(sec == sec_status_secure);
198
		unit_assert(sec == sec_status_secure);
 Lines 504-515   verify_test(void) Link Here 
504
	verifytest_file("testdata/test_signatures.6", "20080416005004");
505
	verifytest_file("testdata/test_signatures.6", "20080416005004");
505
	verifytest_file("testdata/test_signatures.7", "20070829144150");
506
	verifytest_file("testdata/test_signatures.7", "20070829144150");
506
	verifytest_file("testdata/test_signatures.8", "20070829144150");
507
	verifytest_file("testdata/test_signatures.8", "20070829144150");
507
#if (defined(HAVE_EVP_SHA256) || defined(HAVE_NSS)) && defined(USE_SHA2)
508
#if (defined(HAVE_EVP_SHA256) || defined(HAVE_NSS) || defined(HAVE_NETTLE)) && defined(USE_SHA2)
508
	verifytest_file("testdata/test_sigs.rsasha256", "20070829144150");
509
	verifytest_file("testdata/test_sigs.rsasha256", "20070829144150");
509
	verifytest_file("testdata/test_sigs.sha1_and_256", "20070829144150");
510
	verifytest_file("testdata/test_sigs.sha1_and_256", "20070829144150");
510
	verifytest_file("testdata/test_sigs.rsasha256_draft", "20090101000000");
511
	verifytest_file("testdata/test_sigs.rsasha256_draft", "20090101000000");
511
#endif
512
#endif
512
#if (defined(HAVE_EVP_SHA512) || defined(HAVE_NSS)) && defined(USE_SHA2)
513
#if (defined(HAVE_EVP_SHA512) || defined(HAVE_NSS) || defined(HAVE_NETTLE)) && defined(USE_SHA2)
513
	verifytest_file("testdata/test_sigs.rsasha512_draft", "20070829144150");
514
	verifytest_file("testdata/test_sigs.rsasha512_draft", "20070829144150");
514
#endif
515
#endif
515
	verifytest_file("testdata/test_sigs.hinfo", "20090107100022");
516
	verifytest_file("testdata/test_sigs.hinfo", "20090107100022");
(-)b/util/random.c (-3 / +65 lines)
 Lines 68-73    Link Here 
68
/* nss3 */
68
/* nss3 */
69
#include "secport.h"
69
#include "secport.h"
70
#include "pk11pub.h"
70
#include "pk11pub.h"
71
#elif defined(HAVE_NETTLE)
72
#include "yarrow.h"
71
#endif
73
#endif
72
74
73
/** 
75
/** 
 Lines 76-82    Link Here 
76
 */
78
 */
77
#define MAX_VALUE 0x7fffffff
79
#define MAX_VALUE 0x7fffffff
78
80
79
#ifndef HAVE_NSS
81
#if defined(HAVE_SSL)
80
void
82
void
81
ub_systemseed(unsigned int ATTR_UNUSED(seed))
83
ub_systemseed(unsigned int ATTR_UNUSED(seed))
82
{
84
{
 Lines 110-116   ub_random_max(struct ub_randstate* state, long int x) Link Here 
110
	return (long)arc4random_uniform((uint32_t)x);
112
	return (long)arc4random_uniform((uint32_t)x);
111
}
113
}
112
114
113
#else
115
#elif defined(HAVE_NSS)
114
116
115
/* not much to remember for NSS since we use its pk11_random, placeholder */
117
/* not much to remember for NSS since we use its pk11_random, placeholder */
116
struct ub_randstate {
118
struct ub_randstate {
 Lines 144-149   long int ub_random(struct ub_randstate* ATTR_UNUSED(state)) Link Here 
144
	return x & MAX_VALUE;
146
	return x & MAX_VALUE;
145
}
147
}
146
148
149
#elif defined(HAVE_NETTLE)
150
151
/**
152
 * libnettle implements a Yarrow-256 generator (SHA256 + AES),
153
 * and we have to ensure it is seeded before use.
154
 */
155
struct ub_randstate {
156
	struct yarrow256_ctx ctx;
157
	int seeded;
158
};
159
160
void ub_systemseed(unsigned int ATTR_UNUSED(seed))
161
{
162
/**
163
 * We seed on init and not here, as we need the ctx to re-seed.
164
 * This also means that re-seeding is not supported.
