1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 import struct
17 import base64
18
19 import dns.exception
20 import dns.dnssec
21 import dns.rdata
22 import dns.tokenizer
23
24 _ctype_by_value = {
25 1: 'PKIX',
26 2: 'SPKI',
27 3: 'PGP',
28 253: 'URI',
29 254: 'OID',
30 }
31
32 _ctype_by_name = {
33 'PKIX': 1,
34 'SPKI': 2,
35 'PGP': 3,
36 'URI': 253,
37 'OID': 254,
38 }
39
40
41 -def _ctype_from_text(what):
42 v = _ctype_by_name.get(what)
43 if v is not None:
44 return v
45 return int(what)
46
47
48 -def _ctype_to_text(what):
49 v = _ctype_by_value.get(what)
50 if v is not None:
51 return v
52 return str(what)
53
54
55 -class CERT(dns.rdata.Rdata):
56
57 """CERT record
58
59 @ivar certificate_type: certificate type
60 @type certificate_type: int
61 @ivar key_tag: key tag
62 @type key_tag: int
63 @ivar algorithm: algorithm
64 @type algorithm: int
65 @ivar certificate: the certificate or CRL
66 @type certificate: string
67 @see: RFC 2538"""
68
69 __slots__ = ['certificate_type', 'key_tag', 'algorithm', 'certificate']
70
71 - def __init__(self, rdclass, rdtype, certificate_type, key_tag, algorithm,
72 certificate):
78
79 - def to_text(self, origin=None, relativize=True, **kw):
84
85 @classmethod
86 - def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
87 certificate_type = _ctype_from_text(tok.get_string())
88 key_tag = tok.get_uint16()
89 algorithm = dns.dnssec.algorithm_from_text(tok.get_string())
90 if algorithm < 0 or algorithm > 255:
91 raise dns.exception.SyntaxError("bad algorithm type")
92 chunks = []
93 while 1:
94 t = tok.get().unescape()
95 if t.is_eol_or_eof():
96 break
97 if not t.is_identifier():
98 raise dns.exception.SyntaxError
99 chunks.append(t.value.encode())
100 b64 = b''.join(chunks)
101 certificate = base64.b64decode(b64)
102 return cls(rdclass, rdtype, certificate_type, key_tag,
103 algorithm, certificate)
104
105 - def to_wire(self, file, compress=None, origin=None):
110
111 @classmethod
112 - def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
122