Sha1 runtime insecure change was incomplete

[bleve]

System to reproduce the error: fedora 39 VM, unbound-1.19.0-1.fc39.x86_64

Change crypto policy to FUTURE removing sha1 from supported encryption algoritms.

update-crypto-policies --set FUTURE

That sets about same crypto policy as CentOS Stream 9 / RHEL9

Now verification of RSASHA1 signatures causes insecure responses like expected.

But current code doesn't handle RSASHA1-NSEC3-SHA1, so for example dig nvd.nist.gov aaaa query fails with NXDOMAIN. Expected response would be insecure one, not verification failure.

fedora39.log.gz

Same error can be produced on CentOS Stream 9 by building unbound-1.19.0 with sha1 enabled (centos/rhel package build with --disable-sha1).

[wcawijngaards]

The issue was that the DS record for the site had a number of nonmatching DS entries, for like a key rollover, for keys that are not in the key set. Because of these entries, the result was bogus, because they did not match anything. The fix checks that when no entry has matched apart from cryptolib refusals, and there are cryptolib algorithm refusal entries, it becomes insecure for the delegation point DS record check.

That fixes the lookup that is cited in the issue, it was not really about the specific DNSKEY algorithm, but about the DS RRset entries, and the lookup cited in the issue then becomes insecure and resolves. Thanks for the report!