165
 */
166
	log_err("Re-seeding not supported, generator untouched");
167
}
168
169
struct ub_randstate* ub_initstate(unsigned int seed,
170
	struct ub_randstate* ATTR_UNUSED(from))
171
{
172
	struct ub_randstate* s = (struct ub_randstate*)calloc(1, sizeof(*s));
173
	if(!s) {
174
		log_err("malloc failure in random init");
175
		return NULL;
176
	}
177
	/* Setup Yarrow context */
178
	yarrow256_init(&s->ctx, 0, NULL);
179
180
	/* Stretch the uint32 input seed and feed it to Yarrow */
181
	uint8_t buf[YARROW256_SEED_FILE_SIZE];
182
	uint32_t v = seed;
183
	size_t i;
184
	for(i=0; i < (YARROW256_SEED_FILE_SIZE/sizeof(seed)); i++) {
185
		memmove(buf+i*sizeof(seed), &v, sizeof(seed));
186
		v = v*seed + (uint32_t)i;
187
	}
188
	yarrow256_seed(&s->ctx, YARROW256_SEED_FILE_SIZE, buf);
189
	s->seeded = yarrow256_is_seeded(&s->ctx);
190
191
	return s;
192
}
193
194
long int ub_random(struct ub_randstate* s)
195
{
196
	/* random 31 bit value. */
197
	long int x = 0;
198
	if (!s || !s->seeded) {
199
		log_err("Couldn't generate randomness, Yarrow-256 generator not yet seeded");
200
	} else {
201
		yarrow256_random(&s->ctx, sizeof(x), (uint8_t *)&x);
202
	}
203
	return x & MAX_VALUE;
204
}
205
#endif /* HAVE_SSL or HAVE_NSS or HAVE_NETTLE */
206
207
208
#if defined(HAVE_NSS) || defined(HAVE_NETTLE)
147
long int
209
long int
148
ub_random_max(struct ub_randstate* state, long int x)
210
ub_random_max(struct ub_randstate* state, long int x)
149
{
211
{
 Lines 155-161   ub_random_max(struct ub_randstate* state, long int x) Link Here 
155
		v = ub_random(state);
217
		v = ub_random(state);
156
	return (v % x);
218
	return (v % x);
157
}
219
}
158
#endif /* HAVE_NSS */
220
#endif /* HAVE_NSS or HAVE_NETTLE */
159
221
160
void 
222
void 
161
ub_randfree(struct ub_randstate* s)
223
ub_randfree(struct ub_randstate* s)
(-)b/validator/val_nsec3.c (-32 / +90 lines)
 Lines 48-53    Link Here 
48
#ifdef HAVE_NSS
48
#ifdef HAVE_NSS
49
/* nss3 */
49
/* nss3 */
50
#include "sechash.h"
50
#include "sechash.h"
51
#elif defined(HAVE_NETTLE)
52
#include "sha1.h"
51
#endif
53
#endif
52
#include "validator/val_nsec3.h"
54
#include "validator/val_nsec3.h"
53
#include "validator/validator.h"
55
#include "validator/validator.h"
 Lines 546-588   nsec3_get_hashed(sldns_buffer* buf, uint8_t* nm, size_t nmlen, int algo, Link Here 
546
	sldns_buffer_write(buf, salt, saltlen);
548
	sldns_buffer_write(buf, salt, saltlen);
547
	sldns_buffer_flip(buf);
549
	sldns_buffer_flip(buf);
548
	switch(algo) {
550
	switch(algo) {
549
#if defined(HAVE_EVP_SHA1) || defined(HAVE_NSS)
551
#if defined(HAVE_EVP_SHA1)
550
		case NSEC3_HASH_SHA1:
552
		case NSEC3_HASH_SHA1:
551
#ifdef HAVE_SSL
552
			hash_len = SHA_DIGEST_LENGTH;
553
			hash_len = SHA_DIGEST_LENGTH;
553
#else
554
			hash_len = SHA1_LENGTH;
555
#endif
556
			if(hash_len > max)
554
			if(hash_len > max)
557
				return 0;
555
				return 0;
558
#  ifdef HAVE_SSL
559
			(void)SHA1((unsigned char*)sldns_buffer_begin(buf),
556
			(void)SHA1((unsigned char*)sldns_buffer_begin(buf),
560
				(unsigned long)sldns_buffer_limit(buf),
557
				(unsigned long)sldns_buffer_limit(buf),
561
				(unsigned char*)res);
558
				(unsigned char*)res);
562
#  else
563
			(void)HASH_HashBuf(HASH_AlgSHA1, (unsigned char*)res,
564
				(unsigned char*)sldns_buffer_begin(buf),
565
				(unsigned long)sldns_buffer_limit(buf));
566
#  endif
567
			for(i=0; i<iter; i++) {
559
			for(i=0; i<iter; i++) {
568
				sldns_buffer_clear(buf);
560
				sldns_buffer_clear(buf);
569
				sldns_buffer_write(buf, res, hash_len);
561
				sldns_buffer_write(buf, res, hash_len);
570
				sldns_buffer_write(buf, salt, saltlen);
562
				sldns_buffer_write(buf, salt, saltlen);
