git://blacka.com / captive-validator.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Make it build again; print responses in debug mode
[captive-validator.git] / src / com / verisign / tat / dnssec / DnsSecVerifier.java
diff --git a/src/com/verisign/tat/dnssec/DnsSecVerifier.java b/src/com/verisign/tat/dnssec/DnsSecVerifier.java
index 581d12e..18441d8 100644 (file)
--- a/src/com/verisign/tat/dnssec/DnsSecVerifier.java
+++ b/src/com/verisign/tat/dnssec/DnsSecVerifier.java
@@ -26,7 +26,7 @@ package com.verisign.tat.dnssec;
 import org.apache.log4j.Logger;
 
 import org.xbill.DNS.*;
-import org.xbill.DNS.security.*;
+import org.xbill.DNS.DNSSEC.DNSSECException;
 
 import java.io.*;
 
@@ -237,7 +237,7 @@ public class DnsSecVerifier {
         return SecurityStatus.SECURE;
     }
 
-    public PublicKey parseDNSKEY(DNSKEYRecord key) {
+    public PublicKey parseDNSKEY(DNSKEYRecord key) throws DNSSECException {
         AlgEntry ae = (AlgEntry) mAlgorithmMap.get(Integer.valueOf(key.getAlgorithm()));
 
         if (key.getAlgorithm() != ae.dnssecAlg) {
@@ -250,7 +250,7 @@ public class DnsSecVerifier {
                                    ae.dnssecAlg, key.getKey());
         }
 
-        return KEYConverter.parseRecord(key);
+        return key.getPublicKey();
     }
 
     /**
@@ -304,6 +304,8 @@ public class DnsSecVerifier {
             log.trace("Signature verified: " + sigrec);
 
             return SecurityStatus.SECURE;
+        } catch (DNSSECException e) {
+            log.error("DNSSEC key parsing error", e);
         } catch (IOException e) {
             log.error("I/O error", e);
         } catch (GeneralSecurityException e) {
Captive Validator: Java code to validate DNSSEC DNS responses with minimal context