1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
|
#--
#Copyright 2007 Nominet UK
#
#Licensed under the Apache License, Version 2.0 (the "License");
#you may not use this file except in compliance with the License.
#You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
#Unless required by applicable law or agreed to in writing, software
#distributed under the License is distributed on an "AS IS" BASIS,
#WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#See the License for the specific language governing permissions and
#limitations under the License.
#++
module Dnsruby
class RR
#The NSEC3PARAM RR contains the NSEC3 parameters (hash algorithm,
#flags, iterations and salt) needed by authoritative servers to
#calculate hashed owner names. The presence of an NSEC3PARAM RR at a
#zone apex indicates that the specified parameters may be used by
#authoritative servers to choose an appropriate set of NSEC3 RRs for
#negative responses. The NSEC3PARAM RR is not used by validators or
#resolvers.
class NSEC3PARAM < RR
ClassValue = nil #:nodoc: all
TypeValue = Types::NSEC3PARAM #:nodoc: all
#The Hash Algorithm field identifies the cryptographic hash algorithm
#used to construct the hash-value.
attr_reader :hash_alg
#The Flags field contains 8 one-bit flags that can be used to indicate
#different processing. All undefined flags must be zero. The only
#flag defined by the NSEC3 specification is the Opt-Out flag.
attr_reader :flags
#The Iterations field defines the number of additional times the hash
#function has been performed.
attr_accessor :iterations
#The Salt Length field defines the length of the Salt field in octets,
#ranging in value from 0 to 255.
attr_reader :salt_length
#The Salt field is appended to the original owner name before hashing
#in order to defend against pre-calculated dictionary attacks.
def salt
return NSEC3.encode_salt(@salt)
end
def salt=(s)
@salt = NSEC3.decode_salt(s)
@salt_length = @salt.length
end
def hash_alg=(a)
if (a.instance_of?String)
if (a.length == 1)
a = a.to_i
end
end
begin
alg = Nsec3HashAlgorithms.new(a)
@hash_alg = alg
rescue ArgumentError => e
raise DecodeError.new(e)
end
end
def types=(t)
@types = NSEC.get_types(t)
end
def flags=(f)
if (f==0 || f==1)
@flags=f
else
raise DecodeError.new("Unknown NSEC3 flags field - #{f}")
end
end
# def salt_length=(l) # :nodoc: all
# if ((l < 0) || (l > 255))
# raise DecodeError.new("NSEC3 salt length must be between 0 and 255")
# end
# @salt_length = l
# end
#
def from_data(data) #:nodoc: all
hash_alg, flags, iterations, salt_length, salt = data
self.hash_alg=(hash_alg)
self.flags=(flags)
self.iterations=(iterations)
# self.salt_length=(salt_length)
# self.salt=(salt)
@salt=salt
end
def from_string(input)
if (input.length > 0)
data = input.split(" ")
self.hash_alg=(data[0]).to_i
self.flags=(data[1]).to_i
self.iterations=(data[2]).to_i
self.salt=(data[3])
# self.salt_length=(data[3].length)
end
end
def rdata_to_string #:nodoc: all
s = salt()
return "#{@hash_alg.code} #{@flags} #{@iterations} #{s}"
end
def encode_rdata(msg, canonical=false) #:nodoc: all
# s = salt()
s = @salt
sl = s.length()
if (s == "-")
sl == 0
end
msg.put_pack("ccnc", @hash_alg.code, @flags, @iterations, sl)
if (sl > 0)
msg.put_bytes(s)
end
end
def self.decode_rdata(msg) #:nodoc: all
hash_alg, flags, iterations, salt_length = msg.get_unpack("ccnc")
salt = msg.get_bytes(salt_length)
return self.new(
[hash_alg, flags, iterations, salt_length, salt])
end
end
end
end
|
