key_count = 0;
signatures = ldns_rr_list_new();
+ ldns_rr_list_print(stdout, rrset);
+
/* prepare a signature and add all the know data
* prepare the rrset. Sign this together. */
rrset_clone = ldns_rr_list_deep_clone(rrset);
}
/* make it canonical */
+
+ printf("Printing rrset\n[");
+ ldns_rr_list_print(stdout, rrset);
+
+ printf("]\n");
+
+ printf("Dus hier komen we niet meer\n");
+
for(i = 0; i < ldns_rr_list_rr_count(rrset_clone); i++) {
ldns_rr2canonical(ldns_rr_list_rr(rrset_clone, i));
}
switch(alg) {
case LDNS_SIGN_RSAMD5:
case LDNS_SIGN_RSASHA1:
- r = RSA_generate_key((int)size, RSA_F4, NULL, NULL);
+ r = RSA_generate_key((int)size, RSA_3, NULL, NULL);
if (RSA_check_key(r) != 1) {
return NULL;
}
BN_bn2bin(k->e, data + 1);
BN_bn2bin(k->n, data + *(data + 1) + 2);
*size = (uint16_t) BN_num_bytes(k->n) + 4;
+ printf("size %d\n", *size);
} else if (BN_num_bytes(k->e) <= 16) {
data[0] = 0;
/* this writing is not endian save or is it? */
* much as it can, but it does not know about key-flags
* for instance
*/
-
ldns_rr *pubkey;
ldns_rdf *keybin;
unsigned char *bin;
uint16_t size;
- pubkey = ldns_rr_new();
+ pubkey = ldns_rr_new();
if (!k) {
return NULL;
}
case LDNS_SIGN_RSASHA1:
ldns_rr_push_rdf(pubkey,
ldns_native2rdf_int8(LDNS_RDF_TYPE_ALG, LDNS_RSASHA1));
+ printf("Entering here I\n");
if (!ldns_key_rsa2bin(bin, ldns_key_rsa_key(k), &size)) {
return NULL;
}
break;
}
/* fourth the key bin material */
- keybin = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, size+1, bin);
+ keybin = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, size + 1, bin);
LDNS_FREE(bin);
ldns_rr_push_rdf(pubkey, keybin);
return pubkey;
ldns_key_set_pubkey_owner(privkey, owner);
ldns_key_set_origttl(privkey, 1800);
- /* SSL_load_error_strings();*/
+ SSL_load_error_strings();
ldns_key_list_push_key(keys, privkey);
+ rr = ldns_rr_new_frm_str("www.miek.nl IN A 127.0.0.1");
+ ldns_rr_print(stdout, rr);
+
ldns_rr_list_push_rr(rrs, rr);
dnskey = ldns_key2rr(privkey);
}
ldns_rr_list_push_rr(dnskeys, dnskey);
+ ldns_rr_list_print(stdout, dnskeys);
+ printf("\n Trying to sign\n");
+
+
signatures = ldns_sign_public(rrs, keys);
ldns_rr_list_print(stdout, signatures);
printf("Now we are going to verify\n");
-/* printf("\n[%d]\n", ldns_verify(rrs, signatures, dnskeys));*/
+ if (ldns_verify(rrs, signatures, dnskeys)) {
+ printf("SUCESS\n\n");
+ } else {
+ printf("FAILURE\n\n");
+ }
return 0;
}
projects / thirdparty / ldns.git / commitdiff
