From: Brian Wellington Date: Fri, 20 Mar 2020 21:40:04 +0000 (-0700) Subject: Add support for SHA-384 DS records. X-Git-Tag: v2.0.0rc1~323^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6b092311123d1d4342f5f4cf2b30a39f9222c01b;p=thirdparty%2Fdnspython.git Add support for SHA-384 DS records. --- diff --git a/dns/dnssec.py b/dns/dnssec.py index 69c266d9..055e47ad 100644 --- a/dns/dnssec.py +++ b/dns/dnssec.py @@ -191,6 +191,9 @@ def make_ds(name, key, algorithm, origin=None): elif algorithm.upper() == 'SHA256': dsalg = 2 dshash = hashlib.sha256() + elif algorithm.upper() == 'SHA384': + dsalg = 4 + dshash = hashlib.sha384() else: raise UnsupportedAlgorithm('unsupported algorithm "%s"' % algorithm) diff --git a/tests/test_dnssec.py b/tests/test_dnssec.py index 24ec2d26..16ad37de 100644 --- a/tests/test_dnssec.py +++ b/tests/test_dnssec.py @@ -112,6 +112,9 @@ example_ds_sha1 = dns.rdata.from_text(dns.rdataclass.IN, dns.rdatatype.DS, example_ds_sha256 = dns.rdata.from_text(dns.rdataclass.IN, dns.rdatatype.DS, '18673 3 2 eb8344cbbf07c9d3d3d6c81d10c76653e28d8611a65e639ef8f716e4e4e5d913') +example_ds_sha384 = dns.rdata.from_text(dns.rdataclass.IN, dns.rdatatype.DS, + '18673 3 4 61ab241025c5f88d2537be04dcfba96f952adaefe0b382ecbc4108c97b75768c9e99fd16caed2a09634c51e8089fb84f') + when3 = 1379801800 abs_ecdsa256_keys = { @@ -304,6 +307,10 @@ class DNSSECMakeDSTestCase(unittest.TestCase): ds = dns.dnssec.make_ds(abs_example, example_sep_key, 'SHA256') self.assertEqual(ds, example_ds_sha256) + def testMakeExampleSHA384DS(self): # type: () -> None + ds = dns.dnssec.make_ds(abs_example, example_sep_key, 'SHA384') + self.assertEqual(ds, example_ds_sha384) + def testMakeSHA256DS(self): # type: () -> None ds = dns.dnssec.make_ds(abs_dnspython_org, sep_key, 'SHA256') self.assertEqual(ds, good_ds)