Warn if using prohibited or not recommended algorithm
Casey Deccio
3 years ago
| 415 | 415 | |
| 416 | 416 | # Independent of whether or not we considered the digest for |
| 417 | 417 | # validation, issue a warning if we are using a digest type for which |
| 418 | # validation has been prohibited. | |
| 418 | # validation or publishing has been prohibited. | |
| 419 | 419 | if self.ds.digest_type in DS_DIGEST_ALGS_VALIDATION_PROHIBITED: |
| 420 | 420 | self.warnings.append(Errors.DigestAlgorithmValidationProhibited(algorithm=self.ds.digest_type)) |
| 421 | elif self.ds.digest_type in DS_DIGEST_ALGS_PROHIBITED: | |
| 422 | self.warnings.append(Errors.DigestAlgorithmProhibited(algorithm=self.ds.digest_type)) | |
| 423 | elif self.ds.digest_type in DS_DIGEST_ALGS_NOT_RECOMMENDED: | |
| 424 | self.warnings.append(Errors.DigestAlgorithmNotRecommended(algorithm=self.ds.digest_type)) | |
| 421 | 425 | |
| 422 | 426 | if self.dnskey is not None and \ |
| 423 | 427 | self.dnskey.rdata.flags & fmt.DNSKEY_FLAGS['revoke']: |
| 493 | 497 | self.warnings.append(Errors.DSDigestAlgorithmIgnored(algorithm=1, new_algorithm=digest_alg)) |
| 494 | 498 | else: |
| 495 | 499 | self.warnings.append(Errors.DSDigestAlgorithmMaybeIgnored(algorithm=1, new_algorithm=digest_alg)) |
| 496 | ||
| 497 | # For all other digest types, just add a warning here | |
| 498 | elif self.ds.digest_type in DS_DIGEST_ALGS_PROHIBITED: | |
| 499 | self.warnings.append(Errors.DigestAlgorithmProhibited(algorithm=self.ds.digest_type)) | |
| 500 | elif self.ds.digest_type in DS_DIGEST_ALGS_NOT_RECOMMENDED: | |
| 501 | self.warnings.append(Errors.DigestAlgorithmNotRecommended(algorithm=self.ds.digest_type)) | |
| 502 | 500 | |
| 503 | 501 | |
| 504 | 502 | def __str__(self): |