dnssec: at least it does not crash

Crashes are fixed, but the signature validation does not work
2010-12-30 15:12:44 +01:00 · 2010-12-30 15:12:44 +01:00 · 52a26798b7
parent 2e77dbdfd2
commit 52a26798b7
1 changed files with 8 additions and 1 deletions
--- a/dnssec/dnssec.go
+++ b/dnssec/dnssec.go
@ -208,7 +208,14 @@ func Verify(s *dns.RR_RRSIG, k *dns.RR_DNSKEY, rrset dns.RRset) bool {
                pubkey.N.SetBytes(keybuf[4:])
                fmt.Fprintf(os.Stderr, "%s\n", pubkey.N)

-                err := rsa.VerifyPKCS1v15(pubkey, rsa.HashSHA256, signeddata, sigbuf)
+        // Hash the signeddata
+        s := sha256.New()
+        io.WriteString(s, string(sigbuf))
+        sighash := s.Sum()
+
+
+
+                err := rsa.VerifyPKCS1v15(pubkey, rsa.HashSHA256, sighash, sigbuf)
                if err == nil {
                        fmt.Fprintf(os.Stderr, "NO SHIT!!\n")
                } else {