571
				sldns_buffer_flip(buf);
563
				sldns_buffer_flip(buf);
572
#  ifdef HAVE_SSL
573
				(void)SHA1(
564
				(void)SHA1(
574
					(unsigned char*)sldns_buffer_begin(buf),
565
					(unsigned char*)sldns_buffer_begin(buf),
575
					(unsigned long)sldns_buffer_limit(buf),
566
					(unsigned long)sldns_buffer_limit(buf),
576
					(unsigned char*)res);
567
					(unsigned char*)res);
577
#  else
568
			}
569
			break;
570
#elif defined(HAVE_NSS)
571
		case NSEC3_HASH_SHA1:
572
			hash_len = SHA1_LENGTH;
573
			if(hash_len > max)
574
				return 0;
575
			(void)HASH_HashBuf(HASH_AlgSHA1, (unsigned char*)res,
576
				(unsigned char*)sldns_buffer_begin(buf),
577
				(unsigned long)sldns_buffer_limit(buf));
578
			for(i=0; i<iter; i++) {
579
				sldns_buffer_clear(buf);
580
				sldns_buffer_write(buf, res, hash_len);
581
				sldns_buffer_write(buf, salt, saltlen);
582
				sldns_buffer_flip(buf);
578
				(void)HASH_HashBuf(HASH_AlgSHA1,
583
				(void)HASH_HashBuf(HASH_AlgSHA1,
579
					(unsigned char*)res,
584
					(unsigned char*)res,
580
					(unsigned char*)sldns_buffer_begin(buf),
585
					(unsigned char*)sldns_buffer_begin(buf),
581
					(unsigned long)sldns_buffer_limit(buf));
586
					(unsigned long)sldns_buffer_limit(buf));
582
#  endif
583
			}
587
			}
584
			break;
588
			break;
585
#endif /* HAVE_EVP_SHA1 or NSS */
589
#elif defined(HAVE_NETTLE)
590
		case NSEC3_HASH_SHA1:
591
			{
592
			struct sha1_ctx ctx;
593
			hash_len = SHA1_DIGEST_SIZE;
594
			if(hash_len > max)
595
				return 0;
596
			sha1_init(&ctx);
597
			sha1_update(&ctx,
598
				(size_t)sldns_buffer_limit(buf),
599
				(const uint8_t*)sldns_buffer_begin(buf));
600
			sha1_digest(&ctx, SHA1_DIGEST_SIZE, (uint8_t *)res);
601
			for(i=0; i<iter; i++) {
602
				sldns_buffer_clear(buf);
603
				sldns_buffer_write(buf, res, hash_len);
604
				sldns_buffer_write(buf, salt, saltlen);
605
				sldns_buffer_flip(buf);
606
				sha1_update(&ctx,
607
					(size_t)sldns_buffer_limit(buf),
608
					(const uint8_t*)sldns_buffer_begin(buf));
609
				sha1_digest(&ctx, SHA1_DIGEST_SIZE, (uint8_t *)res);
610
			}
611
			break;
612
			}
613
#endif /* HAVE_EVP_SHA1 or HAVE_NSS or HAVE_NETTLE*/
586
		default:
614
		default:
587
			log_err("nsec3 hash of unknown algo %d", algo);
615
			log_err("nsec3 hash of unknown algo %d", algo);
588
			return 0;
616
			return 0;
 Lines 608-653   nsec3_calc_hash(struct regional* region, sldns_buffer* buf, Link Here 
608
	sldns_buffer_write(buf, salt, saltlen);
636
	sldns_buffer_write(buf, salt, saltlen);
609
	sldns_buffer_flip(buf);
637
	sldns_buffer_flip(buf);
610
	switch(algo) {
638
	switch(algo) {
611
#if defined(HAVE_EVP_SHA1) || defined(HAVE_NSS)
612
		case NSEC3_HASH_SHA1:
613
#ifdef HAVE_SSL
639
#ifdef HAVE_SSL
640
		case NSEC3_HASH_SHA1:
614
			c->hash_len = SHA_DIGEST_LENGTH;
641
			c->hash_len = SHA_DIGEST_LENGTH;
615
#else
642
			c->hash = (uint8_t*)regional_alloc(region,
616
			c->hash_len = SHA1_LENGTH;
617
#endif
618
			c->hash = (uint8_t*)regional_alloc(region, 
619
				c->hash_len);
643
				c->hash_len);
620
			if(!c->hash)
644
			if(!c->hash)
621
				return 0;
645
				return 0;
622
#  ifdef HAVE_SSL
623
			(void)SHA1((unsigned char*)sldns_buffer_begin(buf),
646
			(void)SHA1((unsigned char*)sldns_buffer_begin(buf),
624
				(unsigned long)sldns_buffer_limit(buf),
647
				(unsigned long)sldns_buffer_limit(buf),
625
				(unsigned char*)c->hash);
648
				(unsigned char*)c->hash);
626
#  else
627
			(void)HASH_HashBuf(HASH_AlgSHA1,
628
				(unsigned char*)c->hash,
629
				(unsigned char*)sldns_buffer_begin(buf),
630
				(unsigned long)sldns_buffer_limit(buf));
631
#  endif
632
			for(i=0; i<iter; i++) {
649
