-
Notifications
You must be signed in to change notification settings - Fork 262
Expand file tree
/
Copy pathDNSKEYRecord.java
More file actions
97 lines (83 loc) · 2.97 KB
/
DNSKEYRecord.java
File metadata and controls
97 lines (83 loc) · 2.97 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
// SPDX-License-Identifier: BSD-3-Clause
// Copyright (c) 1999-2004 Brian Wellington (bwelling@xbill.org)
package org.xbill.DNS;
import java.io.IOException;
import java.security.PublicKey;
/**
* Key - contains a cryptographic public key for use by DNS. The data can be converted to objects
* implementing java.security.interfaces.PublicKey
*
* @see DNSSEC
* @author Brian Wellington
* @see <a href="https://datatracker.ietf.org/doc/html/rfc4034">RFC 4034: Resource Records for the
* DNS Security Extensions</a>
*/
public class DNSKEYRecord extends KEYBase {
public static class Protocol {
private Protocol() {}
/** Key will be used for DNSSEC */
public static final int DNSSEC = 3;
}
/**
* {@code DNSKEY} flags as defined in the <a
* href="https://www.iana.org/assignments/dnskey-flags/dnskey-flags.xhtml">IANA registry</a>.
*/
public static class Flags {
private Flags() {}
/** Key is a zone key */
public static final int ZONE_KEY = 0x100;
/** Key is a secure entry point key */
public static final int SEP_KEY = 0x1;
/** Key has been revoked */
public static final int REVOKE = 0x80;
}
DNSKEYRecord() {}
/**
* Creates a DNSKEY Record from the given data
*
* @param flags Flags describing the key's properties
* @param proto The protocol that the key was created for
* @param alg The key's algorithm
* @param key Binary representation of the key
*/
protected DNSKEYRecord(
Name name, int type, int dclass, long ttl, int flags, int proto, int alg, byte[] key) {
super(name, type, dclass, ttl, flags, proto, alg, key);
}
/**
* Creates a DNSKEY Record from the given data
*
* @param flags Flags describing the key's properties
* @param proto The protocol that the key was created for
* @param alg The key's algorithm
* @param key Binary representation of the key
*/
public DNSKEYRecord(Name name, int dclass, long ttl, int flags, int proto, int alg, byte[] key) {
this(name, Type.DNSKEY, dclass, ttl, flags, proto, alg, key);
}
/**
* Creates a DNSKEY Record from the given data
*
* @param flags Flags describing the key's properties
* @param proto The protocol that the key was created for
* @param alg The key's algorithm
* @param key The key as a PublicKey
* @throws DNSSEC.DNSSECException The PublicKey could not be converted into DNS format.
*/
public DNSKEYRecord(Name name, int dclass, long ttl, int flags, int proto, int alg, PublicKey key)
throws DNSSEC.DNSSECException {
super(name, Type.DNSKEY, dclass, ttl, flags, proto, alg, DNSSEC.fromPublicKey(key, alg));
publicKey = key;
}
@Override
protected void rdataFromString(Tokenizer st, Name origin) throws IOException {
flags = st.getUInt16();
proto = st.getUInt8();
String algString = st.getString();
alg = DNSSEC.Algorithm.value(algString);
if (alg < 0) {
throw st.exception("Invalid algorithm: " + algString);
}
key = st.getBase64();
}
}