From: W.C.A. Wijngaards Date: Fri, 15 May 2026 14:20:52 +0000 (+0200) Subject: - Fix DNSSEC validation with libnettle for noncanonical RSA X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=594182f10900b58797ce59140ac8108ce3fef121;p=thirdparty%2Funbound.git - Fix DNSSEC validation with libnettle for noncanonical RSA DNSKEYs with leading zeroes for n. Thanks to Xin Wang and Jiajia Liu, Northwestern Polytechnical University, for the report. --- diff --git a/doc/Changelog b/doc/Changelog index 8743f3452..862e4ce7f 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -14,6 +14,10 @@ storage and canonical NSEC owner replacement. Thanks to Xin Wang and Jiajia Liu, Northwestern Polytechnical University, for the report. + - Fix DNSSEC validation with libnettle for noncanonical RSA + DNSKEYs with leading zeroes for n. Thanks to Xin Wang and + Jiajia Liu, Northwestern Polytechnical University, for + the report. 11 May 2026: Yorgos - Fix comment and verbose logging for EDNS fallback buffer size. diff --git a/validator/val_secalgo.c b/validator/val_secalgo.c index be8347b1b..2ce52a74b 100644 --- a/validator/val_secalgo.c +++ b/validator/val_secalgo.c @@ -1874,9 +1874,9 @@ _verify_nettle_rsa(sldns_buffer* buf, unsigned int digest_size, char* sigblock, } mod_offset = exp_offset + exp_len; nettle_rsa_public_key_init(&pubkey); - pubkey.size = keylen - mod_offset; nettle_mpz_set_str_256_u(pubkey.e, exp_len, &key[exp_offset]); - nettle_mpz_set_str_256_u(pubkey.n, pubkey.size, &key[mod_offset]); + nettle_mpz_set_str_256_u(pubkey.n, keylen - mod_offset, &key[mod_offset]); + pubkey.size = nettle_mpz_sizeinbase_256_u(pubkey.n); /* Digest content of "buf" and verify its RSA signature in "sigblock"*/ nettle_mpz_init_set_str_256_u(signature, sigblock_len, (uint8_t*)sigblock);