			for(i=0; i<iter; i++) {
633
				sldns_buffer_clear(buf);
650
				sldns_buffer_clear(buf);
634
				sldns_buffer_write(buf, c->hash, c->hash_len);
651
				sldns_buffer_write(buf, c->hash, c->hash_len);
635
				sldns_buffer_write(buf, salt, saltlen);
652
				sldns_buffer_write(buf, salt, saltlen);
636
				sldns_buffer_flip(buf);
653
				sldns_buffer_flip(buf);
637
#  ifdef HAVE_SSL
638
				(void)SHA1(
654
				(void)SHA1(
639
					(unsigned char*)sldns_buffer_begin(buf),
655
					(unsigned char*)sldns_buffer_begin(buf),
640
					(unsigned long)sldns_buffer_limit(buf),
656
					(unsigned long)sldns_buffer_limit(buf),
641
					(unsigned char*)c->hash);
657
					(unsigned char*)c->hash);
642
#  else
658
			}
659
			break;
660
#elif defined(HAVE_NSS)
661
		case NSEC3_HASH_SHA1:
662
			c->hash_len = SHA1_LENGTH;
663
			c->hash = (uint8_t*)regional_alloc(region,
664
				c->hash_len);
665
			if(!c->hash)
666
				return 0;
667
			(void)HASH_HashBuf(HASH_AlgSHA1,
668
				(unsigned char*)c->hash,
669
				(unsigned char*)sldns_buffer_begin(buf),
670
				(unsigned long)sldns_buffer_limit(buf));
671
			for(i=0; i<iter; i++) {
672
				sldns_buffer_clear(buf);
673
				sldns_buffer_write(buf, c->hash, c->hash_len);
674
				sldns_buffer_write(buf, salt, saltlen);
675
				sldns_buffer_flip(buf);
643
				(void)HASH_HashBuf(HASH_AlgSHA1,
676
				(void)HASH_HashBuf(HASH_AlgSHA1,
644
					(unsigned char*)c->hash,
677
					(unsigned char*)c->hash,
645
					(unsigned char*)sldns_buffer_begin(buf),
678
					(unsigned char*)sldns_buffer_begin(buf),
646
					(unsigned long)sldns_buffer_limit(buf));
679
					(unsigned long)sldns_buffer_limit(buf));
647
#  endif
648
			}
680
			}
649
			break;
681
			break;
650
#endif /* HAVE_EVP_SHA1 or NSS */
682
#elif defined(HAVE_NETTLE)
683
		case NSEC3_HASH_SHA1:
684
			{
685
			struct sha1_ctx ctx;
686
			c->hash_len = SHA1_DIGEST_SIZE;
687
			c->hash = (uint8_t*)regional_alloc(region,
688
				c->hash_len);
689
			if(!c->hash)
690
				return 0;
691
			sha1_init(&ctx);
692
			sha1_update(&ctx,
693
				(size_t)sldns_buffer_limit(buf),
694
				(const uint8_t*)sldns_buffer_begin(buf));
695
			sha1_digest(&ctx, SHA1_DIGEST_SIZE, (uint8_t *)c->hash);
696
			for(i=0; i<iter; i++) {
697
				sldns_buffer_clear(buf);
698
				sldns_buffer_write(buf, c->hash, c->hash_len);
699
				sldns_buffer_write(buf, salt, saltlen);
700
				sldns_buffer_flip(buf);
701
				sha1_update(&ctx,
702
					(size_t)sldns_buffer_limit(buf),
703
					(const uint8_t*)sldns_buffer_begin(buf));
704
				sha1_digest(&ctx, SHA1_DIGEST_SIZE, (uint8_t *)c->hash);
705
			}
706
			break;
707
			}
708
#endif /* HAVE_SSL or HAVE_NSS or HAVE_NETTLE */
651
		default:
709
		default:
652
			log_err("nsec3 hash of unknown algo %d", algo);
710
			log_err("nsec3 hash of unknown algo %d", algo);
653
			return -1;
711
			return -1;
(-)b/validator/val_secalgo.c (-3 / +422 lines)
 Lines 49-55    Link Here 
49
#include "sldns/keyraw.h"
49
#include "sldns/keyraw.h"
50
#include "sldns/sbuffer.h"
50
#include "sldns/sbuffer.h"
51
51
52
#if !defined(HAVE_SSL) && !defined(HAVE_NSS)
52
#if !defined(HAVE_SSL) && !defined(HAVE_NSS) && !defined(HAVE_NETTLE)
53
#error "Need crypto library to do digital signature cryptography"
53
#error "Need crypto library to do digital signature cryptography"
54
#endif
54
#endif
55
55
 Lines 74-80    Link Here 
74
/**
74
/**
75
 * Return size of DS digest according to its hash algorithm.
75
 * Return size of DS digest according to its hash algorithm.
76
 * @param algo: DS digest algo.
76
 * @param algo: DS digest algo.
77
 * @return size in bytes of digest, or 0 if not supported. 
77
 * @return size in bytes of digest, or 0 if not supported.
