dnssec: at least it does not crash
Crashes are fixed, but the signature validation does not work
This commit is contained in:
parent
2e77dbdfd2
commit
52a26798b7
|
@ -208,7 +208,14 @@ func Verify(s *dns.RR_RRSIG, k *dns.RR_DNSKEY, rrset dns.RRset) bool {
|
||||||
pubkey.N.SetBytes(keybuf[4:])
|
pubkey.N.SetBytes(keybuf[4:])
|
||||||
fmt.Fprintf(os.Stderr, "%s\n", pubkey.N)
|
fmt.Fprintf(os.Stderr, "%s\n", pubkey.N)
|
||||||
|
|
||||||
err := rsa.VerifyPKCS1v15(pubkey, rsa.HashSHA256, signeddata, sigbuf)
|
// Hash the signeddata
|
||||||
|
s := sha256.New()
|
||||||
|
io.WriteString(s, string(sigbuf))
|
||||||
|
sighash := s.Sum()
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
err := rsa.VerifyPKCS1v15(pubkey, rsa.HashSHA256, sighash, sigbuf)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
fmt.Fprintf(os.Stderr, "NO SHIT!!\n")
|
fmt.Fprintf(os.Stderr, "NO SHIT!!\n")
|
||||||
} else {
|
} else {
|
||||||
|
|
Loading…
Reference in New Issue