1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 import base64
17 import struct
18
19 import dns.exception
20 import dns.dnssec
21 import dns.rdata
22 import dns.util
23
24 _flags_from_text = {
25 'NOCONF': (0x4000, 0xC000),
26 'NOAUTH': (0x8000, 0xC000),
27 'NOKEY': (0xC000, 0xC000),
28 'FLAG2': (0x2000, 0x2000),
29 'EXTEND': (0x1000, 0x1000),
30 'FLAG4': (0x0800, 0x0800),
31 'FLAG5': (0x0400, 0x0400),
32 'USER': (0x0000, 0x0300),
33 'ZONE': (0x0100, 0x0300),
34 'HOST': (0x0200, 0x0300),
35 'NTYP3': (0x0300, 0x0300),
36 'FLAG8': (0x0080, 0x0080),
37 'FLAG9': (0x0040, 0x0040),
38 'FLAG10': (0x0020, 0x0020),
39 'FLAG11': (0x0010, 0x0010),
40 'SIG0': (0x0000, 0x000f),
41 'SIG1': (0x0001, 0x000f),
42 'SIG2': (0x0002, 0x000f),
43 'SIG3': (0x0003, 0x000f),
44 'SIG4': (0x0004, 0x000f),
45 'SIG5': (0x0005, 0x000f),
46 'SIG6': (0x0006, 0x000f),
47 'SIG7': (0x0007, 0x000f),
48 'SIG8': (0x0008, 0x000f),
49 'SIG9': (0x0009, 0x000f),
50 'SIG10': (0x000a, 0x000f),
51 'SIG11': (0x000b, 0x000f),
52 'SIG12': (0x000c, 0x000f),
53 'SIG13': (0x000d, 0x000f),
54 'SIG14': (0x000e, 0x000f),
55 'SIG15': (0x000f, 0x000f),
56 }
57
58 _protocol_from_text = {
59 'NONE' : 0,
60 'TLS' : 1,
61 'EMAIL' : 2,
62 'DNSSEC' : 3,
63 'IPSEC' : 4,
64 'ALL' : 255,
65 }
68 """KEY-like record base
69
70 @ivar flags: the key flags
71 @type flags: int
72 @ivar protocol: the protocol for which this key may be used
73 @type protocol: int
74 @ivar algorithm: the algorithm used for the key
75 @type algorithm: int
76 @ivar key: the public key
77 @type key: string"""
78
79 __slots__ = ['flags', 'protocol', 'algorithm', 'key']
80
81 - def __init__(self, rdclass, rdtype, flags, protocol, algorithm, key):
82 super(KEYBase, self).__init__(rdclass, rdtype)
83 self.flags = flags
84 self.protocol = protocol
85 self.algorithm = algorithm
86 self.key = key
87
88 - def to_text(self, origin=None, relativize=True, **kw):
89 return '%d %d %d %s' % (self.flags, self.protocol, self.algorithm,
90 dns.rdata._base64ify(self.key))
91
92 @classmethod
93 - def from_text(cls, rdclass, rdtype, tok, origin = None, relativize = True):
94 flags = tok.get_string()
95 if flags.isdigit():
96 flags = int(flags)
97 else:
98 flag_names = flags.split('|')
99 flags = 0
100 for flag in flag_names:
101 v = _flags_from_text.get(flag)
102 if v is None:
103 raise dns.exception.SyntaxError('unknown flag %s' % flag)
104 flags &= ~v[1]
105 flags |= v[0]
106 protocol = tok.get_string()
107 if protocol.isdigit():
108 protocol = int(protocol)
109 else:
110 protocol = _protocol_from_text.get(protocol)
111 if protocol is None:
112 raise dns.exception.SyntaxError('unknown protocol %s' % protocol)
113
114 algorithm = dns.dnssec.algorithm_from_text(tok.get_string())
115 chunks = []
116 while 1:
117 t = tok.get().unescape()
118 if t.is_eol_or_eof():
119 break
120 if not t.is_identifier():
121 raise dns.exception.SyntaxError
122 chunks.append(t.value)
123 b64 = ''.join(chunks)
124 key = base64.b64decode(b64.encode('ascii'))
125 return cls(rdclass, rdtype, flags, protocol, algorithm, key)
126
127 - def to_wire(self, file, compress = None, origin = None):
128 header = struct.pack("!HBB", self.flags, self.protocol, self.algorithm)
129 file.write(header)
130 file.write(self.key)
131
132 @classmethod
133 - def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin = None):
134 if rdlen < 4:
135 raise dns.exception.FormError
136 header = struct.unpack('!HBB', wire[current : current + 4])
137 current += 4
138 rdlen -= 4
139 key = wire[current : current + rdlen]
140 return cls(rdclass, rdtype, header[0], header[1], header[2],
141 key)
142
143 - def _cmp(self, other):
144 hs = struct.pack("!HBB", self.flags, self.protocol, self.algorithm)
145 ho = struct.pack("!HBB", other.flags, other.protocol, other.algorithm)
146 v = dns.util.cmp(hs, ho)
147 if v == 0:
148 v = dns.util.cmp(self.key, other.key)
149 return v
150