From: Matthijs Mekking Date: Wed, 30 Sep 2020 07:57:45 +0000 (+0200) Subject: Fix Ed25519 and Ed448 in dnssec-policy keymgr X-Git-Tag: v9.17.6~17^2~5 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=0e207392ec61ae7d215bcf58ad9e1a510a971aba;p=thirdparty%2Fbind9.git Fix Ed25519 and Ed448 in dnssec-policy keymgr The kasp code had bad implicit size values for the cryptographic algorithms Ed25519 and Ed448. When creating keys they would never match the dnssec-policy, leading to new attempts to create keys. These algorithms were previously not yet added to the system tests, due to lack of availability on some systems. --- diff --git a/lib/dns/kasp.c b/lib/dns/kasp.c index 28f908c653d..fb945ddbbfa 100644 --- a/lib/dns/kasp.c +++ b/lib/dns/kasp.c @@ -414,10 +414,10 @@ dns_kasp_key_size(dns_kasp_key_t *key) { size = 384; break; case DNS_KEYALG_ED25519: - size = 32; + size = 256; break; case DNS_KEYALG_ED448: - size = 57; + size = 456; break; default: /* unsupported */