From: Mark Andrews Date: Wed, 20 Jul 2022 06:18:41 +0000 (+1000) Subject: Check if RSASHA1 is supported by the OS X-Git-Tag: v9.16.34~8^2~7 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=c6abcefee10670e12d1bd253cf8836b25b5a28aa;p=thirdparty%2Fbind9.git Check if RSASHA1 is supported by the OS (cherry picked from commit 1690cb7bb4444f985dfed4edb25b92afa0e5651a) --- diff --git a/lib/dns/tests/Krsa.+005+29235.key b/lib/dns/tests/Krsa.+008+29238.key similarity index 89% rename from lib/dns/tests/Krsa.+005+29235.key rename to lib/dns/tests/Krsa.+008+29238.key index e2d81e79dbd..8a090671973 100644 --- a/lib/dns/tests/Krsa.+005+29235.key +++ b/lib/dns/tests/Krsa.+008+29238.key @@ -2,4 +2,4 @@ ; Created: 20160819191802 (Fri Aug 19 21:18:02 2016) ; Publish: 20160819191802 (Fri Aug 19 21:18:02 2016) ; Activate: 20160819191802 (Fri Aug 19 21:18:02 2016) -rsa. IN DNSKEY 256 3 5 AwEAAdLT1R3qiqCqll3Xzh2qFMvehQ9FODsPftw5U4UjB3QwnJ/3+dph 9kZBBeaJagUBVYzoArk6XNydpp3HhSCFDcIiepL6r8XAifW3SqI1KCne OD38kSCl/Qm9P0+3CFWokGVubsSQ+3dpQZxqx5bzOXthbuzAr6X+gDUE LAyHtCQNmJ+4ktdCoj3DNYW0z/xLvrcB2Lns7H+/qWnGPL4f3hr7Vbak Oeay+4J4KGdY2LFxJUVts6QrgAA8gz4mV9YIJFP+C4B3b/Z7qgqZRxmT 0pic+fJC5+sq0l8KwavPn0n+HqVuJNvppVKMdTbsmmuk69RFGMjbFkP7 tnCiqC9Zi6s= +rsa. IN DNSKEY 256 3 8 AwEAAdLT1R3qiqCqll3Xzh2qFMvehQ9FODsPftw5U4UjB3QwnJ/3+dph 9kZBBeaJagUBVYzoArk6XNydpp3HhSCFDcIiepL6r8XAifW3SqI1KCne OD38kSCl/Qm9P0+3CFWokGVubsSQ+3dpQZxqx5bzOXthbuzAr6X+gDUE LAyHtCQNmJ+4ktdCoj3DNYW0z/xLvrcB2Lns7H+/qWnGPL4f3hr7Vbak Oeay+4J4KGdY2LFxJUVts6QrgAA8gz4mV9YIJFP+C4B3b/Z7qgqZRxmT 0pic+fJC5+sq0l8KwavPn0n+HqVuJNvppVKMdTbsmmuk69RFGMjbFkP7 tnCiqC9Zi6s= diff --git a/lib/dns/tests/rsa_test.c b/lib/dns/tests/rsa_test.c index cbe1fd426d1..7d8897b8114 100644 --- a/lib/dns/tests/rsa_test.c +++ b/lib/dns/tests/rsa_test.c @@ -151,27 +151,30 @@ isc_rsa_verify_test(void **state) { ret = dns_name_fromtext(name, &buf, NULL, 0, NULL); assert_int_equal(ret, ISC_R_SUCCESS); - ret = dst_key_fromfile(name, 29235, DST_ALG_RSASHA1, DST_TYPE_PUBLIC, + ret = dst_key_fromfile(name, 29238, DST_ALG_RSASHA256, DST_TYPE_PUBLIC, "./", dt_mctx, &key); assert_int_equal(ret, ISC_R_SUCCESS); - /* RSASHA1 */ + /* RSASHA1 - May not be supported by the OS */ + if (dst_algorithm_supported(DST_ALG_RSASHA1)) { + key->key_alg = DST_ALG_RSASHA1; - ret = dst_context_create(key, dt_mctx, DNS_LOGCATEGORY_DNSSEC, false, 0, - &ctx); - assert_int_equal(ret, ISC_R_SUCCESS); + ret = dst_context_create(key, dt_mctx, DNS_LOGCATEGORY_DNSSEC, + false, 0, &ctx); + assert_int_equal(ret, ISC_R_SUCCESS); - r.base = d; - r.length = 10; - ret = dst_context_adddata(ctx, &r); - assert_int_equal(ret, ISC_R_SUCCESS); + r.base = d; + r.length = 10; + ret = dst_context_adddata(ctx, &r); + assert_int_equal(ret, ISC_R_SUCCESS); - r.base = sigsha1; - r.length = 256; - ret = dst_context_verify(ctx, &r); - assert_int_equal(ret, ISC_R_SUCCESS); + r.base = sigsha1; + r.length = 256; + ret = dst_context_verify(ctx, &r); + assert_int_equal(ret, ISC_R_SUCCESS); - dst_context_destroy(&ctx); + dst_context_destroy(&ctx); + } /* RSASHA256 */