78
 */
78
 */
79
size_t
79
size_t
80
ds_digest_size_supported(int algo)
80
ds_digest_size_supported(int algo)
 Lines 1069-1073   verify_canonrrset(sldns_buffer* buf, int algo, unsigned char* sigblock, Link Here 
1069
	return sec_status_bogus;
1069
	return sec_status_bogus;
1070
}
1070
}
1071
1071
1072
#elif defined(HAVE_NETTLE)
1072
1073
1073
#endif /* HAVE_SSL or HAVE_NSS */
1074
#include "sha.h"
1075
#include "bignum.h"
1076
#include "macros.h"
1077
#include "rsa.h"
1078
#include "dsa.h"
1079
#ifdef USE_ECDSA
1080
#include "ecdsa.h"
1081
#include "ecc-curve.h"
1082
#endif
1083
1084
/**
1085
 * Return size of DS digest according to its hash algorithm.
1086
 * @param algo: DS digest algo.
1087
 * @return size in bytes of digest, or 0 if not supported.
1088
 */
1089
size_t
1090
ds_digest_size_supported(int algo)
1091
{
1092
	switch(algo) {
1093
		case LDNS_SHA1:
1094
			return SHA1_DIGEST_SIZE;
1095
#ifdef USE_SHA2
1096
		case LDNS_SHA256:
1097
			return SHA256_DIGEST_SIZE;
1098
#endif
1099
#ifdef USE_ECDSA
1100
		case LDNS_SHA384:
1101
			return SHA384_DIGEST_SIZE;
1102
#endif
1103
		/* GOST not supported */
1104
		case LDNS_HASH_GOST:
1105
		default:
1106
			break;
1107
	}
1108
	return 0;
1109
}
1110
1111
1112
1113
static int
1114
_digest_nettle(int algo, uint8_t* buf, size_t len,
1115
	unsigned char* res)
1116
{
1117
	switch(algo) {
1118
		case SHA1_DIGEST_SIZE:
1119
		{
1120
			struct sha1_ctx ctx;
1121
			sha1_init(&ctx);
1122
			sha1_update(&ctx, len, buf);
1123
			sha1_digest(&ctx, SHA1_DIGEST_SIZE, res);
1124
			return 1;
1125
		}
1126
		case SHA256_DIGEST_SIZE:
1127
		{
1128
			struct sha256_ctx ctx;
1129
			sha256_init(&ctx);
1130
			sha256_update(&ctx, len, buf);
1131
			sha256_digest(&ctx, SHA256_DIGEST_SIZE, res);
1132
			return 1;
1133
		}
1134
		case SHA384_DIGEST_SIZE:
1135
		{
1136
			struct sha384_ctx ctx;
1137
			sha384_init(&ctx);
1138
			sha384_update(&ctx, len, buf);
1139
			sha384_digest(&ctx, SHA384_DIGEST_SIZE, res);
1140
			return 1;
1141
		}
1142
		case SHA512_DIGEST_SIZE:
1143
		{
1144
			struct sha512_ctx ctx;
1145
			sha512_init(&ctx);
1146
			sha512_update(&ctx, len, buf);
1147
			sha512_digest(&ctx, SHA512_DIGEST_SIZE, res);
1148
			return 1;
1149
		}
1150
		default:
1151
			break;
1152
	}
1153
	return 0;
1154
}
1155
1156
int
1157
secalgo_ds_digest(int algo, unsigned char* buf, size_t len,
1158
	unsigned char* res)
1159
{
1160
	switch(algo) {
1161
		case LDNS_SHA1:
1162
			return _digest_nettle(SHA1_DIGEST_SIZE, buf, len, res);
1163
#if defined(USE_SHA2)
1164
		case LDNS_SHA256:
1165
			return _digest_nettle(SHA256_DIGEST_SIZE, buf, len, res);
1166
#endif
1167
#ifdef USE_ECDSA
1168
		case LDNS_SHA384:
1169
			return _digest_nettle(SHA384_DIGEST_SIZE, buf, len, res);
1170
1171
#endif
1172
		case LDNS_HASH_GOST:
1173
		default:
1174
			verbose(VERB_QUERY, "unknown DS digest algorithm %d",
1175
				algo);
1176
			break;
1177
	}
1178
	return 0;
1179
}
1180
1181
int
1182
dnskey_algo_id_is_supported(int id)
1183
{
1184
	/* uses libnettle */
1185
	switch(id) {
1186
	case LDNS_DSA:
1187
	case LDNS_DSA_NSEC3:
1188
	case LDNS_RSASHA1:
1189
	case LDNS_RSASHA1_NSEC3:
1190
#ifdef USE_SHA2
1191
	case LDNS_RSASHA256:
1192
	case LDNS_RSASHA512:
1193
#endif
1194
#ifdef USE_ECDSA
1195
	case LDNS_ECDSAP256SHA256:
1196
	case LDNS_ECDSAP384SHA384:
1197
#endif
1198
		return 1;
1199
	case LDNS_RSAMD5: /* RFC 6725 deprecates RSAMD5 */
1200
	case LDNS_ECC_GOST:
1201
	default:
1202
		return 0;
1203
	}
1204
}
1205
1206
static char *
1207
_verify_nettle_dsa(sldns_buffer* buf, unsigned char* sigblock,
1208
	unsigned int sigblock_len, unsigned char* key, unsigned int keylen)
1209
{
1210
	uint8_t digest[SHA1_DIGEST_SIZE];
1211
	uint8_t sig_r[20], sig_s[20], key_t;
1212
	int res = 0;
1213
	size_t offset;
