Uploaded image for project: 'OpenDNSSEC'
  1. OpenDNSSEC
  2. OPENDNSSEC-190

Sanitize DNSKEY Public Key RDATA

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Duplicate
    • Affects Version/s: 1.3.4
    • Fix Version/s: 1.3.5, 1.4.0b2
    • Component/s: libhsm
    • Labels:

      Description

      According to RFC3110 "Leading zero octets are prohibited in the
      exponent and modulus."

      It seems the underlying PKCS#11 library (opencryptoki) is returning the
      wrong value (with leading zero octets). hsm_get_key_rdata should make sure the data returned is sane, without padding.

        Attachments

          Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. SUPPORT-21 hsm_get_key_rdata produces wrongly encoded DNSKEYs

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

            Activity

              People

              Assignee:
              rickard Rickard Bellgrim
              Reporter:
              matthijs Matthijs Mekking
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: