Initial openssl RSASHA1 implementation (only SHA1 for now).

diff --git a/Makefile b/Makefile
index 0d08b14bc5308c6cad0bc35bb8213cc700c7aa68..16e85e18e20111fa2e32774e2849cd69ffecddbe 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -67,8 +67,9 @@ version =     -DVERSION='\"`$(top)/bld/get-version $(top)`\"'
 objs = cache.o rfc1035.o util.o option.o forward.o network.o \
        dnsmasq.o dhcp.o lease.o rfc2131.o netlink.o dbus.o bpf.o \
        helper.o tftp.o log.o conntrack.o dhcp6.o rfc3315.o \
+
        dhcp-common.o outpacket.o radv.o slaac.o auth.o ipset.o \
-       domain.o dnssec.o
+       domain.o dnssec.o dnssec-openssl.o
 
 hdrs = dnsmasq.h config.h dhcp-protocol.h dhcp6-protocol.h \
        dns-protocol.h radv-protocol.h

diff --git a/src/dnssec-openssl.c b/src/dnssec-openssl.c
new file mode 100644 (file)
index 0000000..5c2536e
--- /dev/null
+++ b/src/dnssec-openssl.c
@@ -0,0 +1,45 @@
+#include <string.h>
+#include <openssl/evp.h>
+
+struct rsasha1_state
+{
+  union
+    {
+      EVP_MD_CTX hash;
+      unsigned char digest[20];
+    };
+  unsigned char *sig;
+  unsigned siglen;
+
+} RSASHA1;
+
+int rsasha1_set_signature(unsigned char *data, unsigned len)
+{
+  RSASHA1.sig = data;
+  RSASHA1.siglen = len;
+  return 1;
+}
+
+void rsasha1_begin_data(void)
+{
+  EVP_MD_CTX_init(&RSASHA1.hash);
+  EVP_DigestInit_ex(&RSASHA1.hash, EVP_sha1(), NULL);
+}
+
+void rsasha1_add_data(void *data, unsigned len)
+{
+  EVP_DigestUpdate(&RSASHA1.hash, data, len);
+}
+
+void rsasha1_end_data(void)
+{
+  unsigned char digest[20];
+  EVP_DigestFinal(&RSASHA1.hash, digest, NULL);
+  memcpy(RSASHA1.digest, digest, 20);
+}
+
+int rsasha1_verify(unsigned char *key, unsigned key_len)
+{
+  return 0;
+}
+