update Ed25519 algorithm number and mnemonic

author Kees Monshouwer <mind04@monshouwer.org>

Tue, 10 Jan 2017 15:04:22 +0000 (16:04 +0100)

committer mind04 <mind04@monshouwer.org>

Thu, 4 May 2017 23:02:09 +0000 (01:02 +0200)
author Kees Monshouwer <mind04@monshouwer.org>
Tue, 10 Jan 2017 15:04:22 +0000 (16:04 +0100)
committer mind04 <mind04@monshouwer.org>
Thu, 4 May 2017 23:02:09 +0000 (01:02 +0200)
diff --git a/pdns/dbdnsseckeeper.cc b/pdns/dbdnsseckeeper.cc

index f115e018bcfdcaf9dab37349a154e66f187f7eb4..a62784fbe17cb4b56b8f557a6d5f201c794702cb 100644 (file)
--- a/pdns/dbdnsseckeeper.cc
+++ b/pdns/dbdnsseckeeper.cc
@@ -79,7 +79,7 @@ bool DNSSECKeeper::addKey(const DNSName& name, bool setSEPBit, int algorithm, in
      if(algorithm <= 10)
        throw runtime_error("Creating an algorithm " +std::to_string(algorithm)+" ("+algorithm2name(algorithm)+") key requires the size (in bits) to be passed");
      else {
-      if(algorithm == 12 || algorithm == 13 || algorithm == 250) // GOST, ECDSAP256SHA256, ED25519SHA512
+      if(algorithm == 12 || algorithm == 13 || algorithm == 15) // GOST, ECDSAP256SHA256, ED25519
          bits = 256;
        else if(algorithm == 14) // ECDSAP384SHA384
          bits = 384;
diff --git a/pdns/dnssecinfra.cc b/pdns/dnssecinfra.cc

index 54f6b8e79f0f1e83b190739dfe3e6deead3481be..8a17cac035d0e509fa70999c3fe3299c23726326 100644 (file)
--- a/pdns/dnssecinfra.cc
+++ b/pdns/dnssecinfra.cc
@@ -236,7 +236,7 @@ pair<unsigned int, unsigned int> DNSCryptoKeyEngine::testMakers(unsigned int alg
    unsigned int bits;
    if(algo <= 10)
      bits=1024;
-  else if(algo == 12 || algo == 13 || algo == 250) // ECC-GOST or ECDSAP256SHA256 or ED25519SHA512
+  else if(algo == 12 || algo == 13 || algo == 15) // ECC-GOST or ECDSAP256SHA256 or ED25519
      bits=256;
    else if(algo == 14) // ECDSAP384SHA384
      bits = 384;
diff --git a/pdns/dnsseckeeper.hh b/pdns/dnsseckeeper.hh

index 38dbc56464edef7ba13023088bde00eca433d570..9c8582f3cfda4fbb6dc3aa4d41e589c804ce135d 100644 (file)
--- a/pdns/dnsseckeeper.hh
+++ b/pdns/dnsseckeeper.hh
@@ -51,7 +51,7 @@ public:
      ECCGOST=12,
      ECDSA256=13,
      ECDSA384=14,
-    EXPERIMENTALED25519=250
+    ED25519=15
    };
  
    struct KeyMetaData
@@ -91,7 +91,7 @@ public:
      if (!algorithm.compare("gost")) return ECCGOST;
      if (!algorithm.compare("ecdsa256")) return ECDSA256;
      if (!algorithm.compare("ecdsa384")) return ECDSA384;
-    if (!algorithm.compare("experimental-ed25519")) return EXPERIMENTALED25519;
+    if (!algorithm.compare("ed25519")) return ED25519;
      return -1;
    }
  