1214
	struct dsa_public_key pubkey;
1215
	struct dsa_signature signature;
1216
1217
	// Validate T values constraints - RFC 2536 sec. 2 & sec. 3
1218
	key_t = key[0];
1219
	if (key_t != sigblock[0] || key_t > 8 ) {
1220
		return "invalid T value in DSA signature or pubkey";
1221
	}
1222
1223
	// Signature length: 41 bytes - RFC 2536 sec. 3
1224
	if (sigblock_len != 41) {
1225
		return "invalid DSA signature length";
1226
	}
1227
1228
	// Pubkey minimum length: 21 bytes - RFC 2536 sec. 2
1229
	if (keylen < 21) {
1230
		return "DSA pubkey too short";
1231
	}
1232
1233
	unsigned int expected_len =   1 +		// T
1234
				     20 +		// Q
1235
				    (64 + key_t*8) +	// P
1236
				    (64 + key_t*8) +	// G
1237
				    (64 + key_t*8);	// Y
1238
	if (keylen != expected_len ) {
1239
		return "invalid DSA pubkey length";
1240
	}
1241
1242
	// Extract DSA pubkey from the record
1243
	nettle_dsa_public_key_init(&pubkey);
1244
	offset = 1;
1245
	nettle_mpz_set_str_256_u(pubkey.q, 20, key+offset);
1246
	offset += 20;
1247
	nettle_mpz_set_str_256_u(pubkey.p, (64 + key_t*8), key+offset);
1248
	offset += (64 + key_t*8);
1249
	nettle_mpz_set_str_256_u(pubkey.g, (64 + key_t*8), key+offset);
1250
	offset += (64 + key_t*8);
1251
	nettle_mpz_set_str_256_u(pubkey.y, (64 + key_t*8), key+offset);
1252
1253
	// Extract DSA signature from the record
1254
	nettle_dsa_signature_init(&signature);
1255
	nettle_mpz_set_str_256_u(signature.r, 20, sigblock+1);
1256
	nettle_mpz_set_str_256_u(signature.s, 20, sigblock+1+20);
1257
1258
	// Digest content of "buf" and verify its DSA signature in "sigblock"
1259
	res = _digest_nettle(SHA1_DIGEST_SIZE, (unsigned char*)sldns_buffer_begin(buf),
1260
						(unsigned int)sldns_buffer_limit(buf), digest);
1261
	res &= dsa_sha1_verify_digest(&pubkey, digest, &signature);
1262
1263
	// Clear and return
1264
	nettle_dsa_signature_clear(&signature);
1265
	nettle_dsa_public_key_clear(&pubkey);
1266
	if (!res)
1267
		return "DSA signature verification failed";
1268
	else
1269
		return NULL;
1270
}
1271
1272
static char *
1273
_verify_nettle_rsa(sldns_buffer* buf, unsigned int digest_size, char* sigblock,
1274
	unsigned int sigblock_len, uint8_t* key, unsigned int keylen)
1275
{
1276
	uint16_t exp_len = 0;
1277
	size_t exp_offset = 0, mod_offset = 0;
1278
	struct rsa_public_key pubkey;
1279
	mpz_t signature;
1280
	int res = 0;
1281
1282
	// RSA pubkey parsing as per RFC 3110 sec. 2
1283
	if( keylen <= 1) {
1284
		return "null RSA key";
1285
	}
1286
	if (key[0] != 0) {
1287
		// 1-byte length
1288
		exp_len = key[0];
1289
		exp_offset = 1;
1290
	} else {
1291
		// 1-byte NUL + 2-bytes exponent length
1292
		if (keylen < 3) {
1293
			return "incorrect RSA key length";
1294
		}
1295
		exp_len = READ_UINT16(key+1);
1296
		if (exp_len == 0)
1297
			return "null RSA exponent length";
1298
		exp_offset = 3;
1299
	}
1300
	// Check that we are not over-running input length
1301
	if (keylen < exp_offset + exp_len + 1) {
1302
		return "RSA key content shorter than expected";
1303
	}
1304
	mod_offset = exp_offset + exp_len;
1305
	nettle_rsa_public_key_init(&pubkey);
1306
	pubkey.size = keylen - mod_offset;
1307
	nettle_mpz_set_str_256_u(pubkey.e, exp_len, &key[exp_offset]);
1308
	nettle_mpz_set_str_256_u(pubkey.n, pubkey.size, &key[mod_offset]);
1309
1310
	// Digest content of "buf" and verify its RSA signature in "sigblock"
1311
	nettle_mpz_init_set_str_256_u(signature, sigblock_len, sigblock);
1312
	switch (digest_size) {
1313
		case SHA1_DIGEST_SIZE:
1314
		{
1315
			uint8_t digest[SHA1_DIGEST_SIZE];
1316
			res = _digest_nettle(SHA1_DIGEST_SIZE, (unsigned char*)sldns_buffer_begin(buf),
1317
						(unsigned int)sldns_buffer_limit(buf), digest);
1318
			res &= rsa_sha1_verify_digest(&pubkey, digest, signature);
