]> git.ipfire.org Git - thirdparty/dnspython.git/commitdiff
projects / thirdparty / dnspython.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 41ca1be)
Add support for SHA-384 DS records. 432/head
authorBrian Wellington <bwelling@xbill.org>
Fri, 20 Mar 2020 21:40:04 +0000 (14:40 -0700)
committerBrian Wellington <bwelling@xbill.org>
Fri, 20 Mar 2020 21:40:04 +0000 (14:40 -0700)
dns/dnssec.py patch | blob | blame | history
tests/test_dnssec.py patch | blob | blame | history

diff --git a/dns/dnssec.py b/dns/dnssec.py
index 69c266d9b992e655fc69a895d9b36f33efa11fe0..055e47ad6101911bd50cae7ae3de20c1b8ea7f99 100644 (file)
--- a/dns/dnssec.py
+++ b/dns/dnssec.py
@@ -191,6 +191,9 @@ def make_ds(name, key, algorithm, origin=None):
     elif algorithm.upper() == 'SHA256':
         dsalg = 2
         dshash = hashlib.sha256()
+    elif algorithm.upper() == 'SHA384':
+        dsalg = 4
+        dshash = hashlib.sha384()
     else:
         raise UnsupportedAlgorithm('unsupported algorithm "%s"' % algorithm)
 
diff --git a/tests/test_dnssec.py b/tests/test_dnssec.py
index 24ec2d26897399c915e00638d8e4ca2037098caf..16ad37deeb6fc4db96db800a0e43fc9b7cc80f9a 100644 (file)
--- a/tests/test_dnssec.py
+++ b/tests/test_dnssec.py
@@ -112,6 +112,9 @@ example_ds_sha1 = dns.rdata.from_text(dns.rdataclass.IN, dns.rdatatype.DS,
 example_ds_sha256 = dns.rdata.from_text(dns.rdataclass.IN, dns.rdatatype.DS,
                                         '18673 3 2 eb8344cbbf07c9d3d3d6c81d10c76653e28d8611a65e639ef8f716e4e4e5d913')
 
+example_ds_sha384 = dns.rdata.from_text(dns.rdataclass.IN, dns.rdatatype.DS,
+                                        '18673 3 4 61ab241025c5f88d2537be04dcfba96f952adaefe0b382ecbc4108c97b75768c9e99fd16caed2a09634c51e8089fb84f')
+
 when3 = 1379801800
 
 abs_ecdsa256_keys = {
@@ -304,6 +307,10 @@ class DNSSECMakeDSTestCase(unittest.TestCase):
         ds = dns.dnssec.make_ds(abs_example, example_sep_key, 'SHA256')
         self.assertEqual(ds, example_ds_sha256)
 
+    def testMakeExampleSHA384DS(self):  # type: () -> None
+        ds = dns.dnssec.make_ds(abs_example, example_sep_key, 'SHA384')
+        self.assertEqual(ds, example_ds_sha384)
+
     def testMakeSHA256DS(self):  # type: () -> None
         ds = dns.dnssec.make_ds(abs_dnspython_org, sep_key, 'SHA256')
         self.assertEqual(ds, good_ds)
Mirror of https://github.com/rthalley/dnspython.git