@@ -124,8 +124,8 @@ public:
          return "ECDSAP256SHA256";
        case ECDSA384:
          return "ECDSAP384SHA384";
-      case EXPERIMENTALED25519:
-        return "ED25519SHA512";
+      case ED25519:
+        return "ED25519";
        case 252:
          return "INDIRECT";
        case 253:
diff --git a/pdns/pdnsutil.cc b/pdns/pdnsutil.cc

index c62e1edc430f6811ef753ed61c022a456b1e4664..88d58558df8f1ee08e9dfe5c15fa9ce010d51849 100644 (file)
--- a/pdns/pdnsutil.cc
+++ b/pdns/pdnsutil.cc
@@ -1910,7 +1910,7 @@ try
      cout<<"add-zone-key ZONE {zsk|ksk} [BITS] [active|inactive]"<<endl;
      cout<<"             [rsasha1|rsasha256|rsasha512|gost|ecdsa256|ecdsa384";
  #ifdef HAVE_LIBSODIUM
-    cout<<"|experimental-ed25519";
+    cout<<"|ed25519";
  #endif
      cout<<"]"<<endl;
      cout<<"                                   Add a ZSK or KSK to zone and specify algo&bits"<<endl;
@@ -2698,7 +2698,7 @@ loadMainConfig(g_vm["config-dir"].as<string>());
        if(algorithm <= 10)
          bits = keyOrZone ? 2048 : 1024;
        else {
-        if(algorithm == 12 || algorithm == 13 || algorithm == 250) // ECDSA, GOST, ED25519
+        if(algorithm == 12 || algorithm == 13 || algorithm == 15) // ECDSA, GOST, ED25519
            bits = 256;
          else if(algorithm == 14)
            bits = 384;
diff --git a/pdns/sodiumsigners.cc b/pdns/sodiumsigners.cc

index 7c6d744dae6547b285002b40c049df7e1edd50c5..a937484aa4ca4cf2f0f26f3ad3152c685853c4c5 100644 (file)
--- a/pdns/sodiumsigners.cc
+++ b/pdns/sodiumsigners.cc
@@ -52,12 +52,12 @@ DNSCryptoKeyEngine::storvector_t SodiumED25519DNSCryptoKeyEngine::convertToISCVe
  {
    /*
      Private-key-format: v1.2
-    Algorithm: 250 (ED25519SHA512)
+    Algorithm: 15 (ED25519)
      PrivateKey: GU6SnQ/Ou+xC5RumuIUIuJZteXT2z0O/ok1s38Et6mQ=
    */
  
    storvector_t storvector;
-  string algorithm = "250 (ED25519SHA512)";
+  string algorithm = "15 (ED25519)";
  
    storvector.push_back(make_pair("Algorithm", algorithm));
  
@@ -70,7 +70,7 @@ void SodiumED25519DNSCryptoKeyEngine::fromISCMap(DNSKEYRecordContent& drc, std::
  {
    /*
      Private-key-format: v1.2
-    Algorithm: 250 (ED25519SHA512)
+    Algorithm: 15 (ED25519)
      PrivateKey: GU6SnQ/Ou+xC5RumuIUIuJZteXT2z0O/ok1s38Et6mQ=
    */
  
@@ -146,7 +146,7 @@ struct LoaderSodiumStruct
  {
    LoaderSodiumStruct()
    {
-    DNSCryptoKeyEngine::report(250, &SodiumED25519DNSCryptoKeyEngine::maker);
+    DNSCryptoKeyEngine::report(15, &SodiumED25519DNSCryptoKeyEngine::maker);
    }
  } loadersodium;
  }
author	Kees Monshouwer <mind04@monshouwer.org>
	Tue, 10 Jan 2017 15:04:22 +0000 (16:04 +0100)
committer	mind04 <mind04@monshouwer.org>
	Thu, 4 May 2017 23:02:09 +0000 (01:02 +0200)
pdns/dbdnsseckeeper.cc		patch \| blob \| history
pdns/dnssecinfra.cc		patch \| blob \| history
pdns/dnsseckeeper.hh		patch \| blob \| history
pdns/pdnsutil.cc		patch \| blob \| history
pdns/sodiumsigners.cc		patch \| blob \| history