1319
			break;
1320
		}
1321
		case SHA256_DIGEST_SIZE:
1322
		{
1323
			uint8_t digest[SHA256_DIGEST_SIZE];
1324
			res = _digest_nettle(SHA256_DIGEST_SIZE, (unsigned char*)sldns_buffer_begin(buf),
1325
						(unsigned int)sldns_buffer_limit(buf), digest);
1326
			res &= rsa_sha256_verify_digest(&pubkey, digest, signature);
1327
			break;
1328
		}
1329
		case SHA512_DIGEST_SIZE:
1330
		{
1331
			uint8_t digest[SHA512_DIGEST_SIZE];
1332
			res = _digest_nettle(SHA512_DIGEST_SIZE, (unsigned char*)sldns_buffer_begin(buf),
1333
						(unsigned int)sldns_buffer_limit(buf), digest);
1334
			res &= rsa_sha512_verify_digest(&pubkey, digest, signature);
1335
			break;
1336
		}
1337
		default:
1338
			break;
1339
	}
1340
1341
	// Clear and return
1342
	nettle_rsa_public_key_clear(&pubkey);
1343
	mpz_clear(signature);
1344
	if (!res) {
1345
		return "RSA signature verification failed";
1346
	} else {
1347
		return NULL;
1348
	}
1349
}
1350
1351
#ifdef USE_ECDSA
1352
static char *
1353
_verify_nettle_ecdsa(sldns_buffer* buf, unsigned int digest_size, unsigned char* sigblock,
1354
	unsigned int sigblock_len, unsigned char* key, unsigned int keylen)
1355
{
1356
	int res = 0;
1357
	struct ecc_point pubkey;
1358
	struct dsa_signature signature;
1359
1360
	// Always matched strength, as per RFC 6605 sec. 1
1361
	if (sigblock_len != 2*digest_size || keylen != 2*digest_size) {
1362
		return "wrong ECDSA signature length";
1363
	}
1364
1365
	// Parse ECDSA signature as per RFC 6605 sec. 4
1366
	nettle_dsa_signature_init(&signature);
1367
	switch (digest_size) {
1368
		case SHA256_DIGEST_SIZE:
1369
		{
1370
			uint8_t digest[SHA256_DIGEST_SIZE];
1371
			mpz_t x, y, r, s;
1372
			nettle_ecc_point_init(&pubkey, &nettle_secp_256r1);
1373
			nettle_mpz_init_set_str_256_u(x, SHA256_DIGEST_SIZE, key);
1374
			nettle_mpz_init_set_str_256_u(y, SHA256_DIGEST_SIZE, key+SHA256_DIGEST_SIZE);
1375
			nettle_mpz_set_str_256_u(signature.r, SHA256_DIGEST_SIZE, sigblock);
1376
			nettle_mpz_set_str_256_u(signature.s, SHA256_DIGEST_SIZE, sigblock+SHA256_DIGEST_SIZE);
1377
			res = _digest_nettle(SHA256_DIGEST_SIZE, (unsigned char*)sldns_buffer_begin(buf),
1378
						(unsigned int)sldns_buffer_limit(buf), digest);
1379
			res &= nettle_ecc_point_set(&pubkey, x, y);
1380
			res &= nettle_ecdsa_verify (&pubkey, SHA256_DIGEST_SIZE, digest, &signature);
1381
			mpz_clear(x);
1382
			mpz_clear(y);
1383
			break;
1384
		}
1385
		case SHA384_DIGEST_SIZE:
1386
		{
1387
			uint8_t digest[SHA384_DIGEST_SIZE];
1388
			mpz_t x, y, r, s;
1389
			nettle_ecc_point_init(&pubkey, &nettle_secp_384r1);
1390
			nettle_mpz_init_set_str_256_u(x, SHA384_DIGEST_SIZE, key);
1391
			nettle_mpz_init_set_str_256_u(y, SHA384_DIGEST_SIZE, key+SHA384_DIGEST_SIZE);
1392
			nettle_mpz_set_str_256_u(signature.r, SHA384_DIGEST_SIZE, sigblock);
1393
			nettle_mpz_set_str_256_u(signature.s, SHA384_DIGEST_SIZE, sigblock+SHA384_DIGEST_SIZE);
1394
			res = _digest_nettle(SHA384_DIGEST_SIZE, (unsigned char*)sldns_buffer_begin(buf),
1395
						(unsigned int)sldns_buffer_limit(buf), digest);
1396
			res &= nettle_ecc_point_set(&pubkey, x, y);
1397
			res &= nettle_ecdsa_verify (&pubkey, SHA384_DIGEST_SIZE, digest, &signature);
1398
			mpz_clear(x);
1399
			mpz_clear(y);
1400
			nettle_ecc_point_clear(&pubkey);
1401
			break;
1402
		}
1403
		default:
1404
			return "unknown ECDSA algorithm";
1405
	}
1406
1407
	// Clear and return
1408
	nettle_dsa_signature_clear(&signature);
1409
	if (!res)
1410
		return "ECDSA signature verification failed";
1411
	else
1412
		return NULL;
1413
}
1414
#endif
1415
1416
/**
1417
 * Check a canonical sig+rrset and signature against a dnskey
1418
 * @param buf: buffer with data to verify, the first rrsig part and the
1419
 *	canonicalized rrset.
