Digest fixes

dnssec.go

@@ -13,6 +13,7 @@ import (
 	"crypto/sha512"
 	"encoding/hex"
 	"hash"
+	"io"
 	"math/big"
 	"sort"
 	"strings"
@@ -148,13 +149,16 @@ func (k *RR_DNSKEY) ToDS(h int) *RR_DS {
 	switch h {
 	case SHA1:
 		s := sha1.New()
-		ds.Digest = hex.EncodeToString(s.Sum(digest))
+		io.WriteString(s, string(digest))
+		ds.Digest = hex.EncodeToString(s.Sum(nil))
 	case SHA256:
 		s := sha256.New()
-		ds.Digest = hex.EncodeToString(s.Sum(digest))
+		io.WriteString(s, string(digest))
+		ds.Digest = hex.EncodeToString(s.Sum(nil))
 	case SHA384:
 		s := sha512.New384()
-		ds.Digest = hex.EncodeToString(s.Sum(digest))
+		io.WriteString(s, string(digest))
+		ds.Digest = hex.EncodeToString(s.Sum(nil))
 	case GOST94:
 		/* I have no clue */
 	default:
@@ -233,7 +237,8 @@ func (s *RR_RRSIG) Sign(k PrivateKey, rrset RRset) error {
 	default:
 		return ErrAlg
 	}
-	sighash = h.Sum(signdata)
+	io.WriteString(h, string(signdata))
+	sighash = h.Sum(nil)
 
 	switch p := k.(type) {
 	case *rsa.PrivateKey:
@@ -331,7 +336,8 @@ func (s *RR_RRSIG) Verify(k *RR_DNSKEY, rrset RRset) error {
 			h = sha512.New()
 			ch = crypto.SHA512
 		}
-		sighash := h.Sum(signeddata)
+		io.WriteString(h, string(signeddata))
+		sighash := h.Sum(nil)
 		return rsa.VerifyPKCS1v15(pubkey, ch, sighash, sigbuf)
 	}
 	// Unknown alg

dnssec_test.go

@@ -257,7 +257,7 @@ func TestKeyToDS(t *testing.T) {
 
 	ds := key.ToDS(SHA1)
 	if strings.ToUpper(ds.Digest) != "B5121BDB5B8D86D0CC5FFAFBAAABE26C3E20BAC1" {
-		t.Logf("Wrong DS digest for Sha1\n%v\n", ds)
+		t.Logf("Wrong DS digest for SHA1\n%v\n", ds)
 		t.Fail()
 	}
 }

kscan.go

@@ -23,7 +23,11 @@ func ParseKey(r io.Reader) (map[string]string, error) {
 		case _KEY:
 			k = l.token
 		case _VALUE:
+                        if k == "" {
+                                return nil, &ParseError{"No key seen", l}
+                        }
 			m[k] = l.token
+                        k = ""
 		}
 	}
 	return m, nil