org.xbill.DNS
Class DNSSEC

java.lang.Object
  extended byorg.xbill.DNS.DNSSEC

public class DNSSEC
extends Object

Constants and functions relating to DNSSEC (algorithm constants). DNSSEC provides authentication for DNS information. RRsets are signed by an appropriate key, and a SIG record is added to the set. A KEY record is obtained from DNS and used to validate the signature, The KEY record must also be validated or implicitly trusted - to validate a key requires a series of validations leading to a trusted key. The key must also be authorized to sign the data.

Author:
Brian Wellington
See Also:
SIGRecord, KEYRecord, RRset

Field Summary
static byte DH
           
static byte DSA
           
static byte Failed
           
static byte Insecure
           
static byte RSA
           
static byte RSAMD5
           
static byte RSASHA1
           
static byte Secure
           
 
Method Summary
static byte[] digestMessage(SIGRecord sig, Message msg, byte[] previous)
          Creates an array containing fields of the SIG record and the message to be signed.
static byte[] digestRRset(SIGRecord sig, RRset rrset)
          Creates an array containing fields of the SIG record and the RRsets to be signed/verified.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

RSAMD5

public static final byte RSAMD5
See Also:
Constant Field Values

RSA

public static final byte RSA
See Also:
Constant Field Values

DH

public static final byte DH
See Also:
Constant Field Values

DSA

public static final byte DSA
See Also:
Constant Field Values

RSASHA1

public static final byte RSASHA1
See Also:
Constant Field Values

Failed

public static final byte Failed
See Also:
Constant Field Values

Insecure

public static final byte Insecure
See Also:
Constant Field Values

Secure

public static final byte Secure
See Also:
Constant Field Values
Method Detail

digestRRset

public static byte[] digestRRset(SIGRecord sig,
                                 RRset rrset)
Creates an array containing fields of the SIG record and the RRsets to be signed/verified.

Parameters:
sig - The SIG record used to sign/verify the rrset.
rrset - The data to be signed/verified.
Returns:
The data to be cryptographically signed or verified.

digestMessage

public static byte[] digestMessage(SIGRecord sig,
                                   Message msg,
                                   byte[] previous)
Creates an array containing fields of the SIG record and the message to be signed.

Parameters:
sig - The SIG record used to sign/verify the rrset.
msg - The message to be signed/verified.
previous - If this is a response, the signature from the query.
Returns:
The data to be cryptographically signed or verified.