Home | Trees | Indices | Help |
|
---|
|
Common DNSSEC-related functions and constants.
|
|||
UnsupportedAlgorithm The DNSSEC algorithm is not supported. |
|||
ValidationFailure The DNSSEC signature is invalid. |
|||
ECKeyWrapper |
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|
|||
RSAMD5 = 1
|
|||
DH = 2
|
|||
DSA = 3
|
|||
ECC = 4
|
|||
RSASHA1 = 5
|
|||
DSANSEC3SHA1 = 6
|
|||
RSASHA1NSEC3SHA1 = 7
|
|||
RSASHA256 = 8
|
|||
RSASHA512 = 10
|
|||
ECDSAP256SHA256 = 13
|
|||
ECDSAP384SHA384 = 14
|
|||
INDIRECT = 252
|
|||
PRIVATEDNS = 253
|
|||
PRIVATEOID = 254
|
|||
_algorithm_by_text =
|
|||
_algorithm_by_value =
|
|||
_have_pycrypto = True
|
|||
_have_ecdsa = True
|
|||
__package__ =
|
|
Convert text into a DNSSEC algorithm value. Returns an ``int``. |
Convert a DNSSEC algorithm value to text Returns a ``str``. |
Return the key id (a 16-bit number) for the specified key. Note the *origin* parameter of this function is historical and is not needed. Returns an ``int`` between 0 and 65535. |
Create a DS record for a DNSSEC key. *name* is the owner name of the DS record. *key* is a ``dns.rdtypes.ANY.DNSKEY``. *algorithm* is a string describing which hash algorithm to use. The currently supported hashes are "SHA1" and "SHA256". Case does not matter for these strings. *origin* is a ``dns.name.Name`` and will be used as the origin if *key* is a relative name. Returns a ``dns.rdtypes.ANY.DS``. |
Validate an RRset against a single signature rdata The owner name of *rrsig* is assumed to be the same as the owner name of *rrset*. *rrset* is the RRset to validate. It can be a ``dns.rrset.RRset`` or a ``(dns.name.Name, dns.rdataset.Rdataset)`` tuple. *rrsig* is a ``dns.rdata.Rdata``, the signature to validate. *keys* is the key dictionary, used to find the DNSKEY associated with a given name. The dictionary is keyed by a ``dns.name.Name``, and has ``dns.node.Node`` or ``dns.rdataset.Rdataset`` values. *origin* is a ``dns.name.Name``, the origin to use for relative names. *now* is an ``int``, the time to use when validating the signatures, in seconds since the UNIX epoch. The default is the current time. |
Validate an RRset. *rrset* is the RRset to validate. It can be a ``dns.rrset.RRset`` or a ``(dns.name.Name, dns.rdataset.Rdataset)`` tuple. *rrsigset* is the signature RRset to be validated. It can be a ``dns.rrset.RRset`` or a ``(dns.name.Name, dns.rdataset.Rdataset)`` tuple. *keys* is the key dictionary, used to find the DNSKEY associated with a given name. The dictionary is keyed by a ``dns.name.Name``, and has ``dns.node.Node`` or ``dns.rdataset.Rdataset`` values. *origin* is a ``dns.name.Name``, the origin to use for relative names. *now* is an ``int``, the time to use when validating the signatures, in seconds since the UNIX epoch. The default is the current time. |
Validate an RRset. *rrset* is the RRset to validate. It can be a ``dns.rrset.RRset`` or a ``(dns.name.Name, dns.rdataset.Rdataset)`` tuple. *rrsigset* is the signature RRset to be validated. It can be a ``dns.rrset.RRset`` or a ``(dns.name.Name, dns.rdataset.Rdataset)`` tuple. *keys* is the key dictionary, used to find the DNSKEY associated with a given name. The dictionary is keyed by a ``dns.name.Name``, and has ``dns.node.Node`` or ``dns.rdataset.Rdataset`` values. *origin* is a ``dns.name.Name``, the origin to use for relative names. *now* is an ``int``, the time to use when validating the signatures, in seconds since the UNIX epoch. The default is the current time. |
Validate an RRset against a single signature rdata The owner name of *rrsig* is assumed to be the same as the owner name of *rrset*. *rrset* is the RRset to validate. It can be a ``dns.rrset.RRset`` or a ``(dns.name.Name, dns.rdataset.Rdataset)`` tuple. *rrsig* is a ``dns.rdata.Rdata``, the signature to validate. *keys* is the key dictionary, used to find the DNSKEY associated with a given name. The dictionary is keyed by a ``dns.name.Name``, and has ``dns.node.Node`` or ``dns.rdataset.Rdataset`` values. *origin* is a ``dns.name.Name``, the origin to use for relative names. *now* is an ``int``, the time to use when validating the signatures, in seconds since the UNIX epoch. The default is the current time. |
|
_algorithm_by_text
|
_algorithm_by_value
|
Home | Trees | Indices | Help |
|
---|
Generated by Epydoc 3.0.1 on Sat Dec 8 10:59:54 2018 | http://epydoc.sourceforge.net |