Fix EdDSA key sizes (key_size is in bits).

diff --git a/lib/dns/openssleddsa_link.c b/lib/dns/openssleddsa_link.c
index 9ccde3a1e8157a019982a1dee7a8418717236767..4bc042cfc7b33f17e64174bca459943159e03deb 100644 (file)
--- a/lib/dns/openssleddsa_link.c
+++ b/lib/dns/openssleddsa_link.c
@@ -471,13 +471,13 @@ openssleddsa_generate(dst_key_t *key, int unused, void (*callback)(int)) {
 #if HAVE_OPENSSL_ED25519
        if (key->key_alg == DST_ALG_ED25519) {
                nid = NID_ED25519;
-               key->key_size = DNS_KEY_ED25519SIZE;
+               key->key_size = DNS_KEY_ED25519SIZE * 8;
        }
 #endif /* if HAVE_OPENSSL_ED25519 */
 #if HAVE_OPENSSL_ED448
        if (key->key_alg == DST_ALG_ED448) {
                nid = NID_ED448;
-               key->key_size = DNS_KEY_ED448SIZE;
+               key->key_size = DNS_KEY_ED448SIZE * 8;
        }
 #endif /* if HAVE_OPENSSL_ED448 */
        if (nid == 0) {
@@ -606,7 +606,7 @@ openssleddsa_fromdns(dst_key_t *key, isc_buffer_t *data) {
        }
        isc_buffer_forward(data, len);
        key->keydata.pkey = pkey;
-       key->key_size = len;
+       key->key_size = len * 8;
        return (ISC_R_SUCCESS);
 }
 
@@ -733,7 +733,7 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
                DST_RET(DST_R_INVALIDPRIVATEKEY);
        }
        key->keydata.pkey = pkey;
-       key->key_size = len;
+       key->key_size = len * 8;
        ret = ISC_R_SUCCESS;
 
 err:

diff --git a/lib/dns/pkcs11eddsa_link.c b/lib/dns/pkcs11eddsa_link.c
index 9b1061b4914fd8d4e890590ec9f702add028e999..52cb01a6522415c3c9c0461eeb835b557fd160c2 100644 (file)
--- a/lib/dns/pkcs11eddsa_link.c
+++ b/lib/dns/pkcs11eddsa_link.c
@@ -519,10 +519,10 @@ pkcs11eddsa_generate(dst_key_t *key, int unused, void (*callback)(int)) {
 
        switch (key->key_alg) {
        case DST_ALG_ED25519:
-               key->key_size = DNS_KEY_ED25519SIZE;
+               key->key_size = DNS_KEY_ED25519SIZE * 8;
                break;
        case DST_ALG_ED448:
-               key->key_size = DNS_KEY_ED448SIZE;
+               key->key_size = DNS_KEY_ED448SIZE * 8;
                break;
        default:
                INSIST(0);
@@ -673,7 +673,7 @@ pkcs11eddsa_fromdns(dst_key_t *key, isc_buffer_t *data) {
 
        isc_buffer_forward(data, len);
        key->keydata.pkey = ec;
-       key->key_size = len;
+       key->key_size = len * 8;
 
        return (ISC_R_SUCCESS);
 }
@@ -929,10 +929,10 @@ pkcs11eddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
        memset(&priv, 0, sizeof(priv));
        switch (key->key_alg) {
        case DST_ALG_ED25519:
-               key->key_size = DNS_KEY_ED25519SIZE;
+               key->key_size = DNS_KEY_ED25519SIZE * 8;
                break;
        case DST_ALG_ED448:
-               key->key_size = DNS_KEY_ED448SIZE;
+               key->key_size = DNS_KEY_ED448SIZE * 8;
                break;
        default:
                INSIST(0);
@@ -1052,10 +1052,10 @@ pkcs11eddsa_fromlabel(dst_key_t *key, const char *engine, const char *label,
        key->label = isc_mem_strdup(key->mctx, label);
        switch (key->key_alg) {
        case DST_ALG_ED25519:
-               key->key_size = DNS_KEY_ED25519SIZE;
+               key->key_size = DNS_KEY_ED25519SIZE * 8;
                break;
        case DST_ALG_ED448:
-               key->key_size = DNS_KEY_ED448SIZE;
+               key->key_size = DNS_KEY_ED448SIZE * 8;
                break;
        default:
                INSIST(0);