Fix Ed25519 and Ed448 in dnssec-policy keymgr

The kasp code had bad implicit size values for the cryptographic
algorithms Ed25519 and Ed448. When creating keys they would never
match the dnssec-policy, leading to new attempts to create keys.

These algorithms were previously not yet added to the system tests,
due to lack of availability on some systems.

(cherry picked from commit 0e207392ec61ae7d215bcf58ad9e1a510a971aba)

diff --git a/lib/dns/kasp.c b/lib/dns/kasp.c
index 28f908c653d9e906e72bdf84f3de47081dd55bf1..fb945ddbbfab6bfd15ee7fd5d21aaf2edd42aad2 100644 (file)
--- a/lib/dns/kasp.c
+++ b/lib/dns/kasp.c
@@ -414,10 +414,10 @@ dns_kasp_key_size(dns_kasp_key_t *key) {
                size = 384;
                break;
        case DNS_KEYALG_ED25519:
-               size = 32;
+               size = 256;
                break;
        case DNS_KEYALG_ED448:
-               size = 57;
+               size = 456;
                break;
        default:
                /* unsupported */