Package dns :: Module tsig
[hide private]
[frames] | no frames]

Module tsig

source code

DNS TSIG support.

Classes [hide private]
  BadTime
The current time is not within the TSIG's validity time.
  BadSignature
The TSIG signature fails to verify.
  PeerError
Base class for all TSIG errors generated by the remote peer
  PeerBadKey
The peer didn't know the key we used
  PeerBadSignature
The peer didn't like the signature we sent
  PeerBadTime
The peer didn't like the time we sent
  PeerBadTruncation
The peer didn't like amount of truncation in the TSIG we sent
Functions [hide private]
(string, string, hmac.HMAC object)
sign(wire, keyname, secret, time, fudge, original_id, error, other_data, request_mac, ctx=None, multi=False, first=True, algorithm=<DNS name HMAC-MD5.SIG-ALG.REG.INT.>)
Return a (tsig_rdata, mac, ctx) tuple containing the HMAC TSIG rdata for the input parameters, the HMAC MAC calculated by applying the TSIG signature algorithm, and the TSIG digest context.
source code
 
hmac_md5(wire, keyname, secret, time, fudge, original_id, error, other_data, request_mac, ctx=None, multi=False, first=True, algorithm=<DNS name HMAC-MD5.SIG-ALG.REG.INT.>) source code
hmac.HMAC object
validate(wire, keyname, secret, now, request_mac, tsig_start, tsig_rdata, tsig_rdlen, ctx=None, multi=False, first=True)
Validate the specified TSIG rdata against the other input parameters.
source code
(string, hash constructor)
get_algorithm(algorithm)
Returns the wire format string and the hash module to use for the specified TSIG algorithm
source code
 
get_algorithm_and_mac(wire, tsig_rdata, tsig_rdlen)
Return the tsig algorithm for the specified tsig_rdata
source code
Variables [hide private]
  HMAC_MD5 = <DNS name HMAC-MD5.SIG-ALG.REG.INT.>
  HMAC_SHA1 = <DNS name hmac-sha1.>
  HMAC_SHA224 = <DNS name hmac-sha224.>
  HMAC_SHA256 = <DNS name hmac-sha256.>
  HMAC_SHA384 = <DNS name hmac-sha384.>
  HMAC_SHA512 = <DNS name hmac-sha512.>
  _hashes = {<DNS name hmac-sha1.>: <built-in function openssl_s...
  default_algorithm = <DNS name HMAC-MD5.SIG-ALG.REG.INT.>
  BADSIG = 16
  BADKEY = 17
  BADTIME = 18
  BADTRUNC = 22
  __package__ = 'dns'
Function Details [hide private]

sign(wire, keyname, secret, time, fudge, original_id, error, other_data, request_mac, ctx=None, multi=False, first=True, algorithm=<DNS name HMAC-MD5.SIG-ALG.REG.INT.>)

source code 

Return a (tsig_rdata, mac, ctx) tuple containing the HMAC TSIG rdata for the input parameters, the HMAC MAC calculated by applying the TSIG signature algorithm, and the TSIG digest context.

Returns: (string, string, hmac.HMAC object)
Raises:
  • ValueError - other_data is too long
  • NotImplementedError - algorithm is not supported

validate(wire, keyname, secret, now, request_mac, tsig_start, tsig_rdata, tsig_rdlen, ctx=None, multi=False, first=True)

source code 

Validate the specified TSIG rdata against the other input parameters.

Returns: hmac.HMAC object
Raises:
  • FormError - The TSIG is badly formed.
  • BadTime - There is too much time skew between the client and the server.
  • BadSignature - The TSIG signature did not validate

get_algorithm(algorithm)

source code 

Returns the wire format string and the hash module to use for the specified TSIG algorithm

Returns: (string, hash constructor)
Raises:
  • NotImplementedError - algorithm is not supported

get_algorithm_and_mac(wire, tsig_rdata, tsig_rdlen)

source code 

Return the tsig algorithm for the specified tsig_rdata

Raises:

Variables Details [hide private]

_hashes

Value:
{<DNS name hmac-sha1.>: <built-in function openssl_sha1>,
 <DNS name hmac-sha224.>: <built-in function openssl_sha224>,
 <DNS name hmac-sha256.>: <built-in function openssl_sha256>,
 <DNS name hmac-sha384.>: <built-in function openssl_sha384>,
 <DNS name hmac-sha512.>: <built-in function openssl_sha512>,
 <DNS name HMAC-MD5.SIG-ALG.REG.INT.>: <built-in function openssl_md5>\
}