int ds_digest_match_dnskey(struct module_env* env,
struct ub_packed_rrset_key* dnskey_rrset, size_t dnskey_idx,
struct ub_packed_rrset_key* ds_rrset, size_t ds_idx)
{
uint8_t* ds; /* DS digest */
size_t dslen;
uint8_t* digest; /* generated digest */
size_t digestlen = ds_digest_size_algo(ds_rrset, ds_idx);
if(digestlen == 0) {
verbose(VERB_QUERY, "DS fail: not supported, or DS RR "
"format error");
return 0; /* not supported, or DS RR format error */
}
#ifndef USE_SHA1
if(fake_sha1 && ds_get_digest_algo(ds_rrset, ds_idx)==LDNS_SHA1)
return 1;
#endif
/* check digest length in DS with length from hash function */
ds_get_sigdata(ds_rrset, ds_idx, &ds, &dslen);
if(!ds || dslen != digestlen) {
verbose(VERB_QUERY, "DS fail: DS RR algo and digest do not "
"match each other");
return 0; /* DS algorithm and digest do not match */
}
digest = regional_alloc(env->scratch, digestlen);
if(!digest) {
verbose(VERB_QUERY, "DS fail: out of memory");
return 0; /* mem error */
}
if(!ds_create_dnskey_digest(env, dnskey_rrset, dnskey_idx, ds_rrset,
ds_idx, digest)) {
verbose(VERB_QUERY, "DS fail: could not calc key digest");
return 0; /* digest algo failed */
}
if(memcmp(digest, ds, dslen) != 0) {
verbose(VERB_QUERY, "DS fail: digest is different");
return 0; /* digest different */
}
return 1;
}
int
ds_digest_algo_is_supported(struct ub_packed_rrset_key* ds_rrset,
size_t ds_idx)
{
return (ds_digest_size_algo(ds_rrset, ds_idx) != 0);
}