1420
 * @param algo: DNSKEY algorithm.
1421
 * @param sigblock: signature rdata field from RRSIG
1422
 * @param sigblock_len: length of sigblock data.
1423
 * @param key: public key data from DNSKEY RR.
1424
 * @param keylen: length of keydata.
1425
 * @param reason: bogus reason in more detail.
1426
 * @return secure if verification succeeded, bogus on crypto failure,
1427
 *	unchecked on format errors and alloc failures.
1428
 */
1429
enum sec_status
1430
verify_canonrrset(sldns_buffer* buf, int algo, unsigned char* sigblock,
1431
	unsigned int sigblock_len, unsigned char* key, unsigned int keylen,
1432
	char** reason)
1433
{
1434
	unsigned int digest_size = 0;
1435
1436
	if (sigblock_len == 0 || keylen == 0) {
1437
		*reason = "null signature";
1438
		return sec_status_bogus;
1439
	}
1440
1441
	switch(algo) {
1442
	case LDNS_DSA:
1443
	case LDNS_DSA_NSEC3:
1444
		// Some of these signatures are non-standard
1445
		if (key[0] > 8 || sigblock_len != 41) {
1446
			*reason = "(custom) unknown DSA signature";
1447
			return sec_status_unchecked;
1448
		}
1449
		*reason = _verify_nettle_dsa(buf, sigblock, sigblock_len, key, keylen);
1450
		if (*reason != NULL)
1451
			return sec_status_bogus;
1452
		else
1453
			return sec_status_secure;
1454
1455
	case LDNS_RSASHA1:
1456
	case LDNS_RSASHA1_NSEC3:
1457
		digest_size = (digest_size ? digest_size : SHA1_DIGEST_SIZE);
1458
#ifdef USE_SHA2
1459
	case LDNS_RSASHA256:
1460
		digest_size = (digest_size ? digest_size : SHA256_DIGEST_SIZE);
1461
	case LDNS_RSASHA512:
1462
		digest_size = (digest_size ? digest_size : SHA512_DIGEST_SIZE);
1463
1464
#endif
1465
		*reason = _verify_nettle_rsa(buf, digest_size, sigblock,
1466
						sigblock_len, key, keylen);
1467
		if (*reason != NULL)
1468
			return sec_status_bogus;
1469
		else
1470
			return sec_status_secure;
1471
1472
#ifdef USE_ECDSA
1473
	case LDNS_ECDSAP256SHA256:
1474
		digest_size = (digest_size ? digest_size : SHA256_DIGEST_SIZE);
1475
	case LDNS_ECDSAP384SHA384:
1476
		digest_size = (digest_size ? digest_size : SHA384_DIGEST_SIZE);
1477
		*reason = _verify_nettle_ecdsa(buf, digest_size, sigblock,
1478
						sigblock_len, key, keylen);
1479
		if (*reason != NULL)
1480
			return sec_status_bogus;
1481
		else
1482
			return sec_status_secure;
1483
#endif
1484
	case LDNS_RSAMD5:
1485
	case LDNS_ECC_GOST:
1486
	default:
1487
		*reason = "unable to verify signature, unknown algorithm";
1488
		return sec_status_bogus;
1489
	}
1490
}
1491
1492
#endif /* HAVE_SSL or HAVE_NSS o HAVE_NETTLE */
(-)b/validator/val_sigcrypt.c (-1 / +1 lines)
 Lines 57-63    Link Here 
57
#include "sldns/wire2str.h"
57
#include "sldns/wire2str.h"
58
58
59
#include <ctype.h>
59
#include <ctype.h>
60
#if !defined(HAVE_SSL) && !defined(HAVE_NSS)
60
#if !defined(HAVE_SSL) && !defined(HAVE_NSS) && !defined(HAVE_NETTLE)
61
#error "Need crypto library to do digital signature cryptography"
61
#error "Need crypto library to do digital signature cryptography"
62
#endif
62
#endif
63
63

Return to bug 594