1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18 import struct
19 import base64
20
21 import dns.exception
22 import dns.dnssec
23 import dns.rdata
24 import dns.tokenizer
25
26 _ctype_by_value = {
27 1: 'PKIX',
28 2: 'SPKI',
29 3: 'PGP',
30 253: 'URI',
31 254: 'OID',
32 }
33
34 _ctype_by_name = {
35 'PKIX': 1,
36 'SPKI': 2,
37 'PGP': 3,
38 'URI': 253,
39 'OID': 254,
40 }
41
42
43 -def _ctype_from_text(what):
44 v = _ctype_by_name.get(what)
45 if v is not None:
46 return v
47 return int(what)
48
49
50 -def _ctype_to_text(what):
51 v = _ctype_by_value.get(what)
52 if v is not None:
53 return v
54 return str(what)
55
56
57 -class CERT(dns.rdata.Rdata):
58
59 """CERT record
60
61 @ivar certificate_type: certificate type
62 @type certificate_type: int
63 @ivar key_tag: key tag
64 @type key_tag: int
65 @ivar algorithm: algorithm
66 @type algorithm: int
67 @ivar certificate: the certificate or CRL
68 @type certificate: string
69 @see: RFC 2538"""
70
71 __slots__ = ['certificate_type', 'key_tag', 'algorithm', 'certificate']
72
73 - def __init__(self, rdclass, rdtype, certificate_type, key_tag, algorithm,
74 certificate):
80
81 - def to_text(self, origin=None, relativize=True, **kw):
86
87 @classmethod
88 - def from_text(cls, rdclass, rdtype, tok, origin=None, relativize=True):
89 certificate_type = _ctype_from_text(tok.get_string())
90 key_tag = tok.get_uint16()
91 algorithm = dns.dnssec.algorithm_from_text(tok.get_string())
92 if algorithm < 0 or algorithm > 255:
93 raise dns.exception.SyntaxError("bad algorithm type")
94 chunks = []
95 while 1:
96 t = tok.get().unescape()
97 if t.is_eol_or_eof():
98 break
99 if not t.is_identifier():
100 raise dns.exception.SyntaxError
101 chunks.append(t.value.encode())
102 b64 = b''.join(chunks)
103 certificate = base64.b64decode(b64)
104 return cls(rdclass, rdtype, certificate_type, key_tag,
105 algorithm, certificate)
106
107 - def to_wire(self, file, compress=None, origin=None):
112
113 @classmethod
114 - def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin=None):
124