X-Git-Url: https://blacka.com/cgi-bin/gitweb.cgi?p=captive-validator.git;a=blobdiff_plain;f=src%2Fcom%2Fverisign%2Ftat%2Fdnssec%2FDnsSecVerifier.java;fp=src%2Fcom%2Fverisign%2Ftat%2Fdnssec%2FDnsSecVerifier.java;h=6e4a58eb729c49673be38f0146b6da8c9a4a4a23;hp=cff769f423e4a7d34a8e2cbb586bc2b58dc1ce45;hb=c95cd7e0e9d97d980fa9db12f3818881f5e0f673;hpb=a440dcb4770131e008d5bccc95f8fb54ca996d6b diff --git a/src/com/verisign/tat/dnssec/DnsSecVerifier.java b/src/com/verisign/tat/dnssec/DnsSecVerifier.java index cff769f..6e4a58e 100644 --- a/src/com/verisign/tat/dnssec/DnsSecVerifier.java +++ b/src/com/verisign/tat/dnssec/DnsSecVerifier.java @@ -62,33 +62,33 @@ public class DnsSecVerifier { mPrivateAlgorithmMap = new HashMap(); // set the default algorithm map. - mAlgorithmMap.put(Integer.valueOf(DNSSEC.RSAMD5), new AlgEntry( - "MD5withRSA", DNSSEC.RSAMD5, false)); - mAlgorithmMap.put(Integer.valueOf(DNSSEC.DSA), new AlgEntry("SHA1withDSA", - DNSSEC.DSA, true)); - mAlgorithmMap.put(Integer.valueOf(DNSSEC.RSASHA1), new AlgEntry( - "SHA1withRSA", DNSSEC.RSASHA1, false)); - mAlgorithmMap.put(Integer.valueOf(DNSSEC.DSA_NSEC3_SHA1), new AlgEntry( - "SHA1withDSA", DNSSEC.DSA, true)); - mAlgorithmMap.put(Integer.valueOf(DNSSEC.RSA_NSEC3_SHA1), new AlgEntry( - "SHA1withRSA", DNSSEC.RSASHA1, false)); - mAlgorithmMap.put(Integer.valueOf(DNSSEC.RSASHA256), new AlgEntry( - "SHA256withRSA", DNSSEC.RSASHA256, false)); - mAlgorithmMap.put(Integer.valueOf(DNSSEC.RSASHA512), new AlgEntry( - "SHA512withRSA", DNSSEC.RSASHA512, false)); + mAlgorithmMap.put(Integer.valueOf(DNSSEC.Algorithm.RSAMD5), new AlgEntry( + "MD5withRSA", DNSSEC.Algorithm.RSAMD5, false)); + mAlgorithmMap.put(Integer.valueOf(DNSSEC.Algorithm.DSA), new AlgEntry("SHA1withDSA", + DNSSEC.Algorithm.DSA, true)); + mAlgorithmMap.put(Integer.valueOf(DNSSEC.Algorithm.RSASHA1), new AlgEntry( + "SHA1withRSA", DNSSEC.Algorithm.RSASHA1, false)); + mAlgorithmMap.put(Integer.valueOf(DNSSEC.Algorithm.DSA_NSEC3_SHA1), new AlgEntry( + "SHA1withDSA", DNSSEC.Algorithm.DSA, true)); + mAlgorithmMap.put(Integer.valueOf(DNSSEC.Algorithm.RSA_NSEC3_SHA1), new AlgEntry( + "SHA1withRSA", DNSSEC.Algorithm.RSASHA1, false)); + mAlgorithmMap.put(Integer.valueOf(DNSSEC.Algorithm.RSASHA256), new AlgEntry( + "SHA256withRSA", DNSSEC.Algorithm.RSASHA256, false)); + mAlgorithmMap.put(Integer.valueOf(DNSSEC.Algorithm.RSASHA512), new AlgEntry( + "SHA512withRSA", DNSSEC.Algorithm.RSASHA512, false)); } private boolean isDSA(int algorithm) { // shortcut the standard algorithms - if (algorithm == DNSSEC.DSA) { + if (algorithm == DNSSEC.Algorithm.DSA) { return true; } - if (algorithm == DNSSEC.RSASHA1) { + if (algorithm == DNSSEC.Algorithm.RSASHA1) { return false; } - if (algorithm == DNSSEC.RSAMD5) { + if (algorithm == DNSSEC.Algorithm.RSAMD5) { return false; } @@ -202,12 +202,12 @@ public class DnsSecVerifier { * The rrset that the signature belongs to. * @param sigrec * The signature record to check. - * @return A value of DNSSEC.Secure if it looks OK, DNSSEC.Faile if it looks + * @return A value of SecurityStatus.SECURE if it looks OK, SecurityStatus.BOGUS if it looks * bad. */ private byte checkSignature(RRset rrset, RRSIGRecord sigrec) { if ((rrset == null) || (sigrec == null)) { - return DNSSEC.Failed; + return SecurityStatus.BOGUS; } if (!rrset.getName().equals(sigrec.getName())) { @@ -445,11 +445,11 @@ public class DnsSecVerifier { public int baseAlgorithm(int algorithm) { switch (algorithm) { - case DNSSEC.RSAMD5: - case DNSSEC.RSASHA1: + case DNSSEC.Algorithm.RSAMD5: + case DNSSEC.Algorithm.RSASHA1: return RSA; - case DNSSEC.DSA: + case DNSSEC.Algorithm.DSA: return DSA; }